Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot remove svchost.exe trojan or it's root-kits permanently.


  • This topic is locked This topic is locked
22 replies to this topic

#1 lost1010

lost1010

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 19 November 2013 - 06:30 PM

Hello,

 

I've been attempting for 4 days now to remove this trojan that seems to show back up after each restart. MBAM catches it each startup as 'trojan.agent.cn - svchost.exe' and when I go into what it has quarantined I find it and about 5 other virus's which are noted as bitcoinminers (which are called things like diablo130302.cl or other 6 letter 6 number combo's which make sense 1/3rd of the time). I'm not sure if these are related or separate. The virii (plural for viruses?) are seen to be found each time in the temp folder.

 

The trojan seems to only have edited my hosts file to redirect all popular websites to a survey/phishing website [unless that was another virus] but I also experience problems such as the internet not working until a restart.

 

Any help would be lovely. I've attached the logs that the preparation guide requests.

 

Thank you.

Attached Files



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 19 November 2013 - 09:26 PM


Hello lost1010

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 19 November 2013 - 10:13 PM

Hello Gringo,

 

I don't think either of the two programs saw any issues.

 

Just additional information here: Even though I disable MBAMs active protection for the scans to run, it turns itself back on after each restart and quarantines svchost.exe. Just thought that may stop these other scanners from being able to find it.

 

ADWCleaner

--------

# AdwCleaner v3.012 - Report created 20/11/2013 at 13:55:38
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Moschetti - MOSCHETTI-PC
# Running from : C:\Users\Moschetti\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v31.0.1650.57
 
[ File : C:\Users\Moschetti\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [883 octets] - [18/11/2013 10:47:13]
AdwCleaner[R1].txt - [890 octets] - [20/11/2013 13:54:32]
AdwCleaner[S0].txt - [947 octets] - [18/11/2013 10:48:03]
AdwCleaner[S1].txt - [812 octets] - [20/11/2013 13:55:38]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [871 octets] ##########
 
 
Junkware Removal Tool
--------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Moschetti on 20/11/2013 at 14:02:33.58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20/11/2013 at 14:06:21.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-----------


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 19 November 2013 - 10:32 PM


Hello lost1010

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 19 November 2013 - 11:17 PM

Thank you for your help so far Gringo

 

Combofix report below:

 

ComboFix 13-11-19.01 - Moschetti 20/11/2013  15:10:58.3.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.4076.2581 [GMT 11:00]
Running from: c:\users\Moschetti\Desktop\ComboFix.exe
AV: Microsoft Security Essentials Prerelease *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials Prerelease *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Moschetti\AppData\Local\Temp\5196_20217\crl-set
c:\users\Moschetti\AppData\Local\Temp\5196_20217\manifest.fingerprint
c:\users\Moschetti\AppData\Local\Temp\5196_20217\manifest.json
c:\users\Moschetti\AppData\Local\Temp\5216_10086\crl-set
c:\users\Moschetti\AppData\Local\Temp\5216_10086\manifest.fingerprint
c:\users\Moschetti\AppData\Local\Temp\5216_10086\manifest.json
c:\users\Moschetti\AppData\Local\Temp\6608_15641\crl-set
c:\users\Moschetti\AppData\Local\Temp\6608_15641\manifest.fingerprint
c:\users\Moschetti\AppData\Local\Temp\6608_15641\manifest.json
c:\users\Moschetti\AppData\Local\Temp\6608_17894\crl-set
c:\users\Moschetti\AppData\Local\Temp\6608_17894\manifest.fingerprint
c:\users\Moschetti\AppData\Local\Temp\6608_17894\manifest.json
c:\users\Moschetti\AppData\Local\Temp\fontconfig\cache\CACHEDIR.TAG
c:\users\Moschetti\AppData\Local\Temp\fontconfig\cache\d031bbba323fd9e5b47e0ee5a0353f11-le32d8.cache-3
c:\users\Moschetti\AppData\Local\Temp\jrt\APPID_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\APPID_files.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\appinit_null.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\appinit64_null.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\APPPATHS.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\ask.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\askCLSID.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\askregkey_x64.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\askregkey_x86.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\askregvalue_x64.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\askregvalue_x86.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\askservices.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\badAPPINIT.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\badFOLDERS.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\badFOLDERScom.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\badFOLDERSstart.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\badLNK.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\badvalues.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\BHO_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\BHO_name.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\browsermngr_keys.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\browsermngr_values.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\CHOICE.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\CHR_extensions.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\CHR_open_x64.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\CHR_open_x86.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\chrome.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\CHRregkey_x64.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\CHRregkey_x86.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\clean_shortcut.vbs
c:\users\Moschetti\AppData\Local\Temp\jrt\CLSID_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\currentmd5.txt
c:\users\Moschetti\AppData\Local\Temp\jrt\CUT.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\datamngr_del.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\defaultscope.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\delfolders.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\delorphans.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERDNT.E_E
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\ERUNT.LOC
c:\users\Moschetti\AppData\Local\Temp\jrt\erunt\README.TXT
c:\users\Moschetti\AppData\Local\Temp\jrt\ev_clear.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\EXT.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FF_open_x64.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\FF_open_x86.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\FFbrowsermngr.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFextensions.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFpluginREG.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFplugins.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFprefs.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFregkey_x64.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFregkey_x86.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFwhtlist.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\FFXML.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FFXPI.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\firefox.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\FWCLSID.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\FWPolicy.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\get.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\IE_open_x64.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\IE_open_x86.reg
c:\users\Moschetti\AppData\Local\Temp\jrt\IEwhtlst.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\iexplore.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\IFEO.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\INTERFACE_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\JRT.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\medfos.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\MENUEXT.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\misc.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\modules.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\modules.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\moduleservices.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\newmd5.txt
c:\users\Moschetti\AppData\Local\Temp\jrt\NIRCMD.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\NOTIFY.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\prelim.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\PRODUCTS.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhcr.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\REGISTRYUSERSID.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\runvalues.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\runvalues_x64.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\runvalues_x86.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\S1518COMPONENTS.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\searchlnk.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\SED.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\sednewline.txt
c:\users\Moschetti\AppData\Local\Temp\jrt\services.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\serviceseventlog.cfg
c:\users\Moschetti\AppData\Local\Temp\jrt\SETTINGS_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\SHORTCUT.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\STATS_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\TDL4.bat
c:\users\Moschetti\AppData\Local\Temp\jrt\temp\null.txt
c:\users\Moschetti\AppData\Local\Temp\jrt\TRACING.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\TYPELIB_clsid.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\UNINSTALL.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\UpgradeCodes.dat
c:\users\Moschetti\AppData\Local\Temp\jrt\WGET.DAT
c:\users\Moschetti\AppData\Local\Temp\jrt\WOW6432NODE.dat
c:\users\Moschetti\AppData\Local\Temp\Low\JavaDeployReg.log
c:\users\Moschetti\AppData\Roaming\mIRC\logs\status.log
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-20 to 2013-11-20  )))))))))))))))))))))))))))))))
.
.
2013-11-20 04:14 . 2013-11-20 04:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-19 12:28 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpengine.dll
2013-11-19 00:02 . 2013-11-19 00:05 -------- d-----w- c:\users\Moschetti\AppData\Roaming\mIRC
2013-11-18 05:43 . 2013-11-18 05:43 -------- d-----w- c:\users\Moschetti\AppData\Local\CrashDumps
2013-11-18 04:14 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-17 23:42 . 2013-11-20 03:01 -------- d-----w- C:\AdwCleaner
2013-11-17 23:41 . 2013-11-17 23:41 -------- d-----w- c:\windows\ERUNT
2013-11-17 12:32 . 2013-11-17 12:32 -------- d-----w- C:\TDSSKiller_Quarantine
2013-11-17 09:47 . 2013-11-18 03:34 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-17 09:00 . 2013-11-17 09:00 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-11-17 08:42 . 2013-11-17 08:42 -------- d-----w- c:\program files\HitmanPro
2013-11-17 08:41 . 2013-11-17 09:01 -------- d-----w- c:\programdata\HitmanPro
2013-11-17 02:24 . 2013-11-17 02:24 -------- d-----w- c:\users\Moschetti\AppData\Local\Black_Tree_Gaming
2013-11-13 05:20 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 05:20 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 04:13 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-13 04:13 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-13 04:13 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-13 04:13 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 04:13 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-13 04:13 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-13 04:13 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-12 16:04 . 2013-10-14 07:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-12 16:01 . 2013-11-12 16:01 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-11-10 07:07 . 2013-11-10 07:07 -------- d-----w- c:\users\Moschetti\AppData\Local\FOMM
2013-11-10 07:04 . 2013-11-10 08:00 -------- d-----w- c:\users\Moschetti\AppData\Local\FalloutNV
2013-11-06 23:33 . 2013-10-18 03:21 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E68241C-F60A-4D74-93C6-217B4F07E4E2}\gapaengine.dll
2013-10-30 00:21 . 2013-10-30 00:21 40960 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2013-10-30 00:21 . 2013-10-30 00:21 40960 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2013-10-25 09:27 . 2013-11-09 11:20 -------- d-----w- c:\programdata\LogMeIn
2013-10-25 09:27 . 2013-10-25 09:27 -------- d-----w- c:\users\Moschetti\AppData\Local\LogMeIn
2013-10-25 06:43 . 2013-11-03 10:22 -------- d-----w- c:\users\Moschetti\AppData\Local\LogMeIn Hamachi
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-12 16:01 . 2013-11-12 16:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-10-18 03:21 . 2013-03-12 06:25 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-16 01:36 . 2013-10-16 01:36 481280 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{C3D204B0-1293-4FE8-A590-0E272D910D7E}\icon.exe
2013-10-07 20:50 . 2013-10-20 06:40 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-26 22:53 . 2013-09-26 22:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-26 22:53 . 2012-08-30 11:03 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-04 12:12 . 2013-10-08 23:38 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-08 23:38 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-08 23:38 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-08 23:38 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-08 23:38 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-08 23:38 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-08 23:38 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-28 01:21 . 2013-10-08 23:38 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 05:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\mikes\Games\Steam\steam.exe" [2013-10-30 1820584]
"F.lux"="c:\users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]
"uTorrent"="c:\mikes\uTorrent\uTorrent.exe" [2013-02-01 399224]
"DAEMON Tools Lite"="c:\mikes\DAEMON Tools\DTLite.exe" [2013-01-08 3674320]
"Spotify Web Helper"="c:\users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-20 1105408]
"Akamai NetSession Interface"="c:\users\Moschetti\AppData\Local\Akamai\netsession_win.exe" [2013-01-25 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2013-02-02 4942336]
"StartCCC"="c:\mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"Adobe"="c:\users\Moschetti\AppData\Roaming\Microsoft\Windows\Recent.vbe" [2013-01-20 15550]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\mikes\Hamachi\hamachi-2.exe;c:\mikes\Hamachi\hamachi-2.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 LUM;LUM;c:\windows\system32\drivers\LUM.sys;c:\windows\SYSNATIVE\drivers\LUM.sys [x]
S1 SASDIFSV;SASDIFSV;c:\mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS;c:\mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS;c:\mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE;c:\mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 BBDemon;Backbone Service;c:\mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe;c:\mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\mikes\Antivirus\MBAM\mbamscheduler.exe;c:\mikes\Antivirus\MBAM\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\mikes\Antivirus\MBAM\mbamservice.exe;c:\mikes\Antivirus\MBAM\mbamservice.exe [x]
S2 mitsijm2014;Autodesk Simulation Moldflow MITSI 2014 Job Manager;c:\mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 AsrVDrive;AsrVDrive;c:\windows\system32\DRIVERS\AsrVDrive.sys;c:\windows\SYSNATIVE\DRIVERS\AsrVDrive.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys;c:\windows\SYSNATIVE\DRIVERS\cbfs3.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-14 21:23 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 01:48]
.
2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 01:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 05:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-09-27 1266912]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1464944]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 2076272]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-03 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\mikes\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\mikes\MICROS~1\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-55445030.sys
SafeBoot-57273644.sys
AddRemove-HVAC Solution - Professional - c:\mikes\HVAC\Uninstall\HVAC Solution - Pro\uninstall.exe
AddRemove-MultiBit 0.4.23 - c:\mikes\Drivers\Java\bin\javaw.exe
AddRemove-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-11-20  15:15:42
ComboFix-quarantined-files.txt  2013-11-20 04:15
.
Pre-Run: 371,934,162,944 bytes free
Post-Run: 371,514,032,128 bytes free
.
- - End Of File - - 3FA7B3763093FA4CD5810400ABD18E84
A36C5E4F47E84449FF07ED3517B43A31


