Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Rookit infection shutting down MSE


  • This topic is locked This topic is locked
27 replies to this topic

#1 Cybermann

Cybermann

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 01 August 2013 - 11:53 AM

Hi

 

I have a problem with MSE which no longer starts at startup, or even manually for that matter. I noticed that malwarebite also give me a runtime warning about not been able to start cleanup.dll

 

Before this happened both MSE and MB detected a rookit and various trojans. I cleaned and deleted them and when I rebooted noticed MSE had dissapeared. I then managed to reinstall it last night. I started the PC today and noticed that it was not loading again and then recieved the runtime error. I note I have 3 trojan agents, every time I delete them and restart they appear back on my quarantine list

 

Any help appreciated as I cant seem to rid myself of these

 

Jim 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16635
Run by Jim at 17:47:05 on 2013-08-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.5770 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Opera\opera.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=813da9c94bf74aa59282faa64c2282ad&tu=10Q80007a2B000v&sku=&tstsId=&ver=&
uSearchAssistant = hxxp://www.google.com
mWinlogon: Shell = C:\PROGRA~3\wjhthwdrjwkeyuqsbpo.bat
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Qualys BrowserCheck IE Helper: {7D2FB79E-E58C-4DB5-A36F-AC1C73967FA5} - C:\Windows\Downloaded Program Files\qbc_bho.dll
BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mRun: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - hxxps://browsercheck.qualys.com/qbc_ax.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C34528DD-A82D-4B03-B40A-9E6D66448DBB} : DHCPNameServer = 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot
x64-Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\pnbczmw7.default\
FF - prefs.js: browser.search.selectedEngine - SearchAmong
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\System32\drivers\tdrpm273.sys [2012-4-21 1263200]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-4-21 3246040]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-4-20 21992]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-4-20 133800]
R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2012-3-16 33712]
R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2012-3-16 828072]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-20 701512]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]
R2 RadeonPro Support Service;RadeonPro Support Service;C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [2012-11-13 12800]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-2-7 1223704]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-2-7 660504]
R2 TmWinService;Thrustmaster FAST service;C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [2012-4-30 304640]
R3 afcdp;afcdp;C:\Windows\System32\drivers\afcdp.sys [2012-4-21 285280]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\System32\drivers\ha20x22k.sys [2010-7-7 1612888]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-4-20 25928]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600]
R3 npusbio;npusbio;C:\Windows\System32\drivers\npusbio_x64.sys [2012-7-9 38400]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-9-30 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-9-30 180736]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-2-7 18456]
R3 SaiH0763;SaiH0763;C:\Windows\System32\drivers\SaiH0763.sys [2008-2-15 178304]
R3 TmBusEn;Thrustmaster Bus Enumerator;C:\Windows\System32\drivers\TmBusEn.sys [2012-4-21 30208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-2-3 49152]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-4-20 79360]
S3 CT20XUT;CT20XUT;C:\Windows\System32\drivers\CT20XUT.sys [2010-7-7 230488]
S3 CTEXFIFX;CTEXFIFX;C:\Windows\System32\drivers\CTEXFIFX.sys [2010-7-7 1445976]
S3 CTHWIUT;CTHWIUT;C:\Windows\System32\drivers\CTHWIUT.sys [2010-7-7 95320]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2012-2-16 99384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2012-2-16 203320]
S3 TmFilter;Thrustmaster HID Filter Driver;C:\Windows\System32\drivers\TmFilter.sys [2012-4-21 24576]
S3 TmHid;Thrustmaster Virtual Keyboard (root);C:\Windows\System32\drivers\TmHid.sys [2012-4-21 24704]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-20 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: textfile="C:\Program Files (x86)\Windows NT\Accessories\WORDPAD.EXE" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2013-07-31 21:37:00 941720 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\gapaengine.dll
2013-07-31 21:36:58 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{046FC7F5-F6EB-4C19-94B6-50B5CDA83602}\mpengine.dll
2013-07-31 21:36:05 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-07-31 21:29:49 -------- d-----w- C:\Windows\Temp728369FE-8D4E-431C-88FC-776B734906A1-Signatures
2013-07-15 18:14:10 -------- d-----w- C:\Users\Jim\AppData\Local\Matt_Chambers
2013-07-13 23:15:18 -------- d-----w- C:\Users\Jim\AppData\Roaming\The Creative Assembly
2013-07-13 22:34:23 139264 ----a-r- C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\ARPPRODUCTICON.exe
2013-07-13 22:34:23 139264 ----a-r- C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_6959F71196DC44399918CDEE446371D5.exe
2013-07-13 22:34:23 139264 ----a-r- C:\Users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_323EC44FAFD84DB183577F038CAA7A8F.exe
2013-07-13 20:48:23 -------- d-----w- C:\Users\Jim\AppData\Roaming\Play withSIX
2013-07-13 20:48:23 -------- d-----w- C:\Users\Jim\AppData\Local\IsolatedStorage
2013-07-11 17:27:01 9216 ----a-w- C:\Program Files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 17:27:01 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-07-11 17:27:01 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
2013-07-11 17:27:01 54784 ----a-w- C:\Program Files (x86)\Windows Defender\MpOAV.dll
2013-07-11 17:27:01 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-07-11 17:27:01 4608 ----a-w- C:\Program Files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 17:27:01 392704 ----a-w- C:\Program Files (x86)\Windows Defender\MpClient.dll
2013-07-11 17:27:01 314880 ----a-w- C:\Program Files\Windows Defender\MpCommu.dll
2013-07-11 17:27:01 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-11 17:27:01 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-11 17:27:01 1011712 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-07-11 17:26:58 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26:58 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-07-11 17:26:58 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-11 17:26:58 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-11 17:26:58 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-11 17:26:58 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26:54 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-07-11 17:26:54 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-07-06 11:23:50 70 ----a-w- C:\ProgramData\wjhthwdrjwkeyuqsbpo.bat
2013-07-06 11:23:50 165 ----a-w- C:\ProgramData\wjhthwdrjwkeyuqsbpo.reg
2013-07-06 10:18:01 -------- d-----w- C:\Users\Jim\AppData\Roaming\TuneUp Software
2013-07-06 10:17:58 -------- d-----w- C:\ProgramData\TuneUp Software
2013-07-06 10:17:56 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-06 10:17:56 -------- d--h--w- C:\ProgramData\Common Files
2013-07-06 10:17:46 -------- d-----w- C:\Users\Jim\AppData\Roaming\OpenCandy
2013-07-06 10:17:44 -------- d-----w- C:\Program Files (x86)\Veetle
.
==================== Find3M ====================
.
2013-06-24 10:25:01 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-06-24 10:25:00 972712 ----a-w- C:\Windows\System32\deployJava1.dll
2013-06-24 10:25:00 1093032 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-06-18 20:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-18 20:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-11 21:23:08 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 21:23:08 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 17:47:13.56 ===============

 

 

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 01 August 2013 - 10:08 PM

Hello Cybermann,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the Post button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
1.
  • Download RogueKiller on the desktop
  • Close all the running processes
  • Under Vista/Seven, right click -> Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • When prompted, Click Scan
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again
Do you have a USB Flash Drive you can use?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 02 August 2013 - 06:27 AM

Hello Fireman4it

 

log as requested, and I have a USB flash drive

 

 

RogueKiller V8.6.4 [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jim [Admin rights]
Mode : Scan -- Date : 08/02/2013 12:24:59
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[SHELL][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Winlogon : shell (C:\PROGRA~3\wjhthwdrjwkeyuqsbpo.bat [-]) -> FOUND
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HID SVC][Hidden from API] HKLM\[...]\CCSet\[...]\Services : . e () -> FOUND
[HID SVC][Hidden from API] HKLM\[...]\CS001\[...]\Services : . e () -> FOUND
[HID SVC][Hidden from API] HKLM\[...]\CS002\[...]\Services : . e () -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] U : C:\Users\Jim\AppData\Local\{b23932ea-45b6-feea-e7e5-479849e7a317}\U [-] --> FOUND
[ZeroAccess][Folder] L : C:\Users\Jim\AppData\Local\{b23932ea-45b6-feea-e7e5-479849e7a317}\L [-] --> FOUND

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1002FAEX-00Y9A0 +++++
--- User ---
[MBR] 5f4ce811fb293834fa91b4c745841a0a
[BSP] 39cd18c16740a940e46908726e704c4a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 933388 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1911580672 | Size: 20480 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1002FAEX-00Y9A0 +++++
--- User ---
[MBR] b181b08ffa7019ca7436a6b26b039aef
[BSP] 857ce7e4d040430ff6a33bd3889a8a6f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_08022013_122459.txt >>



 



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 02 August 2013 - 04:19 PM

1.

  •    
  • Re-Run RogueKiller
       
  • Close all the running processes
       
  • Under Vista/Seven, right click -> Run as Administrator
       
  • Otherwise just double-click on RogueKiller.exe
       
  • When prompted, Click Delete 
       
  • A report should open, give its content to your helper. (RKreport could also be found next to the executable)
       
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename in winlogon.exe (or winlogon.com) and try again


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 02 August 2013 - 05:03 PM

RogueKiller V8.6.4 [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jim [Admin rights]
Mode : Remove -- Date : 08/02/2013 23:01:32
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[SHELL][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Winlogon : shell (C:\PROGRA~3\wjhthwdrjwkeyuqsbpo.bat [-]) -> REPLACED (explorer.exe)
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> REPLACED (1)
[HID SVC][Hidden from API] HKLM\[...]\CCSet\[...]\Services : . e () -> [0x3] The system cannot find the path specified.
[HID SVC][Hidden from API] HKLM\[...]\CS001\[...]\Services : . e () -> [0x3] The system cannot find the path specified.
[HID SVC][Hidden from API] HKLM\[...]\CS002\[...]\Services : . e () -> [0x3] The system cannot find the path specified.

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][Folder] U : C:\Users\Jim\AppData\Local\{b23932ea-45b6-feea-e7e5-479849e7a317}\U [-] --> DELETED
[ZeroAccess][Folder] L : C:\Users\Jim\AppData\Local\{b23932ea-45b6-feea-e7e5-479849e7a317}\L [-] --> DELETED

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1002FAEX-00Y9A0 +++++
--- User ---
[MBR] 5f4ce811fb293834fa91b4c745841a0a
[BSP] 39cd18c16740a940e46908726e704c4a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 933388 Mo
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 1911580672 | Size: 20480 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: WDC WD1002FAEX-00Y9A0 +++++
--- User ---
[MBR] b181b08ffa7019ca7436a6b26b039aef
[BSP] 857ce7e4d040430ff6a33bd3889a8a6f : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_08022013_230132.txt >>
RKreport[0]_S_08022013_122459.txt;RKreport[0]_S_08022013_230050.txt



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 02 August 2013 - 09:06 PM

1.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

 

2.

Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop

Link 1
Link 2

  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • RcAuto1.gif
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    whatnext.png
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
 

 

Things to include in your next reply::

TdssKiller log

Combofix.txt

How is your machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 03 August 2013 - 04:54 PM