#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 20 November 2013 - 12:13 AM


Hello lost1010

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 20 November 2013 - 01:43 AM

I ran Combofix with the new addition. I'll attach the report below.

The virii actually don't do anything of notable effect to the computer any more, but not being able to see what it does makes it all the more scary.

MBAR still reports svchost.exe virii but titles them as 'heuristics.reserved.word.exploit' whereas MBAM reports them as 'trojan.agent.cn'.

Combo fix logs

------

ComboFix 13-11-19.01 - Moschetti 20/11/2013  16:16:59.4.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.4076.1379 [GMT 11:00]
Running from: c:\users\Moschetti\Desktop\ComboFix.exe
Command switches used :: c:\users\Moschetti\Desktop\CFScript.txt
AV: Microsoft Security Essentials Prerelease *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials Prerelease *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MOSCHE~1\AppData\Local\Temp\jna3040325237138003946.dll
c:\users\Moschetti\AppData\Local\Temp\jna3040325237138003946.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-20 to 2013-11-20  )))))))))))))))))))))))))))))))
.
.
2013-11-20 05:21 . 2013-11-20 05:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-19 12:28 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpengine.dll
2013-11-19 00:02 . 2013-11-19 00:05 -------- d-----w- c:\users\Moschetti\AppData\Roaming\mIRC
2013-11-18 05:43 . 2013-11-18 05:43 -------- d-----w- c:\users\Moschetti\AppData\Local\CrashDumps
2013-11-18 04:14 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-11-17 23:42 . 2013-11-20 03:01 -------- d-----w- C:\AdwCleaner
2013-11-17 23:41 . 2013-11-17 23:41 -------- d-----w- c:\windows\ERUNT
2013-11-17 12:32 . 2013-11-17 12:32 -------- d-----w- C:\TDSSKiller_Quarantine
2013-11-17 09:47 . 2013-11-18 03:34 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-11-17 09:00 . 2013-11-17 09:00 12872 ----a-w- c:\windows\system32\bootdelete.exe
2013-11-17 08:42 . 2013-11-17 08:42 -------- d-----w- c:\program files\HitmanPro
2013-11-17 08:41 . 2013-11-17 09:01 -------- d-----w- c:\programdata\HitmanPro
2013-11-17 02:24 . 2013-11-17 02:24 -------- d-----w- c:\users\Moschetti\AppData\Local\Black_Tree_Gaming
2013-11-13 05:20 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 05:20 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 04:13 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-13 04:13 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-13 04:13 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-13 04:13 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-13 04:13 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-13 04:13 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-13 04:13 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-12 16:04 . 2013-10-14 07:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-11-12 16:01 . 2013-11-12 16:01 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-11-10 07:07 . 2013-11-10 07:07 -------- d-----w- c:\users\Moschetti\AppData\Local\FOMM
2013-11-10 07:04 . 2013-11-10 08:00 -------- d-----w- c:\users\Moschetti\AppData\Local\FalloutNV
2013-11-06 23:33 . 2013-10-18 03:21 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6E68241C-F60A-4D74-93C6-217B4F07E4E2}\gapaengine.dll
2013-10-30 00:21 . 2013-10-30 00:21 40960 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\NewShortcut1_9559F7CA5E344237A2D9D856464AD727.exe
2013-10-30 00:21 . 2013-10-30 00:21 40960 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2013-10-25 09:27 . 2013-11-09 11:20 -------- d-----w- c:\programdata\LogMeIn
2013-10-25 09:27 . 2013-10-25 09:27 -------- d-----w- c:\users\Moschetti\AppData\Local\LogMeIn
2013-10-25 06:43 . 2013-11-03 10:22 -------- d-----w- c:\users\Moschetti\AppData\Local\LogMeIn Hamachi
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-12 16:01 . 2013-11-12 16:01 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-10-18 03:21 . 2013-03-12 06:25 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-16 01:36 . 2013-10-16 01:36 481280 ----a-r- c:\users\Moschetti\AppData\Roaming\Microsoft\Installer\{C3D204B0-1293-4FE8-A590-0E272D910D7E}\icon.exe
2013-10-07 20:50 . 2013-10-20 06:40 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-26 22:53 . 2013-09-26 22:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-26 22:53 . 2012-08-30 11:03 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-04 12:12 . 2013-10-08 23:38 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-08 23:38 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-08 23:38 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-08 23:38 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-08 23:38 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-08 23:38 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-08 23:38 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-28 01:21 . 2013-10-08 23:38 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-10-20 17:48 1725640 ----a-w- c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 05:27 158224 ----a-w- c:\windows\SysWOW64\CbFsMntNtf3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\mikes\Games\Steam\steam.exe" [2013-10-30 1820584]
"F.lux"="c:\users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]
"uTorrent"="c:\mikes\uTorrent\uTorrent.exe" [2013-02-01 399224]
"DAEMON Tools Lite"="c:\mikes\DAEMON Tools\DTLite.exe" [2013-01-08 3674320]
"Spotify Web Helper"="c:\users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-05-20 1105408]
"Akamai NetSession Interface"="c:\users\Moschetti\AppData\Local\Akamai\netsession_win.exe" [2013-01-25 4480768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2013-02-02 4942336]
"StartCCC"="c:\mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"Adobe"="c:\users\Moschetti\AppData\Roaming\Microsoft\Windows\Recent.vbe" [2013-01-20 15550]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-01 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2013-02-04 1081224]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\mikes\Antivirus\MBAM\mbamservice.exe;c:\mikes\Antivirus\MBAM\mbamservice.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\mikes\Hamachi\hamachi-2.exe;c:\mikes\Hamachi\hamachi-2.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 LUM;LUM;c:\windows\system32\drivers\LUM.sys;c:\windows\SYSNATIVE\drivers\LUM.sys [x]
S1 SASDIFSV;SASDIFSV;c:\mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS;c:\mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS;c:\mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE;c:\mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
S2 BBDemon;Backbone Service;c:\mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe;c:\mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\mikes\Antivirus\MBAM\mbamscheduler.exe;c:\mikes\Antivirus\MBAM\mbamscheduler.exe [x]
S2 mitsijm2014;Autodesk Simulation Moldflow MITSI 2014 Job Manager;c:\mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe;c:\mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 AsrVDrive;AsrVDrive;c:\windows\system32\DRIVERS\AsrVDrive.sys;c:\windows\SYSNATIVE\DRIVERS\AsrVDrive.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cbfs3;EldoS Callback File System driver v3;c:\windows\system32\DRIVERS\cbfs3.sys;c:\windows\SYSNATIVE\DRIVERS\cbfs3.sys [x]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-14 21:23 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 01:48]
.
2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-02 01:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EldosIconOverlay]
@="{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}"
[HKEY_CLASSES_ROOT\CLSID\{5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC}]
2012-04-09 05:27 190480 ----a-w- c:\windows\System32\CbFsMntNtf3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-09-27 1266912]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-30 11660904]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1464944]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 2076272]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-03 446392]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
IE: E&xport to Microsoft Excel - c:\mikes\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\mikes\MICROS~1\Office15\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-HVAC Solution - Professional - c:\mikes\HVAC\Uninstall\HVAC Solution - Pro\uninstall.exe
AddRemove-MultiBit 0.4.23 - c:\mikes\Drivers\Java\bin\javaw.exe
AddRemove-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2013-11-20  16:25:35 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-20 05:25
ComboFix2.txt  2013-11-20 04:15
.
Pre-Run: 371,568,623,616 bytes free
Post-Run: 371,270,504,448 bytes free
.
- - End Of File - - 9595CF9FAE208D48468420AFB525A31F
A36C5E4F47E84449FF07ED3517B43A31

Edited by lost1010, 20 November 2013 - 01:52 AM.


#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 20 November 2013 - 01:52 AM





Hello lost1010

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
  • •Internet access
    •Windows Update
    •Windows Firewall
9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.


--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from MBAR and Roguekiller and also let me know how the computer is doing at this time.

Gringo






When you are complete please send me both reports

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 20 November 2013 - 03:00 AM

Okay,

 

I did MBAR scans 3 times following this order:

- Scan (found viruses), clean+reset.

- Scan (found the same viruses), clean+reset. This is the scan I am posting the log of.

- Scan (found the same viruses), did not attempt a third cleanup as it was clearly not removing them permanently.

 

The roguekiller program made no text file called RKreport[2].txt but instead made RKreport[0]_S_(numbers).txt and RKreport[0]_D_(numbers).txt. Regardless, I gave you the copy that came up when I clicked report.

 

MBAR log

------

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org
 
Database version: v2013.11.20.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Moschetti :: MOSCHETTI-PC [administrator]
 
20/11/2013 18:20:38
mbar-log-2013-11-20 (18-20-38).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 257722
Time elapsed: 9 minute(s), 59 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 7
C:\Users\Moschetti\AppData\Local\Temp\svchost.exe (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Temp\phatk121016.cl (Trojan.BitcoinMiner) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Temp\scrypt130511.cl (Trojan.BitcoinMiner) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Temp\diablo130302.cl (Trojan.BitcoinMiner) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Temp\poclbm130302.cl (Trojan.BitcoinMiner) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Temp\diakgcn121016.cl (Trojan.BitcoinMiner) -> Delete on reboot.
C:\Users\Moschetti\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MT01AD28\svchost[1].exe (Heuristics.Reserved.Word.Exploit) -> Delete on reboot.
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 

RogueKiller Log

------

RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Moschetti [Admin rights]
Mode : Remove -- Date : 11/20/2013 18:51:51
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : Adobe (C:\Users\Moschetti\AppData\Roaming\Microsoft\Windows\Recent.vbe [-]) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. 
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowHelp (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3250620AS ATA Device +++++
--- User ---
[MBR] d203aba2828c624873cb3680046b269a
[BSP] 47cedee9bc2563b6c07f30d0920e7d20 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238472 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD10EZEX-00ZF5A0 ATA Device +++++
--- User ---
[MBR] c75679904e35d164650ce7d843aada19
[BSP] b7e4c5665bfce0dd702ddec90547004a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
+++++ PhysicalDrive2: (\\.\PHYSICALDRIVE2 @ IDE) ST31000528AS ATA Device +++++
--- User ---
[MBR] 52f4e1c0b845dfd1ba37689496c161bc
[BSP] b0a9c17198597f5b4f585612e93d9b6a : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953866 Mo
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_11202013_185151.txt >>
RKreport[0]_S_11202013_185127.txt


#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 20 November 2013 - 11:58 AM


Hello lost1010

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 21 November 2013 - 07:18 PM

It seems the only two programs capable of finding these viruses are MBAR and MBAM :(

The Log:

 