22:03:52.0908 3488 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
22:03:54.0915 3488 ============================================================
22:03:54.0915 3488 Current date / time: 2013/08/03 22:03:54.0915
22:03:54.0915 3488 SystemInfo:
22:03:54.0915 3488
22:03:54.0915 3488 OS Version: 6.1.7601 ServicePack: 1.0
22:03:54.0915 3488 Product type: Workstation
22:03:54.0915 3488 ComputerName: JIM-PC
22:03:54.0915 3488 UserName: Jim
22:03:54.0915 3488 Windows directory: C:\Windows
22:03:54.0915 3488 System windows directory: C:\Windows
22:03:54.0915 3488 Running under WOW64
22:03:54.0915 3488 Processor architecture: Intel x64
22:03:54.0915 3488 Number of processors: 8
22:03:54.0915 3488 Page size: 0x1000
22:03:54.0915 3488 Boot type: Normal boot
22:03:54.0915 3488 ============================================================
22:03:54.0915 3488 BG loaded
22:03:55.0115 3488 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:03:55.0115 3488 Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:03:55.0195 3488 ============================================================
22:03:55.0205 3488 \Device\Harddisk0\DR0:
22:03:55.0205 3488 MBR partitions:
22:03:55.0205 3488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x71F06000
22:03:55.0205 3488 \Device\Harddisk1\DR1:
22:03:55.0215 3488 MBR partitions:
22:03:55.0215 3488 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:03:55.0215 3488 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
22:03:55.0215 3488 ============================================================
22:03:55.0215 3488 C: <-> \Device\Harddisk1\DR1\Partition2
22:03:55.0215 3488 D: <-> \Device\Harddisk0\DR0\Partition1
22:03:55.0215 3488 ============================================================
22:03:55.0215 3488 Initialize success
22:03:55.0215 3488 ============================================================
22:05:06.0301 6692 ============================================================
22:05:06.0301 6692 Scan started
22:05:06.0301 6692 Mode: Manual; SigCheck; TDLFS;
22:05:06.0301 6692 ============================================================
22:05:06.0413 6692 ================ Scan system memory ========================
22:05:06.0413 6692 System memory - ok
22:05:06.0413 6692 ================ Scan services =============================
22:05:06.0444 6692 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:05:06.0460 6692 1394ohci - ok
22:05:06.0475 6692 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:05:06.0475 6692 ACPI - ok
22:05:06.0475 6692 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:05:06.0491 6692 AcpiPmi - ok
22:05:06.0506 6692 [ 9EC8ADA309962F1F74E646E6D0C4F19E ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:05:06.0522 6692 AcrSch2Svc - ok
22:05:06.0522 6692 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:06.0522 6692 AdobeARMservice - ok
22:05:06.0553 6692 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:05:06.0553 6692 AdobeFlashPlayerUpdateSvc - ok
22:05:06.0569 6692 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:05:06.0569 6692 adp94xx - ok
22:05:06.0584 6692 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:05:06.0584 6692 adpahci - ok
22:05:06.0584 6692 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:05:06.0600 6692 adpu320 - ok
22:05:06.0600 6692 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:05:06.0647 6692 AeLookupSvc - ok
22:05:06.0662 6692 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
22:05:06.0662 6692 afcdp - ok
22:05:06.0694 6692 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
22:05:06.0725 6692 afcdpsrv - ok
22:05:06.0725 6692 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:05:06.0740 6692 AFD - ok
22:05:06.0740 6692 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:05:06.0740 6692 agp440 - ok
22:05:06.0756 6692 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:05:06.0756 6692 ALG - ok
22:05:06.0756 6692 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:05:06.0772 6692 aliide - ok
22:05:06.0772 6692 ALSysIO - ok
22:05:06.0787 6692 [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:05:06.0803 6692 AMD External Events Utility - ok
22:05:06.0803 6692 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:05:06.0803 6692 amdide - ok
22:05:06.0803 6692 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:05:06.0818 6692 AmdK8 - ok
22:05:06.0928 6692 [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:05:06.0990 6692 amdkmdag - ok
22:05:07.0006 6692 [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:05:07.0006 6692 amdkmdap - ok
22:05:07.0021 6692 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:05:07.0021 6692 AmdPPM - ok
22:05:07.0021 6692 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:05:07.0037 6692 amdsata - ok
22:05:07.0037 6692 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:05:07.0037 6692 amdsbs - ok
22:05:07.0037 6692 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:05:07.0052 6692 amdxata - ok
22:05:07.0052 6692 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:05:07.0099 6692 AppID - ok
22:05:07.0099 6692 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:05:07.0115 6692 AppIDSvc - ok
22:05:07.0130 6692 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
22:05:07.0130 6692 Appinfo - ok
22:05:07.0130 6692 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:05:07.0146 6692 arc - ok
22:05:07.0146 6692 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:05:07.0146 6692 arcsas - ok
22:05:07.0162 6692 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:05:07.0162 6692 aspnet_state - ok
22:05:07.0162 6692 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:05:07.0177 6692 AsyncMac - ok
22:05:07.0177 6692 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:05:07.0193 6692 atapi - ok
22:05:07.0193 6692 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:05:07.0193 6692 AthBTPort - ok
22:05:07.0193 6692 [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU C:\Windows\system32\Drivers\AthDfu.sys
22:05:07.0208 6692 ATHDFU - ok
22:05:07.0208 6692 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:05:07.0208 6692 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
22:05:07.0208 6692 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
22:05:07.0208 6692 [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
22:05:07.0224 6692 AtiHDAudioService - ok
22:05:07.0224 6692 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:05:07.0224 6692 atksgt - ok
22:05:07.0240 6692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:05:07.0255 6692 AudioEndpointBuilder - ok
22:05:07.0255 6692 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:05:07.0271 6692 AudioSrv - ok
22:05:07.0286 6692 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:05:07.0302 6692 AxInstSV - ok
22:05:07.0302 6692 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:05:07.0318 6692 b06bdrv - ok
22:05:07.0318 6692 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:05:07.0333 6692 b57nd60a - ok
22:05:07.0333 6692 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:05:07.0333 6692 BDESVC - ok
22:05:07.0333 6692 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:05:07.0349 6692 Beep - ok
22:05:07.0364 6692 [ B1359701847FF1FF415FA083F1610F48 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:05:07.0364 6692 BEService ( UnsignedFile.Multi.Generic ) - warning
22:05:07.0364 6692 BEService - detected UnsignedFile.Multi.Generic (1)
22:05:07.0380 6692 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:05:07.0396 6692 BFE - ok
22:05:07.0411 6692 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:05:07.0427 6692 BITS - ok
22:05:07.0442 6692 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:05:07.0442 6692 blbdrive - ok
22:05:07.0442 6692 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:05:07.0458 6692 bowser - ok
22:05:07.0458 6692 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:05:07.0458 6692 BrFiltLo - ok
22:05:07.0458 6692 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:05:07.0474 6692 BrFiltUp - ok
22:05:07.0474 6692 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:05:07.0489 6692 BridgeMP - ok
22:05:07.0489 6692 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:05:07.0489 6692 Browser - ok
22:05:07.0505 6692 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:05:07.0505 6692 Brserid - ok
22:05:07.0505 6692 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:05:07.0520 6692 BrSerWdm - ok
22:05:07.0520 6692 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:05:07.0520 6692 BrUsbMdm - ok
22:05:07.0520 6692 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:05:07.0536 6692 BrUsbSer - ok
22:05:07.0536 6692 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:05:07.0536 6692 BTATH_A2DP - ok
22:05:07.0552 6692 [ 2D0446336D9DB55A742B999EC16ADF15 ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
22:05:07.0552 6692 BTATH_BUS - ok
22:05:07.0552 6692 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
22:05:07.0552 6692 BTATH_HCRP - ok
22:05:07.0552 6692 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:05:07.0567 6692 BTATH_LWFLT - ok
22:05:07.0567 6692 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
22:05:07.0567 6692 BTATH_RCP - ok
22:05:07.0567 6692 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:05:07.0583 6692 BtFilter - ok
22:05:07.0583 6692 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:05:07.0583 6692 BthEnum - ok
22:05:07.0583 6692 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:05:07.0598 6692 BTHMODEM - ok
22:05:07.0598 6692 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:05:07.0614 6692 BthPan - ok
22:05:07.0614 6692 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:05:07.0614 6692 BTHPORT - ok
22:05:07.0630 6692 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:05:07.0645 6692 bthserv - ok
22:05:07.0645 6692 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:05:07.0645 6692 BTHUSB - ok
22:05:07.0645 6692 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:05:07.0661 6692 cdfs - ok
22:05:07.0676 6692 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:05:07.0676 6692 cdrom - ok
22:05:07.0676 6692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:05:07.0692 6692 CertPropSvc - ok
22:05:07.0692 6692 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:05:07.0708 6692 circlass - ok
22:05:07.0708 6692 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:05:07.0723 6692 CLFS - ok
22:05:07.0723 6692 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:05:07.0723 6692 clr_optimization_v2.0.50727_32 - ok
22:05:07.0739 6692 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:05:07.0739 6692 clr_optimization_v2.0.50727_64 - ok
22:05:07.0739 6692 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:05:07.0754 6692 clr_optimization_v4.0.30319_32 - ok
22:05:07.0754 6692 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:05:07.0770 6692 clr_optimization_v4.0.30319_64 - ok
22:05:07.0770 6692 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:05:07.0786 6692 CmBatt - ok
22:05:07.0786 6692 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:05:07.0786 6692 cmdide - ok
22:05:07.0786 6692 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:05:07.0801 6692 CNG - ok
22:05:07.0801 6692 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:05:07.0817 6692 Compbatt - ok
22:05:07.0817 6692 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:05:07.0817 6692 CompositeBus - ok
22:05:07.0817 6692 COMSysApp - ok
22:05:07.0832 6692 [ C08063F052308B6F5882482615387F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
22:05:07.0832 6692 cpuz135 - ok
22:05:07.0832 6692 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:05:07.0832 6692 crcdisk - ok
22:05:07.0832 6692 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
22:05:07.0848 6692 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
22:05:07.0848 6692 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
22:05:07.0848 6692 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:05:07.0848 6692 CryptSvc - ok
22:05:07.0848 6692 [ 148C9C111291C41D6B2ABFB6FBB43856 ] CT20XUT C:\Windows\system32\drivers\CT20XUT.SYS
22:05:07.0864 6692 CT20XUT - ok
22:05:07.0864 6692 [ 148C9C111291C41D6B2ABFB6FBB43856 ] CT20XUT.SYS C:\Windows\System32\drivers\CT20XUT.SYS
22:05:07.0864 6692 CT20XUT.SYS - ok
22:05:07.0879 6692 [ 397FBD4454E5B2FB77E55D1013DF548C ] ctac32k C:\Windows\system32\drivers\ctac32k.sys
22:05:07.0879 6692 ctac32k - ok
22:05:07.0895 6692 [ 50A8CD4DF066FE57D0C473A2645988CC ] ctaud2k C:\Windows\system32\drivers\ctaud2k.sys
22:05:07.0895 6692 ctaud2k - ok
22:05:07.0910 6692 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:05:07.0910 6692 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
22:05:07.0910 6692 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
22:05:07.0926 6692 [ 6F9C3C6C78F5296F4BC7102FB0F7CB65 ] CTEXFIFX C:\Windows\system32\drivers\CTEXFIFX.SYS
22:05:07.0942 6692 CTEXFIFX - ok
22:05:07.0942 6692 [ 6F9C3C6C78F5296F4BC7102FB0F7CB65 ] CTEXFIFX.SYS C:\Windows\System32\drivers\CTEXFIFX.SYS
22:05:07.0957 6692 CTEXFIFX.SYS - ok
22:05:07.0957 6692 [ AE78CA7EE865A28AC841211DB655ACF3 ] CTHWIUT C:\Windows\system32\drivers\CTHWIUT.SYS
22:05:07.0973 6692 CTHWIUT - ok
22:05:07.0973 6692 [ AE78CA7EE865A28AC841211DB655ACF3 ] CTHWIUT.SYS C:\Windows\System32\drivers\CTHWIUT.SYS
22:05:07.0973 6692 CTHWIUT.SYS - ok
22:05:07.0973 6692 [ 757776E207CA5E71E4A16BD1260AE1F2 ] ctprxy2k C:\Windows\system32\drivers\ctprxy2k.sys
22:05:07.0973 6692 ctprxy2k - ok
22:05:07.0988 6692 [ 9B111EE2F488A8D9C21A13ED4C777795 ] ctsfm2k C:\Windows\system32\drivers\ctsfm2k.sys
22:05:07.0988 6692 ctsfm2k - ok
22:05:07.0988 6692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:05:08.0020 6692 DcomLaunch - ok
22:05:08.0020 6692 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:05:08.0035 6692 defragsvc - ok
22:05:08.0035 6692 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:05:08.0051 6692 DfsC - ok
22:05:08.0051 6692 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:05:08.0066 6692 dg_ssudbus - ok
22:05:08.0066 6692 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:05:08.0082 6692 Dhcp - ok
22:05:08.0082 6692 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:05:08.0098 6692 discache - ok
22:05:08.0098 6692 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:05:08.0098 6692 Disk - ok
22:05:08.0098 6692 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:05:08.0113 6692 Dnscache - ok
22:05:08.0113 6692 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:05:08.0129 6692 dot3svc - ok
22:05:08.0129 6692 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:05:08.0144 6692 DPS - ok
22:05:08.0144 6692 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:05:08.0160 6692 drmkaud - ok
22:05:08.0176 6692 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:05:08.0176 6692 DXGKrnl - ok
22:05:08.0191 6692 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
22:05:08.0191 6692 e1cexpress - ok
22:05:08.0191 6692 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:05:08.0207 6692 EapHost - ok
22:05:08.0238 6692 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:05:08.0269 6692 ebdrv - ok
22:05:08.0269 6692 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:05:08.0269 6692 EFS - ok
22:05:08.0285 6692 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:05:08.0300 6692 ehRecvr - ok
22:05:08.0300 6692 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:05:08.0300 6692 ehSched - ok
22:05:08.0316 6692 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:05:08.0316 6692 elxstor - ok
22:05:08.0332 6692 [ 683DCAF0D4EFC3F95A32E8924849202D ] emupia C:\Windows\system32\drivers\emupia2k.sys
22:05:08.0332 6692 emupia - ok
22:05:08.0332 6692 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:05:08.0332 6692 ErrDev - ok
22:05:08.0347 6692 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:05:08.0363 6692 EventSystem - ok
22:05:08.0363 6692 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:05:08.0378 6692 exfat - ok
22:05:08.0378 6692 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:05:08.0410 6692 fastfat - ok
22:05:08.0410 6692 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:05:08.0425 6692 Fax - ok
22:05:08.0425 6692 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:05:08.0425 6692 fdc - ok
22:05:08.0425 6692 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:05:08.0441 6692 fdPHost - ok
22:05:08.0441 6692 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:05:08.0456 6692 FDResPub - ok
22:05:08.0456 6692 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:05:08.0472 6692 FileInfo - ok
22:05:08.0472 6692 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:05:08.0488 6692 Filetrace - ok
22:05:08.0488 6692 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:05:08.0488 6692 flpydisk - ok
22:05:08.0503 6692 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:05:08.0503 6692 FltMgr - ok
22:05:08.0519 6692 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:05:08.0534 6692 FontCache - ok
22:05:08.0534 6692 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:05:08.0534 6692 FontCache3.0.0.0 - ok
22:05:08.0534 6692 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:05:08.0550 6692 FsDepends - ok
22:05:08.0550 6692 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:05:08.0550 6692 Fs_Rec - ok
22:05:08.0550 6692 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:05:08.0566 6692 fvevol - ok
22:05:08.0566 6692 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:05:08.0566 6692 gagp30kx - ok
22:05:08.0581 6692 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:05:08.0597 6692 gpsvc - ok
22:05:08.0597 6692 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:08.0612 6692 gupdate - ok
22:05:08.0612 6692 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:08.0612 6692 gupdatem - ok
22:05:08.0628 6692 [ 076F366B87575ADC7D152C7A34ACB3DC ] ha20x22k C:\Windows\system32\drivers\ha20x22k.sys
22:05:08.0644 6692 ha20x22k - ok
22:05:08.0659 6692 [ 4A7533EB52DC9D1847E7F78DEE1CE322 ] ha20x2k C:\Windows\system32\drivers\ha20x2k.sys
22:05:08.0675 6692 ha20x2k - ok
22:05:08.0675 6692 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
22:05:08.0690 6692 hamachi - ok
22:05:08.0690 6692 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:05:08.0690 6692 hcw85cir - ok
22:05:08.0690 6692 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:05:08.0709 6692 HdAudAddService - ok
22:05:08.0709 6692 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:05:08.0724 6692 HDAudBus - ok
22:05:08.0724 6692 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:05:08.0724 6692 HidBatt - ok
22:05:08.0724 6692 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:05:08.0742 6692 HidBth - ok
22:05:08.0742 6692 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:05:08.0742 6692 HidIr - ok
22:05:08.0742 6692 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:05:08.0758 6692 hidserv - ok
22:05:08.0773 6692 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:05:08.0776 6692 HidUsb - ok
22:05:08.0776 6692 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:05:08.0794 6692 hkmsvc - ok
22:05:08.0794 6692 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:05:08.0794 6692 HomeGroupListener - ok
22:05:08.0810 6692 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:05:08.0810 6692 HomeGroupProvider - ok
22:05:08.0810 6692 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:05:08.0825 6692 HpSAMD - ok
22:05:08.0825 6692 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:05:08.0843 6692 HTTP - ok
22:05:08.0843 6692 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:05:08.0859 6692 hwpolicy - ok
22:05:08.0861 6692 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:05:08.0864 6692 i8042prt - ok
22:05:08.0864 6692 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:05:08.0880 6692 iaStorV - ok
22:05:08.0880 6692 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:05:08.0895 6692 idsvc - ok
22:05:08.0895 6692 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:05:08.0911 6692 iirsp - ok
22:05:08.0911 6692 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:05:08.0942 6692 IKEEXT - ok
22:05:08.0942 6692 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:05:08.0942 6692 intelide - ok
22:05:08.0942 6692 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:05:08.0958 6692 intelppm - ok
22:05:08.0958 6692 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
22:05:08.0958 6692 Intel® PROSet Monitoring Service - ok
22:05:08.0958 6692 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:05:08.0973 6692 IPBusEnum - ok
22:05:08.0989 6692 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:05:09.0004 6692 IpFilterDriver - ok
22:05:09.0004 6692 [ 08C2957BB30058E663720C5606885653 ] IpHlpSvc C:\Windows\System32\iphlpsvc.dll
22:05:09.0020 6692 IpHlpSvc - ok
22:05:09.0020 6692 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:05:09.0020 6692 IPMIDRV - ok
22:05:09.0036 6692 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:05:09.0051 6692 IPNAT - ok
22:05:09.0051 6692 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:05:09.0051 6692 IRENUM - ok
22:05:09.0051 6692 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:05:09.0067 6692 isapnp - ok
22:05:09.0067 6692 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:05:09.0082 6692 iScsiPrt - ok
22:05:09.0082 6692 [ BE72D2B3A99615F84E270C80F0A18448 ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
22:05:09.0082 6692 ISWKL - ok
22:05:09.0098 6692 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
22:05:09.0098 6692 IswSvc - ok
22:05:09.0098 6692 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:05:09.0114 6692 kbdclass - ok
22:05:09.0114 6692 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:05:09.0114 6692 kbdhid - ok
22:05:09.0114 6692 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:05:09.0129 6692 KeyIso - ok
22:05:09.0129 6692 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:05:09.0129 6692 KSecDD - ok
22:05:09.0129 6692 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:05:09.0145 6692 KSecPkg - ok
22:05:09.0145 6692 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:05:09.0160 6692 ksthunk - ok
22:05:09.0160 6692 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:05:09.0192 6692 KtmRm - ok
22:05:09.0192 6692 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:05:09.0207 6692 LanmanServer - ok
22:05:09.0207 6692 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:05:09.0223 6692 LanmanWorkstation - ok
22:05:09.0238 6692 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
22:05:09.0238 6692 LGBusEnum - ok
22:05:09.0238 6692 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
22:05:09.0238 6692 LGVirHid - ok
22:05:09.0238 6692 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:05:09.0254 6692 lirsgt - ok
22:05:09.0254 6692 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:05:09.0270 6692 lltdio - ok
22:05:09.0270 6692 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:05:09.0285 6692 lltdsvc - ok
22:05:09.0285 6692 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:05:09.0316 6692 lmhosts - ok
22:05:09.0316 6692 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:05:09.0316 6692 LSI_FC - ok
22:05:09.0316 6692 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:05:09.0332 6692 LSI_SAS - ok
22:05:09.0332 6692 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:05:09.0332 6692 LSI_SAS2 - ok
22:05:09.0332 6692 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:05:09.0348 6692 LSI_SCSI - ok
22:05:09.0348 6692 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:05:09.0363 6692 luafv - ok
22:05:09.0363 6692 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:05:09.0363 6692 MBAMProtector - ok
22:05:09.0379 6692 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:05:09.0379 6692 MBAMScheduler - ok
22:05:09.0394 6692 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:09.0410 6692 MBAMService - ok
22:05:09.0410 6692 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:05:09.0410 6692 Mcx2Svc - ok
22:05:09.0410 6692 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:05:09.0426 6692 megasas - ok
22:05:09.0426 6692 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:05:09.0426 6692 MegaSR - ok
22:05:09.0441 6692 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
22:05:09.0441 6692 MEIx64 - ok
22:05:09.0441 6692 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:05:09.0441 6692 Microsoft Office Groove Audit Service - ok
22:05:09.0457 6692 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:05:09.0472 6692 MMCSS - ok
22:05:09.0472 6692 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:05:09.0488 6692 Modem - ok
22:05:09.0488 6692 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:05:09.0488 6692 monitor - ok
22:05:09.0504 6692 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:05:09.0504 6692 mouclass - ok
22:05:09.0504 6692 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:05:09.0504 6692 mouhid - ok
22:05:09.0504 6692 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:05:09.0519 6692 mountmgr - ok
22:05:09.0519 6692 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:05:09.0519 6692 MozillaMaintenance - ok
22:05:09.0535 6692 [ FC1D590039EF06A381768710E6C07E75 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
22:05:09.0535 6692 MpFilter - ok
22:05:09.0535 6692 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:05:09.0550 6692 mpio - ok
22:05:09.0550 6692 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:05:09.0566 6692 mpsdrv - ok
22:05:09.0566 6692 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:05:09.0597 6692 MpsSvc - ok
22:05:09.0597 6692 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:05:09.0597 6692 MRxDAV - ok
22:05:09.0613 6692 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:05:09.0613 6692 mrxsmb - ok
22:05:09.0613 6692 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:05:09.0628 6692 mrxsmb10 - ok
22:05:09.0628 6692 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:05:09.0628 6692 mrxsmb20 - ok
22:05:09.0628 6692 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:05:09.0644 6692 msahci - ok
22:05:09.0644 6692 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:05:09.0644 6692 msdsm - ok
22:05:09.0644 6692 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:05:09.0660 6692 MSDTC - ok
22:05:09.0660 6692 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:05:09.0675 6692 Msfs - ok
22:05:09.0675 6692 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:05:09.0691 6692 mshidkmdf - ok
22:05:09.0691 6692 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:05:09.0706 6692 msisadrv - ok
22:05:09.0706 6692 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:05:09.0722 6692 MSiSCSI - ok
22:05:09.0722 6692 msiserver - ok
22:05:09.0722 6692 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:05:09.0738 6692 MSKSSRV - ok
22:05:09.0738 6692 [ FD909D744ACFCF61CAC3A77854F8B301 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:09.0753 6692 MsMpSvc - ok
22:05:09.0753 6692 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:05:09.0769 6692 MSPCLOCK - ok
22:05:09.0769 6692 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:05:09.0784 6692 MSPQM - ok
22:05:09.0784 6692 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:05:09.0800 6692 MsRPC - ok
22:05:09.0800 6692 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:05:09.0800 6692 mssmbios - ok
22:05:09.0800 6692 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:05:09.0816 6692 MSTEE - ok
22:05:09.0831 6692 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:05:09.0831 6692 MTConfig - ok
22:05:09.0831 6692 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:05:09.0831 6692 Mup - ok
22:05:09.0847 6692 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:05:09.0862 6692 napagent - ok
22:05:09.0862 6692 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:05:09.0878 6692 NativeWifiP - ok
22:05:09.0896 6692 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:05:09.0911 6692 NDIS - ok
22:05:09.0914 6692 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:05:09.0931 6692 NdisCap - ok
22:05:09.0931 6692 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:05:09.0946 6692 NdisTapi - ok
22:05:09.0949 6692 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:05:09.0966 6692 Ndisuio - ok
22:05:09.0969 6692 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:05:09.0986 6692 NdisWan - ok
22:05:09.0986 6692 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:05:10.0001 6692 NDProxy - ok
22:05:10.0014 6692 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:05:10.0024 6692 Nero BackItUp Scheduler 4.0 - ok
22:05:10.0026 6692 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:05:10.0041 6692 NetBIOS - ok
22:05:10.0046 6692 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:05:10.0061 6692 NetBT - ok
22:05:10.0064 6692 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:05:10.0069 6692 Netlogon - ok
22:05:10.0074 6692 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:05:10.0091 6692 Netman - ok
22:05:10.0094 6692 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:10.0104 6692 NetMsmqActivator - ok
22:05:10.0106 6692 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:10.0111 6692 NetPipeActivator - ok
22:05:10.0116 6692 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:05:10.0134 6692 netprofm - ok
22:05:10.0139 6692 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:10.0144 6692 NetTcpActivator - ok
22:05:10.0146 6692 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:05:10.0151 6692 NetTcpPortSharing - ok
22:05:10.0154 6692 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:05:10.0154 6692 nfrd960 - ok
22:05:10.0154 6692 [ 8FB3C853E886E1E4D57271672486111C ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:05:10.0169 6692 NisDrv - ok
22:05:10.0169 6692 [ EC445A9F0FB52E5F467C156FFF6F6D93 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:10.0169 6692 NisSrv - ok
22:05:10.0185 6692 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:05:10.0185 6692 NlaSvc - ok
22:05:10.0185 6692 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:05:10.0200 6692 Npfs - ok
22:05:10.0200 6692 [ B785BC959F7B0514971A317CA86A2628 ] npusbio C:\Windows\system32\Drivers\npusbio_x64.sys
22:05:10.0216 6692 npusbio - ok
22:05:10.0216 6692 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:05:10.0232 6692 nsi - ok
22:05:10.0232 6692 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:05:10.0247 6692 nsiproxy - ok
22:05:10.0263 6692 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:05:10.0294 6692 Ntfs - ok
22:05:10.0294 6692 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:05:10.0310 6692 Null - ok
22:05:10.0310 6692 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
22:05:10.0310 6692 nusb3hub - ok
22:05:10.0325 6692 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
22:05:10.0325 6692 nusb3xhc - ok
22:05:10.0325 6692 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:05:10.0341 6692 nvraid - ok
22:05:10.0341 6692 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:05:10.0341 6692 nvstor - ok
22:05:10.0341 6692 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:05:10.0356 6692 nv_agp - ok
22:05:10.0356 6692 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:05:10.0372 6692 odserv - ok
22:05:10.0372 6692 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:05:10.0372 6692 ohci1394 - ok
22:05:10.0388 6692 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:05:10.0388 6692 ose - ok
22:05:10.0388 6692 [ A29A80A1CF63D0DC27EEFCAF27D34664 ] ossrv C:\Windows\system32\drivers\ctoss2k.sys
22:05:10.0388 6692 ossrv - ok
22:05:10.0403 6692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:05:10.0403 6692 p2pimsvc - ok
22:05:10.0419 6692 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:05:10.0419 6692 p2psvc - ok
22:05:10.0419 6692 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:05:10.0434 6692 Parport - ok
22:05:10.0434 6692 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:05:10.0434 6692 partmgr - ok
22:05:10.0434 6692 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:05:10.0450 6692 PcaSvc - ok
22:05:10.0450 6692 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:05:10.0466 6692 pci - ok
22:05:10.0466 6692 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:05:10.0466 6692 pciide - ok
22:05:10.0466 6692 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:05:10.0481 6692 pcmcia - ok
22:05:10.0481 6692 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:05:10.0481 6692 pcw - ok
22:05:10.0497 6692 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:05:10.0512 6692 PEAUTH - ok
22:05:10.0528 6692 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:05:10.0544 6692 PerfHost - ok
22:05:10.0559 6692 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:05:10.0575 6692 pla - ok
22:05:10.0590 6692 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:05:10.0590 6692 PlugPlay - ok
22:05:10.0590 6692 PnkBstrA - ok
22:05:10.0590 6692 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:05:10.0606 6692 PNRPAutoReg - ok
22:05:10.0606 6692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:05:10.0622 6692 PNRPsvc - ok
22:05:10.0622 6692 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:05:10.0637 6692 PolicyAgent - ok
22:05:10.0637 6692 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:05:10.0653 6692 Power - ok
22:05:10.0668 6692 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:05:10.0684 6692 PptpMiniport - ok
22:05:10.0686 6692 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:05:10.0694 6692 Processor - ok
22:05:10.0696 6692 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:05:10.0704 6692 ProfSvc - ok
22:05:10.0704 6692 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:05:10.0709 6692 ProtectedStorage - ok
22:05:10.0714 6692 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:05:10.0731 6692 Psched - ok
22:05:10.0734 6692 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] PSI C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
22:05:10.0741 6692 PSI - ok
22:05:10.0759 6692 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:05:10.0779 6692 ql2300 - ok
22:05:10.0784 6692 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:05:10.0789 6692 ql40xx - ok
22:05:10.0791 6692 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:05:10.0801 6692 QWAVE - ok
22:05:10.0804 6692 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:05:10.0811 6692 QWAVEdrv - ok
22:05:10.0816 6692 [ 6C8F17953C07F88364307FC7811C5184 ] RadeonPro Support Service C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
22:05:10.0816 6692 RadeonPro Support Service ( UnsignedFile.Multi.Generic ) - warning
22:05:10.0816 6692 RadeonPro Support Service - detected UnsignedFile.Multi.Generic (1)
22:05:10.0819 6692 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:05:10.0836 6692 RasAcd - ok
22:05:10.0839 6692 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:05:10.0854 6692 RasAgileVpn - ok
22:05:10.0856 6692 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:05:10.0874 6692 RasAuto - ok
22:05:10.0876 6692 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:05:10.0891 6692 Rasl2tp - ok
22:05:10.0896 6692 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:05:10.0914 6692 RasMan - ok
22:05:10.0916 6692 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:05:10.0934 6692 RasPppoe - ok
22:05:10.0936 6692 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:05:10.0951 6692 RasSstp - ok
22:05:10.0956 6692 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:05:10.0974 6692 rdbss - ok
22:05:10.0976 6692 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:05:10.0984 6692 rdpbus - ok
22:05:10.0984 6692 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:05:10.0999 6692 RDPCDD - ok
22:05:11.0001 6692 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:05:11.0004 6692 RDPENCDD - ok
22:05:11.0020 6692 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:05:11.0035 6692 RDPREFMP - ok
22:05:11.0035 6692 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:05:11.0035 6692 RDPWD - ok
22:05:11.0035 6692 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:05:11.0051 6692 rdyboost - ok
22:05:11.0051 6692 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:05:11.0066 6692 RemoteAccess - ok
22:05:11.0082 6692 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:05:11.0098 6692 RemoteRegistry - ok
22:05:11.0098 6692 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:05:11.0098 6692 RFCOMM - ok
22:05:11.0098 6692 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:05:11.0113 6692 RpcEptMapper - ok
22:05:11.0129 6692 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:05:11.0129 6692 RpcLocator - ok
22:05:11.0129 6692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:05:11.0144 6692 RpcSs - ok
22:05:11.0160 6692 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:05:11.0176 6692 rspndr - ok
22:05:11.0176 6692 [ 45C0B193065219189772A038E6C29D49 ] SaiH0763 C:\Windows\system32\DRIVERS\SaiH0763.sys
22:05:11.0176 6692 SaiH0763 - ok
22:05:11.0176 6692 [ 296D0CC623EEB6D2B9800AD421F9116A ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
22:05:11.0191 6692 SaiMini - ok
22:05:11.0191 6692 [ 6A77D63B566DF14DA0E7DD0D2C594EF7 ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
22:05:11.0207 6692 SaiNtBus - ok
22:05:11.0207 6692 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:05:11.0207 6692 SamSs - ok
22:05:11.0207 6692 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:05:11.0222 6692 sbp2port - ok
22:05:11.0222 6692 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:05:11.0238 6692 SCardSvr - ok
22:05:11.0238 6692 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:05:11.0254 6692 scfilter - ok
22:05:11.0269 6692 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:05:11.0285 6692 Schedule - ok
22:05:11.0300 6692 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:05:11.0300 6692 SCPolicySvc - ok
22:05:11.0316 6692 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:05:11.0316 6692 SDRSVC - ok
22:05:11.0316 6692 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:05:11.0332 6692 secdrv - ok
22:05:11.0332 6692 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:05:11.0347 6692 seclogon - ok
22:05:11.0363 6692 [ E43C0D32FF2D9A72F2D975B83B916964 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
22:05:11.0378 6692 Secunia PSI Agent - ok
22:05:11.0394 6692 [ CB2D183E27D1443F7D4CF10665B2BDED ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
22:05:11.0394 6692 Secunia Update Agent - ok
22:05:11.0394 6692 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:05:11.0410 6692 SENS - ok
22:05:11.0410 6692 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:05:11.0425 6692 SensrSvc - ok
22:05:11.0425 6692 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:05:11.0425 6692 Serenum - ok
22:05:11.0441 6692 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:05:11.0441 6692 Serial - ok
22:05:11.0441 6692 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:05:11.0441 6692 sermouse - ok
22:05:11.0456 6692 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:05:11.0472 6692 SessionEnv - ok
22:05:11.0472 6692 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:05:11.0472 6692 sffdisk - ok
22:05:11.0472 6692 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:05:11.0488 6692 sffp_mmc - ok
22:05:11.0488 6692 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:05:11.0488 6692 sffp_sd - ok
22:05:11.0503 6692 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:05:11.0503 6692 sfloppy - ok
22:05:11.0503 6692 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:05:11.0534 6692 SharedAccess - ok
22:05:11.0534 6692 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:05:11.0550 6692 ShellHWDetection - ok
22:05:11.0550 6692 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:05:11.0550 6692 SiSRaid2 - ok
22:05:11.0566 6692 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:05:11.0566 6692 SiSRaid4 - ok
22:05:11.0566 6692 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:05:11.0581 6692 Smb - ok
22:05:11.0581 6692 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
22:05:11.0597 6692 snapman - ok
22:05:11.0597 6692 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:05:11.0597 6692 SNMPTRAP - ok
22:05:11.0612 6692 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:05:11.0612 6692 spldr - ok
22:05:11.0612 6692 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:05:11.0628 6692 Spooler - ok
22:05:11.0659 6692 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:05:11.0690 6692 sppsvc - ok
22:05:11.0706 6692 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:05:11.0722 6692 sppuinotify - ok
22:05:11.0722 6692 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:05:11.0737 6692 srv - ok
22:05:11.0737 6692 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:05:11.0737 6692 srv2 - ok
22:05:11.0753 6692 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:05:11.0753 6692 srvnet - ok
22:05:11.0753 6692 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:05:11.0768 6692 SSDPSRV - ok
22:05:11.0768 6692 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:05:11.0784 6692 SstpSvc - ok
22:05:11.0800 6692 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:05:11.0800 6692 ssudmdm - ok
22:05:11.0800 6692 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:05:11.0815 6692 Steam Client Service - ok
22:05:11.0815 6692 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:05:11.0815 6692 stexstor - ok
22:05:11.0831 6692 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:05:11.0846 6692 stisvc - ok
22:05:11.0846 6692 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:05:11.0846 6692 swenum - ok
22:05:11.0846 6692 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:05:11.0878 6692 swprv - ok
22:05:11.0893 6692 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:05:11.0909 6692 SysMain - ok
22:05:11.0909 6692 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:05:11.0924 6692 TabletInputService - ok
22:05:11.0924 6692 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:05:11.0940 6692 TapiSrv - ok
22:05:11.0956 6692 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:05:11.0971 6692 TBS - ok
22:05:11.0987 6692 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:05:12.0002 6692 Tcpip - ok
22:05:12.0018 6692 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:05:12.0034 6692 TCPIP6 - ok