07:14:07.0982 3336  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
07:14:09.0261 3336  ============================================================
07:14:09.0261 3336  Current date / time: 2013/11/21 07:14:09.0261
07:14:09.0261 3336  SystemInfo:
07:14:09.0261 3336  
07:14:09.0261 3336  OS Version: 6.1.7601 ServicePack: 1.0
07:14:09.0261 3336  Product type: Workstation
07:14:09.0261 3336  ComputerName: MOSCHETTI-PC
07:14:09.0261 3336  UserName: Moschetti
07:14:09.0261 3336  Windows directory: C:\Windows
07:14:09.0261 3336  System windows directory: C:\Windows
07:14:09.0261 3336  Running under WOW64
07:14:09.0261 3336  Processor architecture: Intel x64
07:14:09.0261 3336  Number of processors: 4
07:14:09.0261 3336  Page size: 0x1000
07:14:09.0261 3336  Boot type: Normal boot
07:14:09.0261 3336  ============================================================
07:14:38.0355 3336  BG loaded
07:14:39.0055 3336  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:14:39.0105 3336  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1D9262, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
07:14:39.0115 3336  Drive \Device\Harddisk0\DR0 - Size: 0x3A38A25E00 (232.88 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:14:39.0125 3336  ============================================================
07:14:39.0125 3336  \Device\Harddisk1\DR1:
07:14:39.0125 3336  MBR partitions:
07:14:39.0125 3336  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
07:14:39.0125 3336  \Device\Harddisk2\DR2:
07:14:39.0125 3336  MBR partitions:
07:14:39.0125 3336  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
07:14:39.0125 3336  \Device\Harddisk0\DR0:
07:14:39.0135 3336  MBR partitions:
07:14:39.0135 3336  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
07:14:39.0135 3336  ============================================================
07:14:39.0365 3336  C: <-> \Device\Harddisk2\DR2\Partition1
07:14:39.0375 3336  D: <-> \Device\Harddisk0\DR0\Partition1
07:14:39.0395 3336  F: <-> \Device\Harddisk1\DR1\Partition1
07:14:39.0395 3336  ============================================================
07:14:39.0395 3336  Initialize success
07:14:39.0395 3336  ============================================================
07:14:54.0218 3384  ============================================================
07:14:54.0218 3384  Scan started
07:14:54.0218 3384  Mode: Manual; SigCheck; TDLFS; 
07:14:54.0218 3384  ============================================================
07:15:01.0223 3384  ================ Scan system memory ========================
07:15:01.0223 3384  System memory - ok
07:15:01.0223 3384  ================ Scan services =============================
07:15:01.0722 3384  [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE        C:\Mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE
07:15:01.0862 3384  !SASCORE ( UnsignedFile.Multi.Generic ) - warning
07:15:01.0862 3384  !SASCORE - detected UnsignedFile.Multi.Generic (1)
07:15:04.0327 3384  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
07:15:04.0452 3384  1394ohci - ok
07:15:04.0499 3384  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
07:15:04.0530 3384  ACPI - ok
07:15:04.0608 3384  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
07:15:05.0076 3384  AcpiPmi - ok
07:15:05.0357 3384  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:15:05.0372 3384  AdobeARMservice - ok
07:15:05.0637 3384  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:15:05.0747 3384  adp94xx - ok
07:15:05.0840 3384  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:15:05.0871 3384  adpahci - ok
07:15:05.0934 3384  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:15:05.0981 3384  adpu320 - ok
07:15:06.0027 3384  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:15:08.0221 3384  AeLookupSvc - ok
07:15:08.0331 3384  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
07:15:08.0409 3384  AFD - ok
07:15:08.0518 3384  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
07:15:08.0549 3384  agp440 - ok
07:15:08.0580 3384  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
07:15:08.0705 3384  ALG - ok
07:15:08.0736 3384  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:15:08.0752 3384  aliide - ok
07:15:08.0830 3384  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
07:15:08.0877 3384  AMD External Events Utility - ok
07:15:08.0908 3384  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
07:15:08.0923 3384  amdide - ok
07:15:09.0001 3384  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:15:09.0064 3384  AmdK8 - ok
07:15:10.0265 3384  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
07:15:10.0374 3384  amdkmdag - ok
07:15:10.0452 3384  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
07:15:10.0499 3384  amdkmdap - ok
07:15:10.0546 3384  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
07:15:10.0577 3384  AmdPPM - ok
07:15:10.0655 3384  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
07:15:10.0717 3384  amdsata - ok
07:15:10.0811 3384  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
07:15:10.0842 3384  amdsbs - ok
07:15:10.0858 3384  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
07:15:10.0889 3384  amdxata - ok
07:15:11.0014 3384  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
07:15:12.0199 3384  AppID - ok
07:15:12.0231 3384  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
07:15:12.0355 3384  AppIDSvc - ok
07:15:12.0433 3384  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
07:15:12.0496 3384  Appinfo - ok
07:15:12.0589 3384  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:15:12.0605 3384  Apple Mobile Device - ok
07:15:12.0730 3384  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
07:15:12.0823 3384  AppMgmt - ok
07:15:12.0855 3384  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
07:15:12.0933 3384  arc - ok
07:15:12.0948 3384  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:15:12.0964 3384  arcsas - ok
07:15:13.0369 3384  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:15:13.0541 3384  aspnet_state - ok
07:15:13.0603 3384  [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
07:15:13.0619 3384  AsrAppCharger - ok
07:15:13.0650 3384  [ 30F92A4B666E1E53C418B2D3024FDF6E ] AsrVDrive       C:\Windows\system32\DRIVERS\AsrVDrive.sys
07:15:13.0666 3384  AsrVDrive - ok
07:15:13.0744 3384  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:15:13.0822 3384  AsyncMac - ok
07:15:13.0822 3384  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
07:15:13.0837 3384  atapi - ok
07:15:13.0931 3384  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
07:15:14.0071 3384  athr - ok
07:15:14.0165 3384  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
07:15:14.0227 3384  AtiHDAudioService - ok
07:15:14.0337 3384  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:15:14.0383 3384  AudioEndpointBuilder - ok
07:15:14.0446 3384  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
07:15:14.0477 3384  AudioSrv - ok
07:15:14.0602 3384  [ F431DC5D94F4B2FDBC927655D8A9B10E ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
07:15:14.0617 3384  Autodesk Content Service - ok
07:15:14.0649 3384  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
07:15:14.0851 3384  AxInstSV - ok
07:15:14.0976 3384  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
07:15:15.0070 3384  b06bdrv - ok
07:15:15.0132 3384  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
07:15:15.0195 3384  b57nd60a - ok
07:15:16.0255 3384  [ 4D485FD86B47FC693BE2D0EAA7F40969 ] BBDemon         C:\Mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe
07:15:22.0530 3384  BBDemon ( UnsignedFile.Multi.Generic ) - warning
07:15:22.0530 3384  BBDemon - detected UnsignedFile.Multi.Generic (1)
07:15:22.0639 3384  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
07:15:22.0717 3384  BDESVC - ok
07:15:22.0779 3384  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:15:22.0811 3384  Beep - ok
07:15:22.0873 3384  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
07:15:22.0904 3384  BFE - ok
07:15:23.0029 3384  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
07:15:23.0060 3384  BITS - ok
07:15:23.0091 3384  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
07:15:23.0107 3384  blbdrive - ok
07:15:23.0216 3384  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:15:23.0232 3384  Bonjour Service - ok
07:15:23.0279 3384  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:15:23.0294 3384  bowser - ok
07:15:23.0325 3384  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
07:15:23.0357 3384  BrFiltLo - ok
07:15:23.0388 3384  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
07:15:23.0419 3384  BrFiltUp - ok
07:15:23.0513 3384  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
07:15:23.0575 3384  BridgeMP - ok
07:15:23.0622 3384  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
07:15:23.0653 3384  Browser - ok
07:15:23.0669 3384  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
07:15:23.0715 3384  Brserid - ok
07:15:23.0731 3384  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
07:15:23.0762 3384  BrSerWdm - ok
07:15:23.0762 3384  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
07:15:23.0793 3384  BrUsbMdm - ok
07:15:23.0809 3384  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
07:15:23.0825 3384  BrUsbSer - ok
07:15:23.0825 3384  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:15:23.0856 3384  BTHMODEM - ok
07:15:23.0887 3384  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
07:15:23.0949 3384  bthserv - ok
07:15:23.0965 3384  catchme - ok
07:15:24.0012 3384  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
07:15:24.0027 3384  cbfs3 - ok
07:15:24.0043 3384  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:15:24.0074 3384  cdfs - ok
07:15:24.0137 3384  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:15:24.0152 3384  cdrom - ok
07:15:24.0199 3384  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
07:15:24.0246 3384  CertPropSvc - ok
07:15:24.0324 3384  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
07:15:24.0371 3384  circlass - ok
07:15:24.0402 3384  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
07:15:24.0417 3384  CLFS - ok
07:15:24.0495 3384  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:15:24.0511 3384  clr_optimization_v2.0.50727_32 - ok
07:15:24.0558 3384  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:15:24.0573 3384  clr_optimization_v2.0.50727_64 - ok
07:15:24.0698 3384  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:15:25.0010 3384  clr_optimization_v4.0.30319_32 - ok
07:15:25.0135 3384  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:15:25.0182 3384  clr_optimization_v4.0.30319_64 - ok
07:15:25.0213 3384  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
07:15:25.0229 3384  CmBatt - ok
07:15:25.0260 3384  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:15:25.0275 3384  cmdide - ok
07:15:25.0353 3384  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
07:15:25.0385 3384  CNG - ok
07:15:25.0447 3384  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
07:15:25.0463 3384  Compbatt - ok
07:15:25.0478 3384  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
07:15:25.0509 3384  CompositeBus - ok
07:15:25.0525 3384  COMSysApp - ok
07:15:25.0541 3384  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:15:25.0556 3384  crcdisk - ok
07:15:25.0603 3384  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:15:25.0634 3384  CryptSvc - ok
07:15:25.0681 3384  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
07:15:25.0712 3384  CSC - ok
07:15:25.0743 3384  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
07:15:25.0775 3384  CscService - ok
07:15:25.0837 3384  [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
07:15:25.0853 3384  dc3d - ok
07:15:25.0868 3384  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:15:25.0946 3384  DcomLaunch - ok
07:15:25.0962 3384  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
07:15:25.0993 3384  defragsvc - ok
07:15:26.0024 3384  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:15:26.0055 3384  DfsC - ok
07:15:26.0102 3384  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
07:15:26.0227 3384  Dhcp - ok
07:15:26.0258 3384  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
07:15:26.0336 3384  discache - ok
07:15:26.0352 3384  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
07:15:26.0352 3384  Disk - ok
07:15:26.0383 3384  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
07:15:26.0430 3384  dmvsc - ok
07:15:26.0492 3384  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:15:26.0523 3384  Dnscache - ok
07:15:26.0555 3384  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
07:15:26.0601 3384  dot3svc - ok
07:15:26.0633 3384  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
07:15:26.0664 3384  DPS - ok
07:15:26.0679 3384  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:15:26.0711 3384  drmkaud - ok
07:15:26.0742 3384  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
07:15:26.0757 3384  dtsoftbus01 - ok
07:15:26.0867 3384  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:15:26.0898 3384  DXGKrnl - ok
07:15:26.0913 3384  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
07:15:26.0960 3384  EapHost - ok
07:15:27.0210 3384  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
07:15:27.0288 3384  ebdrv - ok
07:15:27.0335 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
07:15:27.0366 3384  EFS - ok
07:15:27.0444 3384  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:15:27.0506 3384  ehRecvr - ok
07:15:27.0522 3384  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
07:15:27.0537 3384  ehSched - ok
07:15:27.0584 3384  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:15:27.0615 3384  elxstor - ok
07:15:27.0631 3384  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
07:15:27.0647 3384  ErrDev - ok
07:15:27.0693 3384  [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
07:15:27.0725 3384  EtronHub3 - ok
07:15:27.0740 3384  [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
07:15:27.0756 3384  EtronXHCI - ok
07:15:27.0771 3384  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
07:15:27.0818 3384  EventSystem - ok
07:15:27.0849 3384  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