22:05:12.0049 6692 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:05:12.0049 6692 tcpipreg - ok
22:05:12.0049 6692 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:05:12.0049 6692 TDPIPE - ok
22:05:12.0065 6692 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
22:05:12.0080 6692 tdrpman273 - ok
22:05:12.0080 6692 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:05:12.0096 6692 TDTCP - ok
22:05:12.0096 6692 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:05:12.0112 6692 tdx - ok
22:05:12.0112 6692 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:05:12.0112 6692 TermDD - ok
22:05:12.0127 6692 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:05:12.0143 6692 TermService - ok
22:05:12.0143 6692 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:05:12.0158 6692 Themes - ok
22:05:12.0158 6692 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:05:12.0174 6692 THREADORDER - ok
22:05:12.0190 6692 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
22:05:12.0205 6692 timounter - ok
22:05:12.0205 6692 [ 2867DEC7A25DCF98CA65BBDCEDA0A78E ] TmBusEn C:\Windows\system32\DRIVERS\TmBusEn.sys
22:05:12.0205 6692 TmBusEn - ok
22:05:12.0205 6692 [ C0C94A84AF75661E951AEAC04F044351 ] TmFilter C:\Windows\system32\DRIVERS\TmFilter.sys
22:05:12.0221 6692 TmFilter - ok
22:05:12.0221 6692 [ 59F698C8B9D9BBB84F3499A92C4B53E7 ] TmHid C:\Windows\system32\DRIVERS\TmHid.sys
22:05:12.0236 6692 TmHid - ok
22:05:12.0236 6692 [ 6E0034A5D665472E508F02F9B44DB3C8 ] TmWinService C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
22:05:12.0236 6692 TmWinService ( UnsignedFile.Multi.Generic ) - warning
22:05:12.0236 6692 TmWinService - detected UnsignedFile.Multi.Generic (1)
22:05:12.0236 6692 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:05:12.0252 6692 TrkWks - ok
22:05:12.0268 6692 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:05:12.0283 6692 TrustedInstaller - ok
22:05:12.0283 6692 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:05:12.0299 6692 tssecsrv - ok
22:05:12.0299 6692 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:05:12.0299 6692 TsUsbFlt - ok
22:05:12.0299 6692 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:05:12.0314 6692 TsUsbGD - ok
22:05:12.0314 6692 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:05:12.0330 6692 tunnel - ok
22:05:12.0330 6692 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:05:12.0330 6692 uagp35 - ok
22:05:12.0346 6692 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:05:12.0361 6692 udfs - ok
22:05:12.0361 6692 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:05:12.0377 6692 UI0Detect - ok
22:05:12.0377 6692 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:05:12.0377 6692 uliagpkx - ok
22:05:12.0377 6692 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:05:12.0392 6692 umbus - ok
22:05:12.0392 6692 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:05:12.0392 6692 UmPass - ok
22:05:12.0392 6692 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:05:12.0408 6692 upnphost - ok
22:05:12.0424 6692 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:05:12.0424 6692 usbccgp - ok
22:05:12.0424 6692 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:05:12.0439 6692 usbcir - ok
22:05:12.0439 6692 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:05:12.0439 6692 usbehci - ok
22:05:12.0455 6692 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:05:12.0460 6692 usbhub - ok
22:05:12.0462 6692 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:05:12.0467 6692 usbohci - ok
22:05:12.0470 6692 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:05:12.0477 6692 usbprint - ok
22:05:12.0480 6692 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:05:12.0487 6692 USBSTOR - ok
22:05:12.0487 6692 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:05:12.0495 6692 usbuhci - ok
22:05:12.0495 6692 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:05:12.0512 6692 UxSms - ok
22:05:12.0515 6692 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:05:12.0520 6692 VaultSvc - ok
22:05:12.0522 6692 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:05:12.0527 6692 vdrvroot - ok
22:05:12.0532 6692 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:05:12.0552 6692 vds - ok
22:05:12.0555 6692 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:05:12.0562 6692 vga - ok
22:05:12.0562 6692 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:05:12.0580 6692 VgaSave - ok
22:05:12.0582 6692 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:05:12.0590 6692 vhdmp - ok
22:05:12.0592 6692 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:05:12.0595 6692 viaide - ok
22:05:12.0595 6692 viopgncj - ok
22:05:12.0595 6692 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:05:12.0595 6692 volmgr - ok
22:05:12.0610 6692 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:05:12.0610 6692 volmgrx - ok
22:05:12.0610 6692 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:05:12.0626 6692 volsnap - ok
22:05:12.0626 6692 [ 1065A957523ED51AAFFF737CC63010A6 ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys
22:05:12.0642 6692 Vsdatant - ok
22:05:12.0642 6692 vsmon - ok
22:05:12.0642 6692 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:05:12.0642 6692 vsmraid - ok
22:05:12.0673 6692 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:05:12.0688 6692 VSS - ok
22:05:12.0704 6692 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:05:12.0704 6692 vwifibus - ok
22:05:12.0704 6692 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:05:12.0735 6692 W32Time - ok
22:05:12.0735 6692 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:05:12.0735 6692 WacomPen - ok
22:05:12.0735 6692 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:05:12.0751 6692 WANARP - ok
22:05:12.0751 6692 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:05:12.0766 6692 Wanarpv6 - ok
22:05:12.0782 6692 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:05:12.0813 6692 WatAdminSvc - ok
22:05:12.0813 6692 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:05:12.0844 6692 wbengine - ok
22:05:12.0844 6692 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:05:12.0860 6692 WbioSrvc - ok
22:05:12.0860 6692 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:05:12.0876 6692 wcncsvc - ok
22:05:12.0876 6692 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:05:12.0876 6692 WcsPlugInService - ok
22:05:12.0876 6692 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:05:12.0891 6692 Wd - ok
22:05:12.0891 6692 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:05:12.0907 6692 Wdf01000 - ok
22:05:12.0907 6692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:05:12.0938 6692 WdiServiceHost - ok
22:05:12.0938 6692 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:05:12.0938 6692 WdiSystemHost - ok
22:05:12.0954 6692 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:05:12.0954 6692 WebClient - ok
22:05:12.0969 6692 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:05:12.0985 6692 Wecsvc - ok
22:05:12.0985 6692 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:05:13.0000 6692 wercplsupport - ok
22:05:13.0000 6692 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:05:13.0016 6692 WerSvc - ok
22:05:13.0016 6692 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:05:13.0032 6692 WfpLwf - ok
22:05:13.0032 6692 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:05:13.0047 6692 WIMMount - ok
22:05:13.0047 6692 WinDefend - ok
22:05:13.0047 6692 WinHttpAutoProxySvc - ok
22:05:13.0063 6692 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:05:13.0078 6692 Winmgmt - ok
22:05:13.0094 6692 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:05:13.0125 6692 WinRM - ok
22:05:13.0125 6692 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:05:13.0125 6692 WinUsb - ok
22:05:13.0141 6692 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:05:13.0156 6692 Wlansvc - ok
22:05:13.0156 6692 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:05:13.0172 6692 WmiAcpi - ok
22:05:13.0172 6692 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:05:13.0172 6692 wmiApSrv - ok
22:05:13.0172 6692 WMPNetworkSvc - ok
22:05:13.0172 6692 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:05:13.0188 6692 WPCSvc - ok
22:05:13.0188 6692 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:05:13.0188 6692 WPDBusEnum - ok
22:05:13.0203 6692 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:05:13.0219 6692 ws2ifsl - ok
22:05:13.0219 6692 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:05:13.0219 6692 wscsvc - ok
22:05:13.0219 6692 WSearch - ok
22:05:13.0250 6692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:05:13.0281 6692 wuauserv - ok
22:05:13.0281 6692 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:05:13.0281 6692 WudfPf - ok
22:05:13.0281 6692 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:05:13.0297 6692 WUDFRd - ok
22:05:13.0297 6692 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:05:13.0297 6692 wudfsvc - ok
22:05:13.0312 6692 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:05:13.0312 6692 WwanSvc - ok
22:05:13.0312 6692 ‮etadpug - ok
22:05:13.0328 6692 ================ Scan global ===============================
22:05:13.0328 6692 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:05:13.0344 6692 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:05:13.0344 6692 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:05:13.0344 6692 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:05:13.0344 6692 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:05:13.0344 6692 [Global] - ok
22:05:13.0344 6692 ================ Scan MBR ==================================
22:05:13.0344 6692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:05:13.0484 6692 \Device\Harddisk0\DR0 - ok
22:05:13.0484 6692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:05:13.0562 6692 \Device\Harddisk1\DR1 - ok
22:05:13.0562 6692 ================ Scan VBR ==================================
22:05:13.0562 6692 [ 3355CF8611DB3DF4120ED62B2326BDF7 ] \Device\Harddisk0\DR0\Partition1
22:05:13.0562 6692 \Device\Harddisk0\DR0\Partition1 - ok
22:05:13.0562 6692 [ 9BD7D73FCFF8C98BDED32AEDB5D09D6F ] \Device\Harddisk1\DR1\Partition1
22:05:13.0562 6692 \Device\Harddisk1\DR1\Partition1 - ok
22:05:13.0562 6692 [ F20B7FD735A5B1255686EB38504B2869 ] \Device\Harddisk1\DR1\Partition2
22:05:13.0562 6692 \Device\Harddisk1\DR1\Partition2 - ok
22:05:13.0562 6692 ================ Scan active images ========================
22:05:13.0562 6692 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
22:05:13.0562 6692 C:\Windows\System32\drivers\crashdmp.sys - ok
22:05:13.0562 6692 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
22:05:13.0562 6692 C:\Windows\System32\drivers\dumpfve.sys - ok
22:05:13.0562 6692 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] C:\Windows\System32\drivers\iaStorV.sys
22:05:13.0562 6692 C:\Windows\System32\drivers\iaStorV.sys - ok
22:05:13.0562 6692 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
22:05:13.0562 6692 C:\Windows\System32\drivers\beep.sys - ok
22:05:13.0578 6692 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\cdrom.sys - ok
22:05:13.0578 6692 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\null.sys - ok
22:05:13.0578 6692 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\RDPCDD.sys - ok
22:05:13.0578 6692 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\RDPENCDD.sys - ok
22:05:13.0578 6692 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\RDPREFMP.sys - ok
22:05:13.0578 6692 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\vga.sys - ok
22:05:13.0578 6692 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\videoprt.sys - ok
22:05:13.0578 6692 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\watchdog.sys - ok
22:05:13.0578 6692 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\msfs.sys - ok
22:05:13.0578 6692 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\npfs.sys - ok
22:05:13.0578 6692 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\tdi.sys - ok
22:05:13.0578 6692 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
22:05:13.0578 6692 C:\Windows\System32\drivers\tdx.sys - ok
22:05:13.0593 6692 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\afd.sys - ok
22:05:13.0593 6692 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\netbt.sys - ok
22:05:13.0593 6692 [ 1065A957523ED51AAFFF737CC63010A6 ] C:\Windows\System32\drivers\vsdatant.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\vsdatant.sys - ok
22:05:13.0593 6692 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\wfplwf.sys - ok
22:05:13.0593 6692 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\ws2ifsl.sys - ok
22:05:13.0593 6692 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\netbios.sys - ok
22:05:13.0593 6692 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\pacer.sys - ok
22:05:13.0593 6692 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\serial.sys - ok
22:05:13.0593 6692 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\wanarp.sys - ok
22:05:13.0593 6692 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\rdbss.sys - ok
22:05:13.0593 6692 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
22:05:13.0593 6692 C:\Windows\System32\drivers\termdd.sys - ok
22:05:13.0609 6692 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\blbdrive.sys - ok
22:05:13.0609 6692 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\dfsc.sys - ok
22:05:13.0609 6692 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\discache.sys - ok
22:05:13.0609 6692 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\mssmbios.sys - ok
22:05:13.0609 6692 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\nsiproxy.sys - ok
22:05:13.0609 6692 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\tunnel.sys - ok
22:05:13.0609 6692 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
22:05:13.0609 6692 C:\Windows\System32\ntdll.dll - ok
22:05:13.0609 6692 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
22:05:13.0609 6692 C:\Windows\System32\smss.exe - ok
22:05:13.0609 6692 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
22:05:13.0609 6692 C:\Windows\System32\autochk.exe - ok
22:05:13.0609 6692 [ EE22D3ED6D55A855E709F811CCCA97ED ] C:\Windows\System32\drivers\atikmpag.sys
22:05:13.0609 6692 C:\Windows\System32\drivers\atikmpag.sys - ok
22:05:13.0609 6692 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
22:05:13.0609 6692 C:\Windows\System32\comdlg32.dll - ok
22:05:13.0609 6692 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
22:05:13.0609 6692 C:\Windows\System32\gdi32.dll - ok
22:05:13.0624 6692 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
22:05:13.0624 6692 C:\Windows\System32\nsi.dll - ok
22:05:13.0624 6692 [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
22:05:13.0624 6692 C:\Windows\System32\iertutil.dll - ok
22:05:13.0624 6692 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
22:05:13.0624 6692 C:\Windows\System32\ws2_32.dll - ok
22:05:13.0624 6692 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
22:05:13.0624 6692 C:\Windows\System32\ole32.dll - ok
22:05:13.0624 6692 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
22:05:13.0624 6692 C:\Windows\System32\Wldap32.dll - ok
22:05:13.0624 6692 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
22:05:13.0624 6692 C:\Windows\System32\lpk.dll - ok
22:05:13.0624 6692 [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
22:05:13.0624 6692 C:\Windows\System32\wininet.dll - ok
22:05:13.0624 6692 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
22:05:13.0624 6692 C:\Windows\System32\msctf.dll - ok
22:05:13.0624 6692 [ 22A14DF59FB8D0BE918C597988AF4296 ] C:\Windows\System32\drivers\atikmdag.sys
22:05:13.0624 6692 C:\Windows\System32\drivers\atikmdag.sys - ok
22:05:13.0624 6692 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
22:05:13.0624 6692 C:\Windows\System32\shlwapi.dll - ok
22:05:13.0624 6692 [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
22:05:13.0624 6692 C:\Windows\System32\urlmon.dll - ok
22:05:13.0624 6692 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
22:05:13.0624 6692 C:\Windows\System32\advapi32.dll - ok
22:05:13.0624 6692 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
22:05:13.0624 6692 C:\Windows\System32\sechost.dll - ok
22:05:13.0640 6692 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
22:05:13.0640 6692 C:\Windows\System32\user32.dll - ok
22:05:13.0640 6692 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
22:05:13.0640 6692 C:\Windows\System32\msvcrt.dll - ok
22:05:13.0640 6692 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
22:05:13.0640 6692 C:\Windows\System32\difxapi.dll - ok
22:05:13.0640 6692 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
22:05:13.0640 6692 C:\Windows\System32\psapi.dll - ok
22:05:13.0640 6692 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
22:05:13.0640 6692 C:\Windows\System32\kernel32.dll - ok
22:05:13.0640 6692 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
22:05:13.0640 6692 C:\Windows\System32\setupapi.dll - ok
22:05:13.0640 6692 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
22:05:13.0640 6692 C:\Windows\System32\imm32.dll - ok
22:05:13.0640 6692 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
22:05:13.0640 6692 C:\Windows\System32\normaliz.dll - ok
22:05:13.0640 6692 [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
22:05:13.0640 6692 C:\Windows\System32\shell32.dll - ok
22:05:13.0640 6692 [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
22:05:13.0640 6692 C:\Windows\System32\drivers\dxgkrnl.sys - ok
22:05:13.0640 6692 [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
22:05:13.0640 6692 C:\Windows\System32\drivers\dxgmms1.sys - ok
22:05:13.0640 6692 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
22:05:13.0640 6692 C:\Windows\System32\drivers\hdaudbus.sys - ok
22:05:13.0656 6692 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\HECIx64.sys - ok
22:05:13.0656 6692 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] C:\Windows\System32\drivers\e1c62x64.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\e1c62x64.sys - ok
22:05:13.0656 6692 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\usbehci.sys - ok
22:05:13.0656 6692 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\usbport.sys - ok
22:05:13.0656 6692 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\ks.sys - ok
22:05:13.0656 6692 [ 50A8CD4DF066FE57D0C473A2645988CC ] C:\Windows\System32\drivers\ctaud2k.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\ctaud2k.sys - ok
22:05:13.0656 6692 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\drmk.sys - ok
22:05:13.0656 6692 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\portcls.sys - ok
22:05:13.0656 6692 [ A29A80A1CF63D0DC27EEFCAF27D34664 ] C:\Windows\System32\drivers\ctoss2k.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\ctoss2k.sys - ok
22:05:13.0656 6692 [ 757776E207CA5E71E4A16BD1260AE1F2 ] C:\Windows\System32\drivers\ctprxy2k.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\ctprxy2k.sys - ok
22:05:13.0656 6692 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\ksthunk.sys - ok
22:05:13.0656 6692 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
22:05:13.0656 6692 C:\Windows\System32\drivers\1394ohci.sys - ok
22:05:13.0671 6692 [ DAA8005CAF745042BB427A1ED7433354 ] C:\Windows\System32\drivers\nusb3xhc.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\nusb3xhc.sys - ok
22:05:13.0671 6692 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\usbd.sys - ok
22:05:13.0671 6692 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\serenum.sys - ok
22:05:13.0671 6692 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\wmiacpi.sys - ok
22:05:13.0671 6692 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
22:05:13.0671 6692 C:\Windows\System32\rpcrt4.dll - ok
22:05:13.0671 6692 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\agilevpn.sys - ok
22:05:13.0671 6692 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\CompositeBus.sys - ok
22:05:13.0671 6692 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\intelppm.sys - ok
22:05:13.0671 6692 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\ndistapi.sys - ok
22:05:13.0671 6692 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
22:05:13.0671 6692 C:\Windows\System32\drivers\rasl2tp.sys - ok
22:05:13.0671 6692 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
22:05:13.0671 6692 C:\Windows\System32\oleaut32.dll - ok
22:05:13.0671 6692 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
22:05:13.0671 6692 C:\Windows\System32\usp10.dll - ok
22:05:13.0687 6692 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\ndiswan.sys - ok
22:05:13.0687 6692 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\raspppoe.sys - ok
22:05:13.0687 6692 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
22:05:13.0687 6692 C:\Windows\System32\imagehlp.dll - ok
22:05:13.0687 6692 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
22:05:13.0687 6692 C:\Windows\System32\clbcatq.dll - ok
22:05:13.0687 6692 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\raspptp.sys - ok
22:05:13.0687 6692 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\rassstp.sys - ok
22:05:13.0687 6692 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
22:05:13.0687 6692 C:\Windows\System32\wintrust.dll - ok
22:05:13.0687 6692 [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
22:05:13.0687 6692 C:\Windows\System32\crypt32.dll - ok
22:05:13.0687 6692 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\kbdclass.sys - ok
22:05:13.0687 6692 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] C:\Windows\System32\drivers\LGBusEnum.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\LGBusEnum.sys - ok
22:05:13.0687 6692 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
22:05:13.0687 6692 C:\Windows\System32\drivers\mouclass.sys - ok
22:05:13.0702 6692 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
22:05:13.0702 6692 C:\Windows\System32\drivers\swenum.sys - ok
22:05:13.0702 6692 [ 2867DEC7A25DCF98CA65BBDCEDA0A78E ] C:\Windows\System32\drivers\TmBusEn.sys
22:05:13.0702 6692 C:\Windows\System32\drivers\TmBusEn.sys - ok
22:05:13.0702 6692 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
22:05:13.0702 6692 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
22:05:13.0702 6692 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
22:05:13.0702 6692 C:\Windows\System32\comctl32.dll - ok
22:05:13.0702 6692 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
22:05:13.0702 6692 C:\Windows\System32\devobj.dll - ok
22:05:13.0702 6692 [ 2D0446336D9DB55A742B999EC16ADF15 ] C:\Windows\System32\drivers\btath_bus.sys
22:05:13.0702 6692 C:\Windows\System32\drivers\btath_bus.sys - ok
22:05:13.0702 6692 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
22:05:13.0702 6692 C:\Windows\System32\drivers\umbus.sys - ok
22:05:13.0702 6692 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
22:05:13.0702 6692 C:\Windows\System32\KernelBase.dll - ok
22:05:13.0702 6692 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
22:05:13.0702 6692 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
22:05:13.0702 6692 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
22:05:13.0702 6692 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
22:05:13.0702 6692 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
22:05:13.0702 6692 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
22:05:13.0702 6692 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
22:05:13.0702 6692 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
22:05:13.0718 6692 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
22:05:13.0718 6692 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
22:05:13.0718 6692 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
22:05:13.0718 6692 C:\Windows\System32\cfgmgr32.dll - ok
22:05:13.0718 6692 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
22:05:13.0718 6692 C:\Windows\System32\msasn1.dll - ok
22:05:13.0718 6692 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
22:05:13.0718 6692 C:\Windows\SysWOW64\normaliz.dll - ok
22:05:13.0718 6692 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\usbhub.sys - ok
22:05:13.0718 6692 [ 076F366B87575ADC7D152C7A34ACB3DC ] C:\Windows\System32\drivers\ha20x22k.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\ha20x22k.sys - ok
22:05:13.0718 6692 [ 683DCAF0D4EFC3F95A32E8924849202D ] C:\Windows\System32\drivers\emupia2k.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\emupia2k.sys - ok
22:05:13.0718 6692 [ 9B111EE2F488A8D9C21A13ED4C777795 ] C:\Windows\System32\drivers\ctsfm2k.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\ctsfm2k.sys - ok
22:05:13.0718 6692 [ 786DB821BFD57C0551DBBE4F75384A7D ] C:\Windows\System32\drivers\nusb3hub.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\nusb3hub.sys - ok
22:05:13.0718 6692 [ AE78CA7EE865A28AC841211DB655ACF3 ] C:\Windows\System32\drivers\CTHWIUT.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\CTHWIUT.sys - ok
22:05:13.0718 6692 [ 148C9C111291C41D6B2ABFB6FBB43856 ] C:\Windows\System32\drivers\CT20XUT.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\CT20XUT.sys - ok
22:05:13.0718 6692 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
22:05:13.0718 6692 C:\Windows\System32\drivers\ndproxy.sys - ok
22:05:13.0734 6692 [ 6F9C3C6C78F5296F4BC7102FB0F7CB65 ] C:\Windows\System32\drivers\CTEXFIFX.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\CTEXFIFX.sys - ok
22:05:13.0734 6692 [ 437F55435623D4D54D36197F5AD8B435 ] C:\Windows\System32\drivers\AtihdW76.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\AtihdW76.sys - ok
22:05:13.0734 6692 [ B785BC959F7B0514971A317CA86A2628 ] C:\Windows\System32\drivers\npusbio_x64.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\npusbio_x64.sys - ok
22:05:13.0734 6692 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\dxapi.sys - ok
22:05:13.0734 6692 [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
22:05:13.0734 6692 C:\Windows\System32\win32k.sys - ok
22:05:13.0734 6692 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
22:05:13.0734 6692 C:\Windows\System32\basesrv.dll - ok
22:05:13.0734 6692 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
22:05:13.0734 6692 C:\Windows\System32\csrsrv.dll - ok
22:05:13.0734 6692 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
22:05:13.0734 6692 C:\Windows\System32\csrss.exe - ok
22:05:13.0734 6692 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
22:05:13.0734 6692 C:\Windows\System32\winsrv.dll - ok
22:05:13.0734 6692 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\hidclass.sys - ok
22:05:13.0734 6692 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\hidparse.sys - ok
22:05:13.0734 6692 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
22:05:13.0734 6692 C:\Windows\System32\drivers\hidusb.sys - ok
22:05:13.0749 6692 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
22:05:13.0749 6692 C:\Windows\System32\drivers\monitor.sys - ok
22:05:13.0749 6692 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
22:05:13.0749 6692 C:\Windows\System32\tsddd.dll - ok
22:05:13.0749 6692 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
22:05:13.0749 6692 C:\Windows\System32\profapi.dll - ok
22:05:13.0749 6692 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
22:05:13.0749 6692 C:\Windows\System32\RpcRtRemote.dll - ok
22:05:13.0749 6692 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
22:05:13.0749 6692 C:\Windows\System32\sxssrv.dll - ok
22:05:13.0749 6692 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
22:05:13.0749 6692 C:\Windows\System32\wininit.exe - ok
22:05:13.0749 6692 [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
22:05:13.0749 6692 C:\Windows\System32\cdd.dll - ok
22:05:13.0749 6692 [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
22:05:13.0749 6692 C:\Windows\System32\KBDUK.DLL - ok
22:05:13.0749 6692 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
22:05:13.0749 6692 C:\Windows\System32\sxs.dll - ok
22:05:13.0749 6692 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
22:05:13.0749 6692 C:\Windows\System32\WlS0WndH.dll - ok
22:05:13.0749 6692 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
22:05:13.0749 6692 C:\Windows\System32\cryptbase.dll - ok
22:05:13.0749 6692 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
22:05:13.0749 6692 C:\Windows\System32\apphelp.dll - ok
22:05:13.0765 6692 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
22:05:13.0765 6692 C:\Windows\System32\lsasrv.dll - ok
22:05:13.0765 6692 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
22:05:13.0765 6692 C:\Windows\System32\lsass.exe - ok
22:05:13.0765 6692 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
22:05:13.0765 6692 C:\Windows\System32\lsm.exe - ok
22:05:13.0765 6692 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
22:05:13.0765 6692 C:\Windows\System32\scext.dll - ok
22:05:13.0765 6692 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
22:05:13.0765 6692 C:\Windows\System32\secur32.dll - ok
22:05:13.0765 6692 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
22:05:13.0765 6692 C:\Windows\System32\services.exe - ok
22:05:13.0765 6692 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
22:05:13.0765 6692 C:\Windows\System32\sspicli.dll - ok
22:05:13.0765 6692 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
22:05:13.0765 6692 C:\Windows\System32\sspisrv.dll - ok
22:05:13.0765 6692 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
22:05:13.0765 6692 C:\Windows\System32\sysntfy.dll - ok
22:05:13.0765 6692 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
22:05:13.0765 6692 C:\Windows\System32\scesrv.dll - ok
22:05:13.0765 6692 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
22:05:13.0765 6692 C:\Windows\System32\srvcli.dll - ok
22:05:13.0765 6692 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
22:05:13.0765 6692 C:\Windows\System32\wmsgapi.dll - ok
22:05:13.0780 6692 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
22:05:13.0780 6692 C:\Windows\System32\cryptdll.dll - ok
22:05:13.0780 6692 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
22:05:13.0780 6692 C:\Windows\System32\samsrv.dll - ok
22:05:13.0780 6692 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
22:05:13.0780 6692 C:\Windows\System32\wevtapi.dll - ok
22:05:13.0780 6692 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
22:05:13.0780 6692 C:\Windows\System32\authz.dll - ok
22:05:13.0780 6692 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
22:05:13.0780 6692 C:\Windows\System32\cngaudit.dll - ok
22:05:13.0780 6692 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
22:05:13.0780 6692 C:\Windows\System32\ncrypt.dll - ok
22:05:13.0780 6692 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
22:05:13.0780 6692 C:\Windows\System32\bcrypt.dll - ok
22:05:13.0780 6692 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
22:05:13.0780 6692 C:\Windows\System32\kerberos.dll - ok
22:05:13.0780 6692 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
22:05:13.0780 6692 C:\Windows\System32\msprivs.dll - ok
22:05:13.0780 6692 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
22:05:13.0780 6692 C:\Windows\System32\negoexts.dll - ok
22:05:13.0780 6692 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
22:05:13.0780 6692 C:\Windows\System32\netjoin.dll - ok
22:05:13.0780 6692 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
22:05:13.0780 6692 C:\Windows\System32\cryptsp.dll - ok
22:05:13.0796 6692 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
22:05:13.0796 6692 C:\Windows\System32\mswsock.dll - ok
22:05:13.0796 6692 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
22:05:13.0796 6692 C:\Windows\System32\msv1_0.dll - ok
22:05:13.0796 6692 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
22:05:13.0796 6692 C:\Windows\System32\netlogon.dll - ok
22:05:13.0796 6692 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
22:05:13.0796 6692 C:\Windows\System32\wship6.dll - ok
22:05:13.0796 6692 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
22:05:13.0796 6692 C:\Windows\System32\dnsapi.dll - ok
22:05:13.0796 6692 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
22:05:13.0796 6692 C:\Windows\System32\logoncli.dll - ok
22:05:13.0796 6692 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
22:05:13.0796 6692 C:\Windows\System32\schannel.dll - ok
22:05:13.0796 6692 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
22:05:13.0796 6692 C:\Windows\System32\wdigest.dll - ok
22:05:13.0796 6692 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
22:05:13.0796 6692 C:\Windows\System32\bcryptprimitives.dll - ok
22:05:13.0796 6692 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
22:05:13.0796 6692 C:\Windows\System32\pku2u.dll - ok
22:05:13.0796 6692 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
22:05:13.0796 6692 C:\Windows\System32\rsaenh.dll - ok
22:05:13.0796 6692 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
22:05:13.0796 6692 C:\Windows\System32\TSpkg.dll - ok
22:05:13.0812 6692 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
22:05:13.0812 6692 C:\Windows\System32\credssp.dll - ok
22:05:13.0812 6692 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
22:05:13.0812 6692 C:\Windows\System32\efslsaext.dll - ok
22:05:13.0812 6692 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
22:05:13.0812 6692 C:\Windows\System32\scecli.dll - ok
22:05:13.0812 6692 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
22:05:13.0812 6692 C:\Windows\System32\ubpm.dll - ok
22:05:13.0812 6692 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
22:05:13.0812 6692 C:\Windows\System32\svchost.exe - ok
22:05:13.0812 6692 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
22:05:13.0812 6692 C:\Windows\System32\umpnpmgr.dll - ok
22:05:13.0812 6692 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
22:05:13.0812 6692 C:\Windows\System32\winsta.dll - ok
22:05:13.0812 6692 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
22:05:13.0812 6692 C:\Windows\System32\devrtl.dll - ok
22:05:13.0812 6692 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
22:05:13.0812 6692 C:\Windows\System32\gpapi.dll - ok
22:05:13.0812 6692 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
22:05:13.0812 6692 C:\Windows\System32\SPInf.dll - ok
22:05:13.0812 6692 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
22:05:13.0812 6692 C:\Windows\System32\umpo.dll - ok
22:05:13.0812 6692 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
22:05:13.0812 6692 C:\Windows\System32\userenv.dll - ok
22:05:13.0812 6692 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
22:05:13.0812 6692 C:\Windows\System32\pcwum.dll - ok
22:05:13.0827 6692 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
22:05:13.0827 6692 C:\Windows\System32\powrprof.dll - ok
22:05:13.0827 6692 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
22:05:13.0827 6692 C:\Windows\System32\winlogon.exe - ok
22:05:13.0827 6692 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
22:05:13.0827 6692 C:\Windows\System32\drivers\luafv.sys - ok
22:05:13.0827 6692 [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
22:05:13.0827 6692 C:\Windows\System32\drivers\mbam.sys - ok
22:05:13.0827 6692 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
22:05:13.0827 6692 C:\Windows\System32\rpcss.dll - ok
22:05:13.0827 6692 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
22:05:13.0827 6692 C:\Windows\System32\RpcEpMap.dll - ok
22:05:13.0827 6692 [ 86EC8D9C3CCCAB49D6F588B22CC462EB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
22:05:13.0827 6692 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
22:05:13.0827 6692 [ FD909D744ACFCF61CAC3A77854F8B301 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:05:13.0827 6692 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
22:05:13.0827 6692 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
22:05:13.0827 6692 C:\Windows\System32\FirewallAPI.dll - ok
22:05:13.0827 6692 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
22:05:13.0827 6692 C:\Windows\System32\WSHTCPIP.DLL - ok
22:05:13.0827 6692 [ C1BBC456AB3693F32CE3A8ED22EACAEF ] C:\Program Files\Microsoft Security Client\MpClient.dll
22:05:13.0827 6692 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
22:05:13.0843 6692 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
22:05:13.0843 6692 C:\Windows\System32\version.dll - ok
22:05:13.0843 6692 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
22:05:13.0843 6692 C:\Windows\System32\wtsapi32.dll - ok
22:05:13.0843 6692 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
22:05:13.0843 6692 C:\Windows\System32\ntmarta.dll - ok
22:05:13.0843 6692 [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
22:05:13.0843 6692 C:\Windows\System32\authui.dll - ok
22:05:13.0843 6692 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
22:05:13.0843 6692 C:\Windows\System32\LogonUI.exe - ok
22:05:13.0843 6692 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
22:05:13.0843 6692 C:\Windows\System32\cryptui.dll - ok
22:05:13.0843 6692 [ F26946E3E8B1293CEA18F1F2BF7AEB56 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
22:05:13.0843 6692 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
22:05:13.0843 6692 [ 4EAAAAB8759644D572522FBCDD196A13 ] C:\Windows\System32\atiesrxx.exe
22:05:13.0843 6692 C:\Windows\System32\atiesrxx.exe - ok
22:05:13.0843 6692 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
22:05:13.0843 6692 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
22:05:13.0843 6692 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
22:05:13.0843 6692 C:\Windows\System32\wevtsvc.dll - ok
22:05:13.0843 6692 [ B88AF0E482F58629AD0CBD82A7A979D8 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
22:05:13.0843 6692 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
22:05:13.0843 6692 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
22:05:13.0843 6692 C:\Windows\System32\fltLib.dll - ok
22:05:13.0858 6692 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
22:05:13.0858 6692 C:\Windows\System32\propsys.dll - ok
22:05:13.0858 6692 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
22:05:13.0858 6692 C:\Windows\System32\samlib.dll - ok
22:05:13.0858 6692 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
22:05:13.0858 6692 C:\Windows\System32\shacct.dll - ok
22:05:13.0858 6692 [ 1C15B61343916162814AF66FE6984069 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
22:05:13.0858 6692 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
22:05:13.0858 6692 [ 063E008344291557E6A3ACD9495645E5 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
22:05:13.0858 6692 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
22:05:13.0858 6692 [ FC1D590039EF06A381768710E6C07E75 ] C:\Windows\System32\drivers\MpFilter.sys
22:05:13.0858 6692 C:\Windows\System32\drivers\MpFilter.sys - ok
22:05:13.0858 6692 [ 5C00818741B2A76EB09AF08A5362277E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpengine.dll
22:05:13.0858 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpengine.dll - ok
22:05:13.0858 6692 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
22:05:13.0858 6692 C:\Windows\System32\audiosrv.dll - ok
22:05:13.0858 6692 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
22:05:13.0858 6692 C:\Windows\System32\FntCache.dll - ok
22:05:13.0858 6692 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
22:05:13.0858 6692 C:\Windows\System32\netprofm.dll - ok
22:05:13.0858 6692 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
22:05:13.0858 6692 C:\Windows\System32\uxtheme.dll - ok
22:05:13.0858 6692 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
22:05:13.0858 6692 C:\Windows\System32\avrt.dll - ok
22:05:13.0874 6692 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
22:05:13.0874 6692 C:\Windows\System32\drivers\fltMgr.sys - ok
22:05:13.0874 6692 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
22:05:13.0874 6692 C:\Windows\System32\mmcss.dll - ok
22:05:13.0874 6692 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
22:05:13.0874 6692 C:\Windows\System32\MMDevAPI.dll - ok
22:05:13.0874 6692 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
22:05:13.0874 6692 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
22:05:13.0874 6692 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
22:05:13.0874 6692 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
22:05:13.0874 6692 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
22:05:13.0874 6692 C:\Windows\System32\MPSSVC.dll - ok
22:05:13.0874 6692 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
22:05:13.0874 6692 C:\Windows\System32\dui70.dll - ok
22:05:13.0874 6692 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
22:05:13.0874 6692 C:\Windows\System32\PSHED.DLL - ok
22:05:13.0874 6692 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
22:05:13.0874 6692 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
22:05:13.0874 6692 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
22:05:13.0874 6692 C:\Windows\System32\audiodg.exe - ok
22:05:13.0874 6692 [ 45C0B193065219189772A038E6C29D49 ] C:\Windows\System32\drivers\SaiH0763.sys
22:05:13.0874 6692 C:\Windows\System32\drivers\SaiH0763.sys - ok
22:05:13.0874 6692 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
22:05:13.0874 6692 C:\Windows\System32\duser.dll - ok
22:05:13.0890 6692 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
22:05:13.0890 6692 C:\Windows\System32\hid.dll - ok
22:05:13.0890 6692 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
22:05:13.0890 6692 C:\Windows\System32\SndVolSSO.dll - ok
22:05:13.0890 6692 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
22:05:13.0890 6692 C:\Windows\System32\dwmapi.dll - ok
22:05:13.0890 6692 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
22:05:13.0890 6692 C:\Windows\System32\xmllite.dll - ok
22:05:13.0890 6692 [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
22:05:13.0890 6692 C:\Windows\System32\WindowsCodecs.dll - ok
22:05:13.0890 6692 [ 5CE3D0E1D1B3832EE052CFC442EEE0FA ] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:05:13.0890 6692 C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe - ok
22:05:13.0890 6692 [ B4E5B29CF31DF85DFEF25D41871DCEDC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpasbase.vdm
22:05:13.0890 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpasbase.vdm - ok
22:05:13.0890 6692 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
22:05:13.0890 6692 C:\Windows\System32\winmm.dll - ok
22:05:13.0890 6692 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
22:05:13.0890 6692 C:\Windows\SysWOW64\ntdll.dll - ok
22:05:13.0890 6692 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
22:05:13.0890 6692 C:\Windows\System32\ksuser.dll - ok
22:05:13.0890 6692 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
22:05:13.0890 6692 C:\Windows\System32\wdmaud.drv - ok
22:05:13.0890 6692 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
22:05:13.0890 6692 C:\Windows\System32\wow64.dll - ok
22:05:13.0905 6692 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
22:05:13.0905 6692 C:\Windows\System32\wow64win.dll - ok
22:05:13.0905 6692 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
22:05:13.0905 6692 C:\Windows\System32\AudioSes.dll - ok
22:05:13.0905 6692 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
22:05:13.0905 6692 C:\Windows\System32\wow64cpu.dll - ok
22:05:13.0905 6692 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
22:05:13.0905 6692 C:\Windows\SysWOW64\kernel32.dll - ok
22:05:13.0905 6692 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
22:05:13.0905 6692 C:\Windows\System32\msacm32.dll - ok
22:05:13.0905 6692 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
22:05:13.0905 6692 C:\Windows\System32\msacm32.drv - ok
22:05:13.0905 6692 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
22:05:13.0905 6692 C:\Windows\System32\VaultCredProvider.dll - ok
22:05:13.0905 6692 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
22:05:13.0905 6692 C:\Windows\System32\winbrand.dll - ok
22:05:13.0905 6692 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
22:05:13.0905 6692 C:\Windows\SysWOW64\KernelBase.dll - ok
22:05:13.0905 6692 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
22:05:13.0905 6692 C:\Windows\System32\BioCredProv.dll - ok
22:05:13.0905 6692 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
22:05:13.0905 6692 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
22:05:13.0905 6692 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
22:05:13.0905 6692 C:\Windows\SysWOW64\user32.dll - ok
22:05:13.0921 6692 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
22:05:13.0921 6692 C:\Windows\System32\credui.dll - ok
22:05:13.0921 6692 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
22:05:13.0921 6692 C:\Windows\System32\netapi32.dll - ok
22:05:13.0921 6692 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
22:05:13.0921 6692 C:\Windows\System32\vaultcli.dll - ok
22:05:13.0921 6692 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
22:05:13.0921 6692 C:\Windows\System32\winbio.dll - ok
22:05:13.0921 6692 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
22:05:13.0921 6692 C:\Windows\SysWOW64\gdi32.dll - ok
22:05:13.0921 6692 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
22:05:13.0921 6692 C:\Windows\SysWOW64\lpk.dll - ok
22:05:13.0921 6692 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
22:05:13.0921 6692 C:\Windows\SysWOW64\usp10.dll - ok
22:05:13.0921 6692 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
22:05:13.0921 6692 C:\Windows\System32\certCredProvider.dll - ok
22:05:13.0921 6692 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
22:05:13.0921 6692 C:\Windows\System32\midimap.dll - ok
22:05:13.0921 6692 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
22:05:13.0921 6692 C:\Windows\System32\netutils.dll - ok
22:05:13.0921 6692 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
22:05:13.0921 6692 C:\Windows\System32\samcli.dll - ok
22:05:13.0921 6692 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
22:05:13.0921 6692 C:\Windows\System32\wkscli.dll - ok
22:05:13.0921 6692 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
22:05:13.0921 6692 C:\Windows\SysWOW64\msvcrt.dll - ok
22:05:13.0936 6692 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
22:05:13.0936 6692 C:\Windows\System32\AudioEng.dll - ok
22:05:13.0936 6692 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
22:05:13.0936 6692 C:\Windows\System32\rasapi32.dll - ok
22:05:13.0936 6692 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
22:05:13.0936 6692 C:\Windows\System32\rasplap.dll - ok
22:05:13.0936 6692 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
22:05:13.0936 6692 C:\Windows\SysWOW64\advapi32.dll - ok
22:05:13.0936 6692 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
22:05:13.0936 6692 C:\Windows\System32\AUDIOKSE.dll - ok
22:05:13.0936 6692 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
22:05:13.0936 6692 C:\Windows\System32\rasman.dll - ok
22:05:13.0936 6692 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
22:05:13.0936 6692 C:\Windows\System32\rtutils.dll - ok
22:05:13.0936 6692 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
22:05:13.0936 6692 C:\Windows\SysWOW64\rpcrt4.dll - ok
22:05:13.0936 6692 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
22:05:13.0936 6692 C:\Windows\SysWOW64\sechost.dll - ok
22:05:13.0936 6692 [ BBC6D3B36B65582466E3E625832770C6 ] C:\Windows\System32\UDAAPO64.dll
22:05:13.0936 6692 C:\Windows\System32\UDAAPO64.dll - ok
22:05:13.0936 6692 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
22:05:13.0936 6692 C:\Windows\SysWOW64\cryptbase.dll - ok
22:05:13.0936 6692 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
22:05:13.0936 6692 C:\Windows\SysWOW64\sspicli.dll - ok
22:05:13.0952 6692 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
22:05:13.0952 6692 C:\Windows\SysWOW64\winspool.drv - ok
22:05:13.0952 6692 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
22:05:13.0952 6692 C:\Windows\System32\drivers\usbccgp.sys - ok
22:05:13.0952 6692 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
22:05:13.0952 6692 C:\Windows\System32\IPHLPAPI.DLL - ok
22:05:13.0952 6692 [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
22:05:13.0952 6692 C:\Windows\SysWOW64\shell32.dll - ok
22:05:13.0952 6692 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
22:05:13.0952 6692 C:\Windows\System32\drivers\kbdhid.sys - ok
22:05:13.0952 6692 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
22:05:13.0952 6692 C:\Windows\System32\drivers\mouhid.sys - ok
22:05:13.0952 6692 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
22:05:13.0952 6692 C:\Windows\System32\oleacc.dll - ok
22:05:13.0952 6692 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
22:05:13.0952 6692 C:\Windows\System32\winnsi.dll - ok
22:05:13.0952 6692 [ C006FB1F3FB7944003F3BD4EF7D404F5 ] C:\Windows\System32\CTMLFX64.dll
22:05:13.0952 6692 C:\Windows\System32\CTMLFX64.dll - ok
22:05:13.0952 6692 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
22:05:13.0952 6692 C:\Windows\System32\UIAutomationCore.dll - ok
22:05:13.0952 6692 [ 9905294885A18FFFA0619F755CA44E7D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpasdlta.vdm
22:05:13.0952 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpasdlta.vdm - ok
22:05:13.0952 6692 [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpavbase.vdm
22:05:13.0952 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpavbase.vdm - ok
22:05:13.0968 6692 [ 1FD0038A2CFCD5A47A4FCE6E42C10FC3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpavdlta.vdm
22:05:13.0968 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpavdlta.vdm - ok
22:05:13.0968 6692 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\ole32.dll - ok
22:05:13.0968 6692 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\shlwapi.dll - ok
22:05:13.0968 6692 [ 0ECEDE7B33CFD9A52A61220ABBD09A50 ] C:\Windows\System32\drivers\btfilter.sys
22:05:13.0968 6692 C:\Windows\System32\drivers\btfilter.sys - ok
22:05:13.0968 6692 [ 9586EC4E1CC39CCBA26A5E7DFE774C9E ] C:\Windows\System32\mshtml.dll
22:05:13.0968 6692 C:\Windows\System32\mshtml.dll - ok
22:05:13.0968 6692 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\oleaut32.dll - ok
22:05:13.0968 6692 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\dsound.dll - ok
22:05:13.0968 6692 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
22:05:13.0968 6692 C:\Windows\System32\drivers\bthport.sys - ok
22:05:13.0968 6692 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\winmm.dll - ok
22:05:13.0968 6692 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
22:05:13.0968 6692 C:\Windows\System32\drivers\BTHUSB.SYS - ok
22:05:13.0968 6692 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\powrprof.dll - ok
22:05:13.0968 6692 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
22:05:13.0968 6692 C:\Windows\SysWOW64\setupapi.dll - ok
22:05:13.0983 6692 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\cfgmgr32.dll - ok
22:05:13.0983 6692 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\devobj.dll - ok
22:05:13.0983 6692 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\oleacc.dll - ok
22:05:13.0983 6692 [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\crypt32.dll - ok
22:05:13.0983 6692 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\imm32.dll - ok
22:05:13.0983 6692 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\msasn1.dll - ok
22:05:13.0983 6692 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
22:05:13.0983 6692 C:\Windows\SysWOW64\msctf.dll - ok
22:05:13.0983 6692 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
22:05:13.0983 6692 C:\Windows\System32\gpsvc.dll - ok
22:05:13.0983 6692 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
22:05:13.0983 6692 C:\Windows\System32\nlaapi.dll - ok
22:05:13.0983 6692 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
22:05:13.0983 6692 C:\Windows\System32\profsvc.dll - ok
22:05:13.0983 6692 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
22:05:13.0983 6692 C:\Windows\System32\themeservice.dll - ok
22:05:13.0983 6692 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
22:05:13.0983 6692 C:\Windows\System32\atl.dll - ok
22:05:13.0999 6692 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
22:05:13.0999 6692 C:\Windows\System32\dsrole.dll - ok
22:05:13.0999 6692 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
22:05:13.0999 6692 C:\Windows\System32\es.dll - ok
22:05:13.0999 6692 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
22:05:13.0999 6692 C:\Windows\System32\slc.dll - ok
22:05:13.0999 6692 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
22:05:13.0999 6692 C:\Windows\System32\comres.dll - ok
22:05:13.0999 6692 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
22:05:13.0999 6692 C:\Windows\System32\Sens.dll - ok
22:05:13.0999 6692 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
22:05:13.0999 6692 C:\Windows\System32\drivers\lltdio.sys - ok
22:05:13.0999 6692 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
22:05:13.0999 6692 C:\Windows\System32\uxsms.dll - ok
22:05:13.0999 6692 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
22:05:13.0999 6692 C:\Windows\System32\drivers\rspndr.sys - ok
22:05:13.0999 6692 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
22:05:13.0999 6692 C:\Windows\System32\lmhsvc.dll - ok
22:05:13.0999 6692 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
22:05:13.0999 6692 C:\Windows\System32\nsisvc.dll - ok
22:05:13.0999 6692 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
22:05:13.0999 6692 C:\Windows\System32\cryptsvc.dll - ok
22:05:13.0999 6692 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
22:05:13.0999 6692 C:\Windows\System32\dhcpcore.dll - ok
22:05:14.0014 6692 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
22:05:14.0014 6692 C:\Windows\System32\nrpsrv.dll - ok
22:05:14.0014 6692 [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
22:05:14.0014 6692 C:\Windows\System32\cryptnet.dll - ok
22:05:14.0014 6692 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
22:05:14.0014 6692 C:\Windows\System32\dhcpcore6.dll - ok
22:05:14.0014 6692 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
22:05:14.0014 6692 C:\Windows\System32\dnsrslvr.dll - ok
22:05:14.0014 6692 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
22:05:14.0014 6692 C:\Windows\System32\FWPUCLNT.DLL - ok
22:05:14.0014 6692 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
22:05:14.0014 6692 C:\Windows\System32\vssapi.dll - ok
22:05:14.0014 6692 [ 7F15A353AF9B367F4D4CD52CB0533F2F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
22:05:14.0014 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe - ok
22:05:14.0014 6692 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
22:05:14.0014 6692 C:\Windows\System32\dnsext.dll - ok
22:05:14.0014 6692 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
22:05:14.0014 6692 C:\Windows\System32\vsstrace.dll - ok
22:05:14.0014 6692 [ B55DB6DBE3E727058365BA0A450A041B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll
22:05:14.0014 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll - ok
22:05:14.0014 6692 [ 0620FE89F70FC0895DC312EEBAA62B06 ] C:\Windows\System32\atieclxx.exe
22:05:14.0014 6692 C:\Windows\System32\atieclxx.exe - ok
22:05:14.0014 6692 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
22:05:14.0014 6692 C:\Windows\System32\dhcpcsvc.dll - ok
22:05:14.0030 6692 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
22:05:14.0030 6692 C:\Windows\System32\dhcpcsvc6.dll - ok
22:05:14.0030 6692 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
22:05:14.0030 6692 C:\Windows\System32\UXInit.dll - ok
22:05:14.0030 6692 [ 8E01AF93F64FAFE779E1AA8DE15FCA81 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll
22:05:14.0030 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll - ok
22:05:14.0030 6692 [ 500CE062629FB734989AEEC2A23A6CD8 ] C:\Windows\System32\atiadlxx.dll
22:05:14.0030 6692 C:\Windows\System32\atiadlxx.dll - ok
22:05:14.0030 6692 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
22:05:14.0030 6692 C:\Windows\SysWOW64\psapi.dll - ok
22:05:14.0030 6692 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
22:05:14.0030 6692 C:\Windows\SysWOW64\version.dll - ok
22:05:14.0030 6692 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
22:05:14.0030 6692 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
22:05:14.0030 6692 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
22:05:14.0030 6692 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
22:05:14.0030 6692 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
22:05:14.0030 6692 C:\Windows\SysWOW64\nsi.dll - ok
22:05:14.0030 6692 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
22:05:14.0030 6692 C:\Windows\SysWOW64\ws2_32.dll - ok
22:05:14.0030 6692 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
22:05:14.0030 6692 C:\Windows\SysWOW64\wsock32.dll - ok
22:05:14.0030 6692 [ A7062D1D85D0C035B8818171F77F6660 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll
22:05:14.0030 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll - ok
22:05:14.0046 6692 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
22:05:14.0046 6692 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
22:05:14.0046 6692 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\winnsi.dll - ok
22:05:14.0046 6692 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
22:05:14.0046 6692 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
22:05:14.0046 6692 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\netapi32.dll - ok
22:05:14.0046 6692 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\netutils.dll - ok
22:05:14.0046 6692 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\srvcli.dll - ok
22:05:14.0046 6692 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\samcli.dll - ok
22:05:14.0046 6692 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\wkscli.dll - ok
22:05:14.0046 6692 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\ntmarta.dll - ok
22:05:14.0046 6692 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\Wldap32.dll - ok
22:05:14.0046 6692 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\cryptsp.dll - ok
22:05:14.0046 6692 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
22:05:14.0046 6692 C:\Windows\SysWOW64\bcrypt.dll - ok
22:05:14.0061 6692 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
22:05:14.0061 6692 C:\Windows\SysWOW64\ncrypt.dll - ok
22:05:14.0061 6692 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
22:05:14.0061 6692 C:\Windows\SysWOW64\rsaenh.dll - ok
22:05:14.0061 6692 [ DD072705435259D5ABB5D7E0C348EB35 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll - ok
22:05:14.0061 6692 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
22:05:14.0061 6692 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
22:05:14.0061 6692 [ 66F67AA5A830BAED4CBBB00032AB0514 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll - ok
22:05:14.0061 6692 [ E2903E7F32729F2DC6EB87D8F526283D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32.dll - ok
22:05:14.0061 6692 [ F1CE3C97E6FF860E83778A19B406A899 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll - ok
22:05:14.0061 6692 [ F9DAFEA3A722D72B2FB52F26B59AF849 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll - ok
22:05:14.0061 6692 [ D4F7DF82634C0BBE1633387A410EF00C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll - ok
22:05:14.0061 6692 [ 03317A00420D24540FFFFB7F71568B95 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll - ok
22:05:14.0061 6692 [ 79EB8FBFA21180ED8DDAC0D15FE0E590 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll
22:05:14.0061 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll - ok
22:05:14.0077 6692 [ 1AFA213DFD44FD4DC30664AE767DF6EC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll
22:05:14.0077 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll - ok
22:05:14.0077 6692 [ 3608B3C34ED557A6BC75EF8595777926 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll
22:05:14.0077 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll - ok
22:05:14.0077 6692 [ 1B0B65D9A3172C32FA116B56055341E1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll
22:05:14.0077 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll - ok
22:05:14.0077 6692 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
22:05:14.0077 6692 C:\Windows\SysWOW64\wtsapi32.dll - ok
22:05:14.0077 6692 [ C27C0AD623F6485EA3776D6768D866E4 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
22:05:14.0077 6692 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
22:05:14.0077 6692 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
22:05:14.0077 6692 C:\Windows\System32\wscapi.dll - ok
22:05:14.0077 6692 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
22:05:14.0077 6692 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
22:05:14.0077 6692 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
22:05:14.0077 6692 C:\Windows\System32\adtschema.dll - ok
22:05:14.0077 6692 [ 6A1B51F414E2F83ECC2B9AFA0121FEF6 ] C:\Windows\System32\sysclass.dll
22:05:14.0077 6692 C:\Windows\System32\sysclass.dll - ok
22:05:14.0077 6692 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
22:05:14.0077 6692 C:\Windows\System32\imageres.dll - ok
22:05:14.0077 6692 [ 54EE4F277A2CC93D3C4787AA9DC54123 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll
22:05:14.0077 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll - ok
22:05:14.0077 6692 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
22:05:14.0077 6692 C:\Windows\SysWOW64\clbcatq.dll - ok
22:05:14.0092 6692 [ FB35DC61EB4ECC8148A307DEA7202669 ] C:\Windows\SysWOW64\msxml4.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\msxml4.dll - ok
22:05:14.0092 6692 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\rasapi32.dll - ok
22:05:14.0092 6692 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\rasman.dll - ok
22:05:14.0092 6692 [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\wininet.dll - ok
22:05:14.0092 6692 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
22:05:14.0092 6692 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
22:05:14.0092 6692 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
22:05:14.0092 6692 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
22:05:14.0092 6692 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
22:05:14.0092 6692 [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\iertutil.dll - ok
22:05:14.0092 6692 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
22:05:14.0092 6692 C:\Windows\SysWOW64\profapi.dll - ok
22:05:14.0108 6692 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
22:05:14.0108 6692 C:\Windows\SysWOW64\rtutils.dll - ok
22:05:14.0108 6692 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\rfcomm.sys - ok
22:05:14.0108 6692 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\bthenum.sys - ok
22:05:14.0108 6692 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\bthpan.sys - ok
22:05:14.0108 6692 [ 5EB4815CBDDBA4541F2380DAE6E269AB ] C:\Windows\System32\drivers\btath_rcp.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\btath_rcp.sys - ok
22:05:14.0108 6692 [ 3B1B573371B206D1D5F25E0EF5FCD6D6 ] C:\Windows\System32\drivers\btath_a2dp.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\btath_a2dp.sys - ok
22:05:14.0108 6692 [ AAAE03F8EDA817EC28C5445193EA8BF3 ] C:\Windows\System32\drivers\btath_flt.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\btath_flt.sys - ok
22:05:14.0108 6692 [ 9A9694BBEB2849EAF95DFFCAE5DF02AD ] C:\Windows\System32\drivers\btath_hcrp.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\btath_hcrp.sys - ok
22:05:14.0108 6692 [ FC0A8075DDF2E9C66267AEC91E0676F9 ] C:\Windows\System32\drivers\btath_lwflt.sys
22:05:14.0108 6692 C:\Windows\System32\drivers\btath_lwflt.sys - ok
22:05:14.0108 6692 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
22:05:14.0108 6692 C:\Windows\SysWOW64\mswsock.dll - ok
22:05:14.0108 6692 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
22:05:14.0108 6692 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
22:05:14.0108 6692 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
22:05:14.0108 6692 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
22:05:14.0124 6692 [ 53F8C89A41F01DF020BDAAAB0AD2C67C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll
22:05:14.0124 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll - ok
22:05:14.0124 6692 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
22:05:14.0124 6692 C:\Windows\SysWOW64\logoncli.dll - ok
22:05:14.0124 6692 [ 95CBFD1C4043E25E4E125E4647781E5E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll
22:05:14.0124 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll - ok
22:05:14.0124 6692 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
22:05:14.0124 6692 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
22:05:14.0124 6692 [ 56F06F678F6C75B6305B514685E9AD17 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll
22:05:14.0124 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll - ok
22:05:14.0124 6692 [ BE72D2B3A99615F84E270C80F0A18448 ] C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
22:05:14.0124 6692 C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys - ok
22:05:14.0124 6692 [ D9A4C1353CC653F8E2FE4D2C6A490E96 ] C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
22:05:14.0124 6692 C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe - ok
22:05:14.0124 6692 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
22:05:14.0124 6692 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
22:05:14.0124 6692 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
22:05:14.0124 6692 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
22:05:14.0124 6692 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
22:05:14.0124 6692 C:\Windows\System32\shsvcs.dll - ok
22:05:14.0124 6692 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
22:05:14.0124 6692 C:\Windows\System32\schedsvc.dll - ok
22:05:14.0124 6692 [ E36D4CFABB9345B45A86AC0C62DE9A39 ] C:\Program Files\CheckPoint\ZAForceField\Zdx.dll
22:05:14.0124 6692 C:\Program Files\CheckPoint\ZAForceField\Zdx.dll - ok
22:05:14.0139 6692 [ D23D906A9339E2F23E12516A6B9F7189 ] C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll
22:05:14.0139 6692 C:\Program Files\CheckPoint\ZAForceField\ZDXUI.dll - ok
22:05:14.0139 6692 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
22:05:14.0139 6692 C:\Windows\System32\ktmw32.dll - ok
22:05:14.0139 6692 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
22:05:14.0139 6692 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
22:05:14.0139 6692 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
22:05:14.0139 6692 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
22:05:14.0139 6692 [ A856C2D6B3E9BF84E7DA542D91A0EEF0 ] C:\Program Files\CheckPoint\ZAForceField\FFApi.dll
22:05:14.0139 6692 C:\Program Files\CheckPoint\ZAForceField\FFApi.dll - ok
22:05:14.0139 6692 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
22:05:14.0139 6692 C:\Windows\SysWOW64\secur32.dll - ok
22:05:14.0139 6692 [ 1B4EBC23B5C25BF579431579EFF95889 ] C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll
22:05:14.0139 6692 C:\Program Files\CheckPoint\ZAForceField\ISWUL.dll - ok
22:05:14.0139 6692 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
22:05:14.0139 6692 C:\Windows\System32\fveapi.dll - ok
22:05:14.0139 6692 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
22:05:14.0139 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
22:05:14.0139 6692 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
22:05:14.0139 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
22:05:14.0139 6692 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
22:05:14.0139 6692 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
22:05:14.0155 6692 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
22:05:14.0155 6692 C:\Windows\System32\fvecerts.dll - ok
22:05:14.0155 6692 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
22:05:14.0155 6692 C:\Windows\System32\tbs.dll - ok
22:05:14.0155 6692 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
22:05:14.0155 6692 C:\Windows\System32\wiarpc.dll - ok
22:05:14.0155 6692 [ 7272B961392C863DD705E8E198265C03 ] C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll
22:05:14.0155 6692 C:\Program Files\CheckPoint\ZAForceField\iswrcs.dll - ok
22:05:14.0155 6692 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\webio.dll - ok
22:05:14.0155 6692 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\winhttp.dll - ok
22:05:14.0155 6692 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\dnsapi.dll - ok
22:05:14.0155 6692 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\NapiNSP.dll - ok
22:05:14.0155 6692 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\wship6.dll - ok
22:05:14.0155 6692 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
22:05:14.0155 6692 C:\Windows\System32\taskcomp.dll - ok
22:05:14.0155 6692 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\pnrpnsp.dll - ok
22:05:14.0155 6692 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
22:05:14.0155 6692 C:\Windows\SysWOW64\winrnr.dll - ok
22:05:14.0170 6692 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
22:05:14.0170 6692 C:\Windows\SysWOW64\wshbth.dll - ok
22:05:14.0170 6692 [ F6877C72CA6148E60E2943AC05738C53 ] C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll
22:05:14.0170 6692 C:\Program Files\CheckPoint\ZAForceField\ISWUILib.dll - ok
22:05:14.0170 6692 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
22:05:14.0170 6692 C:\Windows\System32\msimg32.dll - ok
22:05:14.0170 6692 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
22:05:14.0170 6692 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
22:05:14.0170 6692 [ 46927B8A7C265D1D5E2B6115285CE066 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll
22:05:14.0170 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWDMP.dll - ok
22:05:14.0170 6692 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
22:05:14.0170 6692 C:\Windows\System32\drivers\http.sys - ok
22:05:14.0170 6692 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
22:05:14.0170 6692 C:\Windows\System32\spoolsv.exe - ok
22:05:14.0170 6692 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
22:05:14.0170 6692 C:\Windows\SysWOW64\rasadhlp.dll - ok
22:05:14.0170 6692 [ DC6068E29FEEBE08EFD948080D7DD05C ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll
22:05:14.0170 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWMENUS.dll - ok
22:05:14.0170 6692 [ B1048BE9D8B152210BF490616C370C91 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll
22:05:14.0170 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSTATS.dll - ok
22:05:14.0170 6692 [ D97C805A092172344329B3058D7A5862 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll
22:05:14.0170 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWFWMON.dll - ok
22:05:14.0170 6692 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
22:05:14.0170 6692 C:\Windows\System32\BFE.DLL - ok
22:05:14.0186 6692 [ 1E7BA1CDD7B75A95A248B6CCBD634505 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll
22:05:14.0186 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPD.dll - ok
22:05:14.0186 6692 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\srvnet.sys - ok
22:05:14.0186 6692 [ 8B912FCACEA924635ED81520E7EA7C7A ] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
22:05:14.0186 6692 C:\Program Files\CheckPoint\ZAForceField\ForceField.exe - ok
22:05:14.0186 6692 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\bowser.sys - ok
22:05:14.0186 6692 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\mpsdrv.sys - ok
22:05:14.0186 6692 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\mrxsmb.sys - ok
22:05:14.0186 6692 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\mrxsmb10.sys - ok
22:05:14.0186 6692 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
22:05:14.0186 6692 C:\Windows\System32\wfapigp.dll - ok
22:05:14.0186 6692 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\mrxsmb20.sys - ok
22:05:14.0186 6692 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\srv2.sys - ok
22:05:14.0186 6692 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
22:05:14.0186 6692 C:\Windows\System32\drivers\srv.sys - ok
22:05:14.0186 6692 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
22:05:14.0186 6692 C:\Windows\System32\srvsvc.dll - ok
22:05:14.0202 6692 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
22:05:14.0202 6692 C:\Windows\System32\wkssvc.dll - ok
22:05:14.0202 6692 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
22:05:14.0202 6692 C:\Windows\System32\browser.dll - ok
22:05:14.0202 6692 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
22:05:14.0202 6692 C:\Windows\System32\clusapi.dll - ok
22:05:14.0202 6692 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
22:05:14.0202 6692 C:\Windows\System32\netmsg.dll - ok
22:05:14.0202 6692 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
22:05:14.0202 6692 C:\Windows\System32\sscore.dll - ok
22:05:14.0202 6692 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
22:05:14.0202 6692 C:\Windows\System32\resutils.dll - ok
22:05:14.0202 6692 [ 9EC8ADA309962F1F74E646E6D0C4F19E ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:05:14.0202 6692 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe - ok
22:05:14.0202 6692 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
22:05:14.0202 6692 C:\Windows\System32\rasadhlp.dll - ok
22:05:14.0202 6692 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
22:05:14.0202 6692 C:\Windows\System32\mpr.dll - ok
22:05:14.0202 6692 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:05:14.0202 6692 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
22:05:14.0202 6692 [ AF44F7E027037628F1FAC3C13CDE73E6 ] C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
22:05:14.0202 6692 C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe - ok
22:05:14.0217 6692 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
22:05:14.0217 6692 C:\Windows\SysWOW64\wintrust.dll - ok
22:05:14.0217 6692 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
22:05:14.0217 6692 C:\Windows\SysWOW64\comdlg32.dll - ok
22:05:14.0217 6692 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
22:05:14.0217 6692 C:\Windows\SysWOW64\fltLib.dll - ok
22:05:14.0217 6692 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
22:05:14.0217 6692 C:\Windows\SysWOW64\mpr.dll - ok
22:05:14.0217 6692 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
22:05:14.0217 6692 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
22:05:14.0217 6692 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
22:05:14.0217 6692 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
22:05:14.0217 6692 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
22:05:14.0217 6692 C:\Windows\SysWOW64\userenv.dll - ok
22:05:14.0217 6692 [ B8114963F8D9A57EB56B8C977C7D225C ] C:\Program Files (x86)\Common Files\Acronis\SnapAPI\snapapi.dll
22:05:14.0217 6692 C:\Program Files (x86)\Common Files\Acronis\SnapAPI\snapapi.dll - ok
22:05:14.0217 6692 [ C34B28D6285EAD94B3A2FABA84E90DA5 ] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
22:05:14.0217 6692 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe - ok
22:05:14.0217 6692 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
22:05:14.0217 6692 C:\Windows\System32\bthprops.cpl - ok
22:05:14.0217 6692 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
22:05:14.0217 6692 C:\Windows\System32\esent.dll - ok
22:05:14.0217 6692 [ 21EE912784A013DC44071ECC4F932388 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll
22:05:14.0217 6692 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll - ok
22:05:14.0233 6692 [ 9935F595C9B80BC40723042B43086549 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll
22:05:14.0233 6692 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll - ok
22:05:14.0233 6692 [ FC0E8778C000291CAF60EB88C011E931 ] C:\Windows\System32\drivers\atksgt.sys
22:05:14.0233 6692 C:\Windows\System32\drivers\atksgt.sys - ok
22:05:14.0233 6692 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
22:05:14.0233 6692 C:\Windows\System32\dps.dll - ok
22:05:14.0233 6692 [ C08063F052308B6F5882482615387F30 ] C:\Windows\System32\drivers\cpuz135_x64.sys
22:05:14.0233 6692 C:\Windows\System32\drivers\cpuz135_x64.sys - ok
22:05:14.0233 6692 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
22:05:14.0233 6692 C:\Windows\System32\IKEEXT.DLL - ok
22:05:14.0233 6692 [ 068EC06F3B6DD7B81B365D8FD2CE27E6 ] C:\Windows\System32\IPROSetMonitor.exe
22:05:14.0233 6692 C:\Windows\System32\IPROSetMonitor.exe - ok
22:05:14.0233 6692 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
22:05:14.0233 6692 C:\Windows\System32\taskschd.dll - ok
22:05:14.0233 6692 [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:05:14.0233 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
22:05:14.0233 6692 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] C:\Windows\System32\drivers\lirsgt.sys
22:05:14.0233 6692 C:\Windows\System32\drivers\lirsgt.sys - ok
22:05:14.0233 6692 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
22:05:14.0233 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
22:05:14.0233 6692 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
22:05:14.0233 6692 C:\Windows\System32\vpnikeapi.dll - ok
22:05:14.0248 6692 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
22:05:14.0248 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
22:05:14.0248 6692 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:05:14.0248 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
22:05:14.0248 6692 [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
22:05:14.0248 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
22:05:14.0248 6692 [ B90E093E7A7250906F1054418B5339C0 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:05:14.0248 6692 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe - ok
22:05:14.0248 6692 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
22:05:14.0248 6692 C:\Windows\SysWOW64\dbghelp.dll - ok
22:05:14.0248 6692 [ D167CA427516B8C416B746117F69B870 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll
22:05:14.0248 6692 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NB.dll - ok
22:05:14.0248 6692 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
22:05:14.0248 6692 C:\Windows\SysWOW64\winsta.dll - ok
22:05:14.0248 6692 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
22:05:14.0248 6692 C:\Windows\SysWOW64\Faultrep.dll - ok
22:05:14.0248 6692 [ 5F5360825D2B829121E78E84D4CB8785 ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll
22:05:14.0248 6692 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\LBFC.dll - ok
22:05:14.0248 6692 [ 8FB3C853E886E1E4D57271672486111C ] C:\Windows\System32\drivers\NisDrvWFP.sys
22:05:14.0248 6692 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
22:05:14.0248 6692 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
22:05:14.0248 6692 C:\Windows\SysWOW64\mstask.dll - ok
22:05:14.0248 6692 [ 81DA72712DF46480E6248AEB35E15FCC ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll
22:05:14.0248 6692 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBBurn.dll - ok
22:05:14.0264 6692 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
22:05:14.0264 6692 C:\Windows\System32\aepic.dll - ok
22:05:14.0264 6692 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
22:05:14.0264 6692 C:\Windows\System32\nlasvc.dll - ok
22:05:14.0264 6692 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
22:05:14.0264 6692 C:\Windows\System32\pcasvc.dll - ok
22:05:14.0264 6692 [ 8E2D68A36FCB58A8DA57DE3E064F39CC ] C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll
22:05:14.0264 6692 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NeroAPIGlueLayerUnicode.dll - ok
22:05:14.0264 6692 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
22:05:14.0264 6692 C:\Windows\System32\ncsi.dll - ok
22:05:14.0264 6692 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
22:05:14.0264 6692 C:\Windows\System32\sfc.dll - ok
22:05:14.0264 6692 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
22:05:14.0264 6692 C:\Windows\System32\sfc_os.dll - ok
22:05:14.0264 6692 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
22:05:14.0264 6692 C:\Windows\System32\winhttp.dll - ok
22:05:14.0264 6692 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
22:05:14.0264 6692 C:\Windows\System32\drivers\PEAuth.sys - ok
22:05:14.0264 6692 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
22:05:14.0264 6692 C:\Windows\System32\webio.dll - ok
22:05:14.0264 6692 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
22:05:14.0264 6692 C:\Windows\System32\ssdpapi.dll - ok
22:05:14.0264 6692 [ 205E1B699FD3F2F9B036EEA2EC30C620 ] C:\Windows\SysWOW64\PnkBstrA.exe
22:05:14.0264 6692 C:\Windows\SysWOW64\PnkBstrA.exe - ok
22:05:14.0280 6692 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
22:05:14.0280 6692 C:\Windows\System32\IPSECSVC.DLL - ok
22:05:14.0280 6692 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
22:05:14.0280 6692 C:\Windows\System32\FwRemoteSvr.dll - ok
22:05:14.0280 6692 [ 6C8F17953C07F88364307FC7811C5184 ] C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
22:05:14.0280 6692 C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe - ok
22:05:14.0280 6692 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
22:05:14.0280 6692 C:\Windows\SysWOW64\mscoree.dll - ok
22:05:14.0280 6692 [ AB22BFF47D0C26749E4951680F64349C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
22:05:14.0280 6692 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
22:05:14.0280 6692 [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
22:05:14.0280 6692 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
22:05:14.0280 6692 [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
22:05:14.0280 6692 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
22:05:14.0280 6692 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
22:05:14.0280 6692 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
22:05:14.0280 6692 [ 96FAF00A7ADC61AF68192445623402FA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
22:05:14.0280 6692 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll - ok
22:05:14.0280 6692 [ 91EA5FF9F105D373216E8C96F57E88E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll
22:05:14.0280 6692 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll - ok
22:05:14.0280 6692 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
22:05:14.0280 6692 C:\Windows\System32\drivers\secdrv.sys - ok
22:05:14.0295 6692 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
22:05:14.0295 6692 C:\Windows\SysWOW64\imagehlp.dll - ok
22:05:14.0295 6692 [ D9C5A74A4F609BE65DB0403425F54821 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
22:05:14.0295 6692 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll - ok
22:05:14.0295 6692 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
22:05:14.0295 6692 C:\Windows\System32\seclogon.dll - ok
22:05:14.0295 6692 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
22:05:14.0295 6692 C:\Windows\SysWOW64\gpapi.dll - ok
22:05:14.0295 6692 [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
22:05:14.0295 6692 C:\Windows\SysWOW64\cryptnet.dll - ok
22:05:14.0295 6692 [ F23E139FC9C425481C440609973F5C8D ] C:\Program Files (x86)\RadeonPro\RPSupport.dll
22:05:14.0295 6692 C:\Program Files (x86)\RadeonPro\RPSupport.dll - ok
22:05:14.0295 6692 [ E43C0D32FF2D9A72F2D975B83B916964 ] C:\Program Files (x86)\Secunia\PSI\psia.exe
22:05:14.0295 6692 C:\Program Files (x86)\Secunia\PSI\psia.exe - ok
22:05:14.0295 6692 [ 52F71A5790E1B6FFC34648F3B311EEE1 ] C:\Windows\SysWOW64\jscript.dll
22:05:14.0295 6692 C:\Windows\SysWOW64\jscript.dll - ok
22:05:14.0295 6692 [ CB2D183E27D1443F7D4CF10665B2BDED ] C:\Program Files (x86)\Secunia\PSI\sua.exe
22:05:14.0295 6692 C:\Program Files (x86)\Secunia\PSI\sua.exe - ok
22:05:14.0295 6692 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
22:05:14.0295 6692 C:\Windows\System32\drivers\tcpipreg.sys - ok
22:05:14.0295 6692 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
22:05:14.0295 6692 C:\Windows\System32\wiaservc.dll - ok
22:05:14.0295 6692 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
22:05:14.0295 6692 C:\Windows\System32\wiatrace.dll - ok
22:05:14.0311 6692 [ 6E0034A5D665472E508F02F9B44DB3C8 ] C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
22:05:14.0311 6692 C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe - ok
22:05:14.0311 6692 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
22:05:14.0311 6692 C:\Windows\SysWOW64\msvcr100.dll - ok
22:05:14.0311 6692 [ B3495B7A4BEEE7F1324EA7D8DB8E7837 ] C:\Program Files (x86)\Thrustmaster\TARGET\cint.dll
22:05:14.0311 6692 C:\Program Files (x86)\Thrustmaster\TARGET\cint.dll - ok