07:15:27.0865 3384  exfat - ok
07:15:27.0881 3384  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:15:27.0912 3384  fastfat - ok
07:15:27.0943 3384  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
07:15:27.0974 3384  Fax - ok
07:15:28.0005 3384  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
07:15:28.0021 3384  fdc - ok
07:15:28.0037 3384  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
07:15:28.0052 3384  fdPHost - ok
07:15:28.0099 3384  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:15:28.0146 3384  FDResPub - ok
07:15:28.0208 3384  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:15:28.0224 3384  FileInfo - ok
07:15:28.0271 3384  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:15:28.0317 3384  Filetrace - ok
07:15:28.0489 3384  [ ECC329F6104EE208C24C4A8C1B4A9D14 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
07:15:28.0520 3384  FLEXnet Licensing Service 64 - ok
07:15:28.0536 3384  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
07:15:28.0551 3384  flpydisk - ok
07:15:28.0614 3384  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:15:28.0629 3384  FltMgr - ok
07:15:28.0645 3384  [ FE95AE537B41A7E2F4CFE353064DC4AF ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
07:15:28.0661 3384  FNETTBOH_305 - ok
07:15:28.0692 3384  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
07:15:28.0692 3384  FNETURPX - ok
07:15:28.0801 3384  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
07:15:28.0832 3384  FontCache - ok
07:15:28.0879 3384  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:15:28.0910 3384  FontCache3.0.0.0 - ok
07:15:29.0051 3384  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
07:15:29.0066 3384  FsDepends - ok
07:15:29.0129 3384  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:15:29.0129 3384  Fs_Rec - ok
07:15:29.0160 3384  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
07:15:29.0175 3384  fvevol - ok
07:15:29.0207 3384  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:15:29.0207 3384  gagp30kx - ok
07:15:29.0253 3384  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:15:29.0253 3384  GEARAspiWDM - ok
07:15:29.0285 3384  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
07:15:29.0363 3384  gpsvc - ok
07:15:29.0456 3384  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:15:29.0472 3384  gupdate - ok
07:15:29.0472 3384  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:15:29.0487 3384  gupdatem - ok
07:15:29.0534 3384  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
07:15:29.0550 3384  hamachi - ok
07:15:29.0628 3384  Hamachi2Svc - ok
07:15:29.0659 3384  [ 6E02DDFFA0E8C069A92A0888B0CB8415 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
07:15:29.0675 3384  hcmon - ok
07:15:29.0721 3384  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
07:15:29.0753 3384  hcw85cir - ok
07:15:29.0784 3384  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:15:29.0846 3384  HdAudAddService - ok
07:15:29.0862 3384  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:15:29.0893 3384  HDAudBus - ok
07:15:29.0893 3384  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
07:15:29.0909 3384  HidBatt - ok
07:15:29.0909 3384  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:15:29.0940 3384  HidBth - ok
07:15:29.0955 3384  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:15:29.0971 3384  HidIr - ok
07:15:29.0971 3384  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
07:15:30.0002 3384  hidserv - ok
07:15:30.0065 3384  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
07:15:30.0080 3384  HidUsb - ok
07:15:30.0111 3384  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:15:30.0143 3384  hkmsvc - ok
07:15:30.0174 3384  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:15:30.0205 3384  HomeGroupListener - ok
07:15:30.0221 3384  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:15:30.0267 3384  HomeGroupProvider - ok
07:15:30.0283 3384  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
07:15:30.0299 3384  HpSAMD - ok
07:15:30.0314 3384  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:15:30.0408 3384  HTTP - ok
07:15:30.0408 3384  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
07:15:30.0423 3384  hwpolicy - ok
07:15:30.0439 3384  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
07:15:30.0455 3384  i8042prt - ok
07:15:30.0501 3384  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
07:15:30.0533 3384  iaStorV - ok
07:15:30.0595 3384  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:15:30.0642 3384  idsvc - ok
07:15:30.0657 3384  IEEtwCollectorService - ok
07:15:30.0673 3384  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:15:30.0673 3384  iirsp - ok
07:15:30.0735 3384  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:15:30.0767 3384  IKEEXT - ok
07:15:30.0829 3384  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:15:30.0876 3384  IntcAzAudAddService - ok
07:15:30.0891 3384  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
07:15:30.0907 3384  intelide - ok
07:15:30.0938 3384  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:15:30.0938 3384  intelppm - ok
07:15:31.0001 3384  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:15:31.0063 3384  IPBusEnum - ok
07:15:31.0079 3384  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:15:31.0094 3384  IpFilterDriver - ok
07:15:31.0141 3384  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
07:15:31.0172 3384  iphlpsvc - ok
07:15:31.0188 3384  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
07:15:31.0203 3384  IPMIDRV - ok
07:15:31.0219 3384  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
07:15:31.0250 3384  IPNAT - ok
07:15:31.0297 3384  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:15:31.0328 3384  iPod Service - ok
07:15:31.0344 3384  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:15:31.0359 3384  IRENUM - ok
07:15:31.0359 3384  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:15:31.0375 3384  isapnp - ok
07:15:31.0391 3384  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
07:15:31.0391 3384  iScsiPrt - ok
07:15:31.0422 3384  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:15:31.0422 3384  kbdclass - ok
07:15:31.0437 3384  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:15:31.0453 3384  kbdhid - ok
07:15:31.0469 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
07:15:31.0484 3384  KeyIso - ok
07:15:31.0531 3384  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:15:31.0531 3384  KSecDD - ok
07:15:31.0547 3384  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
07:15:31.0562 3384  KSecPkg - ok
07:15:31.0578 3384  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
07:15:31.0609 3384  ksthunk - ok
07:15:31.0625 3384  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:15:31.0671 3384  KtmRm - ok
07:15:31.0718 3384  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
07:15:31.0874 3384  LanmanServer - ok
07:15:31.0905 3384  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:15:31.0952 3384  LanmanWorkstation - ok
07:15:31.0999 3384  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:15:32.0046 3384  lltdio - ok
07:15:32.0139 3384  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:15:32.0186 3384  lltdsvc - ok
07:15:32.0233 3384  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:15:32.0280 3384  lmhosts - ok
07:15:32.0373 3384  [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:15:32.0389 3384  LMS - ok
07:15:32.0420 3384  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:15:32.0436 3384  LSI_FC - ok
07:15:32.0451 3384  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:15:32.0467 3384  LSI_SAS - ok
07:15:32.0483 3384  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
07:15:32.0498 3384  LSI_SAS2 - ok
07:15:32.0514 3384  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:15:32.0529 3384  LSI_SCSI - ok
07:15:32.0561 3384  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
07:15:32.0607 3384  luafv - ok
07:15:32.0685 3384  [ 735440B1D436C9036084734CB4D2CF79 ] LUM             C:\Windows\system32\drivers\LUM.sys
07:15:32.0701 3384  LUM - ok
07:15:32.0748 3384  [ C63BF488680F88B6A1D83302AA0ACD0E ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
07:15:32.0779 3384  mbamchameleon - ok
07:15:32.0810 3384  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
07:15:32.0826 3384  MBAMProtector - ok
07:15:32.0951 3384  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Mikes\Antivirus\MBAM\mbamscheduler.exe
07:15:32.0966 3384  MBAMScheduler - ok
07:15:32.0997 3384  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Mikes\Antivirus\MBAM\mbamservice.exe
07:15:33.0013 3384  MBAMService - ok
07:15:33.0044 3384  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:15:33.0060 3384  Mcx2Svc - ok
07:15:33.0091 3384  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:15:33.0107 3384  megasas - ok
07:15:33.0122 3384  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
07:15:33.0153 3384  MegaSR - ok
07:15:33.0169 3384  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
07:15:33.0185 3384  MEIx64 - ok
07:15:33.0481 3384  [ 9F98EFA7BB6535E456D3B6E83D8F5474 ] mitsijm2014     C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe
07:15:33.0528 3384  mitsijm2014 - ok
07:15:33.0559 3384  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
07:15:33.0621 3384  MMCSS - ok
07:15:33.0637 3384  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
07:15:33.0715 3384  Modem - ok
07:15:33.0933 3384  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:15:33.0949 3384  monitor - ok
07:15:33.0996 3384  [ C030F9E822A057C1A7A9BB4EA3E8877E ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
07:15:34.0011 3384  MotioninJoyXFilter - ok
07:15:34.0043 3384  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:15:34.0058 3384  mouclass - ok
07:15:34.0089 3384  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:15:34.0121 3384  mouhid - ok
07:15:34.0136 3384  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
07:15:34.0152 3384  mountmgr - ok
07:15:34.0199 3384  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
07:15:34.0214 3384  MpFilter - ok
07:15:34.0214 3384  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:15:34.0230 3384  mpio - ok
07:15:34.0245 3384  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:15:34.0292 3384  mpsdrv - ok
07:15:34.0370 3384  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:15:34.0417 3384  MpsSvc - ok
07:15:34.0479 3384  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:15:34.0542 3384  MRxDAV - ok
07:15:34.0635 3384  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:15:34.0682 3384  mrxsmb - ok
07:15:34.0729 3384  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:15:34.0745 3384  mrxsmb10 - ok
07:15:34.0776 3384  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:15:34.0791 3384  mrxsmb20 - ok
07:15:34.0823 3384  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
07:15:34.0838 3384  msahci - ok
07:15:34.0838 3384  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:15:34.0854 3384  msdsm - ok
07:15:34.0885 3384  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
07:15:34.0901 3384  MSDTC - ok
07:15:34.0932 3384  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:15:34.0963 3384  Msfs - ok
07:15:35.0010 3384  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
07:15:35.0057 3384  mshidkmdf - ok
07:15:35.0057 3384  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:15:35.0072 3384  msisadrv - ok
07:15:35.0103 3384  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:15:35.0150 3384  MSiSCSI - ok
07:15:35.0150 3384  msiserver - ok
07:15:35.0181 3384  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:15:35.0213 3384  MSKSSRV - ok
07:15:35.0275 3384  [ F685DA9DE290FFE16CD294A2FFECAF45 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:15:35.0275 3384  MsMpSvc - ok
07:15:35.0291 3384  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:15:35.0322 3384  MSPCLOCK - ok
07:15:35.0337 3384  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:15:35.0384 3384  MSPQM - ok
07:15:35.0384 3384  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:15:35.0400 3384  MsRPC - ok
07:15:35.0400 3384  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:15:35.0415 3384  mssmbios - ok
07:15:35.0415 3384  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:15:35.0431 3384  MSTEE - ok
07:15:35.0447 3384  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
07:15:35.0447 3384  MTConfig - ok
07:15:35.0462 3384  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:15:35.0462 3384  Mup - ok
07:15:35.0493 3384  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
07:15:35.0509 3384  napagent - ok
07:15:35.0540 3384  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:15:35.0556 3384  NativeWifiP - ok
07:15:35.0603 3384  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:15:35.0634 3384  NDIS - ok
07:15:35.0681 3384  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
07:15:35.0727 3384  NdisCap - ok
07:15:35.0759 3384  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:15:35.0774 3384  NdisTapi - ok
07:15:35.0774 3384  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:15:35.0805 3384  Ndisuio - ok
07:15:35.0805 3384  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:15:35.0837 3384  NdisWan - ok
07:15:35.0852 3384  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:15:35.0868 3384  NDProxy - ok
07:15:35.0868 3384  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:15:35.0899 3384  NetBIOS - ok
07:15:35.0915 3384  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
07:15:35.0930 3384  NetBT - ok
07:15:35.0946 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
07:15:35.0946 3384  Netlogon - ok
07:15:35.0977 3384  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
07:15:36.0008 3384  Netman - ok
07:15:36.0039 3384  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:15:36.0071 3384  NetMsmqActivator - ok
07:15:36.0086 3384  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:15:36.0102 3384  NetPipeActivator - ok
07:15:36.0133 3384  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
07:15:36.0180 3384  netprofm - ok
07:15:36.0195 3384  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:15:36.0211 3384  NetTcpActivator - ok