#8 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 03 August 2013 - 04:56 PM

22:05:14.0311 6692 [ 85073B5D18FE8811B10C0F1E43915071 ] C:\Program Files (x86)\Thrustmaster\TARGET\TmCommon.dll
22:05:14.0311 6692 C:\Program Files (x86)\Thrustmaster\TARGET\TmCommon.dll - ok
22:05:14.0311 6692 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
22:05:14.0311 6692 C:\Windows\SysWOW64\msvcp100.dll - ok
22:05:14.0311 6692 [ F2BDC5F2E9BE47EB0D69228B213B95D5 ] C:\Program Files (x86)\Thrustmaster\TARGET\TmHidControl.dll
22:05:14.0311 6692 C:\Program Files (x86)\Thrustmaster\TARGET\TmHidControl.dll - ok
22:05:14.0311 6692 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\SysWOW64\difxapi.dll
22:05:14.0311 6692 C:\Windows\SysWOW64\difxapi.dll - ok
22:05:14.0311 6692 [ D34EEFD07A6578D9C4CF9C1A2F255468 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
22:05:14.0311 6692 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
22:05:14.0311 6692 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
22:05:14.0311 6692 C:\Windows\System32\aeevts.dll - ok
22:05:14.0311 6692 [ 956B6ACA4EFF31046403F0DD6235332E ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
22:05:14.0311 6692 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
22:05:14.0311 6692 [ EE1FF8F1B6861B195F744F8405E23B4D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll
22:05:14.0311 6692 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll - ok
22:05:14.0326 6692 [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
22:05:14.0326 6692 C:\Windows\SysWOW64\urlmon.dll - ok
22:05:14.0326 6692 [ E1B2BF9FB51D09E90EDF75B1D9F968E9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
22:05:14.0326 6692 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
22:05:14.0326 6692 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
22:05:14.0326 6692 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
22:05:14.0326 6692 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
22:05:14.0326 6692 C:\Windows\SysWOW64\netprofm.dll - ok
22:05:14.0326 6692 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
22:05:14.0326 6692 C:\Windows\SysWOW64\nlaapi.dll - ok
22:05:14.0326 6692 [ 72A2A4C94C53660D9A15ABF41E1DD35A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c7c3cd390aa067130df3a89c0d3b6e4\System.ni.dll
22:05:14.0326 6692 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c7c3cd390aa067130df3a89c0d3b6e4\System.ni.dll - ok
22:05:14.0326 6692 [ 1119D63EABF7D60A2CED946D4383C922 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1c2c7074f15ce2472a1dac64931cbfcc\System.ServiceProcess.ni.dll
22:05:14.0326 6692 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\1c2c7074f15ce2472a1dac64931cbfcc\System.ServiceProcess.ni.dll - ok
22:05:14.0326 6692 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
22:05:14.0326 6692 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
22:05:14.0326 6692 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
22:05:14.0326 6692 C:\Windows\System32\trkwks.dll - ok
22:05:14.0326 6692 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
22:05:14.0326 6692 C:\Windows\System32\wbem\WMIsvc.dll - ok
22:05:14.0326 6692 [ 60A8F8BCB1B435BBCFC04CFA6B3BDF8E ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
22:05:14.0326 6692 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
22:05:14.0326 6692 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
22:05:14.0326 6692 C:\Windows\SysWOW64\wbemcomn.dll - ok
22:05:14.0342 6692 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
22:05:14.0342 6692 C:\Windows\System32\wbemcomn.dll - ok
22:05:14.0342 6692 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
22:05:14.0342 6692 C:\Windows\System32\iphlpsvc.dll - ok
22:05:14.0342 6692 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
22:05:14.0342 6692 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
22:05:14.0342 6692 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
22:05:14.0342 6692 C:\Windows\SysWOW64\sqmapi.dll - ok
22:05:14.0342 6692 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll
22:05:14.0342 6692 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok
22:05:14.0342 6692 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
22:05:14.0342 6692 C:\Windows\System32\sqmapi.dll - ok
22:05:14.0342 6692 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
22:05:14.0342 6692 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
22:05:14.0342 6692 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
22:05:14.0342 6692 C:\Windows\System32\wbem\fastprox.dll - ok
22:05:14.0342 6692 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
22:05:14.0342 6692 C:\Windows\SysWOW64\wdscore.dll - ok
22:05:14.0342 6692 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
22:05:14.0342 6692 C:\Windows\System32\wdscore.dll - ok
22:05:14.0342 6692 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
22:05:14.0342 6692 C:\Windows\System32\wbem\WinMgmtR.dll - ok
22:05:14.0342 6692 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
22:05:14.0342 6692 C:\Windows\SysWOW64\netcfgx.dll - ok
22:05:14.0358 6692 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\ntdsapi.dll - ok
22:05:14.0358 6692 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
22:05:14.0358 6692 C:\Windows\System32\netcfgx.dll - ok
22:05:14.0358 6692 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
22:05:14.0358 6692 C:\Windows\System32\ntdsapi.dll - ok
22:05:14.0358 6692 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
22:05:14.0358 6692 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
22:05:14.0358 6692 C:\Windows\System32\wbem\wbemprox.dll - ok
22:05:14.0358 6692 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
22:05:14.0358 6692 C:\Windows\System32\hnetcfg.dll - ok
22:05:14.0358 6692 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\hnetcfg.dll - ok
22:05:14.0358 6692 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\devrtl.dll - ok
22:05:14.0358 6692 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\vssapi.dll - ok
22:05:14.0358 6692 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\vsstrace.dll - ok
22:05:14.0358 6692 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
22:05:14.0358 6692 C:\Windows\SysWOW64\nci.dll - ok
22:05:14.0358 6692 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
22:05:14.0358 6692 C:\Windows\System32\nci.dll - ok
22:05:14.0373 6692 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
22:05:14.0373 6692 C:\Windows\SysWOW64\es.dll - ok
22:05:14.0373 6692 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\wbemcore.dll - ok
22:05:14.0373 6692 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
22:05:14.0373 6692 C:\Windows\SysWOW64\wbem\esscli.dll - ok
22:05:14.0373 6692 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\esscli.dll - ok
22:05:14.0373 6692 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\wbemsvc.dll - ok
22:05:14.0373 6692 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
22:05:14.0373 6692 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
22:05:14.0373 6692 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\wmiutils.dll - ok
22:05:14.0373 6692 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
22:05:14.0373 6692 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
22:05:14.0373 6692 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\repdrvfs.dll - ok
22:05:14.0373 6692 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
22:05:14.0373 6692 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
22:05:14.0373 6692 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
22:05:14.0373 6692 C:\Windows\System32\ncobjapi.dll - ok
22:05:14.0373 6692 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
22:05:14.0373 6692 C:\Windows\SysWOW64\ncobjapi.dll - ok
22:05:14.0389 6692 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
22:05:14.0389 6692 C:\Windows\System32\wbem\wbemess.dll - ok
22:05:14.0389 6692 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\credssp.dll - ok
22:05:14.0389 6692 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\schannel.dll - ok
22:05:14.0389 6692 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\dssenh.dll - ok
22:05:14.0389 6692 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
22:05:14.0389 6692 C:\Windows\System32\dssenh.dll - ok
22:05:14.0389 6692 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\SensApi.dll - ok
22:05:14.0389 6692 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\sxs.dll - ok
22:05:14.0389 6692 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\wscapi.dll - ok
22:05:14.0389 6692 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\wscisvif.dll - ok
22:05:14.0389 6692 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\comsvcs.dll - ok
22:05:14.0389 6692 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
22:05:14.0389 6692 C:\Windows\SysWOW64\atl.dll - ok
22:05:14.0389 6692 [ DD3FD48D69F5FBBB21D46D1514C1C2DB ] C:\Windows\System32\drivers\psi_mf_amd64.sys
22:05:14.0389 6692 C:\Windows\System32\drivers\psi_mf_amd64.sys - ok
22:05:14.0404 6692 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\SPInf.dll - ok
22:05:14.0404 6692 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
22:05:14.0404 6692 C:\Windows\System32\ndiscapCfg.dll - ok
22:05:14.0404 6692 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
22:05:14.0404 6692 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\rascfg.dll - ok
22:05:14.0404 6692 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
22:05:14.0404 6692 C:\Windows\System32\mprapi.dll - ok
22:05:14.0404 6692 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
22:05:14.0404 6692 C:\Windows\System32\rascfg.dll - ok
22:05:14.0404 6692 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\mprapi.dll - ok
22:05:14.0404 6692 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
22:05:14.0404 6692 C:\Windows\System32\mprmsg.dll - ok
22:05:14.0404 6692 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\mprmsg.dll - ok
22:05:14.0404 6692 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
22:05:14.0404 6692 C:\Windows\SysWOW64\tcpipcfg.dll - ok
22:05:14.0404 6692 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
22:05:14.0404 6692 C:\Windows\System32\tcpipcfg.dll - ok
22:05:14.0404 6692 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
22:05:14.0404 6692 C:\Windows\System32\wshbth.dll - ok
22:05:14.0404 6692 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] C:\Windows\System32\drivers\afcdp.sys
22:05:14.0404 6692 C:\Windows\System32\drivers\afcdp.sys - ok
22:05:14.0420 6692 [ EC445A9F0FB52E5F467C156FFF6F6D93 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
22:05:14.0420 6692 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
22:05:14.0420 6692 [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
22:05:14.0420 6692 C:\Windows\System32\appinfo.dll - ok
22:05:14.0420 6692 [ 57F1705710927877222848E3B8216DDE ] C:\Program Files\Microsoft Security Client\NisLog.dll
22:05:14.0420 6692 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
22:05:14.0420 6692 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
22:05:14.0420 6692 C:\Windows\System32\npmproxy.dll - ok
22:05:14.0420 6692 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
22:05:14.0420 6692 C:\Windows\SysWOW64\npmproxy.dll - ok
22:05:14.0420 6692 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
22:05:14.0420 6692 C:\Windows\System32\wpdbusenum.dll - ok
22:05:14.0420 6692 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
22:05:14.0420 6692 C:\Windows\SysWOW64\wdi.dll - ok
22:05:14.0420 6692 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
22:05:14.0420 6692 C:\Windows\System32\diagperf.dll - ok
22:05:14.0420 6692 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
22:05:14.0420 6692 C:\Windows\System32\wdi.dll - ok
22:05:14.0420 6692 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
22:05:14.0420 6692 C:\Windows\System32\perftrack.dll - ok
22:05:14.0420 6692 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
22:05:14.0420 6692 C:\Windows\System32\pnpts.dll - ok
22:05:14.0420 6692 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
22:05:14.0420 6692 C:\Windows\System32\wdiasqmmodule.dll - ok
22:05:14.0436 6692 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
22:05:14.0436 6692 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
22:05:14.0436 6692 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
22:05:14.0436 6692 C:\Windows\System32\PortableDeviceApi.dll - ok
22:05:14.0436 6692 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
22:05:14.0436 6692 C:\Windows\SysWOW64\wer.dll - ok
22:05:14.0436 6692 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
22:05:14.0436 6692 C:\Windows\System32\bthserv.dll - ok
22:05:14.0436 6692 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
22:05:14.0436 6692 C:\Windows\System32\hidserv.dll - ok
22:05:14.0436 6692 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
22:05:14.0436 6692 C:\Windows\System32\wer.dll - ok
22:05:14.0436 6692 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
22:05:14.0436 6692 C:\Windows\SysWOW64\dwmapi.dll - ok
22:05:14.0436 6692 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
22:05:14.0436 6692 C:\Windows\SysWOW64\hid.dll - ok
22:05:14.0436 6692 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
22:05:14.0436 6692 C:\Windows\SysWOW64\hidserv.dll - ok
22:05:14.0436 6692 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
22:05:14.0436 6692 C:\Windows\SysWOW64\svchost.exe - ok
22:05:14.0436 6692 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
22:05:14.0436 6692 C:\Windows\System32\Apphlpdm.dll - ok
22:05:14.0436 6692 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
22:05:14.0436 6692 C:\Windows\System32\shfolder.dll - ok
22:05:14.0451 6692 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\Apphlpdm.dll - ok
22:05:14.0451 6692 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\shfolder.dll - ok
22:05:14.0451 6692 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
22:05:14.0451 6692 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\sfc.dll - ok
22:05:14.0451 6692 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
22:05:14.0451 6692 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
22:05:14.0451 6692 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\sfc_os.dll - ok
22:05:14.0451 6692 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\msv1_0.dll - ok
22:05:14.0451 6692 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
22:05:14.0451 6692 C:\Windows\System32\NapiNSP.dll - ok
22:05:14.0451 6692 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
22:05:14.0451 6692 C:\Windows\System32\pnrpnsp.dll - ok
22:05:14.0451 6692 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
22:05:14.0451 6692 C:\Windows\SysWOW64\cryptdll.dll - ok
22:05:14.0451 6692 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
22:05:14.0451 6692 C:\Windows\System32\winrnr.dll - ok
22:05:14.0451 6692 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
22:05:14.0451 6692 C:\Windows\System32\taskhost.exe - ok
22:05:14.0467 6692 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
22:05:14.0467 6692 C:\Windows\SysWOW64\dimsjob.dll - ok
22:05:14.0467 6692 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
22:05:14.0467 6692 C:\Windows\System32\dimsjob.dll - ok
22:05:14.0467 6692 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
22:05:14.0467 6692 C:\Windows\SysWOW64\taskschd.dll - ok
22:05:14.0467 6692 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
22:05:14.0467 6692 C:\Windows\SysWOW64\pautoenr.dll - ok
22:05:14.0467 6692 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
22:05:14.0467 6692 C:\Windows\System32\pautoenr.dll - ok
22:05:14.0467 6692 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
22:05:14.0467 6692 C:\Windows\SysWOW64\certcli.dll - ok
22:05:14.0467 6692 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
22:05:14.0467 6692 C:\Windows\System32\certcli.dll - ok
22:05:14.0467 6692 [ 44C1FDD56432AEC7425A35EE0734BA4C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\gapaengine.dll
22:05:14.0467 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\gapaengine.dll - ok
22:05:14.0467 6692 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
22:05:14.0467 6692 C:\Windows\SysWOW64\CertEnroll.dll - ok
22:05:14.0467 6692 [ 7B4A2F45FA65A2C88D7950168F26277B ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\nisfull.vdm
22:05:14.0467 6692 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\nisfull.vdm - ok
22:05:14.0467 6692 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
22:05:14.0467 6692 C:\Windows\System32\CertEnroll.dll - ok
22:05:14.0467 6692 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
22:05:14.0467 6692 C:\Windows\System32\p2pcollab.dll - ok
22:05:14.0482 6692 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
22:05:14.0482 6692 C:\Windows\System32\fveui.dll - ok
22:05:14.0482 6692 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
22:05:14.0482 6692 C:\Windows\System32\QAGENTRT.DLL - ok
22:05:14.0482 6692 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
22:05:14.0482 6692 C:\Windows\SysWOW64\dsrole.dll - ok
22:05:14.0482 6692 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
22:05:14.0482 6692 C:\Windows\SysWOW64\msxml6.dll - ok
22:05:14.0482 6692 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
22:05:14.0482 6692 C:\Windows\System32\msxml6.dll - ok
22:05:14.0482 6692 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
22:05:14.0482 6692 C:\Windows\SysWOW64\dllhost.exe - ok
22:05:14.0482 6692 [ 662BA98309818AF2C17D4E48BF4021C4 ] C:\Program Files\Windows Defender\MpClient.dll
22:05:14.0482 6692 C:\Program Files\Windows Defender\MpClient.dll - ok
22:05:14.0482 6692 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
22:05:14.0482 6692 C:\Windows\SysWOW64\apphelp.dll - ok
22:05:14.0482 6692 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
22:05:14.0482 6692 C:\Windows\SysWOW64\FirewallAPI.dll - ok
22:05:14.0482 6692 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
22:05:14.0482 6692 C:\Windows\System32\SensApi.dll - ok
22:05:14.0482 6692 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
22:05:14.0482 6692 C:\Windows\System32\cabinet.dll - ok
22:05:14.0482 6692 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
22:05:14.0482 6692 C:\Windows\SysWOW64\cabinet.dll - ok
22:05:14.0498 6692 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
22:05:14.0498 6692 C:\Windows\SysWOW64\wuapi.dll - ok
22:05:14.0498 6692 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
22:05:14.0498 6692 C:\Windows\System32\wuapi.dll - ok
22:05:14.0498 6692 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
22:05:14.0498 6692 C:\Windows\SysWOW64\wups.dll - ok
22:05:14.0498 6692 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
22:05:14.0498 6692 C:\Windows\System32\wups.dll - ok
22:05:14.0498 6692 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
22:05:14.0498 6692 C:\Windows\System32\dllhost.exe - ok
22:05:14.0498 6692 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
22:05:14.0498 6692 C:\Windows\SysWOW64\shacct.dll - ok
22:05:14.0498 6692 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
22:05:14.0498 6692 C:\Windows\SysWOW64\IDStore.dll - ok
22:05:14.0498 6692 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
22:05:14.0498 6692 C:\Windows\SysWOW64\samlib.dll - ok
22:05:14.0498 6692 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
22:05:14.0498 6692 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
22:05:14.0498 6692 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
22:05:14.0498 6692 C:\Windows\System32\IDStore.dll - ok
22:05:14.0498 6692 [ 93C8EB7AF857F6005F2E44F802E0FA69 ] C:\Windows\SysWOW64\KBDUK.DLL
22:05:14.0498 6692 C:\Windows\SysWOW64\KBDUK.DLL - ok
22:05:14.0498 6692 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\SysWOW64\AtBroker.exe
22:05:14.0498 6692 C:\Windows\SysWOW64\AtBroker.exe - ok
22:05:14.0514 6692 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
22:05:14.0514 6692 C:\Windows\SysWOW64\uxtheme.dll - ok
22:05:14.0514 6692 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
22:05:14.0514 6692 C:\Windows\System32\AtBroker.exe - ok
22:05:14.0514 6692 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
22:05:14.0514 6692 C:\Windows\System32\MsCtfMonitor.dll - ok
22:05:14.0514 6692 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
22:05:14.0514 6692 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
22:05:14.0514 6692 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
22:05:14.0514 6692 C:\Windows\SysWOW64\msutb.dll - ok
22:05:14.0514 6692 [ C0F67D470CFBE6EAA0DCD451B0A8128E ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll
22:05:14.0514 6692 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustChecker.dll - ok
22:05:14.0514 6692 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
22:05:14.0514 6692 C:\Windows\System32\msutb.dll - ok
22:05:14.0514 6692 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
22:05:14.0514 6692 C:\Windows\SysWOW64\slc.dll - ok
22:05:14.0514 6692 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
22:05:14.0514 6692 C:\Windows\System32\userinit.exe - ok
22:05:14.0514 6692 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\SysWOW64\userinit.exe
22:05:14.0514 6692 C:\Windows\SysWOW64\userinit.exe - ok
22:05:14.0514 6692 [ 5B05319C7525F48454D15694F15307C6 ] C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll
22:05:14.0514 6692 C:\Program Files\CheckPoint\ZAForceField\ISWUL_MIN\ISWUL.dll - ok
22:05:14.0514 6692 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
22:05:14.0514 6692 C:\Windows\System32\dwm.exe - ok
22:05:14.0529 6692 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
22:05:14.0529 6692 C:\Windows\System32\dwmredir.dll - ok
22:05:14.0529 6692 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\SysWOW64\dwmcore.dll
22:05:14.0529 6692 C:\Windows\SysWOW64\dwmcore.dll - ok
22:05:14.0529 6692 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
22:05:14.0529 6692 C:\Windows\System32\dbghelp.dll - ok
22:05:14.0529 6692 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
22:05:14.0529 6692 C:\Windows\System32\dwmcore.dll - ok
22:05:14.0529 6692 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\SysWOW64\PlaySndSrv.dll
22:05:14.0529 6692 C:\Windows\SysWOW64\PlaySndSrv.dll - ok
22:05:14.0529 6692 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
22:05:14.0529 6692 C:\Windows\System32\HotStartUserAgent.dll - ok
22:05:14.0529 6692 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
22:05:14.0529 6692 C:\Windows\System32\PlaySndSrv.dll - ok
22:05:14.0529 6692 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
22:05:14.0529 6692 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
22:05:14.0529 6692 [ BA5A602E1FE80404EBA7AD881B44934E ] C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll
22:05:14.0529 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\updating.dll - ok
22:05:14.0529 6692 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
22:05:14.0529 6692 C:\Windows\SysWOW64\d3d10_1.dll - ok
22:05:14.0529 6692 [ B9FBA1ED752877DCAEB15C525583AEFE ] C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
22:05:14.0529 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll - ok
22:05:14.0529 6692 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
22:05:14.0529 6692 C:\Windows\System32\d3d10_1.dll - ok
22:05:14.0545 6692 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
22:05:14.0545 6692 C:\Windows\SysWOW64\d3d10_1core.dll - ok
22:05:14.0545 6692 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
22:05:14.0545 6692 C:\Windows\System32\d3d10_1core.dll - ok
22:05:14.0545 6692 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
22:05:14.0545 6692 C:\Windows\SysWOW64\dxgi.dll - ok
22:05:14.0545 6692 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
22:05:14.0545 6692 C:\Windows\SysWOW64\esent.dll - ok
22:05:14.0545 6692 [ 6A1091FEE1DAD166CB5FA36688978DA0 ] C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll
22:05:14.0545 6692 C:\Program Files\CheckPoint\ZAForceField\Plugins\SiteChecker.dll - ok
22:05:14.0545 6692 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
22:05:14.0545 6692 C:\Windows\System32\dxgi.dll - ok
22:05:14.0545 6692 [ 5C817C90E6E5C5B8DEC46C1225DA9A24 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll
22:05:14.0545 6692 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\samplesites.dll - ok
22:05:14.0545 6692 [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
22:05:14.0545 6692 C:\Windows\System32\d3d11.dll - ok
22:05:14.0545 6692 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll
22:05:14.0545 6692 C:\Windows\SysWOW64\d3d11.dll - ok
22:05:14.0545 6692 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
22:05:14.0545 6692 C:\Windows\explorer.exe - ok
22:05:14.0545 6692 [ D1F1D20DADF0C6882306126026E54EE2 ] C:\Windows\System32\aticfx64.dll
22:05:14.0545 6692 C:\Windows\System32\aticfx64.dll - ok
22:05:14.0545 6692 [ 6935BD1DD8CD2149DAC2C395F33EFF08 ] C:\Windows\System32\atidxx64.dll
22:05:14.0545 6692 C:\Windows\System32\atidxx64.dll - ok
22:05:14.0560 6692 [ 1C045AA40FC86CAF02D64B6218DC1DD6 ] C:\Windows\System32\atiuxp64.dll
22:05:14.0560 6692 C:\Windows\System32\atiuxp64.dll - ok
22:05:14.0560 6692 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
22:05:14.0560 6692 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
22:05:14.0560 6692 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
22:05:14.0560 6692 C:\Windows\System32\uDWM.dll - ok
22:05:14.0560 6692 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
22:05:14.0560 6692 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
22:05:14.0560 6692 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
22:05:14.0560 6692 C:\Windows\System32\ExplorerFrame.dll - ok
22:05:14.0560 6692 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
22:05:14.0560 6692 C:\Windows\SysWOW64\duser.dll - ok
22:05:14.0560 6692 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
22:05:14.0560 6692 C:\Windows\SysWOW64\dui70.dll - ok
22:05:14.0560 6692 [ E7E25D10B83264F67D5D2120ECE42FDB ] C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll
22:05:14.0560 6692 C:\Program Files\CheckPoint\ZAForceField\WOW64\Plugins\ISWSHEX.dll - ok
22:05:14.0560 6692 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
22:05:14.0560 6692 C:\Windows\SysWOW64\propsys.dll - ok
22:05:14.0560 6692 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
22:05:14.0560 6692 C:\Users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
22:05:14.0560 6692 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
22:05:14.0560 6692 C:\Windows\SysWOW64\msvcp60.dll - ok
22:05:14.0560 6692 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
22:05:14.0560 6692 C:\Windows\System32\msvcp60.dll - ok
22:05:14.0576 6692 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
22:05:14.0576 6692 C:\Windows\System32\EhStorShell.dll - ok
22:05:14.0576 6692 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
22:05:14.0576 6692 C:\Windows\SysWOW64\EhStorShell.dll - ok
22:05:14.0576 6692 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
22:05:14.0576 6692 C:\Windows\System32\ntshrui.dll - ok
22:05:14.0576 6692 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
22:05:14.0576 6692 C:\Windows\SysWOW64\ntshrui.dll - ok
22:05:14.0576 6692 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
22:05:14.0576 6692 C:\Windows\System32\cscapi.dll - ok
22:05:14.0576 6692 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
22:05:14.0576 6692 C:\Windows\SysWOW64\cscapi.dll - ok
22:05:14.0576 6692 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
22:05:14.0576 6692 C:\Windows\SysWOW64\IconCodecService.dll - ok
22:05:14.0576 6692 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
22:05:14.0576 6692 C:\Windows\System32\IconCodecService.dll - ok
22:05:14.0576 6692 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
22:05:14.0576 6692 C:\Windows\SysWOW64\runonce.exe - ok
22:05:14.0576 6692 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
22:05:14.0576 6692 C:\Windows\System32\runonce.exe - ok
22:05:14.0576 6692 [ A2BA6F3245E09702CF724CDB465EA4FA ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll
22:05:14.0576 6692 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\liblua.dll - ok
22:05:14.0576 6692 [ 823CD775B373912F0018534EF5C51A66 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll
22:05:14.0576 6692 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\libtextcat.dll - ok
22:05:14.0592 6692 [ 6D503A007F30E4F079CABC9890B04A38 ] C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll
22:05:14.0592 6692 C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TCData.dll - ok
22:05:14.0592 6692 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
22:05:14.0592 6692 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
22:05:14.0592 6692 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
22:05:14.0592 6692 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
22:05:14.0592 6692 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
22:05:14.0592 6692 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
22:05:14.0592 6692 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
22:05:14.0592 6692 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
22:05:14.0592 6692 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
22:05:14.0592 6692 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
22:05:14.0592 6692 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
22:05:14.0592 6692 C:\Windows\SysWOW64\msimg32.dll - ok
22:05:14.0592 6692 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
22:05:14.0592 6692 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
22:05:14.0592 6692 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
22:05:14.0592 6692 C:\Windows\SysWOW64\msxml3.dll - ok
22:05:14.0592 6692 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
22:05:14.0592 6692 C:\Windows\SysWOW64\cmd.exe - ok
22:05:14.0592 6692 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
22:05:14.0592 6692 C:\Windows\System32\conhost.exe - ok
22:05:14.0607 6692 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\winbrand.dll - ok
22:05:14.0607 6692 [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\ieframe.dll - ok
22:05:14.0607 6692 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
22:05:14.0607 6692 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
22:05:14.0607 6692 [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\shdocvw.dll - ok
22:05:14.0607 6692 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
22:05:14.0607 6692 C:\Windows\System32\aelupsvc.dll - ok
22:05:14.0607 6692 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
22:05:14.0607 6692 C:\Windows\System32\radardt.dll - ok
22:05:14.0607 6692 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\radardt.dll - ok
22:05:14.0607 6692 [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\Jim\AppData\Local\Temp\0E28205B-FAA0-461F-9398-95ECAA7D758F.exe
22:05:14.0607 6692 C:\Users\Jim\AppData\Local\Temp\0E28205B-FAA0-461F-9398-95ECAA7D758F.exe - ok
22:05:14.0607 6692 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\SndVolSSO.dll - ok
22:05:14.0607 6692 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
22:05:14.0607 6692 C:\Windows\SysWOW64\MMDevAPI.dll - ok
22:05:14.0607 6692 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
22:05:14.0607 6692 C:\Windows\System32\timedate.cpl - ok
22:05:14.0623 6692 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
22:05:14.0623 6692 C:\Windows\SysWOW64\timedate.cpl - ok
22:05:14.0623 6692 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
22:05:14.0623 6692 C:\Windows\System32\actxprxy.dll - ok
22:05:14.0623 6692 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\actxprxy.dll - ok
22:05:14.0623 6692 [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
22:05:14.0623 6692 C:\Windows\System32\shdocvw.dll - ok
22:05:14.0623 6692 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
22:05:14.0623 6692 C:\Windows\System32\linkinfo.dll - ok
22:05:14.0623 6692 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\linkinfo.dll - ok
22:05:14.0623 6692 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\msftedit.dll - ok
22:05:14.0623 6692 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\xmllite.dll - ok
22:05:14.0623 6692 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
22:05:14.0623 6692 C:\Windows\System32\msftedit.dll - ok
22:05:14.0623 6692 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\gameux.dll - ok
22:05:14.0623 6692 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
22:05:14.0623 6692 C:\Windows\System32\gameux.dll - ok
22:05:14.0623 6692 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
22:05:14.0623 6692 C:\Windows\SysWOW64\msls31.dll - ok
22:05:14.0638 6692 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
22:05:14.0638 6692 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
22:05:14.0638 6692 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
22:05:14.0638 6692 C:\Windows\System32\msls31.dll - ok
22:05:14.0638 6692 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll
22:05:14.0638 6692 C:\Windows\SysWOW64\authui.dll - ok
22:05:14.0638 6692 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
22:05:14.0638 6692 C:\Windows\SysWOW64\cryptui.dll - ok
22:05:14.0638 6692 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
22:05:14.0638 6692 C:\Windows\System32\DeviceCenter.dll - ok
22:05:14.0638 6692 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
22:05:14.0638 6692 C:\Windows\SysWOW64\msiltcfg.dll - ok
22:05:14.0638 6692 [ 430FEA290AC80AB313D54AC5718219FB ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:05:14.0638 6692 C:\Program Files\Logitech Gaming Software\LCore.exe - ok
22:05:14.0638 6692 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
22:05:14.0638 6692 C:\Windows\System32\msiltcfg.dll - ok
22:05:14.0638 6692 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
22:05:14.0638 6692 C:\Windows\SysWOW64\msi.dll - ok
22:05:14.0638 6692 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
22:05:14.0638 6692 C:\Windows\System32\msi.dll - ok
22:05:14.0638 6692 [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
22:05:14.0638 6692 C:\Windows\System32\ieframe.dll - ok
22:05:14.0638 6692 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
22:05:14.0638 6692 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
22:05:14.0654 6692 [ E948D1D42DC68923ABD75EEB5BCCD1D3 ] C:\Windows\System32\consent.exe
22:05:14.0654 6692 C:\Windows\System32\consent.exe - ok
22:05:14.0654 6692 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\networkexplorer.dll - ok
22:05:14.0654 6692 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\wmsgapi.dll - ok
22:05:14.0654 6692 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
22:05:14.0654 6692 C:\Windows\System32\networkexplorer.dll - ok
22:05:14.0654 6692 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
22:05:14.0654 6692 C:\Windows\System32\drprov.dll - ok
22:05:14.0654 6692 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\drprov.dll - ok
22:05:14.0654 6692 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
22:05:14.0654 6692 C:\Windows\System32\ntlanman.dll - ok
22:05:14.0654 6692 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
22:05:14.0654 6692 C:\Windows\System32\thumbcache.dll - ok
22:05:14.0654 6692 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\ntlanman.dll - ok
22:05:14.0654 6692 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\thumbcache.dll - ok
22:05:14.0654 6692 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
22:05:14.0654 6692 C:\Windows\System32\davclnt.dll - ok
22:05:14.0654 6692 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
22:05:14.0654 6692 C:\Windows\SysWOW64\davclnt.dll - ok
22:05:14.0670 6692 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
22:05:14.0670 6692 C:\Windows\SysWOW64\davhlpr.dll - ok
22:05:14.0670 6692 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
22:05:14.0670 6692 C:\Windows\System32\davhlpr.dll - ok
22:05:14.0670 6692 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
22:05:14.0670 6692 C:\Windows\SysWOW64\ksuser.dll - ok
22:05:14.0670 6692 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
22:05:14.0670 6692 C:\Windows\SysWOW64\wdmaud.drv - ok
22:05:14.0670 6692 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
22:05:14.0670 6692 C:\Windows\SysWOW64\avrt.dll - ok
22:05:14.0670 6692 [ 33A0F936F44A2C8749B7B12C58DEBDC2 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
22:05:14.0670 6692 C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe - ok
22:05:14.0670 6692 [ D5845226D50F3842122BC4F391668E3A ] C:\Program Files\Logitech Gaming Software\QtCore4.dll
22:05:14.0670 6692 C:\Program Files\Logitech Gaming Software\QtCore4.dll - ok
22:05:14.0670 6692 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
22:05:14.0670 6692 C:\Windows\SysWOW64\AudioSes.dll - ok
22:05:14.0670 6692 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
22:05:14.0670 6692 C:\Windows\SysWOW64\msacm32.drv - ok
22:05:14.0670 6692 [ F7123DD08DB0E254C62DB2B65FFE010C ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
22:05:14.0670 6692 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - ok
22:05:14.0670 6692 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
22:05:14.0670 6692 C:\Windows\SysWOW64\msacm32.dll - ok
22:05:14.0670 6692 [ FE46A75556E66B8CC472FA75EFF0C347 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
22:05:14.0670 6692 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
22:05:14.0685 6692 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
22:05:14.0685 6692 C:\Windows\SysWOW64\midimap.dll - ok
22:05:14.0685 6692 [ DDD10047BF0E5C3C21A60B5A6F58D06B ] C:\Program Files\Logitech Gaming Software\QtGui4.dll
22:05:14.0685 6692 C:\Program Files\Logitech Gaming Software\QtGui4.dll - ok
22:05:14.0685 6692 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
22:05:14.0685 6692 C:\Windows\System32\dsound.dll - ok
22:05:14.0685 6692 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
22:05:14.0685 6692 C:\Windows\System32\l3codeca.acm - ok
22:05:14.0685 6692 [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\SysWOW64\l3codeca.acm
22:05:14.0685 6692 C:\Windows\SysWOW64\l3codeca.acm - ok
22:05:14.0685 6692 [ 91894B8CCED018B2567C99F8F729F3D6 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
22:05:14.0685 6692 C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - ok
22:05:14.0685 6692 [ 7FFD788C1EFDCFD505DE4243AB8F5769 ] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
22:05:14.0685 6692 C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll - ok
22:05:14.0685 6692 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
22:05:14.0685 6692 C:\Windows\SysWOW64\bthprops.cpl - ok
22:05:14.0685 6692 [ 26B7BAAB5B261606A0B2B4DBC17948B7 ] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
22:05:14.0685 6692 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe - ok
22:05:14.0685 6692 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
22:05:14.0685 6692 C:\Windows\System32\winspool.drv - ok
22:05:14.0685 6692 [ 347AAE83C7C7B787CED89544532AA47D ] C:\Windows\SysWOW64\PhotoMetadataHandler.dll
22:05:14.0685 6692 C:\Windows\SysWOW64\PhotoMetadataHandler.dll - ok
22:05:14.0685 6692 [ FB96BD00EADF64448A572CD333C6372B ] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
22:05:14.0685 6692 C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll - ok
22:05:14.0701 6692 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
22:05:14.0701 6692 C:\Windows\System32\PhotoMetadataHandler.dll - ok
22:05:14.0701 6692 [ 175A34F27AC788BCC62CBAB6EBED5BA3 ] C:\Program Files (x86)\Bluetooth Suite\BPP.dll
22:05:14.0701 6692 C:\Program Files (x86)\Bluetooth Suite\BPP.dll - ok
22:05:14.0701 6692 [ D80CF8842ADF3EBF897204E7E537347E ] C:\Program Files\Logitech Gaming Software\QtXml4.dll
22:05:14.0701 6692 C:\Program Files\Logitech Gaming Software\QtXml4.dll - ok
22:05:14.0701 6692 [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
22:05:14.0701 6692 C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
22:05:14.0701 6692 [ 5405413FFF79B8D9C747AA900F60F082 ] C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
22:05:14.0701 6692 C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll - ok
22:05:14.0701 6692 [ F1C19F0AA151B90A7416FA1D50DDB582 ] C:\Windows\System32\WindowsCodecsExt.dll
22:05:14.0701 6692 C:\Windows\System32\WindowsCodecsExt.dll - ok
22:05:14.0701 6692 [ 7E10CCE27CB13580FF46D724AAD52EB8 ] C:\Program Files (x86)\Steam\Steam.exe
22:05:14.0701 6692 C:\Program Files (x86)\Steam\Steam.exe - ok
22:05:14.0701 6692 [ BE7DAC115640B63FCD69122FF8F4CBB8 ] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
22:05:14.0701 6692 C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll - ok
22:05:14.0701 6692 [ 484DFA779B9BA15F69E4432144B04F8D ] C:\Program Files\Logitech Gaming Software\QtNetwork4.dll
22:05:14.0701 6692 C:\Program Files\Logitech Gaming Software\QtNetwork4.dll - ok
22:05:14.0701 6692 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
22:05:14.0701 6692 C:\Windows\SysWOW64\mscms.dll - ok
22:05:14.0701 6692 [ 1C1477A9C8C9FBF232086A067EDD3DF0 ] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
22:05:14.0701 6692 C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll - ok
22:05:14.0701 6692 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
22:05:14.0701 6692 C:\Windows\System32\mscms.dll - ok
22:05:14.0716 6692 [ 5546994A3906FD94A2C7C14C5EE35CBB ] C:\Program Files (x86)\Bluetooth Suite\goep_bpp.dll
22:05:14.0716 6692 C:\Program Files (x86)\Bluetooth Suite\goep_bpp.dll - ok
22:05:14.0716 6692 [ 63056E0A1732E019F12B4ACCCA8BA0BE ] C:\Program Files\Logitech Gaming Software\QtScript4.dll
22:05:14.0716 6692 C:\Program Files\Logitech Gaming Software\QtScript4.dll - ok
22:05:14.0716 6692 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
22:05:14.0716 6692 C:\Windows\SysWOW64\icm32.dll - ok
22:05:14.0716 6692 [ 684D8FC5DFF1ACBA6B08C44EC694302B ] C:\Program Files (x86)\BillP Studios\WinPatrol\patrolpro.dll
22:05:14.0716 6692 C:\Program Files (x86)\BillP Studios\WinPatrol\patrolpro.dll - ok
22:05:14.0716 6692 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
22:05:14.0716 6692 C:\Windows\System32\icm32.dll - ok
22:05:14.0716 6692 [ 3A5259177F89D3183478F00D6A3C4206 ] C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll
22:05:14.0716 6692 C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll - ok
22:05:14.0716 6692 [ 1406C921F0697B61FA1799AA6959D93F ] C:\Program Files\Logitech Gaming Software\QtHelp4.dll
22:05:14.0716 6692 C:\Program Files\Logitech Gaming Software\QtHelp4.dll - ok
22:05:14.0716 6692 [ 3C065EAF8210FA1B73BA5388F0A579C8 ] C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
22:05:14.0716 6692 C:\Program Files (x86)\Secunia\PSI\psi_tray.exe - ok
22:05:14.0716 6692 [ 98247B68021687F1D8D99A069F8BC162 ] C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrolEx.exe
22:05:14.0716 6692 C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrolEx.exe - ok
22:05:14.0716 6692 [ C75837F39691BE2498F091EAE178BA96 ] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
22:05:14.0716 6692 C:\Program Files (x86)\Bluetooth Suite\Sync.dll - ok
22:05:14.0716 6692 [ 58AF70F216CC5D3B64CEB33B71761B8A ] C:\Program Files (x86)\Steam\crashhandler.dll
22:05:14.0716 6692 C:\Program Files (x86)\Steam\crashhandler.dll - ok
22:05:14.0732 6692 [ B83E9EECB6A07483303CD9E53D04A90A ] C:\Program Files\Logitech Gaming Software\QtSql4.dll
22:05:14.0732 6692 C:\Program Files\Logitech Gaming Software\QtSql4.dll - ok
22:05:14.0732 6692 [ 21A7C4FF0306ECFC6D5B6B5669727A55 ] C:\Program Files (x86)\Bluetooth Suite\goep_single.dll
22:05:14.0732 6692 C:\Program Files (x86)\Bluetooth Suite\goep_single.dll - ok
22:05:14.0732 6692 [ DA8714A83ED94058CE0F766D2D029037 ] C:\Program Files\Logitech Gaming Software\QtCLucene4.dll
22:05:14.0732 6692 C:\Program Files\Logitech Gaming Software\QtCLucene4.dll - ok
22:05:14.0732 6692 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
22:05:14.0732 6692 C:\Windows\SysWOW64\quartz.dll - ok
22:05:14.0732 6692 [ 7DF2E52C3E2C6D2AFC3E0D3D76854096 ] C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll
22:05:14.0732 6692 C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll - ok
22:05:14.0732 6692 [ 44A8B9185030EA57F7999383643ADFFB ] C:\Windows\System32\quartz.dll
22:05:14.0732 6692 C:\Windows\System32\quartz.dll - ok
22:05:14.0732 6692 [ 373C74EB63BA0D331A1A92B5AE869C0E ] C:\Program Files (x86)\Steam\steamerrorreporter.exe
22:05:14.0732 6692 C:\Program Files (x86)\Steam\steamerrorreporter.exe - ok
22:05:14.0732 6692 [ 6D6D2EE314424BAA1378F96BD8F02244 ] C:\Program Files (x86)\Bluetooth Suite\BtObexFt.dll
22:05:14.0732 6692 C:\Program Files (x86)\Bluetooth Suite\BtObexFt.dll - ok
22:05:14.0732 6692 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
22:05:14.0732 6692 C:\Windows\System32\wsock32.dll - ok
22:05:14.0732 6692 [ 91E4DCFF442CBC346D2F74AB655D526F ] C:\Program Files (x86)\Bluetooth Suite\BtFileStore.dll
22:05:14.0732 6692 C:\Program Files (x86)\Bluetooth Suite\BtFileStore.dll - ok
22:05:14.0732 6692 [ FF759035D8A520918DE94AB5E1788AB8 ] C:\Program Files (x86)\Steam\tier0_s.dll
22:05:14.0732 6692 C:\Program Files (x86)\Steam\tier0_s.dll - ok
22:05:14.0732 6692 [ 4B3360B83CCE007AE1A0729AAC256100 ] C:\Program Files (x86)\Bluetooth Suite\BTOBEXOP.dll
22:05:14.0732 6692 C:\Program Files (x86)\Bluetooth Suite\BTOBEXOP.dll - ok
22:05:14.0748 6692 [ B102C6C37A729625FBF29F2ED8913EA9 ] C:\Program Files (x86)\Steam\vstdlib_s.dll
22:05:14.0748 6692 C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
22:05:14.0748 6692 [ 53943B77133B70E2BC76889656B069C6 ] C:\Program Files (x86)\Bluetooth Suite\BtFileStoreOpp.dll
22:05:14.0748 6692 C:\Program Files (x86)\Bluetooth Suite\BtFileStoreOpp.dll - ok
22:05:14.0748 6692 [ 026408BFB636C3BC37F26B9A3E6347CC ] C:\Program Files (x86)\Bluetooth Suite\goep.dll
22:05:14.0748 6692 C:\Program Files (x86)\Bluetooth Suite\goep.dll - ok
22:05:14.0748 6692 [ 4F1F35044428CD8981BEA81432E9E51D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
22:05:14.0748 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe - ok
22:05:14.0748 6692 [ 75EB974222F293159427F9A77A5F3C6A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
22:05:14.0748 6692 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll - ok
22:05:14.0748 6692 [ 530EFF719EA21158A2C7B16BFA88A482 ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
22:05:14.0748 6692 C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe - ok
22:05:14.0748 6692 [ 5F3E5CD36892BA883D4AB2F83E519E4F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll
22:05:14.0748 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll - ok
22:05:14.0748 6692 [ A8C05DD686FD7521914AAE742DECB0DA ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
22:05:14.0748 6692 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
22:05:14.0748 6692 [ 383CA6882A729B1404C553C3D4FC8BCE ] C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll
22:05:14.0748 6692 C:\Program Files\Logitech Gaming Software\QtOpenGL4.dll - ok
22:05:14.0748 6692 [ 2AED3E33F5EEA873E0EC08D5BCDD91B9 ] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
22:05:14.0748 6692 C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll - ok
22:05:14.0748 6692 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
22:05:14.0748 6692 C:\Windows\SysWOW64\opengl32.dll - ok
22:05:14.0763 6692 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
22:05:14.0763 6692 C:\Windows\System32\opengl32.dll - ok
22:05:14.0763 6692 [ C715D6943DFBDF78DFB9EB7F010496A4 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
22:05:14.0763 6692 C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe - ok
22:05:14.0763 6692 [ A2D90A70D2C1C310FD9E24404E95FEF5 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll
22:05:14.0763 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll - ok
22:05:14.0763 6692 [ FD69E28904B40939EEBD314867296D6F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll
22:05:14.0763 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll - ok
22:05:14.0763 6692 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
22:05:14.0763 6692 C:\Windows\SysWOW64\glu32.dll - ok
22:05:14.0763 6692 [ 735943848B35F874577201780696E67E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll
22:05:14.0763 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll - ok
22:05:14.0763 6692 [ 6D95F3B9FDC01896BB7F7C0B438498BE ] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\Common\gc.dll
22:05:14.0763 6692 C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\Common\gc.dll - ok
22:05:14.0763 6692 [ 88DCE69F9C68BACDE3207D86658D615C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll
22:05:14.0763 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll - ok
22:05:14.0763 6692 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
22:05:14.0763 6692 C:\Windows\System32\glu32.dll - ok
22:05:14.0763 6692 [ 51C8885B6A00904C0252704C9FB0F43A ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
22:05:14.0763 6692 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe - ok
22:05:14.0763 6692 [ B3710D5900EA1A07D531E443C1979CA6 ] C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
22:05:14.0763 6692 C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll - ok
22:05:14.0763 6692 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
22:05:14.0763 6692 C:\Windows\SysWOW64\ddraw.dll - ok
22:05:14.0779 6692 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
22:05:14.0779 6692 C:\Windows\SysWOW64\mf.dll - ok
22:05:14.0779 6692 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
22:05:14.0779 6692 C:\Windows\System32\ddraw.dll - ok
22:05:14.0779 6692 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
22:05:14.0779 6692 C:\Windows\System32\mf.dll - ok
22:05:14.0779 6692 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
22:05:14.0779 6692 C:\Windows\SysWOW64\dciman32.dll - ok
22:05:14.0779 6692 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
22:05:14.0779 6692 C:\Windows\System32\dciman32.dll - ok
22:05:14.0779 6692 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
22:05:14.0779 6692 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
22:05:14.0779 6692 [ 4CB7CEE3F7540B0BEDBD158D75F06509 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:05:14.0779 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
22:05:14.0779 6692 [ 8C8E5D647855E338772BF0275044ACE6 ] C:\Windows\System32\atig6pxx.dll
22:05:14.0779 6692 C:\Windows\System32\atig6pxx.dll - ok
22:05:14.0779 6692 [ E82348A407CA278CFBEDAD6143A9CD56 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
22:05:14.0779 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll - ok
22:05:14.0779 6692 [ 5A7FF2E502F117DA46423924C1B255A9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll
22:05:14.0779 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll - ok
22:05:14.0779 6692 [ 4587DEDC177045EF5EA7806CC3566CC5 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
22:05:14.0779 6692 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll - ok
22:05:14.0794 6692 [ D89D58F11E0B7017B815751A89B9F748 ] C:\Windows\System32\atio6axx.dll
22:05:14.0794 6692 C:\Windows\System32\atio6axx.dll - ok
22:05:14.0794 6692 [ 80F9D09DA594010C59F2787427B066B1 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
22:05:14.0794 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll - ok
22:05:14.0794 6692 [ DA0EC989CFEBDC2F3D0E52FA00B36E5E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll
22:05:14.0794 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll - ok
22:05:14.0794 6692 [ 755595240261BAD88527F31358FC2F34 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll
22:05:14.0794 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll - ok
22:05:14.0794 6692 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:05:14.0794 6692 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
22:05:14.0794 6692 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
22:05:14.0794 6692 C:\Windows\SysWOW64\mfplat.dll - ok
22:05:14.0794 6692 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
22:05:14.0794 6692 C:\Windows\System32\mfplat.dll - ok
22:05:14.0794 6692 [ BEEDE9F75C9FFAFDC4D3534DE1FF51A4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll
22:05:14.0794 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll - ok
22:05:14.0794 6692 [ A46F309EFBEEA491EEBF7B00C3A5A6AC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll
22:05:14.0794 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll - ok
22:05:14.0794 6692 [ BE756E4D487608E75710180D631E7B53 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll
22:05:14.0794 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll - ok
22:05:14.0794 6692 [ 0D55C9DA275E7AF24D69438937CA6291 ] C:\Windows\System32\atig6txx.dll
22:05:14.0794 6692 C:\Windows\System32\atig6txx.dll - ok
22:05:14.0794 6692 [ 8608FB2C0383CDECD405E2611F04ED68 ] C:\Windows\SysWOW64\atiadlxy.dll
22:05:14.0794 6692 C:\Windows\SysWOW64\atiadlxy.dll - ok
22:05:14.0810 6692 [ 56D61BE56DA22334829E14CDE6A8C1FE ] C:\Windows\SysWOW64\WMVDECOD.DLL
22:05:14.0810 6692 C:\Windows\SysWOW64\WMVDECOD.DLL - ok
22:05:14.0810 6692 [ C9D55DD181AB078FEE66ECCAEF219F37 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll
22:05:14.0810 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll - ok
22:05:14.0810 6692 [ 8B6CBE2FA2BAEDE2A3F5C96733481911 ] C:\Windows\System32\WMVDECOD.DLL
22:05:14.0810 6692 C:\Windows\System32\WMVDECOD.DLL - ok
22:05:14.0810 6692 [ CA7689292E6C49772B7067487D8728FB ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd
22:05:14.0810 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd - ok
22:05:14.0810 6692 [ E76920D12D29A14695844232F57529DB ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
22:05:14.0810 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll - ok
22:05:14.0810 6692 [ EF8E5E4FD6C023B1E6F26E947EDD1DD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll
22:05:14.0810 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll - ok
22:05:14.0810 6692 [ DC5ECEA062C0633346B6D199FA2B578D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
22:05:14.0810 6692 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
22:05:14.0810 6692 [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
22:05:14.0810 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe - ok
22:05:14.0810 6692 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
22:05:14.0810 6692 C:\Windows\SysWOW64\msdmo.dll - ok
22:05:14.0810 6692 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
22:05:14.0810 6692 C:\Windows\System32\mscoree.dll - ok
22:05:14.0810 6692 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
22:05:14.0810 6692 C:\Windows\System32\msdmo.dll - ok
22:05:14.0826 6692 [ E18FB695084BF2D748E977813119CE6F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
22:05:14.0826 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
22:05:14.0826 6692 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
22:05:14.0826 6692 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
22:05:14.0826 6692 [ F5BC7C7CAC62E66E521902E71FA0062A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd
22:05:14.0826 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd - ok
22:05:14.0826 6692 [ 667CF276D71FB9672329F841D0C6DD79 ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\icu38.dll
22:05:14.0826 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\icu38.dll - ok
22:05:14.0826 6692 [ 204619D1E01030D30D1A8AE40F4A44E8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
22:05:14.0826 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
22:05:14.0826 6692 [ 323C12D2DB8C0E89F3D2F9A65A4DF02F ] C:\Program Files (x86)\Acronis\TrueImageHome\Common\icudt38.dll
22:05:14.0826 6692 C:\Program Files (x86)\Acronis\TrueImageHome\Common\icudt38.dll - ok
22:05:14.0826 6692 [ E5303F6AA588534D768E69F9E1F8142B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd
22:05:14.0826 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd - ok
22:05:14.0826 6692 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
22:05:14.0826 6692 C:\Windows\SysWOW64\riched20.dll - ok
22:05:14.0826 6692 [ 560B813E26B54D4F0F864116375569F7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd
22:05:14.0826 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd - ok
22:05:14.0826 6692 [ ACA30B753EF16345AE2100E40603BF14 ] C:\Windows\System32\msvcr110_clr0400.dll
22:05:14.0826 6692 C:\Windows\System32\msvcr110_clr0400.dll - ok
22:05:14.0826 6692 [ 1CDBA14AE6E83A135AB3E06C3E5A2F1A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd
22:05:14.0826 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd - ok
22:05:14.0841 6692 [ 7A36A72E43FD6481B52E1CBAA430BAE4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd
22:05:14.0841 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd - ok
22:05:14.0841 6692 [ 7E767A84EA980A09CCEAC32141EB1FAE ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll
22:05:14.0841 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll - ok
22:05:14.0841 6692 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
22:05:14.0841 6692 C:\Windows\SysWOW64\UIAnimation.dll - ok
22:05:14.0841 6692 [ 73518E4BF2D50171F8614E2458942A53 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d42c334cb5f55ece9de045701a3cf37f\mscorlib.ni.dll
22:05:14.0841 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\d42c334cb5f55ece9de045701a3cf37f\mscorlib.ni.dll - ok
22:05:14.0841 6692 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
22:05:14.0841 6692 C:\Windows\System32\UIAnimation.dll - ok
22:05:14.0841 6692 [ 3E3034604BB04CB7F21DC0604ED2AF3D ] C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll
22:05:14.0841 6692 C:\Program Files\Logitech Gaming Software\imageformats\qjpeg4.dll - ok
22:05:14.0841 6692 [ 590ECB7550211624A81EC1BF82F1087B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
22:05:14.0841 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
22:05:14.0841 6692 [ 94B29CE153765E768F004FB3440BE2B0 ] C:\Windows\System32\drivers\LGVirHid.sys
22:05:14.0841 6692 C:\Windows\System32\drivers\LGVirHid.sys - ok
22:05:14.0841 6692 [ 46B43BEEFAC91DF9CD1038E7F2B68772 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\fafa4afd4e622b0db0e08a5b3a622744\System.ni.dll
22:05:14.0841 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\fafa4afd4e622b0db0e08a5b3a622744\System.ni.dll - ok
22:05:14.0841 6692 [ 2AC4B7E0A5C7D6BA189B8C7648C3227A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll
22:05:14.0841 6692 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll - ok
22:05:14.0841 6692 [ 8C1D2248DC442D6AA55C420FA37AD5A3 ] C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\tdrpapi.dll
22:05:14.0841 6692 C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\tdrpapi.dll - ok
22:05:14.0857 6692 [ 3A2E8F15748CAF70BB8264843D0BD713 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\53cb23d3c4222c8eac4b4036b2e02a44\System.Drawing.ni.dll
22:05:14.0857 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\53cb23d3c4222c8eac4b4036b2e02a44\System.Drawing.ni.dll - ok
22:05:14.0857 6692 [ 8CA7360F37D2439702A2114957DCC73B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\6b2293a3936ead8ca9318a1f5c1e66d8\System.Windows.Forms.ni.dll
22:05:14.0857 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\6b2293a3936ead8ca9318a1f5c1e66d8\System.Windows.Forms.ni.dll - ok
22:05:14.0857 6692 [ 1E11EE6EBA9876A9FFAFBB4499209EE8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
22:05:14.0857 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
22:05:14.0857 6692 [ 4CF3CCFD4BAB2E4EF1E5776ED557918E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll - ok
22:05:14.0857 6692 [ 6FA85C12BF6E45D6B91F643FDF75BF1E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll - ok
22:05:14.0857 6692 [ 5D4A9A229E0E4C7663438F71A004D9A9 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll - ok
22:05:14.0857 6692 [ 24301FC3AE5CA3D216A5990CE00536A0 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll - ok
22:05:14.0857 6692 [ 33C17A4B3B7C6067F71428EF1C7BC84A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll - ok
22:05:14.0857 6692 [ DF94763F08330488778611359621E8FB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
22:05:14.0857 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll - ok
22:05:14.0857 6692 [ 10A7B68B1DDE409B8A09EC67C201A490 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\cf5aebdf4ce7a45f7793889b9bf29929\System.Runtime.Remoting.ni.dll
22:05:14.0857 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\cf5aebdf4ce7a45f7793889b9bf29929\System.Runtime.Remoting.ni.dll - ok
22:05:14.0857 6692 [ 9382AF9684AE91035809A252C9245606 ] C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
22:05:14.0857 6692 C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe - ok
22:05:14.0872 6692 [ 25283FE7468DBFB2DE694E9B3777C906 ] C:\Program Files (x86)\Steam\Steam.dll
22:05:14.0872 6692 C:\Program Files (x86)\Steam\Steam.dll - ok
22:05:14.0872 6692 [ 344E5CC5B79EF3BCD7A267F60DE44F5D ] C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
22:05:14.0872 6692 C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe - ok
22:05:14.0872 6692 [ CEF09A723346F2E98FE9A8EECCB0E539 ] C:\Program Files (x86)\Steam\SteamUI.dll
22:05:14.0872 6692 C:\Program Files (x86)\Steam\SteamUI.dll - ok
22:05:14.0872 6692 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
22:05:14.0872 6692 C:\Windows\SysWOW64\SyncCenter.dll - ok
22:05:14.0872 6692 [ 19A60B0955225F674374DFE249DA70BA ] C:\Program Files (x86)\Steam\SDL2.dll
22:05:14.0872 6692 C:\Program Files (x86)\Steam\SDL2.dll - ok
22:05:14.0872 6692 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
22:05:14.0872 6692 C:\Windows\System32\SyncCenter.dll - ok
22:05:14.0872 6692 [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
22:05:14.0872 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe - ok
22:05:14.0872 6692 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
22:05:14.0872 6692 C:\Windows\SysWOW64\oledlg.dll - ok
22:05:14.0872 6692 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
22:05:14.0872 6692 C:\Windows\System32\oledlg.dll - ok
22:05:14.0872 6692 [ 70862FB65B7B6F51FFC6C5D3D63D6B4F ] C:\Program Files\Logitech Gaming Software\LcdApi\x86\LgLcdApi.dll
22:05:14.0872 6692 C:\Program Files\Logitech Gaming Software\LcdApi\x86\LgLcdApi.dll - ok
22:05:14.0872 6692 [ AC8E6AB70D520D5275DD69A616ABB0BB ] C:\Program Files\Logitech Gaming Software\LcdApi\x64\LgLcdApi.dll
22:05:14.0872 6692 C:\Program Files\Logitech Gaming Software\LcdApi\x64\LgLcdApi.dll - ok
22:05:14.0888 6692 [ E8416A7D293C26B17606CC5D61F166FB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll - ok
22:05:14.0888 6692 [ A2CF33A6BA651C76AA391E4E57E71D67 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll - ok
22:05:14.0888 6692 [ C9A3881B033963F8A8457CFBB4B6E53E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3236c6f57c0ce45dadbb533a5d443e32\System.Core.ni.dll
22:05:14.0888 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3236c6f57c0ce45dadbb533a5d443e32\System.Core.ni.dll - ok
22:05:14.0888 6692 [ 61F9D19D7B8D044ACA37D19188F9E713 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\468ebb8b923c174f574e46f1453a1d9d\System.Web.ni.dll
22:05:14.0888 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Web\468ebb8b923c174f574e46f1453a1d9d\System.Web.ni.dll - ok
22:05:14.0888 6692 [ BB6C20C332AFE085E6426DD7E992DBA2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll - ok
22:05:14.0888 6692 [ F359A26FA52CD76B028C216E4D7CD40E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\4af0121ae52f9823674de603f479e740\System.Xml.ni.dll
22:05:14.0888 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\4af0121ae52f9823674de603f479e740\System.Xml.ni.dll - ok
22:05:14.0888 6692 [ A9B41BFC2A3C96FB123F153ACA15EA1F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll - ok
22:05:14.0888 6692 [ F393DDE6BA10559DE4A145DE000D8BE8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll - ok
22:05:14.0888 6692 [ C6E844F13A433ECB43C337100857B146 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll - ok
22:05:14.0888 6692 [ DCE713CFDBCCF15D5882338917CE6508 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll - ok
22:05:14.0888 6692 [ A8FA27CE2ECEAD45643FE52BA41D417B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
22:05:14.0888 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll - ok
22:05:14.0904 6692 [ AAE6D82C7BE21A6E0009DB36B917ECC5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll - ok
22:05:14.0904 6692 [ 85B3C66D1BA22C84EFBFCFB652B7BE31 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll - ok
22:05:14.0904 6692 [ F9B4B978D188D6BC3D60A159D60818B1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll - ok
22:05:14.0904 6692 [ E705A11517EB3E508E20EBCA146B8CFA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll - ok
22:05:14.0904 6692 [ 3816055B8EDFD09829C48AF1B986FBEA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll - ok
22:05:14.0904 6692 [ 7032930BA15447FD5060A107787C1BD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll - ok
22:05:14.0904 6692 [ 1769BFE80A40152A9D537AC14E64D8BA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll - ok
22:05:14.0904 6692 [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
22:05:14.0904 6692 C:\Program Files (x86)\Steam\dbghelp.dll - ok
22:05:14.0904 6692 [ D66B5A1FD077E8938C4E4FD2328EE5DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
22:05:14.0904 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll - ok
22:05:14.0904 6692 [ 1F9746DCBEA91E271AEB0784CE480F9E ] C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll
22:05:14.0904 6692 C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll - ok
22:05:14.0904 6692 [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
22:05:14.0904 6692 C:\Program Files (x86)\Steam\CSERHelper.dll - ok
22:05:14.0919 6692 [ D5C87D1FC55AD1D54F890C58F32DA10F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
22:05:14.0919 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll - ok
22:05:14.0919 6692 [ 22D642FFBBFD6428B985343FD43D2465 ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
22:05:14.0919 6692 C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
22:05:14.0919 6692 [ 6619452954364022941F1EA3F45610C5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
22:05:14.0919 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll - ok
22:05:14.0919 6692 [ CF070B350DB11B05A5417FEB3D136247 ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
22:05:14.0919 6692 C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
22:05:14.0919 6692 [ 33D3FE496FBB1A2C2E636F68847B23C7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
22:05:14.0919 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll - ok
22:05:14.0919 6692 [ F6019DE1DE3974127C201228EF0CA03F ] C:\Program Files (x86)\Steam\bin\libcef.dll
22:05:14.0919 6692 C:\Program Files (x86)\Steam\bin\libcef.dll - ok
22:05:14.0919 6692 [ 48F9701E1E971F11DD567A3FA1248159 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
22:05:14.0919 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll - ok
22:05:14.0919 6692 [ 8E244DBEA835590B49DBA3F7D23A9EE7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
22:05:14.0919 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll - ok
22:05:14.0919 6692 [ 5518AB4339D1108D6E924D5D56F4469E ] C:\Windows\System32\atidemgy.dll
22:05:14.0919 6692 C:\Windows\System32\atidemgy.dll - ok
22:05:14.0919 6692 [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
22:05:14.0919 6692 C:\Program Files (x86)\Steam\bin\icudt.dll - ok
22:05:14.0919 6692 [ E781AB39EC3E9EB439E42BA9DB14FF49 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\5dfa40a043cced461f9973c18bdccfd8\System.Configuration.ni.dll
22:05:14.0919 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\5dfa40a043cced461f9973c18bdccfd8\System.Configuration.ni.dll - ok
22:05:14.0935 6692 [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
22:05:14.0935 6692 C:\Windows\SysWOW64\DWrite.dll - ok
22:05:14.0935 6692 [ 1F3AF97EEAB55145ED48CAD9A91AE42B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
22:05:14.0935 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll - ok
22:05:14.0935 6692 [ BBA1FE328CEA501FCCE1E5DF16276439 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
22:05:14.0935 6692 C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
22:05:14.0935 6692 [ 2A8B8A15A58EDF3B443083EC29894E54 ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
22:05:14.0935 6692 C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
22:05:14.0935 6692 [ C5CCB86CD745746B9908031A54315F90 ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
22:05:14.0935 6692 C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
22:05:14.0935 6692 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
22:05:14.0935 6692 C:\Windows\SysWOW64\stobject.dll - ok
22:05:14.0935 6692 [ 61E0C18AAA6168AD3E777BA6E52E9292 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
22:05:14.0935 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll - ok
22:05:14.0935 6692 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
22:05:14.0935 6692 C:\Windows\System32\stobject.dll - ok
22:05:14.0935 6692 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
22:05:14.0935 6692 C:\Windows\SysWOW64\batmeter.dll - ok
22:05:14.0935 6692 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
22:05:14.0935 6692 C:\Windows\System32\batmeter.dll - ok
22:05:14.0935 6692 [ 571B6D3D966A4DFE3A58A68B33929C38 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
22:05:14.0935 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll - ok
22:05:14.0950 6692 [ C6CD7489D3FEF12C603200DFAEE757A1 ] C:\Program Files (x86)\Steam\steamclient.dll
22:05:14.0950 6692 C:\Program Files (x86)\Steam\steamclient.dll - ok
22:05:14.0950 6692 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
22:05:14.0950 6692 C:\Windows\SysWOW64\pdh.dll - ok
22:05:14.0950 6692 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
22:05:14.0950 6692 C:\Windows\SysWOW64\prnfldr.dll - ok
22:05:14.0950 6692 [ D5AABC6795B1B78B9FD7BDAB603970D8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
22:05:14.0950 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll - ok
22:05:14.0950 6692 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
22:05:14.0950 6692 C:\Windows\System32\prnfldr.dll - ok
22:05:14.0950 6692 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
22:05:14.0950 6692 C:\Windows\System32\fundisc.dll - ok
22:05:14.0950 6692 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
22:05:14.0950 6692 C:\Windows\SysWOW64\fundisc.dll - ok
22:05:14.0950 6692 [ 770031B5485FB88D31E5ED38C1AACDD7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
22:05:14.0950 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll - ok
22:05:14.0950 6692 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
22:05:14.0950 6692 C:\Windows\System32\fdProxy.dll - ok
22:05:14.0950 6692 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
22:05:14.0950 6692 C:\Windows\SysWOW64\fdProxy.dll - ok
22:05:14.0950 6692 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
22:05:14.0950 6692 C:\Windows\System32\provsvc.dll - ok
22:05:14.0950 6692 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
22:05:14.0950 6692 C:\Windows\SysWOW64\provsvc.dll - ok
22:05:14.0966 6692 [ D114CF005E07672511A3BCD568B5DB0B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
22:05:14.0966 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll - ok
22:05:14.0966 6692 [ BB544E7625196B52249B716E83FE5C3D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
22:05:14.0966 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll - ok
22:05:14.0966 6692 [ 6132BF96006A09CA75B7E8B949A39EFF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
22:05:14.0966 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll - ok
22:05:14.0966 6692 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
22:05:14.0966 6692 C:\Windows\System32\DXP.dll - ok
22:05:14.0966 6692 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
22:05:14.0966 6692 C:\Windows\SysWOW64\Syncreg.dll - ok
22:05:14.0966 6692 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
22:05:14.0966 6692 C:\Windows\System32\Syncreg.dll - ok
22:05:14.0966 6692 [ 9E1380328C39D661E085B24D6A6E044E ] C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:05:14.0966 6692 C:\Program Files (x86)\Common Files\Steam\SteamService.exe - ok
22:05:14.0966 6692 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
22:05:14.0966 6692 C:\Windows\SysWOW64\taskeng.exe - ok
22:05:14.0966 6692 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
22:05:14.0966 6692 C:\Windows\ehome\ehSSO.dll - ok
22:05:14.0966 6692 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
22:05:14.0966 6692 C:\Windows\System32\localspl.dll - ok
22:05:14.0966 6692 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
22:05:14.0966 6692 C:\Windows\System32\taskeng.exe - ok
22:05:14.0966 6692 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
22:05:14.0966 6692 C:\Windows\System32\umb.dll - ok
22:05:14.0982 6692 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
22:05:14.0982 6692 C:\Windows\SysWOW64\ktmw32.dll - ok
22:05:14.0982 6692 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
22:05:14.0982 6692 C:\Windows\SysWOW64\wevtapi.dll - ok
22:05:14.0982 6692 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
22:05:14.0982 6692 C:\Windows\System32\PrintIsolationProxy.dll - ok
22:05:14.0982 6692 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
22:05:14.0982 6692 C:\Windows\System32\spoolss.dll - ok
22:05:14.0982 6692 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
22:05:14.0982 6692 C:\Windows\System32\FXSMON.dll - ok
22:05:14.0982 6692 [ 89FCB37F74EBCCD26213F39C308057D3 ] C:\Windows\System32\HP1006LM.DLL
22:05:14.0982 6692 C:\Windows\System32\HP1006LM.DLL - ok
22:05:14.0982 6692 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
22:05:14.0982 6692 C:\Windows\System32\tcpmon.dll - ok
22:05:14.0982 6692 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
22:05:14.0982 6692 C:\Windows\System32\snmpapi.dll - ok
22:05:14.0982 6692 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
22:05:14.0982 6692 C:\Windows\SysWOW64\snmpapi.dll - ok
22:05:14.0982 6692 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
22:05:14.0982 6692 C:\Windows\SysWOW64\wsnmp32.dll - ok
22:05:14.0982 6692 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
22:05:14.0982 6692 C:\Windows\System32\usbmon.dll - ok
22:05:14.0982 6692 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
22:05:14.0982 6692 C:\Windows\System32\wsnmp32.dll - ok
22:05:14.0997 6692 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
22:05:14.0997 6692 C:\Windows\SysWOW64\WlS0WndH.dll - ok
22:05:14.0997 6692 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
22:05:14.0997 6692 C:\Windows\System32\WSDMon.dll - ok
22:05:14.0997 6692 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
22:05:14.0997 6692 C:\Windows\SysWOW64\netshell.dll - ok
22:05:14.0997 6692 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
22:05:14.0997 6692 C:\Windows\SysWOW64\WSDApi.dll - ok
22:05:14.0997 6692 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
22:05:14.0997 6692 C:\Windows\System32\WSDApi.dll - ok
22:05:14.0997 6692 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
22:05:14.0997 6692 C:\Windows\System32\netshell.dll - ok
22:05:14.0997 6692 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
22:05:14.0997 6692 C:\Windows\SysWOW64\webservices.dll - ok
22:05:14.0997 6692 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
22:05:14.0997 6692 C:\Windows\System32\webservices.dll - ok
22:05:14.0997 6692 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
22:05:14.0997 6692 C:\Windows\SysWOW64\TSChannel.dll - ok
22:05:14.0997 6692 [ 99D66187969E53540E8A7AA835C7D129 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
22:05:14.0997 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe - ok
22:05:14.0997 6692 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
22:05:14.0997 6692 C:\Windows\System32\TSChannel.dll - ok
22:05:14.0997 6692 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll
22:05:14.0997 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\msvcr100.dll - ok
22:05:15.0013 6692 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
22:05:15.0013 6692 C:\Windows\System32\fdPnp.dll - ok
22:05:15.0013 6692 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\fdPnp.dll - ok
22:05:15.0013 6692 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
22:05:15.0013 6692 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
22:05:15.0013 6692 [ 72A04007EFEF1825625D5AF3022D93C8 ] C:\Program Files\Core Temp\Core Temp.exe
22:05:15.0013 6692 C:\Program Files\Core Temp\Core Temp.exe - ok
22:05:15.0013 6692 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\d3d9.dll - ok
22:05:15.0013 6692 [ AA0AC5B8C45AF41D1215B156272FC869 ] C:\Windows\SysWOW64\aticfx32.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\aticfx32.dll - ok
22:05:15.0013 6692 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\d3d8thk.dll - ok
22:05:15.0013 6692 [ 5D09A0DCE86829EB91A82EA13691CAC6 ] C:\Windows\SysWOW64\atiu9pag.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\atiu9pag.dll - ok
22:05:15.0013 6692 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\AltTab.dll - ok
22:05:15.0013 6692 [ EB9F220E8DC22310B199AE6A49B7E168 ] C:\Windows\SysWOW64\atiumdag.dll
22:05:15.0013 6692 C:\Windows\SysWOW64\atiumdag.dll - ok
22:05:15.0013 6692 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:05:15.0013 6692 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
22:05:15.0013 6692 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
22:05:15.0013 6692 C:\Windows\System32\AltTab.dll - ok
22:05:15.0028 6692 [ 678998355FC0A420511F6E5B1A762726 ] C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL
22:05:15.0028 6692 C:\Windows\System32\spool\prtprocs\x64\HP1006S.DLL - ok
22:05:15.0028 6692 [ B887514C244C9A7A7A60ED8F4D92B363 ] C:\Program Files (x86)\Steam\bin\steamservice.dll
22:05:15.0028 6692 C:\Program Files (x86)\Steam\bin\steamservice.dll - ok
22:05:15.0028 6692 [ 2402608897A8BCBAC7469A7DB1C874DA ] C:\Windows\SysWOW64\atiumdva.dll
22:05:15.0028 6692 C:\Windows\SysWOW64\atiumdva.dll - ok
22:05:15.0028 6692 [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll
22:05:15.0028 6692 C:\Program Files (x86)\Google\Update\1.3.21.153\goopdate.dll - ok
22:05:15.0028 6692 [ FC415B303B1ECF80B5F130A1F7203D02 ] C:\Windows\SysWOW64\win32spl.dll
22:05:15.0028 6692 C:\Windows\SysWOW64\win32spl.dll - ok
22:05:15.0028 6692 [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
22:05:15.0028 6692 C:\Windows\System32\win32spl.dll - ok
22:05:15.0028 6692 [ D0DC68B2C723B0F0233551DBF5CA55D8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\cb98bd516d29c4a90d70044999f10eb2\WindowsBase.ni.dll
22:05:15.0028 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\cb98bd516d29c4a90d70044999f10eb2\WindowsBase.ni.dll - ok
22:05:15.0028 6692 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
22:05:15.0028 6692 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
22:05:15.0028 6692 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
22:05:15.0028 6692 C:\Windows\System32\inetpp.dll - ok
22:05:15.0028 6692 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
22:05:15.0028 6692 C:\Windows\System32\WPDShServiceObj.dll - ok
22:05:15.0028 6692 [ B9E62C9DC3E86C1E9E817E97F64E44DD ] C:\Windows\System32\spool\drivers\x64\3\HP1006MT.DLL
22:05:15.0028 6692 C:\Windows\System32\spool\drivers\x64\3\HP1006MT.DLL - ok
22:05:15.0028 6692 [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
22:05:15.0028 6692 C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
22:05:15.0044 6692 [ 16819F0A14E96E8D1506C9E3642A5122 ] C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
22:05:15.0044 6692 C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE - ok
22:05:15.0044 6692 [ F73B60B661A367F109A7A9614B085DBC ] C:\Windows\System32\spool\drivers\x64\3\HP1006MP.DLL
22:05:15.0044 6692 C:\Windows\System32\spool\drivers\x64\3\HP1006MP.DLL - ok
22:05:15.0044 6692 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
22:05:15.0044 6692 C:\Windows\SysWOW64\pnidui.dll - ok
22:05:15.0044 6692 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
22:05:15.0044 6692 C:\Windows\System32\pnidui.dll - ok
22:05:15.0044 6692 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
22:05:15.0044 6692 C:\Windows\System32\QUTIL.DLL - ok
22:05:15.0044 6692 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
22:05:15.0044 6692 C:\Windows\SysWOW64\QUTIL.DLL - ok
22:05:15.0044 6692 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
22:05:15.0044 6692 C:\Windows\System32\PortableDeviceTypes.dll - ok
22:05:15.0044 6692 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
22:05:15.0044 6692 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
22:05:15.0044 6692 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
22:05:15.0044 6692 C:\Windows\System32\srchadmin.dll - ok
22:05:15.0044 6692 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
22:05:15.0044 6692 C:\Windows\SysWOW64\srchadmin.dll - ok