07:15:36.0258 3384  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:15:36.0273 3384  NetTcpPortSharing - ok
07:15:36.0305 3384  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:15:36.0320 3384  nfrd960 - ok
07:15:36.0367 3384  [ ACE8C64C57E4A711473C8BC10ADF692B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:15:36.0383 3384  NisDrv - ok
07:15:36.0398 3384  [ 6F3F612EC886A26FEFA98F575B023FDA ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
07:15:36.0414 3384  NisSrv - ok
07:15:36.0429 3384  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:15:36.0461 3384  NlaSvc - ok
07:15:36.0461 3384  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:15:36.0492 3384  Npfs - ok
07:15:36.0507 3384  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
07:15:36.0554 3384  nsi - ok
07:15:36.0554 3384  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:15:36.0601 3384  nsiproxy - ok
07:15:36.0741 3384  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:15:36.0788 3384  Ntfs - ok
07:15:36.0819 3384  [ 77EB11DA191D12D12E28D7BD8905C42C ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
07:15:36.0835 3384  NuidFltr - ok
07:15:36.0851 3384  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
07:15:36.0882 3384  Null - ok
07:15:36.0897 3384  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:15:36.0913 3384  nvraid - ok
07:15:36.0913 3384  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:15:36.0929 3384  nvstor - ok
07:15:36.0944 3384  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:15:36.0944 3384  nv_agp - ok
07:15:36.0960 3384  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
07:15:36.0960 3384  ohci1394 - ok
07:15:37.0007 3384  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:15:37.0022 3384  ose64 - ok
07:15:37.0256 3384  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:15:37.0365 3384  osppsvc - ok
07:15:37.0412 3384  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
07:15:37.0428 3384  p2pimsvc - ok
07:15:37.0443 3384  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:15:37.0459 3384  p2psvc - ok
07:15:37.0459 3384  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
07:15:37.0475 3384  Parport - ok
07:15:37.0506 3384  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:15:37.0521 3384  partmgr - ok
07:15:37.0537 3384  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:15:37.0568 3384  PcaSvc - ok
07:15:37.0599 3384  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
07:15:37.0599 3384  pci - ok
07:15:37.0615 3384  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
07:15:37.0615 3384  pciide - ok
07:15:37.0631 3384  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:15:37.0646 3384  pcmcia - ok
07:15:37.0646 3384  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
07:15:37.0662 3384  pcw - ok
07:15:37.0677 3384  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:15:37.0724 3384  PEAUTH - ok
07:15:37.0865 3384  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
07:15:37.0927 3384  PeerDistSvc - ok
07:15:37.0974 3384  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
07:15:37.0989 3384  PerfHost - ok
07:15:38.0036 3384  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
07:15:38.0083 3384  pla - ok
07:15:38.0130 3384  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:15:38.0161 3384  PlugPlay - ok
07:15:38.0161 3384  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
07:15:38.0177 3384  PNRPAutoReg - ok
07:15:38.0192 3384  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
07:15:38.0208 3384  PNRPsvc - ok
07:15:38.0270 3384  [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64         C:\Windows\system32\DRIVERS\point64.sys
07:15:38.0270 3384  Point64 - ok
07:15:38.0301 3384  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:15:38.0348 3384  PolicyAgent - ok
07:15:38.0379 3384  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
07:15:38.0426 3384  Power - ok
07:15:38.0442 3384  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:15:38.0473 3384  PptpMiniport - ok
07:15:38.0473 3384  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
07:15:38.0489 3384  Processor - ok
07:15:38.0551 3384  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
07:15:38.0582 3384  ProfSvc - ok
07:15:38.0598 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
07:15:38.0613 3384  ProtectedStorage - ok
07:15:38.0629 3384  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
07:15:38.0691 3384  Psched - ok
07:15:38.0754 3384  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:15:38.0847 3384  ql2300 - ok
07:15:38.0863 3384  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:15:38.0879 3384  ql40xx - ok
07:15:38.0894 3384  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
07:15:38.0925 3384  QWAVE - ok
07:15:38.0925 3384  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:15:38.0941 3384  QWAVEdrv - ok
07:15:38.0957 3384  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:15:38.0972 3384  RasAcd - ok
07:15:39.0003 3384  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
07:15:39.0019 3384  RasAgileVpn - ok
07:15:39.0035 3384  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
07:15:39.0066 3384  RasAuto - ok
07:15:39.0081 3384  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:15:39.0113 3384  Rasl2tp - ok
07:15:39.0128 3384  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
07:15:39.0144 3384  RasMan - ok
07:15:39.0159 3384  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:15:39.0175 3384  RasPppoe - ok
07:15:39.0191 3384  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:15:39.0206 3384  RasSstp - ok
07:15:39.0253 3384  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:15:39.0284 3384  rdbss - ok
07:15:39.0300 3384  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
07:15:39.0315 3384  rdpbus - ok
07:15:39.0331 3384  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:15:39.0347 3384  RDPCDD - ok
07:15:39.0362 3384  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
07:15:39.0378 3384  RDPDR - ok
07:15:39.0393 3384  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:15:39.0425 3384  RDPENCDD - ok
07:15:39.0425 3384  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
07:15:39.0440 3384  RDPREFMP - ok
07:15:39.0471 3384  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
07:15:39.0534 3384  RdpVideoMiniport - ok
07:15:39.0581 3384  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:15:39.0612 3384  RDPWD - ok
07:15:39.0643 3384  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
07:15:39.0659 3384  rdyboost - ok
07:15:39.0674 3384  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:15:39.0705 3384  RemoteAccess - ok
07:15:39.0737 3384  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:15:39.0752 3384  RemoteRegistry - ok
07:15:39.0815 3384  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
07:15:39.0861 3384  RpcEptMapper - ok
07:15:39.0893 3384  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
07:15:39.0908 3384  RpcLocator - ok
07:15:39.0971 3384  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\System32\rpcss.dll
07:15:40.0017 3384  RpcSs - ok
07:15:40.0033 3384  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:15:40.0064 3384  rspndr - ok
07:15:40.0095 3384  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
07:15:40.0095 3384  RTL8167 - ok
07:15:40.0127 3384  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
07:15:40.0142 3384  s3cap - ok
07:15:40.0158 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
07:15:40.0158 3384  SamSs - ok
07:15:40.0236 3384  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS
07:15:40.0251 3384  SASDIFSV - ok
07:15:40.0283 3384  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS
07:15:40.0283 3384  SASKUTIL - ok
07:15:40.0298 3384  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:15:40.0314 3384  sbp2port - ok
07:15:40.0314 3384  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:15:40.0345 3384  SCardSvr - ok
07:15:40.0345 3384  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
07:15:40.0376 3384  scfilter - ok
07:15:40.0407 3384  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
07:15:40.0439 3384  Schedule - ok
07:15:40.0454 3384  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:15:40.0470 3384  SCPolicySvc - ok
07:15:40.0485 3384  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:15:40.0501 3384  SDRSVC - ok
07:15:40.0517 3384  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:15:40.0532 3384  secdrv - ok
07:15:40.0563 3384  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
07:15:40.0579 3384  seclogon - ok
07:15:40.0657 3384  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
07:15:40.0704 3384  SENS - ok
07:15:40.0735 3384  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
07:15:40.0735 3384  SensrSvc - ok
07:15:40.0735 3384  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
07:15:40.0751 3384  Serenum - ok
07:15:40.0766 3384  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
07:15:40.0766 3384  Serial - ok
07:15:40.0782 3384  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:15:40.0797 3384  sermouse - ok
07:15:40.0797 3384  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:15:40.0829 3384  SessionEnv - ok
07:15:40.0844 3384  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:15:40.0844 3384  sffdisk - ok
07:15:40.0860 3384  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:15:40.0875 3384  sffp_mmc - ok
07:15:40.0891 3384  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:15:40.0891 3384  sffp_sd - ok
07:15:40.0907 3384  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:15:40.0907 3384  sfloppy - ok
07:15:40.0922 3384  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:15:40.0953 3384  SharedAccess - ok
07:15:40.0985 3384  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:15:41.0000 3384  ShellHWDetection - ok
07:15:41.0016 3384  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
07:15:41.0016 3384  SiSRaid2 - ok
07:15:41.0031 3384  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:15:41.0031 3384  SiSRaid4 - ok
07:15:41.0047 3384  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:15:41.0078 3384  Smb - ok
07:15:41.0094 3384  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:15:41.0109 3384  SNMPTRAP - ok
07:15:41.0109 3384  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:15:41.0125 3384  spldr - ok
07:15:41.0156 3384  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
07:15:41.0187 3384  Spooler - ok
07:15:41.0250 3384  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
07:15:41.0312 3384  sppsvc - ok
07:15:41.0328 3384  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
07:15:41.0359 3384  sppuinotify - ok
07:15:41.0453 3384  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:15:41.0499 3384  srv - ok
07:15:41.0546 3384  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:15:41.0562 3384  srv2 - ok
07:15:41.0609 3384  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:15:41.0624 3384  srvnet - ok
07:15:41.0640 3384  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:15:41.0687 3384  SSDPSRV - ok
07:15:41.0749 3384  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:15:41.0780 3384  SstpSvc - ok
07:15:41.0983 3384  [ DB0768632C680B7C0D3AA92D80416893 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
07:15:41.0999 3384  Steam Client Service - ok
07:15:42.0045 3384  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
07:15:42.0061 3384  stexstor - ok
07:15:42.0092 3384  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
07:15:42.0123 3384  stisvc - ok
07:15:42.0155 3384  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
07:15:42.0170 3384  storflt - ok
07:15:42.0186 3384  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
07:15:42.0201 3384  storvsc - ok
07:15:42.0217 3384  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:15:42.0233 3384  swenum - ok
07:15:42.0279 3384  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
07:15:42.0342 3384  swprv - ok
07:15:42.0357 3384  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
07:15:42.0373 3384  Synth3dVsc - ok
07:15:42.0389 3384  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
07:15:42.0435 3384  SysMain - ok
07:15:42.0451 3384  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:15:42.0451 3384  TabletInputService - ok
07:15:42.0467 3384  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:15:42.0513 3384  TapiSrv - ok
07:15:42.0560 3384  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
07:15:42.0607 3384  TBS - ok
07:15:42.0763 3384  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:15:42.0841 3384  Tcpip - ok
07:15:42.0888 3384  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
07:15:42.0919 3384  TCPIP6 - ok
07:15:42.0966 3384  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:15:42.0966 3384  tcpipreg - ok
07:15:42.0997 3384  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:15:43.0044 3384  TDPIPE - ok
07:15:43.0106 3384  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:15:43.0153 3384  TDTCP - ok
07:15:43.0153 3384  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:15:43.0184 3384  tdx - ok
07:15:43.0231 3384  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:15:43.0231 3384  TermDD - ok
07:15:43.0262 3384  [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt        C:\Windows\system32\drivers\terminpt.sys
07:15:43.0309 3384  terminpt - ok
07:15:43.0356 3384  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
07:15:43.0403 3384  TermService - ok
07:15:43.0418 3384  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
07:15:43.0418 3384  Themes - ok
07:15:43.0465 3384  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
07:15:43.0512 3384  THREADORDER - ok
07:15:43.0543 3384  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
07:15:43.0621 3384  TrkWks - ok
07:15:43.0761 3384  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:15:43.0793 3384  TrustedInstaller - ok
07:15:43.0824 3384  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:15:43.0855 3384  tssecsrv - ok
07:15:43.0871 3384  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
07:15:43.0886 3384  TsUsbFlt - ok
07:15:43.0902 3384  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
07:15:43.0917 3384  TsUsbGD - ok