22:05:15.0044 6692 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\SysWOW64\ncsi.dll
22:05:15.0044 6692 C:\Windows\SysWOW64\ncsi.dll - ok
22:05:15.0044 6692 [ 60133C736AA820B48617343B2E1304A8 ] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
22:05:15.0044 6692 C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll - ok
22:05:15.0060 6692 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
22:05:15.0060 6692 C:\Windows\System32\netman.dll - ok
22:05:15.0060 6692 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\dxva2.dll - ok
22:05:15.0060 6692 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\rasdlg.dll - ok
22:05:15.0060 6692 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
22:05:15.0060 6692 C:\Windows\System32\rasdlg.dll - ok
22:05:15.0060 6692 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\wlanapi.dll - ok
22:05:15.0060 6692 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
22:05:15.0060 6692 C:\Windows\System32\webcheck.dll - ok
22:05:15.0060 6692 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
22:05:15.0060 6692 C:\Windows\System32\wlanapi.dll - ok
22:05:15.0060 6692 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
22:05:15.0060 6692 C:\Windows\System32\wlanutil.dll - ok
22:05:15.0060 6692 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\webcheck.dll - ok
22:05:15.0060 6692 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\wlanutil.dll - ok
22:05:15.0060 6692 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
22:05:15.0060 6692 C:\Windows\System32\mlang.dll - ok
22:05:15.0060 6692 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
22:05:15.0060 6692 C:\Windows\SysWOW64\mlang.dll - ok
22:05:15.0075 6692 [ D9A08472D8D0218A0AE2C9D9F63EA531 ] C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
22:05:15.0075 6692 C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe - ok
22:05:15.0075 6692 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
22:05:15.0075 6692 C:\Windows\SysWOW64\dot3api.dll - ok
22:05:15.0075 6692 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
22:05:15.0075 6692 C:\Windows\System32\dot3api.dll - ok
22:05:15.0075 6692 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
22:05:15.0075 6692 C:\Windows\System32\eappcfg.dll - ok
22:05:15.0075 6692 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
22:05:15.0075 6692 C:\Windows\SysWOW64\eappcfg.dll - ok
22:05:15.0075 6692 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
22:05:15.0075 6692 C:\Windows\System32\wlanhlp.dll - ok
22:05:15.0075 6692 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll
22:05:15.0075 6692 C:\Windows\SysWOW64\onex.dll - ok
22:05:15.0075 6692 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
22:05:15.0075 6692 C:\Windows\SysWOW64\wlanhlp.dll - ok
22:05:15.0075 6692 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
22:05:15.0075 6692 C:\Windows\System32\onex.dll - ok
22:05:15.0075 6692 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll
22:05:15.0075 6692 C:\Windows\SysWOW64\eappprxy.dll - ok
22:05:15.0075 6692 [ F7263C110AD24817114855D572AFF59C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Runtime.dll
22:05:15.0075 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Runtime.dll - ok
22:05:15.0075 6692 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
22:05:15.0075 6692 C:\Windows\System32\eappprxy.dll - ok
22:05:15.0091 6692 [ 1C4B3F3C80A5529CE749FB83E09558AC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
22:05:15.0091 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll - ok
22:05:15.0091 6692 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
22:05:15.0091 6692 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
22:05:15.0091 6692 [ A752595D31586AA0F5642292D01A5C34 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll
22:05:15.0091 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WirelessDisplay.Graphics.Shared.dll - ok
22:05:15.0091 6692 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
22:05:15.0091 6692 C:\Windows\System32\WWanAPI.dll - ok
22:05:15.0091 6692 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
22:05:15.0091 6692 C:\Windows\SysWOW64\WWanAPI.dll - ok
22:05:15.0091 6692 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
22:05:15.0091 6692 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
22:05:15.0091 6692 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
22:05:15.0091 6692 C:\Windows\System32\wwapi.dll - ok
22:05:15.0091 6692 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
22:05:15.0091 6692 C:\Windows\SysWOW64\QAGENT.DLL - ok
22:05:15.0091 6692 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
22:05:15.0091 6692 C:\Windows\SysWOW64\wwapi.dll - ok
22:05:15.0091 6692 [ EA39114460532EFD9B9603139BEB610C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
22:05:15.0091 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll - ok
22:05:15.0091 6692 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
22:05:15.0091 6692 C:\Windows\System32\QAGENT.DLL - ok
22:05:15.0106 6692 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
22:05:15.0106 6692 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
22:05:15.0106 6692 [ 97FA236D2D44AE71764FD897F7FE5D21 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
22:05:15.0106 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll - ok
22:05:15.0106 6692 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
22:05:15.0106 6692 C:\Windows\SysWOW64\wmdrmdev.dll - ok
22:05:15.0106 6692 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
22:05:15.0106 6692 C:\Windows\System32\wmdrmdev.dll - ok
22:05:15.0106 6692 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
22:05:15.0106 6692 C:\Windows\SysWOW64\wmp.dll - ok
22:05:15.0106 6692 [ D66DFE379AA186F822EA8FCF8959E784 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
22:05:15.0106 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll - ok
22:05:15.0106 6692 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
22:05:15.0106 6692 C:\Windows\SysWOW64\drmv2clt.dll - ok
22:05:15.0106 6692 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
22:05:15.0106 6692 C:\Windows\SysWOW64\imapi2.dll - ok
22:05:15.0106 6692 [ F60D905AD5E301419ABEA4CC5D15C65E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
22:05:15.0106 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll - ok
22:05:15.0106 6692 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
22:05:15.0106 6692 C:\Windows\System32\drmv2clt.dll - ok
22:05:15.0106 6692 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
22:05:15.0106 6692 C:\Windows\System32\imapi2.dll - ok
22:05:15.0106 6692 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
22:05:15.0106 6692 C:\Windows\System32\wmp.dll - ok
22:05:15.0122 6692 [ 6C87DB92D9BE059860EC51D7C0A7224A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
22:05:15.0122 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll - ok
22:05:15.0122 6692 [ 801E111EF6B32B9BECCB61B38BB73349 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
22:05:15.0122 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll - ok
22:05:15.0122 6692 [ E30B017ECA457245ED3D54F90BC85E8B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
22:05:15.0122 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll - ok
22:05:15.0122 6692 [ BB7DB41A1CD765297F68F1D47AC95FAC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
22:05:15.0122 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll - ok
22:05:15.0122 6692 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
22:05:15.0122 6692 C:\Windows\SysWOW64\blackbox.dll - ok
22:05:15.0122 6692 [ 3DAC51D6AEEB115123095E1253A30E06 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
22:05:15.0122 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll - ok
22:05:15.0122 6692 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
22:05:15.0122 6692 C:\Windows\System32\blackbox.dll - ok
22:05:15.0122 6692 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
22:05:15.0122 6692 C:\Windows\SysWOW64\hgcpl.dll - ok
22:05:15.0122 6692 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
22:05:15.0122 6692 C:\Windows\System32\fdPHost.dll - ok
22:05:15.0122 6692 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
22:05:15.0122 6692 C:\Windows\System32\hgcpl.dll - ok
22:05:15.0122 6692 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
22:05:15.0122 6692 C:\Windows\System32\fdWSD.dll - ok
22:05:15.0138 6692 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\SysWOW64\fdWSD.dll
22:05:15.0138 6692 C:\Windows\SysWOW64\fdWSD.dll - ok
22:05:15.0138 6692 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
22:05:15.0138 6692 C:\Windows\System32\FDResPub.dll - ok
22:05:15.0138 6692 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
22:05:15.0138 6692 C:\Windows\System32\fdSSDP.dll - ok
22:05:15.0138 6692 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\SysWOW64\fdSSDP.dll
22:05:15.0138 6692 C:\Windows\SysWOW64\fdSSDP.dll - ok
22:05:15.0138 6692 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
22:05:15.0138 6692 C:\Windows\System32\upnp.dll - ok
22:05:15.0138 6692 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
22:05:15.0138 6692 C:\Windows\SysWOW64\ssdpapi.dll - ok
22:05:15.0138 6692 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
22:05:15.0138 6692 C:\Windows\SysWOW64\upnp.dll - ok
22:05:15.0138 6692 [ 1095CA6FA14A141B224DAF7BE600B5FB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
22:05:15.0138 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll - ok
22:05:15.0138 6692 [ 1D06B05A06FEF4B4992C2412C3D411DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
22:05:15.0138 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll - ok
22:05:15.0138 6692 [ 7B76CD5A7375896765F7B6EFE4D09FAF ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
22:05:15.0138 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll - ok
22:05:15.0138 6692 [ DD27AB1E783B4488EB18BA77FBFDCC0C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
22:05:15.0138 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll - ok
22:05:15.0138 6692 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
22:05:15.0138 6692 C:\Windows\SysWOW64\httpapi.dll - ok
22:05:15.0153 6692 [ F12A887B5CD812F39FC51C8B72BB9663 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
22:05:15.0153 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll - ok
22:05:15.0153 6692 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
22:05:15.0153 6692 C:\Windows\System32\httpapi.dll - ok
22:05:15.0153 6692 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
22:05:15.0153 6692 C:\Windows\SysWOW64\pcwum.dll - ok
22:05:15.0153 6692 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
22:05:15.0153 6692 C:\Windows\SysWOW64\wmploc.DLL - ok
22:05:15.0153 6692 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
22:05:15.0153 6692 C:\Windows\System32\ntprint.dll - ok
22:05:15.0153 6692 [ FD21A5F39C75C399DB2CFC6006DF94CC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
22:05:15.0153 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll - ok
22:05:15.0153 6692 [ C9ACBB07DF6C3838F18237C5A7652450 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
22:05:15.0153 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll - ok
22:05:15.0153 6692 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
22:05:15.0153 6692 C:\Windows\System32\ssdpsrv.dll - ok
22:05:15.0153 6692 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
22:05:15.0153 6692 C:\Windows\System32\wmploc.DLL - ok
22:05:15.0153 6692 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
22:05:15.0153 6692 C:\Windows\System32\ListSvc.dll - ok
22:05:15.0153 6692 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll
22:05:15.0153 6692 C:\Windows\SysWOW64\P2P.dll - ok
22:05:15.0153 6692 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
22:05:15.0153 6692 C:\Windows\System32\P2P.dll - ok
22:05:15.0169 6692 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
22:05:15.0169 6692 C:\Windows\System32\IdListen.dll - ok
22:05:15.0169 6692 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
22:05:15.0169 6692 C:\Windows\SysWOW64\p2pcollab.dll - ok
22:05:15.0169 6692 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
22:05:15.0169 6692 C:\Windows\System32\hgprint.dll - ok
22:05:15.0169 6692 [ DA084B6389795870CA02645943056225 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
22:05:15.0169 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll - ok
22:05:15.0169 6692 [ C803E3E30909A748F779318EFD256E3D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
22:05:15.0169 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll - ok
22:05:15.0169 6692 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
22:05:15.0169 6692 C:\Windows\System32\pnrpsvc.dll - ok
22:05:15.0169 6692 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
22:05:15.0169 6692 C:\Windows\System32\p2psvc.dll - ok
22:05:15.0169 6692 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll
22:05:15.0169 6692 C:\Windows\SysWOW64\P2PGraph.dll - ok
22:05:15.0169 6692 [ 916A020A8C88A48B7F67AEE1D8F9CECD ] C:\Program Files\Internet Explorer\ieproxy.dll
22:05:15.0169 6692 C:\Program Files\Internet Explorer\ieproxy.dll - ok
22:05:15.0169 6692 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
22:05:15.0169 6692 C:\Windows\System32\P2PGraph.dll - ok
22:05:15.0169 6692 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
22:05:15.0169 6692 C:\Windows\SysWOW64\authz.dll - ok
22:05:15.0184 6692 [ 78A71F55AEB935A75107C7244B9C9F71 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU4.Graphics.Shared.dll
22:05:15.0184 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU4.Graphics.Shared.dll - ok
22:05:15.0184 6692 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
22:05:15.0184 6692 C:\Windows\SysWOW64\wmpps.dll - ok
22:05:15.0184 6692 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
22:05:15.0184 6692 C:\Windows\System32\wmpps.dll - ok
22:05:15.0184 6692 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll
22:05:15.0184 6692 C:\Windows\SysWOW64\wmpmde.dll - ok
22:05:15.0184 6692 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
22:05:15.0184 6692 C:\Windows\System32\wmpmde.dll - ok
22:05:15.0184 6692 [ 858BC9108A9BD86AE0E162C56893428B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
22:05:15.0184 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll - ok
22:05:15.0184 6692 [ A8C3347FB9AA1CF9AC56968A2ABC531B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
22:05:15.0184 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll - ok
22:05:15.0184 6692 [ AE966960377A147C277BDBD86E77C714 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
22:05:15.0184 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll - ok
22:05:15.0184 6692 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
22:05:15.0184 6692 C:\Windows\SysWOW64\WinSATAPI.dll - ok
22:05:15.0184 6692 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
22:05:15.0184 6692 C:\Windows\System32\WinSATAPI.dll - ok
22:05:15.0184 6692 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
22:05:15.0184 6692 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
22:05:15.0184 6692 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL
22:05:15.0184 6692 C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok
22:05:15.0200 6692 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
22:05:15.0200 6692 C:\Windows\System32\MSMPEG2ENC.DLL - ok
22:05:15.0200 6692 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
22:05:15.0200 6692 C:\Windows\SysWOW64\devenum.dll - ok
22:05:15.0200 6692 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
22:05:15.0200 6692 C:\Windows\System32\devenum.dll - ok
22:05:15.0200 6692 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
22:05:15.0200 6692 C:\Windows\SysWOW64\upnphost.dll - ok
22:05:15.0200 6692 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
22:05:15.0200 6692 C:\Windows\System32\upnphost.dll - ok
22:05:15.0200 6692 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
22:05:15.0200 6692 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
22:05:15.0200 6692 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
22:05:15.0200 6692 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
22:05:15.0200 6692 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
22:05:15.0200 6692 C:\Windows\System32\wbem\wmiprov.dll - ok
22:05:15.0200 6692 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
22:05:15.0200 6692 C:\Windows\System32\wbem\cimwin32.dll - ok
22:05:15.0200 6692 [ 36D50C339CF1E7DB4CD93686AB569586 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
22:05:15.0200 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll - ok
22:05:15.0200 6692 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
22:05:15.0200 6692 C:\Windows\SysWOW64\framedynos.dll - ok
22:05:15.0216 6692 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
22:05:15.0216 6692 C:\Windows\System32\framedynos.dll - ok
22:05:15.0216 6692 [ C1969426A46C6E9F08132C74FD95BC5B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll - ok
22:05:15.0216 6692 [ 8BF68C7FB89FDFD9FF09D31CB06EA568 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll - ok
22:05:15.0216 6692 [ 410AC37F863CACFBF8291767FFF63AE4 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll - ok
22:05:15.0216 6692 [ FA07928B574798D838F90D76B8F594FA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Shared.dll - ok
22:05:15.0216 6692 [ 6E8E978D465D7D0B8D7B7D82D9367842 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll - ok
22:05:15.0216 6692 [ 9300AB542B01FAB00D835CB435D5B87A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Shared.dll - ok
22:05:15.0216 6692 [ B8C1E5B4BEC4FDC6D3F967AF26D08A3A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll - ok
22:05:15.0216 6692 [ CD87F31E8390F18099BD7009B6DBAEDB ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll - ok
22:05:15.0216 6692 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
22:05:15.0216 6692 C:\Windows\System32\msxml3.dll - ok
22:05:15.0216 6692 [ 14E2E532E6B580C85EB51D7DDDCBC3BC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
22:05:15.0216 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll - ok
22:05:15.0231 6692 [ CE4088108B70662E64A485138C1C4BA6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll - ok
22:05:15.0231 6692 [ 875923C57A9A2C6FF4399D8E0CBC3F65 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll - ok
22:05:15.0231 6692 [ 1CE2B0C51A52B555BFC1D3E694F5945E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll - ok
22:05:15.0231 6692 [ 26F3A31DB8BADED2BF2ABB8772EB9D96 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll - ok
22:05:15.0231 6692 [ D120E3AB3F3A140924F8FBF027622863 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll - ok
22:05:15.0231 6692 [ 39590D11E0C17643EFBC7BF26BA1A687 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll - ok
22:05:15.0231 6692 [ B36EF76C8FC9790E490A7A4FDAD7B60E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll - ok
22:05:15.0231 6692 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
22:05:15.0231 6692 C:\Windows\System32\wbem\wmipcima.dll - ok
22:05:15.0231 6692 [ FD0C83618341A3210CA4C6417E0D7C6E ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll - ok
22:05:15.0231 6692 [ A671C3EF55A179E262C9FC6D4E5EEA3A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll - ok
22:05:15.0231 6692 [ A7B642E3CB5ECFCBCD8F88313DD42E4A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
22:05:15.0231 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll - ok
22:05:15.0247 6692 [ 1787D19878566C6BFCF55EBE1BA6200D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll - ok
22:05:15.0247 6692 [ 309D90A46AB6A7726141DF806EE863F5 ] C:\Users\Jim\AppData\Local\Temp\ALSysIO64.sys
22:05:15.0247 6692 C:\Users\Jim\AppData\Local\Temp\ALSysIO64.sys - ok
22:05:15.0247 6692 [ 0BF4362E18DFC52382F418278DCC52C4 ] C:\Windows\System32\rdpdd.dll
22:05:15.0247 6692 C:\Windows\System32\rdpdd.dll - ok
22:05:15.0247 6692 [ FF6148B1C150DA05D35C68D143AD6DEA ] C:\Windows\System32\RDPENCDD.dll
22:05:15.0247 6692 C:\Windows\System32\RDPENCDD.dll - ok
22:05:15.0247 6692 [ A23A9301EE7152FB6776052E52BDE9D9 ] C:\Windows\System32\RDPREFDD.dll
22:05:15.0247 6692 C:\Windows\System32\RDPREFDD.dll - ok
22:05:15.0247 6692 [ CEEA67EEB2CC564F7E232D5376382D42 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll - ok
22:05:15.0247 6692 [ 7E7D0A54FA3D54B722A7F37641D31145 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll - ok
22:05:15.0247 6692 [ ECE82FB4B5D5A5C247BCF82FB507E632 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll - ok
22:05:15.0247 6692 [ DF8B8DF5ADFDDA7CE80D29D353AD728F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll - ok
22:05:15.0247 6692 [ 0841CD30A907C60C8D36A211316EE717 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll - ok
22:05:15.0247 6692 [ A6528FA64DD3F235C71E4AD24C4BE3A9 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
22:05:15.0247 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll - ok
22:05:15.0262 6692 [ ACEA8C67456C5A9FB2F3E381F1C6765A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\60410162e94e8123fd0492ff6c6950ab\PresentationCore.ni.dll
22:05:15.0262 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\60410162e94e8123fd0492ff6c6950ab\PresentationCore.ni.dll - ok
22:05:15.0262 6692 [ ADC3CCF7DF443DF92B3169233B870794 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\74c7c497049398ed8a92806eef9038b8\PresentationFramework.ni.dll
22:05:15.0262 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\74c7c497049398ed8a92806eef9038b8\PresentationFramework.ni.dll - ok
22:05:15.0262 6692 [ DC235D57F639D035551B18C325C3BBFA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
22:05:15.0262 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll - ok
22:05:15.0262 6692 [ 5CBFC0169D6CD800C3BF32D4F1ACE1CA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\51b4e7a6308d2a83a98a402a6be0f6c4\System.Xaml.ni.dll
22:05:15.0262 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\51b4e7a6308d2a83a98a402a6be0f6c4\System.Xaml.ni.dll - ok
22:05:15.0262 6692 [ DD85F00EC31F77315AE992B7B0411D65 ] C:\Windows\System32\DWrite.dll
22:05:15.0262 6692 C:\Windows\System32\DWrite.dll - ok
22:05:15.0262 6692 [ 556C0FBC6030ED4CAD3318280283573A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
22:05:15.0262 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
22:05:15.0262 6692 [ B15CD492707C3D719B1B435D8F6E2F2E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
22:05:15.0262 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
22:05:15.0262 6692 [ 7C4681A55D695A3D36C14B9167B72BA6 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
22:05:15.0262 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll - ok
22:05:15.0262 6692 [ 00150AF3CDE4486466AFDD7D21BAA41B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
22:05:15.0262 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll - ok
22:05:15.0262 6692 [ 866A35ABEF8A06BCC169898AC87C2B97 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
22:05:15.0262 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll - ok
22:05:15.0262 6692 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
22:05:15.0262 6692 C:\Windows\System32\FXSST.dll - ok
22:05:15.0278 6692 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
22:05:15.0278 6692 C:\Windows\SysWOW64\FXSAPI.dll - ok
22:05:15.0278 6692 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
22:05:15.0278 6692 C:\Windows\System32\FXSAPI.dll - ok
22:05:15.0278 6692 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
22:05:15.0278 6692 C:\Windows\SysWOW64\FXSRESM.dll - ok
22:05:15.0278 6692 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
22:05:15.0278 6692 C:\Windows\System32\FXSRESM.dll - ok
22:05:15.0278 6692 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
22:05:15.0278 6692 C:\Windows\System32\FXSSVC.exe - ok
22:05:15.0278 6692 [ ADDA1A58AEEAD87A6C1A3C4AB0A1D849 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
22:05:15.0278 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll - ok
22:05:15.0278 6692 [ 84225AB815265187CACA1C2D48AA9D5A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
22:05:15.0278 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll - ok
22:05:15.0278 6692 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
22:05:15.0278 6692 C:\Windows\SysWOW64\Wpc.dll - ok
22:05:15.0278 6692 [ 6FEF401F51A504E625CAE4F6A2D230DE ] C:\Program Files (x86)\Steam\bin\friendsui.dll
22:05:15.0278 6692 C:\Program Files (x86)\Steam\bin\friendsui.dll - ok
22:05:15.0278 6692 [ A7A5A700ADC0FCF1C85D036E348F6A6E ] C:\Program Files (x86)\Steam\bin\serverbrowser.dll
22:05:15.0278 6692 C:\Program Files (x86)\Steam\bin\serverbrowser.dll - ok
22:05:15.0278 6692 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
22:05:15.0278 6692 C:\Windows\System32\wbem\NCProv.dll - ok
22:05:15.0278 6692 [ 5E08AC958BE05247FF1539E0D1CE7905 ] C:\Windows\SysWOW64\dinput8.dll
22:05:15.0278 6692 C:\Windows\SysWOW64\dinput8.dll - ok
22:05:15.0294 6692 [ 6F6014EBC288EA107803BD923ED74D66 ] C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll
22:05:15.0294 6692 C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll - ok
22:05:15.0294 6692 [ 8AD2485047CC64CB04B66040E62FE5FD ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_ca3f79d486b08636\ATL80.dll
22:05:15.0294 6692 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_ca3f79d486b08636\ATL80.dll - ok
22:05:15.0294 6692 [ 77F595DEE5FFACEA72B135B1FCE1312E ] C:\Windows\SysWOW64\xinput1_3.dll
22:05:15.0294 6692 C:\Windows\SysWOW64\xinput1_3.dll - ok
22:05:15.0294 6692 [ 37A7784A1CD4286BEADF3358DED5C4E9 ] C:\Program Files (x86)\Bluetooth Suite\SkypeAgent.dll
22:05:15.0294 6692 C:\Program Files (x86)\Bluetooth Suite\SkypeAgent.dll - ok
22:05:15.0294 6692 [ 9173F70AF60C0A864EECDFB3342DC789 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll
22:05:15.0294 6692 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll - ok
22:05:15.0294 6692 [ E721B4292CB3E5F22EF0B70A7428D19D ] C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll
22:05:15.0294 6692 C:\Program Files (x86)\Bluetooth Suite\ObjPush.dll - ok
22:05:15.0294 6692 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
22:05:15.0294 6692 C:\Windows\SysWOW64\rundll32.exe - ok
22:05:15.0294 6692 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
22:05:15.0294 6692 C:\Windows\System32\rundll32.exe - ok
22:05:15.0294 6692 [ FFC67949EF7C2BF307ED91B293581DD2 ] C:\Program Files (x86)\Opera\opera.exe
22:05:15.0294 6692 C:\Program Files (x86)\Opera\opera.exe - ok
22:05:15.0294 6692 [ 8331A35D0797249A88A3DEED26AD1F59 ] C:\Program Files (x86)\Opera\opera.dll
22:05:15.0294 6692 C:\Program Files (x86)\Opera\opera.dll - ok
22:05:15.0294 6692 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
22:05:15.0294 6692 C:\Windows\SysWOW64\avicap32.dll - ok
22:05:15.0309 6692 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
22:05:15.0309 6692 C:\Windows\SysWOW64\msvfw32.dll - ok
22:05:15.0309 6692 [ 99F97C9FE748C37528C338A423577FCB ] C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
22:05:15.0309 6692 C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll - ok
22:05:15.0309 6692 [ 42A9B216A7A288512CE2F9A6BCCE96BC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
22:05:15.0309 6692 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
22:05:15.0309 6692 [ 42A9B216A7A288512CE2F9A6BCCE96BC ] C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
22:05:15.0309 6692 C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll - ok
22:05:15.0309 6692 [ 3D76B5C0E02ECC19C1F5756E8FD97F72 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
22:05:15.0309 6692 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - ok
22:05:15.0309 6692 [ 787FBCB838B5A7BA4F7DB3CF089C9CF6 ] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
22:05:15.0309 6692 C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll - ok
22:05:15.0309 6692 [ B83062F5BFFAF797DCA67464B58970D5 ] C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
22:05:15.0309 6692 C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll - ok
22:05:15.0309 6692 [ 066FF3F91B04041885D3E5CD346D86BC ] C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll
22:05:15.0309 6692 C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll - ok
22:05:15.0309 6692 [ E72A9FBAA2AC6B6BDC8D4D6CE4E38B06 ] C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll
22:05:15.0309 6692 C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll - ok
22:05:15.0309 6692 [ 7550FC1ADE982582D5920BEA6430E3D4 ] C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
22:05:15.0309 6692 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll - ok
22:05:15.0309 6692 [ C04FCB7EEBEB5097B30468828F20FB9E ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
22:05:15.0309 6692 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
22:05:15.0325 6692 [ 2C82D753EF779945977C82A3908DA20A ] C:\Windows\SysWOW64\npDeployJava1.dll
22:05:15.0325 6692 C:\Windows\SysWOW64\npDeployJava1.dll - ok
22:05:15.0325 6692 [ 101700E93EB905992B518256CB441829 ] C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
22:05:15.0325 6692 C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll - ok
22:05:15.0325 6692 [ F045DF7AF127DC4BCC53421850114E15 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
22:05:15.0325 6692 C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll - ok
22:05:15.0325 6692 [ 4B76EFB51EC0900B6459BA0F588CE8A1 ] C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
22:05:15.0325 6692 C:\Program Files (x86)\Veetle\plugins\npVeetle.dll - ok
22:05:15.0325 6692 [ 3A523765D795DB006C010B915C3A840A ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
22:05:15.0325 6692 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
22:05:15.0325 6692 [ A1B2B09240361031D1D794D57FC7359C ] C:\Program Files (x86)\Veetle\Player\npvlc.dll
22:05:15.0325 6692 C:\Program Files (x86)\Veetle\Player\npvlc.dll - ok
22:05:15.0325 6692 [ D40B9183C149CE2CBBE93AC1A275BDA9 ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
22:05:15.0325 6692 C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
22:05:15.0325 6692 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
22:05:15.0325 6692 C:\Users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok
22:05:15.0325 6692 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Jim\AppData\Roaming\Dropbox\bin\msvcp71.dll
22:05:15.0325 6692 C:\Users\Jim\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok
22:05:15.0325 6692 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Jim\AppData\Roaming\Dropbox\bin\msvcr71.dll
22:05:15.0325 6692 C:\Users\Jim\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok
22:05:15.0325 6692 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
22:05:15.0325 6692 C:\Windows\SysWOW64\imageres.dll - ok
22:05:15.0325 6692 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
22:05:15.0325 6692 C:\Windows\System32\udhisapi.dll - ok
22:05:15.0340 6692 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll
22:05:15.0340 6692 C:\Windows\SysWOW64\udhisapi.dll - ok
22:05:15.0340 6692 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
22:05:15.0340 6692 C:\Windows\System32\drttransport.dll - ok
22:05:15.0340 6692 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll
22:05:15.0340 6692 C:\Windows\SysWOW64\drt.dll - ok
22:05:15.0340 6692 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\SysWOW64\drttransport.dll
22:05:15.0340 6692 C:\Windows\SysWOW64\drttransport.dll - ok
22:05:15.0340 6692 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
22:05:15.0340 6692 C:\Windows\System32\drt.dll - ok
22:05:15.0340 6692 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
22:05:15.0340 6692 C:\Windows\System32\keyiso.dll - ok
22:05:15.0340 6692 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\SysWOW64\keyiso.dll
22:05:15.0340 6692 C:\Windows\SysWOW64\keyiso.dll - ok
22:05:15.0340 6692 [ CF714452A463ADE582A8D1B7D570562F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
22:05:15.0340 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll - ok
22:05:15.0340 6692 [ 901A26B326EAE5260127FDCA2D3884A1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
22:05:15.0340 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll - ok
22:05:15.0340 6692 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:05:15.0340 6692 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
22:05:15.0340 6692 [ 07CE9EA58BD9AC5ED9101E1B9131591D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
22:05:15.0340 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ CD73CF551D6C92E3606BC431C8DD80BD ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ 49EC1EA16316D45258512055E501D5AE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll - ok
22:05:15.0356 6692 [ 8FDEE3B69F8D2E0D2E060B9F624D635D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ 4EB25EDA2D39C9A9F249A9C808666FFE ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ B435653FA408EB69D7138A47E8ED06ED ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ 53C982E81D877D3110E0A49333BE7504 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:05:15.0356 6692 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
22:05:15.0356 6692 [ 1860BDD5C65F095ECDD98CDEE8A6B627 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ B85868EC0D503272DC9E24769E6B3AB7 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll - ok
22:05:15.0356 6692 [ 007984A651F7932004CEA3D706DF4681 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll - ok
22:05:15.0356 6692 [ C921F7DDBE658F7F6E855F6F06D8AB0F ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
22:05:15.0356 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll - ok
22:05:15.0372 6692 [ EBE1F9A12FA7DD61787619EA5C292C99 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll - ok
22:05:15.0372 6692 [ BAEBC0D9F3056C8492D37D7EC83E3DF5 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU4.Graphics.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU4.Graphics.Dashboard.dll - ok
22:05:15.0372 6692 [ 3BB83E5D05F06553A01A742435987AFD ] C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll
22:05:15.0372 6692 C:\Program Files (x86)\Google\Update\1.3.21.153\goopdateres_en-GB.dll - ok
22:05:15.0372 6692 [ 4BAC85E3A4F55469EBE9A5C2AD83BBD1 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll - ok
22:05:15.0372 6692 [ 9AE6BD08FC0EA06F50EBF3D3167E6317 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll - ok
22:05:15.0372 6692 [ 8200D2982526B69B5856BD38D394495B ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll - ok
22:05:15.0372 6692 [ 4E43B4ABAF438698785638BEE720FBB9 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll - ok
22:05:15.0372 6692 [ 103CE1C827EA37651865C92D315B778D ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll - ok
22:05:15.0372 6692 [ 437F69B41948ADD8E33B88897F2A4ED8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
22:05:15.0372 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll - ok
22:05:15.0372 6692 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
22:05:15.0372 6692 C:\Windows\System32\d3d9.dll - ok
22:05:15.0387 6692 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
22:05:15.0387 6692 C:\Windows\System32\sppsvc.exe - ok
22:05:15.0387 6692 [ 3DA9C887F25F1968D4E49C76BEF819AD ] C:\Windows\System32\atiu9p64.dll
22:05:15.0387 6692 C:\Windows\System32\atiu9p64.dll - ok
22:05:15.0387 6692 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
22:05:15.0387 6692 C:\Windows\System32\d3d8thk.dll - ok
22:05:15.0387 6692 [ 4E338289BD68D11543D8E34313DB47F0 ] C:\Windows\System32\atiumd64.dll
22:05:15.0387 6692 C:\Windows\System32\atiumd64.dll - ok
22:05:15.0387 6692 [ CAB32D558F7711E9A129B3A98A9D13A4 ] C:\Windows\System32\atiumd6a.dll
22:05:15.0387 6692 C:\Windows\System32\atiumd6a.dll - ok
22:05:15.0387 6692 [ 586E9F0B0CFFE91D4EE0AD80B806CB05 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\a6a367548018f42d53859c9c32f7f309\PresentationFramework.Aero.ni.dll
22:05:15.0387 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\a6a367548018f42d53859c9c32f7f309\PresentationFramework.Aero.ni.dll - ok
22:05:15.0387 6692 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
22:05:15.0387 6692 C:\Windows\System32\drivers\spsys.sys - ok
22:05:15.0387 6692 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
22:05:15.0387 6692 C:\Windows\System32\sppwinob.dll - ok
22:05:15.0387 6692 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
22:05:15.0387 6692 C:\Windows\System32\wscsvc.dll - ok
22:05:15.0387 6692 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
22:05:15.0387 6692 C:\Windows\System32\wuaueng.dll - ok
22:05:15.0387 6692 [ 15B23FB6EDF938E8F5FA1A77D689C88C ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
22:05:15.0387 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll - ok
22:05:15.0387 6692 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
22:05:15.0387 6692 C:\Windows\SysWOW64\mspatcha.dll - ok
22:05:15.0403 6692 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
22:05:15.0403 6692 C:\Windows\System32\mspatcha.dll - ok
22:05:15.0403 6692 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
22:05:15.0403 6692 C:\Windows\System32\sppobjs.dll - ok
22:05:15.0403 6692 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
22:05:15.0403 6692 C:\Windows\System32\wups2.dll - ok
22:05:15.0403 6692 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
22:05:15.0403 6692 C:\Windows\System32\drivers\asyncmac.sys - ok
22:05:15.0403 6692 [ 53CAD2809FE34DE2573554D41121E3F8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
22:05:15.0403 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll - ok
22:05:15.0403 6692 [ BA772C68654F77795DA28E907B274960 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll
22:05:15.0403 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.Shell.dll - ok
22:05:15.0403 6692 [ 1794DEA261186AE1A1A88AE513C0C542 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll
22:05:15.0403 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Microsoft.WindowsAPICodePack.dll - ok
22:05:15.0403 6692 [ E63A54A435B1B06C33B2163017271284 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\7774993103f45e71ff50b8f04345c106\PresentationFramework-SystemXml.ni.dll
22:05:15.0403 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\7774993103f45e71ff50b8f04345c106\PresentationFramework-SystemXml.ni.dll - ok
22:05:15.0403 6692 [ 472903910C836156A64BCFE57B7A064C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsForm0b574481#\b8e987593613b48daae134dcd32b176b\WindowsFormsIntegration.ni.dll
22:05:15.0403 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsForm0b574481#\b8e987593613b48daae134dcd32b176b\WindowsFormsIntegration.ni.dll - ok
22:05:15.0403 6692 [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\SysWOW64\mshtml.dll
22:05:15.0403 6692 C:\Windows\SysWOW64\mshtml.dll - ok
22:05:15.0403 6692 [ 1F349EA3B4D15452ED2AC5A08B654D8F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\d35081765fdd8134e058a9285cd2c0ef\UIAutomationProvider.ni.dll
22:05:15.0403 6692 C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationProvider\d35081765fdd8134e058a9285cd2c0ef\UIAutomationProvider.ni.dll - ok
22:05:15.0418 6692 [ 73BE686C0885C7967F48ACBA11BD1473 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
22:05:15.0418 6692 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll - ok
22:05:15.0418 6692 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
22:05:15.0418 6692 C:\Windows\System32\wscisvif.dll - ok
22:05:15.0418 6692 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
22:05:15.0418 6692 C:\Windows\System32\wscproxystub.dll - ok
22:05:15.0418 6692 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
22:05:15.0418 6692 C:\Windows\SysWOW64\wscproxystub.dll - ok
22:05:15.0418 6692 ============================================================
22:05:15.0418 6692 Scan finished
22:05:15.0418 6692 ============================================================
22:05:15.0418 6684 Detected object count: 6
22:05:15.0418 6684 Actual detected object count: 6
22:06:18.0234 6684 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:18.0234 6684 BEService ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:18.0234 6684 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:18.0234 6684 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:18.0234 6684 RadeonPro Support Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 RadeonPro Support Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:06:18.0234 6684 TmWinService ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:18.0234 6684 TmWinService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:09:17.0929 3780 Deinitialize success



Combifix log

ComboFix 13-08-02.03 - Jim 03/08/2013 22:24:42.6.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.6291 [GMT 1:00]
Running from: c:\users\Jim\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jim\AppData\Local\Temp\0E28205B-FAA0-461F-9398-95ECAA7D758F.exe
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-07-03 to 2013-08-03 )))))))))))))))))))))))))))))))
.
.
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\meshes\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-08-03 18:35 . 2013-07-02 00:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpengine.dll
2013-08-02 11:20 . 2013-07-02 00:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-31 21:37 . 2013-07-31 21:36 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\gapaengine.dll
2013-07-31 21:36 . 2013-07-31 21:36 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-07-31 21:29 . 2013-07-31 21:29 -------- d-----w- c:\windows\Temp728369FE-8D4E-431C-88FC-776B734906A1-Signatures
2013-07-15 18:14 . 2013-07-15 18:14 -------- d-----w- c:\users\Jim\AppData\Local\Matt_Chambers
2013-07-13 23:15 . 2013-07-13 23:15 -------- d-----w- c:\users\Jim\AppData\Roaming\The Creative Assembly
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\ARPPRODUCTICON.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_6959F71196DC44399918CDEE446371D5.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_323EC44FAFD84DB183577F038CAA7A8F.exe
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Roaming\Play withSIX
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Local\IsolatedStorage
2013-07-11 17:27 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 17:27 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 17:27 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 17:27 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 17:27 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 17:27 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 17:27 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 17:27 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 17:27 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 17:26 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 17:26 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 17:26 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 17:26 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 17:26 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 17:26 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-06 11:23 . 2013-07-06 11:23 70 ----a-w- c:\programdata\wjhthwdrjwkeyuqsbpo.bat
2013-07-06 11:23 . 2013-07-06 11:23 165 ----a-w- c:\programdata\wjhthwdrjwkeyuqsbpo.reg
2013-07-06 10:18 . 2013-07-06 10:18 -------- d-----w- c:\users\Jim\AppData\Roaming\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:18 -------- d-----w- c:\programdata\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-06 10:17 . 2013-07-06 10:17 -------- d--h--w- c:\programdata\Common Files
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\users\Jim\AppData\Roaming\OpenCandy
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\program files (x86)\Veetle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 00:15 . 2012-04-20 22:30 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-24 10:25 . 2013-06-24 10:25 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-24 10:25 . 2013-06-24 10:25 312232 ----a-w- c:\windows\system32\javaws.exe
2013-06-24 10:25 . 2013-06-24 10:25 189352 ----a-w- c:\windows\system32\javaw.exe
2013-06-24 10:25 . 2013-06-24 10:25 188840 ----a-w- c:\windows\system32\java.exe
2013-06-24 10:25 . 2012-11-22 18:26 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 10:25 . 2012-11-22 18:26 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-18 20:50 . 2013-06-18 20:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 20:50 . 2013-06-18 20:50 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 21:23 . 2012-04-20 20:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 21:23 . 2012-04-20 20:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-22 23:55 . 2013-05-22 23:55 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-22 23:55 . 2013-05-22 23:55 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-22 23:55 . 2013-05-22 23:55 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-22 23:55 . 2013-05-22 23:55 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-22 23:55 . 2013-05-22 23:55 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-22 23:55 . 2013-05-22 23:55 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-22 23:55 . 2013-05-22 23:55 441856 ----a-w- c:\windows\system32\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-22 23:55 . 2013-05-22 23:55 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-22 23:55 . 2013-05-22 23:55 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-22 23:55 . 2013-05-22 23:55 235008 ----a-w- c:\windows\system32\url.dll
2013-05-22 23:55 . 2013-05-22 23:55 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-22 23:55 . 2013-05-22 23:55 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-22 23:55 . 2013-05-22 23:55 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-22 23:55 . 2013-05-22 23:55 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-22 23:55 . 2013-05-22 23:55 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-22 23:55 . 2013-05-22 23:55 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-13 05:51 . 2013-06-12 17:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 17:00 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 17:00 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 17:00 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 17:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 17:00 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 17:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 17:00 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 17:00 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 17:00 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 17:00 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-29 73832]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2537096]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5551288]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-07-05 383720]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 viopgncj;viopgncj;c:\windows\system32\drivers\viopgncj.sys;c:\windows\SYSNATIVE\drivers\viopgncj.sys [x]
R2 ?etadpug;Google Update Service (gupdate);c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\ \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe <;c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\ \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe < [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TmFilter;Thrustmaster HID Filter Driver;c:\windows\system32\DRIVERS\TmFilter.sys;c:\windows\SYSNATIVE\DRIVERS\TmFilter.sys [x]
R3 TmHid;Thrustmaster Virtual Keyboard (root);c:\windows\system32\DRIVERS\TmHid.sys;c:\windows\SYSNATIVE\DRIVERS\TmHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TmWinService;Thrustmaster FAST service;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio_x64.sys;c:\windows\SYSNATIVE\Drivers\npusbio_x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 SaiH0763;SaiH0763;c:\windows\system32\DRIVERS\SaiH0763.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0763.sys [x]
S3 TmBusEn;Thrustmaster Bus Enumerator;c:\windows\system32\DRIVERS\TmBusEn.sys;c:\windows\SYSNATIVE\DRIVERS\TmBusEn.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 22:31 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 21:23]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-09-22 394832]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2012-07-05 383720]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 1127592]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=813da9c94bf74aa59282faa64c2282ad&tu=10Q80007a2B000v&sku=&tstsId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\pnbczmw7.default\
FF - prefs.js: browser.search.selectedEngine - SearchAmong
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-46647275.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-MSC - c:\program files\Microsoft Security Client\mssecex.exe
AddRemove-BattlEye - d:\program files\Bohemia Interactive\Arma 2Expansion\BattlEye\UnInstallBE.exe
AddRemove-BattlEye for A2 - d:\program files\Bohemia Interactive\Arma 2BattlEye\UnInstallBE.exe
AddRemove-HOD - d:\oblivion\Data\uninstall.exe
.
.
Binary file temp00 matches
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,c3,9d,2a,73,44,c3,79,f4,72,1c,21,a9,7b,2f,7f,a4,f5,e1,e8,fe,
71,34,5f,60,a2,ef,33,d0,69,a3,e2,81,9d,03,24,05,d9,8f,b0,1c,2c,58,53,3e,a4,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\Valve\Steam\Apps\72850]
@Denied: (D) (LocalSystem)
@Denied: (D) (S-1-5-21-60372432-1982840389-564346170-1000)
"userconfigcrc"=dword:13c7fe4d
"EnableCacheLoading"=dword:00000000
"Installed"=dword:00000001
"Skyrim"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2013-08-03 22:30:54 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-03 21:30
.
Pre-Run: 26,101,305,344 bytes free
Post-Run: 26,438,664,192 bytes free
.
- - End Of File - - C4B914FC2E0D896095C79BE90A044BD4
A36C5E4F47E84449FF07ED3517B43A31

 

ComboFix 13-08-02.03 - Jim 03/08/2013 22:24:42.6.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8169.6291 [GMT 1:00]
Running from: c:\users\Jim\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Jim\AppData\Local\Temp\0E28205B-FAA0-461F-9398-95ECAA7D758F.exe
c:\windows\PFRO.log
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-07-03 to 2013-08-03 )))))))))))))))))))))))))))))))
.
.
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\meshes\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-03 21:27 . 2013-08-03 21:27 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-08-03 18:35 . 2013-07-02 00:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E3A1253D-AC6B-4FA2-9345-A9BFD77A4965}\mpengine.dll
2013-08-02 11:20 . 2013-07-02 00:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-31 21:37 . 2013-07-31 21:36 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3791CDED-7EEE-4922-B0D9-8267BA3CFA24}\gapaengine.dll
2013-07-31 21:36 . 2013-07-31 21:36 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-07-31 21:29 . 2013-07-31 21:29 -------- d-----w- c:\windows\Temp728369FE-8D4E-431C-88FC-776B734906A1-Signatures
2013-07-15 18:14 . 2013-07-15 18:14 -------- d-----w- c:\users\Jim\AppData\Local\Matt_Chambers
2013-07-13 23:15 . 2013-07-13 23:15 -------- d-----w- c:\users\Jim\AppData\Roaming\The Creative Assembly
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\ARPPRODUCTICON.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_6959F71196DC44399918CDEE446371D5.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_323EC44FAFD84DB183577F038CAA7A8F.exe
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Roaming\Play withSIX
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Local\IsolatedStorage
2013-07-11 17:27 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 17:27 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 17:27 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 17:27 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 17:27 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 17:27 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 17:27 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 17:27 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 17:27 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 17:26 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 17:26 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 17:26 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 17:26 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 17:26 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 17:26 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-06 11:23 . 2013-07-06 11:23 70 ----a-w- c:\programdata\wjhthwdrjwkeyuqsbpo.bat
2013-07-06 11:23 . 2013-07-06 11:23 165 ----a-w- c:\programdata\wjhthwdrjwkeyuqsbpo.reg
2013-07-06 10:18 . 2013-07-06 10:18 -------- d-----w- c:\users\Jim\AppData\Roaming\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:18 -------- d-----w- c:\programdata\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-06 10:17 . 2013-07-06 10:17 -------- d--h--w- c:\programdata\Common Files
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\users\Jim\AppData\Roaming\OpenCandy
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\program files (x86)\Veetle
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 00:15 . 2012-04-20 22:30 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-24 10:25 . 2013-06-24 10:25 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-24 10:25 . 2013-06-24 10:25 312232 ----a-w- c:\windows\system32\javaws.exe
2013-06-24 10:25 . 2013-06-24 10:25 189352 ----a-w- c:\windows\system32\javaw.exe
2013-06-24 10:25 . 2013-06-24 10:25 188840 ----a-w- c:\windows\system32\java.exe
2013-06-24 10:25 . 2012-11-22 18:26 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 10:25 . 2012-11-22 18:26 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-18 20:50 . 2013-06-18 20:50 247216 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-06-18 20:50 . 2013-06-18 20:50 139616 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-06-11 21:23 . 2012-04-20 20:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 21:23 . 2012-04-20 20:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-22 23:55 . 2013-05-22 23:55 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-22 23:55 . 2013-05-22 23:55 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-22 23:55 . 2013-05-22 23:55 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-22 23:55 . 2013-05-22 23:55 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-22 23:55 . 2013-05-22 23:55 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-22 23:55 . 2013-05-22 23:55 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-22 23:55 . 2013-05-22 23:55 441856 ----a-w- c:\windows\system32\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-22 23:55 . 2013-05-22 23:55 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-22 23:55 . 2013-05-22 23:55 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-22 23:55 . 2013-05-22 23:55 235008 ----a-w- c:\windows\system32\url.dll
2013-05-22 23:55 . 2013-05-22 23:55 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-22 23:55 . 2013-05-22 23:55 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-22 23:55 . 2013-05-22 23:55 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-22 23:55 . 2013-05-22 23:55 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-22 23:55 . 2013-05-22 23:55 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-22 23:55 . 2013-05-22 23:55 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-13 05:51 . 2013-06-12 17:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 17:00 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 17:00 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 17:00 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 17:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 17:00 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 17:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 17:00 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 17:00 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 17:00 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 17:00 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-29 73832]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2537096]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5551288]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-07-05 383720]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 viopgncj;viopgncj;c:\windows\system32\drivers\viopgncj.sys;c:\windows\SYSNATIVE\drivers\viopgncj.sys [x]
R2 ?etadpug;Google Update Service (gupdate);c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\ \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe <;c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\ \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe < [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TmFilter;Thrustmaster HID Filter Driver;c:\windows\system32\DRIVERS\TmFilter.sys;c:\windows\SYSNATIVE\DRIVERS\TmFilter.sys [x]
R3 TmHid;Thrustmaster Virtual Keyboard (root);c:\windows\system32\DRIVERS\TmHid.sys;c:\windows\SYSNATIVE\DRIVERS\TmHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TmWinService;Thrustmaster FAST service;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio_x64.sys;c:\windows\SYSNATIVE\Drivers\npusbio_x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 SaiH0763;SaiH0763;c:\windows\system32\DRIVERS\SaiH0763.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0763.sys [x]
S3 TmBusEn;Thrustmaster Bus Enumerator;c:\windows\system32\DRIVERS\TmBusEn.sys;c:\windows\SYSNATIVE\DRIVERS\TmBusEn.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 22:31 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 21:23]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
2013-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-09-22 394832]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2012-07-05 383720]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 1127592]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=813da9c94bf74aa59282faa64c2282ad&tu=10Q80007a2B000v&sku=&tstsId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\pnbczmw7.default\
FF - prefs.js: browser.search.selectedEngine - SearchAmong
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-46647275.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-MSC - c:\program files\Microsoft Security Client\mssecex.exe
AddRemove-BattlEye - d:\program files\Bohemia Interactive\Arma 2Expansion\BattlEye\UnInstallBE.exe
AddRemove-BattlEye for A2 - d:\program files\Bohemia Interactive\Arma 2BattlEye\UnInstallBE.exe
AddRemove-HOD - d:\oblivion\Data\uninstall.exe
.
.
Binary file temp00 matches
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,c3,9d,2a,73,44,c3,79,f4,72,1c,21,a9,7b,2f,7f,a4,f5,e1,e8,fe,
71,34,5f,60,a2,ef,33,d0,69,a3,e2,81,9d,03,24,05,d9,8f,b0,1c,2c,58,53,3e,a4,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\Valve\Steam\Apps\72850]
@Denied: (D) (LocalSystem)
@Denied: (D) (S-1-5-21-60372432-1982840389-564346170-1000)
"userconfigcrc"=dword:13c7fe4d
"EnableCacheLoading"=dword:00000000
"Installed"=dword:00000001
"Skyrim"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2013-08-03 22:30:54 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-03 21:30
.
Pre-Run: 26,101,305,344 bytes free
Post-Run: 26,438,664,192 bytes free
.
- - End Of File - - C4B914FC2E0D896095C79BE90A044BD4
A36C5E4F47E84449FF07ED3517B43A31

 

 

 

 

 

 

 

 

 

 

I was unable to disable mse during combifix run and after the restart it ran combifix and after next restarts i had 2 BSOD with and irq value equals zero

IT is running now but no MSE in sys tray and in services.msc the options to start MSE are greyed out so I can't stop and restart the service (I have not been able to do so with MSE since the infection always greyed out)

Jim



#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 04 August 2013 - 11:26 AM

1.
Please completely uninstall MSE from your system. Once we have the machine cleaned up we will reinstall it.


2.
We need to run a CFScript.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:



File::
c:\programdata\wjhthwdrjwkeyuqsbpo.bat
c:\programdata\wjhthwdrjwkeyuqsbpo.reg
c:\users\Jim\AppData\Roaming\TuneUp Software
c:\programdata\TuneUp Software
c:\users\Jim\AppData\Roaming\OpenCandy

Folder::
c:\program files (x86)\Google\Desktop\Install

Driver::
viopgncj
?etadpug
 
Save this as CFScript.txt, in the same location as ComboFix.exe


CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#10 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 04 August 2013 - 12:02 PM

ComboFix 13-08-02.03 - Jim 04/08/2013  17:50:45.7.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8169.6138 [GMT 1:00]
Running from: c:\users\Jim\Desktop\ComboFix.exe
Command switches used :: c:\users\Jim\Desktop\CFScript.txt
FW: ZoneAlarm Free Firewall Firewall *Enabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
FILE ::
"c:\programdata\TuneUp Software"
"c:\programdata\wjhthwdrjwkeyuqsbpo.bat"
"c:\programdata\wjhthwdrjwkeyuqsbpo.reg"
"c:\users\Jim\AppData\Roaming\OpenCandy"
"c:\users\Jim\AppData\Roaming\TuneUp Software"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Desktop\Install
c:\programdata\wjhthwdrjwkeyuqsbpo.bat
c:\programdata\wjhthwdrjwkeyuqsbpo.reg
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_?etadpug
-------\Service_viopgncj
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-04 to 2013-08-04  )))))))))))))))))))))))))))))))
.
.
2013-08-04 16:53 . 2013-08-04 16:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-08-04 16:53 . 2013-08-04 16:53 -------- d-----w- c:\users\meshes\AppData\Local\temp
2013-07-31 21:29 . 2013-07-31 21:29 -------- d-----w- c:\windows\Temp728369FE-8D4E-431C-88FC-776B734906A1-Signatures
2013-07-15 18:14 . 2013-07-15 18:14 -------- d-----w- c:\users\Jim\AppData\Local\Matt_Chambers
2013-07-13 23:15 . 2013-07-13 23:15 -------- d-----w- c:\users\Jim\AppData\Roaming\The Creative Assembly
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\ARPPRODUCTICON.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_6959F71196DC44399918CDEE446371D5.exe
2013-07-13 22:34 . 2013-07-13 22:34 139264 ----a-r- c:\users\Jim\AppData\Roaming\Microsoft\Installer\{84AEB93A-ECBB-4568-8F59-D4516EF59079}\_323EC44FAFD84DB183577F038CAA7A8F.exe
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Roaming\Play withSIX
2013-07-13 20:48 . 2013-07-13 20:48 -------- d-----w- c:\users\Jim\AppData\Local\IsolatedStorage
2013-07-11 17:27 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-11 17:27 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-11 17:27 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-11 17:27 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-11 17:27 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-11 17:27 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-11 17:27 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-11 17:27 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-11 17:27 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-11 17:27 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-11 17:26 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-11 17:26 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-11 17:26 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-11 17:26 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-11 17:26 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-11 17:26 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-11 17:26 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-06 10:18 . 2013-07-06 10:18 -------- d-----w- c:\users\Jim\AppData\Roaming\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:18 -------- d-----w- c:\programdata\TuneUp Software
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-06 10:17 . 2013-07-06 10:17 -------- d--h--w- c:\programdata\Common Files
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\users\Jim\AppData\Roaming\OpenCandy
2013-07-06 10:17 . 2013-07-06 10:17 -------- d-----w- c:\program files (x86)\Veetle
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-12 00:15 . 2012-04-20 22:30 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-24 10:25 . 2013-06-24 10:25 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-06-24 10:25 . 2013-06-24 10:25 312232 ----a-w- c:\windows\system32\javaws.exe
2013-06-24 10:25 . 2013-06-24 10:25 189352 ----a-w- c:\windows\system32\javaw.exe
2013-06-24 10:25 . 2013-06-24 10:25 188840 ----a-w- c:\windows\system32\java.exe
2013-06-24 10:25 . 2012-11-22 18:26 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-24 10:25 . 2012-11-22 18:26 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-11 21:23 . 2012-04-20 20:51 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 21:23 . 2012-04-20 20:51 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-22 23:55 . 2013-05-22 23:55 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-22 23:55 . 2013-05-22 23:55 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-22 23:55 . 2013-05-22 23:55 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-22 23:55 . 2013-05-22 23:55 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-22 23:55 . 2013-05-22 23:55 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-22 23:55 . 2013-05-22 23:55 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-22 23:55 . 2013-05-22 23:55 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-22 23:55 . 2013-05-22 23:55 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-22 23:55 . 2013-05-22 23:55 441856 ----a-w- c:\windows\system32\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-22 23:55 . 2013-05-22 23:55 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-22 23:55 . 2013-05-22 23:55 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-22 23:55 . 2013-05-22 23:55 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-22 23:55 . 2013-05-22 23:55 235008 ----a-w- c:\windows\system32\url.dll
2013-05-22 23:55 . 2013-05-22 23:55 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-22 23:55 . 2013-05-22 23:55 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-22 23:55 . 2013-05-22 23:55 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-22 23:55 . 2013-05-22 23:55 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-22 23:55 . 2013-05-22 23:55 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-22 23:55 . 2013-05-22 23:55 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-22 23:55 . 2013-05-22 23:55 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-22 23:55 . 2013-05-22 23:55 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-22 23:55 . 2013-05-22 23:55 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-22 23:55 . 2013-05-22 23:55 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-22 23:55 . 2013-05-22 23:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-22 23:55 . 2013-05-22 23:55 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-22 23:55 . 2013-05-22 23:55 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-22 23:55 . 2013-05-22 23:55 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-22 23:55 . 2013-05-22 23:55 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-22 23:55 . 2013-05-22 23:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-22 23:55 . 2013-05-22 23:55 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-22 23:55 . 2013-05-22 23:55 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-22 23:55 . 2013-05-22 23:55 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-13 05:51 . 2013-06-12 17:00 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 17:00 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 17:00 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 17:00 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 17:00 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 17:00 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 17:00 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 17:00 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 17:00 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 05:49 . 2013-06-12 17:00 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 17:00 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-12 17:00 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-07-26 1807272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2013-01-29 73832]
"SAOB Monitor"="c:\program files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe" [2011-09-22 2537096]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-22 5551288]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2012-07-05 383720]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2013-2-7 575000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 ?etadpug;Google Update Service (gupdate);c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\   \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe <;c:\program files (x86)\Google\Desktop\Install\{b23932ea-45b6-feea-e7e5-479849e7a317}\   \...\???\{b23932ea-45b6-feea-e7e5-479849e7a317}\GoogleUpdate.exe < [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe;c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TmFilter;Thrustmaster HID Filter Driver;c:\windows\system32\DRIVERS\TmFilter.sys;c:\windows\SYSNATIVE\DRIVERS\TmFilter.sys [x]
R3 TmHid;Thrustmaster Virtual Keyboard (root);c:\windows\system32\DRIVERS\TmHid.sys;c:\windows\SYSNATIVE\DRIVERS\TmHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [x]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 TmWinService;Thrustmaster FAST service;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe;c:\program files (x86)\Thrustmaster\TARGET\TmService.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jim\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys;c:\windows\SYSNATIVE\drivers\ha20x22k.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 npusbio;npusbio;c:\windows\system32\Drivers\npusbio_x64.sys;c:\windows\SYSNATIVE\Drivers\npusbio_x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 SaiH0763;SaiH0763;c:\windows\system32\DRIVERS\SaiH0763.sys;c:\windows\SYSNATIVE\DRIVERS\SaiH0763.sys [x]
S3 TmBusEn;Thrustmaster Bus Enumerator;c:\windows\system32\DRIVERS\TmBusEn.sys;c:\windows\SYSNATIVE\DRIVERS\TmBusEn.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-31 22:31 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 21:23]
.
2013-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
2013-08-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26 21:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\Jim\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-09-22 394832]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2010-10-27 613536]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2010-10-27 379040]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\WinPatrol.exe" [2012-07-05 383720]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-11-22 1127592]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=en&gu=813da9c94bf74aa59282faa64c2282ad&tu=10Q80007a2B000v&sku=&tstsId=&ver=&
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jim\AppData\Roaming\Mozilla\Firefox\Profiles\pnbczmw7.default\
FF - prefs.js: browser.search.selectedEngine - SearchAmong
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-BattlEye - d:\program files\Bohemia Interactive\Arma 2Expansion\BattlEye\UnInstallBE.exe
AddRemove-BattlEye for A2 - d:\program files\Bohemia Interactive\Arma 2BattlEye\UnInstallBE.exe
AddRemove-HOD - d:\oblivion\Data\uninstall.exe
.
.
Binary file temp00 matches
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\SecuROM\License information*]
"datasecu"=hex:78,c3,9d,2a,73,44,c3,79,f4,72,1c,21,a9,7b,2f,7f,a4,f5,e1,e8,fe,
   71,34,5f,60,a2,ef,33,d0,69,a3,e2,81,9d,03,24,05,d9,8f,b0,1c,2c,58,53,3e,a4,\
"rkeysecu"=hex:82,c3,15,4f,bb,1d,3b,7f,84,f5,53,93,76,d6,d1,ff
.
[HKEY_USERS\S-1-5-21-60372432-1982840389-564346170-1000\Software\Valve\Steam\Apps\72850]
@Denied: (D) (LocalSystem)
@Denied: (D) (S-1-5-21-60372432-1982840389-564346170-1000)
"userconfigcrc"=dword:13c7fe4d
"EnableCacheLoading"=dword:00000000
"Installed"=dword:00000001
"Skyrim"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
.
**************************************************************************
.
Completion time: 2013-08-04  17:56:16 - machine was rebooted
ComboFix-quarantined-files.txt  2013-08-04 16:56
ComboFix2.txt  2013-08-03 21:30
.
Pre-Run: 27,323,703,296 bytes free
Post-Run: 26,386,026,496 bytes free
.
- - End Of File - - 9925794A3E0C86420D0D723F2DE1D3EA
A36C5E4F47E84449FF07ED3517B43A31


#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 04 August 2013 - 12:28 PM

Try reinstalling MSE and see if it works now.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 04 August 2013 - 12:48 PM

Hi

 

I have managed to re install MSE and it updated itself and ran a scan.

 

It has quarantined 

 

Trojan.win64/sirefef.P

Trojan.win32/sirefef.AB

 

I have left them quarantined and not deleted them

 

Jim



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 04 August 2013 - 02:25 PM

Can you please post the files it quarantined? Just the name of them.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 Cybermann

Cybermann
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Local time:08:34 PM

Posted 04 August 2013 - 02:54 PM

Trojan.win64/sirefef.P

Trojan.win32/sirefef.AB

 

I note they are dated 1/08/2013


Edited by Cybermann, 05 August 2013 - 09:08 AM.


#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:34 PM

Posted 05 August 2013 - 02:01 PM

Trojan.win64/sirefef.P

Trojan.win32/sirefef.AB

 

I mean the path of those files for instance C:/windows/anyplace/anytime. Should look something similar to this.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users