07:15:43.0933 3384  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
07:15:43.0949 3384  tsusbhub - ok
07:15:43.0995 3384  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:15:44.0027 3384  tunnel - ok
07:15:44.0042 3384  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:15:44.0042 3384  uagp35 - ok
07:15:44.0058 3384  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:15:44.0089 3384  udfs - ok
07:15:44.0089 3384  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:15:44.0105 3384  UI0Detect - ok
07:15:44.0136 3384  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:15:44.0151 3384  uliagpkx - ok
07:15:44.0167 3384  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:15:44.0167 3384  umbus - ok
07:15:44.0183 3384  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
07:15:44.0198 3384  UmPass - ok
07:15:44.0214 3384  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
07:15:44.0229 3384  UmRdpService - ok
07:15:44.0588 3384  [ CD114CE02A10FA79C229770788106842 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:15:44.0635 3384  UNS - ok
07:15:44.0697 3384  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
07:15:44.0760 3384  upnphost - ok
07:15:44.0791 3384  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
07:15:44.0822 3384  USBAAPL64 - ok
07:15:44.0885 3384  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:15:44.0900 3384  usbccgp - ok
07:15:44.0947 3384  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:15:44.0994 3384  usbcir - ok
07:15:45.0025 3384  [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
07:15:45.0056 3384  usbehci - ok
07:15:45.0072 3384  [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:15:45.0103 3384  usbhub - ok
07:15:45.0134 3384  [ 9406D801042FAF859CF81B2C886413DC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
07:15:45.0150 3384  usbohci - ok
07:15:45.0181 3384  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:15:45.0212 3384  usbprint - ok
07:15:45.0243 3384  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
07:15:45.0259 3384  usbscan - ok
07:15:45.0306 3384  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:15:45.0353 3384  USBSTOR - ok
07:15:45.0399 3384  [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
07:15:45.0415 3384  usbuhci - ok
07:15:45.0446 3384  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
07:15:45.0477 3384  UxSms - ok
07:15:45.0493 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
07:15:45.0509 3384  VaultSvc - ok
07:15:45.0509 3384  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
07:15:45.0524 3384  vdrvroot - ok
07:15:45.0540 3384  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
07:15:45.0587 3384  vds - ok
07:15:45.0602 3384  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:15:45.0618 3384  vga - ok
07:15:45.0618 3384  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:15:45.0649 3384  VgaSave - ok
07:15:45.0649 3384  VGPU - ok
07:15:45.0727 3384  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
07:15:45.0743 3384  vhdmp - ok
07:15:45.0758 3384  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:15:45.0774 3384  viaide - ok
07:15:45.0883 3384  [ 549CD7035F5CF5CEE4DE11539C9715F4 ] VMAuthdService  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmware-authd.exe
07:15:45.0914 3384  VMAuthdService - ok
07:15:45.0930 3384  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
07:15:45.0945 3384  vmbus - ok
07:15:45.0961 3384  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
07:15:45.0977 3384  VMBusHID - ok
07:15:46.0023 3384  [ BE8E5E5D53ACF71D4E8E686B68C99B04 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
07:15:46.0039 3384  vmci - ok
07:15:46.0086 3384  [ CCB2A61113D093B9B5CCCF1D60D65E7A ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
07:15:46.0101 3384  vmkbd - ok
07:15:46.0133 3384  [ 18AA5F4A3B1204AD00045EE5AD39BCDB ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
07:15:46.0148 3384  VMnetAdapter - ok
07:15:46.0164 3384  [ 04CD4347CD9E8C40F78AD51F7FF426D0 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
07:15:46.0179 3384  VMnetBridge - ok
07:15:46.0195 3384  VMnetDHCP - ok
07:15:46.0211 3384  [ 668C12E04D5AB4981864B12494AF907F ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
07:15:46.0226 3384  VMnetuserif - ok
07:15:46.0335 3384  [ 093B967896BA9EF2ADFCD75E185B9DA9 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
07:15:46.0367 3384  VMUSBArbService - ok
07:15:46.0367 3384  VMware NAT Service - ok
07:15:46.0398 3384  [ EBAC38A198308359FD89C10704265E5E ] vmx86           C:\Windows\system32\drivers\vmx86.sys
07:15:46.0413 3384  vmx86 - ok
07:15:46.0445 3384  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:15:46.0460 3384  volmgr - ok
07:15:46.0476 3384  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:15:46.0491 3384  volmgrx - ok
07:15:46.0523 3384  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:15:46.0538 3384  volsnap - ok
07:15:46.0585 3384  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:15:46.0601 3384  vsmraid - ok
07:15:46.0616 3384  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D ] vsock           C:\Windows\system32\drivers\vsock.sys
07:15:46.0632 3384  vsock - ok
07:15:46.0772 3384  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
07:15:46.0835 3384  VSS - ok
07:15:46.0850 3384  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
07:15:46.0866 3384  vwifibus - ok
07:15:46.0866 3384  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
07:15:46.0881 3384  vwififlt - ok
07:15:46.0897 3384  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
07:15:46.0928 3384  W32Time - ok
07:15:46.0928 3384  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:15:46.0944 3384  WacomPen - ok
07:15:46.0975 3384  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
07:15:46.0991 3384  WANARP - ok
07:15:47.0006 3384  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:15:47.0022 3384  Wanarpv6 - ok
07:15:47.0115 3384  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
07:15:47.0178 3384  WatAdminSvc - ok
07:15:47.0225 3384  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
07:15:47.0256 3384  wbengine - ok
07:15:47.0271 3384  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
07:15:47.0271 3384  WbioSrvc - ok
07:15:47.0287 3384  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:15:47.0303 3384  wcncsvc - ok
07:15:47.0303 3384  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:15:47.0349 3384  WcsPlugInService - ok
07:15:47.0365 3384  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
07:15:47.0365 3384  Wd - ok
07:15:47.0427 3384  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:15:47.0443 3384  Wdf01000 - ok
07:15:47.0459 3384  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:15:47.0537 3384  WdiServiceHost - ok
07:15:47.0552 3384  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:15:47.0568 3384  WdiSystemHost - ok
07:15:47.0568 3384  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
07:15:47.0615 3384  WebClient - ok
07:15:47.0615 3384  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:15:47.0661 3384  Wecsvc - ok
07:15:47.0708 3384  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:15:47.0755 3384  wercplsupport - ok
07:15:47.0771 3384  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:15:47.0802 3384  WerSvc - ok
07:15:47.0817 3384  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
07:15:47.0833 3384  WfpLwf - ok
07:15:47.0864 3384  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
07:15:47.0864 3384  WIMMount - ok
07:15:47.0880 3384  WinDefend - ok
07:15:47.0895 3384  WinHttpAutoProxySvc - ok
07:15:47.0911 3384  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:15:47.0942 3384  Winmgmt - ok
07:15:48.0083 3384  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
07:15:48.0129 3384  WinRM - ok
07:15:48.0176 3384  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
07:15:48.0207 3384  WinUsb - ok
07:15:48.0223 3384  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:15:48.0239 3384  Wlansvc - ok
07:15:48.0254 3384  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:15:48.0270 3384  WmiAcpi - ok
07:15:48.0270 3384  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:15:48.0301 3384  wmiApSrv - ok
07:15:48.0317 3384  WMPNetworkSvc - ok
07:15:48.0317 3384  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:15:48.0332 3384  WPCSvc - ok
07:15:48.0348 3384  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:15:48.0348 3384  WPDBusEnum - ok
07:15:48.0363 3384  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:15:48.0379 3384  ws2ifsl - ok
07:15:48.0395 3384  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
07:15:48.0410 3384  wscsvc - ok
07:15:48.0410 3384  WSearch - ok
07:15:48.0535 3384  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
07:15:48.0582 3384  wuauserv - ok
07:15:48.0613 3384  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
07:15:48.0629 3384  WudfPf - ok
07:15:48.0644 3384  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:15:48.0675 3384  WUDFRd - ok
07:15:48.0691 3384  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:15:48.0722 3384  wudfsvc - ok
07:15:48.0738 3384  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
07:15:48.0753 3384  WwanSvc - ok
07:15:48.0847 3384  [ 9176C0822FAA649E45121875BE32F5D2 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
07:15:48.0863 3384  xusb21 - ok
07:15:48.0878 3384  ================ Scan global ===============================
07:15:48.0894 3384  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:15:48.0925 3384  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
07:15:48.0925 3384  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
07:15:48.0972 3384  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:15:49.0034 3384  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:15:49.0034 3384  [Global] - ok
07:15:49.0034 3384  ================ Scan MBR ==================================
07:15:49.0034 3384  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:15:49.0284 3384  \Device\Harddisk1\DR1 - ok
07:15:49.0299 3384  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
07:15:49.0455 3384  \Device\Harddisk2\DR2 - ok
07:15:49.0471 3384  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:15:49.0518 3384  \Device\Harddisk0\DR0 - ok
07:15:49.0518 3384  ================ Scan VBR ==================================
07:15:49.0518 3384  [ 359661FDDB693DDECEE397424467B50D ] \Device\Harddisk1\DR1\Partition1
07:15:49.0518 3384  \Device\Harddisk1\DR1\Partition1 - ok
07:15:49.0518 3384  [ 0670015AB762DE6376014CF3DAB9A85C ] \Device\Harddisk2\DR2\Partition1
07:15:49.0518 3384  \Device\Harddisk2\DR2\Partition1 - ok
07:15:49.0518 3384  [ B7EC75FEDA5435A9F929DEA1E501308C ] \Device\Harddisk0\DR0\Partition1
07:15:49.0518 3384  \Device\Harddisk0\DR0\Partition1 - ok
07:15:49.0518 3384  ================ Scan active images ========================
07:15:49.0518 3384  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
07:15:49.0518 3384  C:\Windows\System32\drivers\crashdmp.sys - ok
07:15:49.0518 3384  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
07:15:49.0518 3384  C:\Windows\System32\drivers\Dumpata.sys - ok
07:15:49.0518 3384  [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
07:15:49.0518 3384  C:\Windows\System32\drivers\atapi.sys - ok
07:15:49.0518 3384  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
07:15:49.0518 3384  C:\Windows\System32\drivers\dumpfve.sys - ok
07:15:49.0533 3384  [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\dtsoftbus01.sys - ok
07:15:49.0533 3384  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\beep.sys - ok
07:15:49.0533 3384  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\cdrom.sys - ok
07:15:49.0533 3384  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] C:\Windows\System32\drivers\FNETURPX.SYS
07:15:49.0533 3384  C:\Windows\System32\drivers\FNETURPX.SYS - ok
07:15:49.0533 3384  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\null.sys - ok
07:15:49.0533 3384  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\vga.sys - ok
07:15:49.0533 3384  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\videoprt.sys - ok
07:15:49.0533 3384  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
07:15:49.0533 3384  C:\Windows\System32\drivers\watchdog.sys - ok
07:15:49.0549 3384  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\msfs.sys - ok
07:15:49.0549 3384  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\npfs.sys - ok
07:15:49.0549 3384  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\RDPCDD.sys - ok
07:15:49.0549 3384  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\RDPENCDD.sys - ok
07:15:49.0549 3384  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\RDPREFMP.sys - ok
07:15:49.0549 3384  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\tdi.sys - ok
07:15:49.0549 3384  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\tdx.sys - ok
07:15:49.0549 3384  [ 79059559E89D06E8B80CE2944BE20228 ] C:\Windows\System32\drivers\afd.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\afd.sys - ok
07:15:49.0549 3384  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
07:15:49.0549 3384  C:\Windows\System32\drivers\netbt.sys - ok
07:15:49.0565 3384  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\wfplwf.sys - ok
07:15:49.0565 3384  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\ws2ifsl.sys - ok
07:15:49.0565 3384  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\pacer.sys - ok
07:15:49.0565 3384  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\vwififlt.sys - ok
07:15:49.0565 3384  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\netbios.sys - ok
07:15:49.0565 3384  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\serial.sys - ok
07:15:49.0565 3384  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\termdd.sys - ok
07:15:49.0565 3384  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
07:15:49.0565 3384  C:\Windows\System32\drivers\wanarp.sys - ok
07:15:49.0580 3384  [ 3289766038DB2CB14D07DC84392138D5 ] C:\Mikes\Antivirus\SuperAntiSpyware\sasdifsv64.sys
07:15:49.0580 3384  C:\Mikes\Antivirus\SuperAntiSpyware\sasdifsv64.sys - ok
07:15:49.0580 3384  [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Mikes\Antivirus\SuperAntiSpyware\saskutil64.sys
07:15:49.0580 3384  C:\Mikes\Antivirus\SuperAntiSpyware\saskutil64.sys - ok
07:15:49.0580 3384  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\nsiproxy.sys - ok
07:15:49.0580 3384  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\rdbss.sys - ok
07:15:49.0580 3384  [ 735440B1D436C9036084734CB4D2CF79 ] C:\Windows\System32\drivers\LUM.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\LUM.sys - ok
07:15:49.0580 3384  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\mssmbios.sys - ok
07:15:49.0580 3384  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\discache.sys - ok
07:15:49.0580 3384  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
07:15:49.0580 3384  C:\Windows\System32\drivers\csc.sys - ok
07:15:49.0596 3384  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\blbdrive.sys - ok
07:15:49.0596 3384  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\dfsc.sys - ok
07:15:49.0596 3384  [ 912A215CE180A6E7C923C662D7EC777D ] C:\Windows\System32\drivers\AsrAppCharger.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\AsrAppCharger.sys - ok
07:15:49.0596 3384  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\tunnel.sys - ok
07:15:49.0596 3384  [ EE22D3ED6D55A855E709F811CCCA97ED ] C:\Windows\System32\drivers\atikmpag.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\atikmpag.sys - ok
07:15:49.0596 3384  [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
07:15:49.0596 3384  C:\Windows\System32\smss.exe - ok
07:15:49.0596 3384  [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
07:15:49.0596 3384  C:\Windows\System32\ntdll.dll - ok
07:15:49.0596 3384  [ 22A14DF59FB8D0BE918C597988AF4296 ] C:\Windows\System32\drivers\atikmdag.sys
07:15:49.0596 3384  C:\Windows\System32\drivers\atikmdag.sys - ok
07:15:49.0611 3384  [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\dxgkrnl.sys - ok
07:15:49.0611 3384  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\dxgmms1.sys - ok
07:15:49.0611 3384  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
07:15:49.0611 3384  C:\Windows\System32\autochk.exe - ok
07:15:49.0611 3384  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\hdaudbus.sys - ok
07:15:49.0611 3384  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\HECIx64.sys - ok
07:15:49.0611 3384  [ E73A7A04FDAC9DD46EE2A4257F09E91C ] C:\Windows\System32\drivers\usbport.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\usbport.sys - ok
07:15:49.0611 3384  [ 311C1DD1088E55BEAE15954D17F50646 ] C:\Windows\System32\drivers\usbehci.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\usbehci.sys - ok
07:15:49.0611 3384  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] C:\Windows\System32\drivers\athrx.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\athrx.sys - ok
07:15:49.0611 3384  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
07:15:49.0611 3384  C:\Windows\System32\drivers\vwifibus.sys - ok
07:15:49.0627 3384  [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] C:\Windows\System32\drivers\EtronXHCI.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\EtronXHCI.sys - ok
07:15:49.0627 3384  [ F4C374B1C46DE294B573BB43723AC3F6 ] C:\Windows\System32\drivers\Rt64win7.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\Rt64win7.sys - ok
07:15:49.0627 3384  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\serenum.sys - ok
07:15:49.0627 3384  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
07:15:49.0627 3384  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\CompositeBus.sys - ok
07:15:49.0627 3384  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\intelppm.sys - ok
07:15:49.0627 3384  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\agilevpn.sys - ok
07:15:49.0627 3384  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
07:15:49.0627 3384  C:\Windows\System32\drivers\ndistapi.sys - ok
07:15:49.0643 3384  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\rasl2tp.sys - ok
07:15:49.0643 3384  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\ndiswan.sys - ok
07:15:49.0643 3384  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\raspppoe.sys - ok
07:15:49.0643 3384  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\raspptp.sys - ok
07:15:49.0643 3384  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] C:\Windows\System32\drivers\hamachi.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\hamachi.sys - ok
07:15:49.0643 3384  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\rassstp.sys - ok
07:15:49.0643 3384  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\rdpbus.sys - ok
07:15:49.0643 3384  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
07:15:49.0643 3384  C:\Windows\System32\drivers\kbdclass.sys - ok
07:15:49.0658 3384  [ 30F92A4B666E1E53C418B2D3024FDF6E ] C:\Windows\System32\drivers\AsrVDrive.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\AsrVDrive.sys - ok
07:15:49.0658 3384  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\mouclass.sys - ok
07:15:49.0658 3384  [ 555FA105C22B1616094EDAD1CBFB0551 ] C:\Windows\System32\drivers\cbfs3.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\cbfs3.sys - ok
07:15:49.0658 3384  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\ks.sys - ok
07:15:49.0658 3384  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\swenum.sys - ok
07:15:49.0658 3384  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\umbus.sys - ok
07:15:49.0658 3384  [ 9E12C27C63A3DEB2DCAECB281461437B ] C:\Windows\System32\drivers\vmnet.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\vmnet.sys - ok
07:15:49.0658 3384  [ 18AA5F4A3B1204AD00045EE5AD39BCDB ] C:\Windows\System32\drivers\vmnetadapter.sys
07:15:49.0658 3384  C:\Windows\System32\drivers\vmnetadapter.sys - ok
07:15:49.0658 3384  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
07:15:49.0658 3384  C:\Windows\System32\oleaut32.dll - ok
07:15:49.0674 3384  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
07:15:49.0674 3384  C:\Windows\System32\clbcatq.dll - ok
07:15:49.0674 3384  [ 280E90CBF4B2DDD169F0728CB44D726F ] C:\Windows\System32\drivers\usbhub.sys
07:15:49.0674 3384  C:\Windows\System32\drivers\usbhub.sys - ok
07:15:49.0674 3384  [ 43D9CE875F8FC8370C6BA2F74D50D01C ] C:\Windows\System32\urlmon.dll
07:15:49.0674 3384  C:\Windows\System32\urlmon.dll - ok
07:15:49.0674 3384  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
07:15:49.0674 3384  C:\Windows\System32\msctf.dll - ok
07:15:49.0674 3384  [ D8973E71F1B35CD3F3DEA7C12D49D0F0 ] C:\Windows\System32\kernel32.dll
07:15:49.0674 3384  C:\Windows\System32\kernel32.dll - ok
07:15:49.0674 3384  [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
07:15:49.0674 3384  C:\Windows\System32\shell32.dll - ok
07:15:49.0674 3384  [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
07:15:49.0674 3384  C:\Windows\System32\advapi32.dll - ok
07:15:49.0674 3384  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
07:15:49.0674 3384  C:\Windows\System32\ole32.dll - ok
07:15:49.0689 3384  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
07:15:49.0689 3384  C:\Windows\System32\difxapi.dll - ok
07:15:49.0689 3384  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
07:15:49.0689 3384  C:\Windows\System32\psapi.dll - ok
07:15:49.0689 3384  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
07:15:49.0689 3384  C:\Windows\System32\user32.dll - ok
07:15:49.0689 3384  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
07:15:49.0689 3384  C:\Windows\System32\sechost.dll - ok
07:15:49.0689 3384  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
07:15:49.0689 3384  C:\Windows\System32\setupapi.dll - ok
07:15:49.0689 3384  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
07:15:49.0689 3384  C:\Windows\System32\comdlg32.dll - ok
07:15:49.0689 3384  [ 092F3E7D054FDF779054E29A0A0D4267 ] C:\Windows\System32\iertutil.dll
07:15:49.0689 3384  C:\Windows\System32\iertutil.dll - ok
07:15:49.0689 3384  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
07:15:49.0689 3384  C:\Windows\System32\msvcrt.dll - ok
07:15:49.0689 3384  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
07:15:49.0689 3384  C:\Windows\System32\shlwapi.dll - ok
07:15:49.0705 3384  [ 56325BB1FF19F2A5AC8713756AC41140 ] C:\Windows\System32\gdi32.dll
07:15:49.0705 3384  C:\Windows\System32\gdi32.dll - ok
07:15:49.0705 3384  [ E6CB36B85BE59095337427E853A5B65A ] C:\Windows\System32\wininet.dll
07:15:49.0705 3384  C:\Windows\System32\wininet.dll - ok
07:15:49.0705 3384  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
07:15:49.0705 3384  C:\Windows\System32\usp10.dll - ok
07:15:49.0705 3384  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
07:15:49.0705 3384  C:\Windows\System32\Wldap32.dll - ok
07:15:49.0705 3384  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
07:15:49.0705 3384  C:\Windows\System32\imm32.dll - ok
07:15:49.0705 3384  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
07:15:49.0705 3384  C:\Windows\System32\normaliz.dll - ok
07:15:49.0705 3384  [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
07:15:49.0705 3384  C:\Windows\System32\rpcrt4.dll - ok
07:15:49.0705 3384  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
07:15:49.0705 3384  C:\Windows\System32\imagehlp.dll - ok
07:15:49.0705 3384  [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
07:15:49.0721 3384  C:\Windows\System32\lpk.dll - ok
07:15:49.0721 3384  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
07:15:49.0721 3384  C:\Windows\System32\nsi.dll - ok
07:15:49.0721 3384  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
07:15:49.0721 3384  C:\Windows\System32\ws2_32.dll - ok
07:15:49.0721 3384  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
07:15:49.0721 3384  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
07:15:49.0721 3384  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
07:15:49.0721 3384  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
07:15:49.0721 3384  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
07:15:49.0721 3384  C:\Windows\System32\cfgmgr32.dll - ok
07:15:49.0721 3384  [ 780F6ECC4F55D76C9730E6B6C9B31913 ] C:\Windows\System32\crypt32.dll
07:15:49.0721 3384  C:\Windows\System32\crypt32.dll - ok
07:15:49.0721 3384  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
07:15:49.0721 3384  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
07:15:49.0721 3384  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
07:15:49.0721 3384  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
07:15:49.0736 3384  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
07:15:49.0736 3384  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
07:15:49.0736 3384  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
07:15:49.0736 3384  C:\Windows\System32\comctl32.dll - ok
07:15:49.0736 3384  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
07:15:49.0736 3384  C:\Windows\System32\devobj.dll - ok
07:15:49.0736 3384  [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
07:15:49.0736 3384  C:\Windows\System32\KernelBase.dll - ok
07:15:49.0736 3384  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
07:15:49.0736 3384  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
07:15:49.0736 3384  [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
07:15:49.0736 3384  C:\Windows\System32\wintrust.dll - ok
07:15:49.0736 3384  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
07:15:49.0736 3384  C:\Windows\System32\msasn1.dll - ok
07:15:49.0736 3384  [ 861C197502A5057E68F0AC75D9EFCDD7 ] C:\Windows\System32\drivers\usbd.sys
07:15:49.0736 3384  C:\Windows\System32\drivers\usbd.sys - ok
07:15:49.0752 3384  [ DF2F6C1E55F6E81CFC7F688380D85816 ] C:\Windows\System32\drivers\EtronHub3.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\EtronHub3.sys - ok
07:15:49.0752 3384  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\ndproxy.sys - ok
07:15:49.0752 3384  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
07:15:49.0752 3384  C:\Windows\SysWOW64\normaliz.dll - ok
07:15:49.0752 3384  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\drmk.sys - ok
07:15:49.0752 3384  [ 437F55435623D4D54D36197F5AD8B435 ] C:\Windows\System32\drivers\AtihdW76.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\AtihdW76.sys - ok
07:15:49.0752 3384  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\ksthunk.sys - ok
07:15:49.0752 3384  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\portcls.sys - ok
07:15:49.0752 3384  [ A0C2C3D4C03C4FB896CFC53873784178 ] C:\Windows\System32\drivers\RTKVHD64.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\RTKVHD64.sys - ok
07:15:49.0752 3384  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
07:15:49.0752 3384  C:\Windows\System32\drivers\dxapi.sys - ok
07:15:49.0767 3384  [ 19320B121BFE7462EADD50A42C81AFD0 ] C:\Windows\System32\win32k.sys
07:15:49.0767 3384  C:\Windows\System32\win32k.sys - ok
07:15:49.0767 3384  [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
07:15:49.0767 3384  C:\Windows\System32\csrsrv.dll - ok
07:15:49.0767 3384  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
07:15:49.0767 3384  C:\Windows\System32\csrss.exe - ok
07:15:49.0767 3384  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
07:15:49.0767 3384  C:\Windows\System32\basesrv.dll - ok
07:15:49.0767 3384  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
07:15:49.0767 3384  C:\Windows\System32\winsrv.dll - ok
07:15:49.0767 3384  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
07:15:49.0767 3384  C:\Windows\System32\drivers\monitor.sys - ok
07:15:49.0767 3384  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
07:15:49.0767 3384  C:\Windows\System32\sxssrv.dll - ok
07:15:49.0767 3384  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
07:15:49.0767 3384  C:\Windows\System32\tsddd.dll - ok
07:15:49.0783 3384  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
07:15:49.0783 3384  C:\Windows\System32\wininit.exe - ok
07:15:49.0783 3384  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
07:15:49.0783 3384  C:\Windows\System32\cdd.dll - ok
07:15:49.0783 3384  [ 1A83FACA2135AF076E8EA73A30B3B26C ] C:\Windows\System32\KBDUK.DLL
07:15:49.0783 3384  C:\Windows\System32\KBDUK.DLL - ok
07:15:49.0783 3384  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
07:15:49.0783 3384  C:\Windows\System32\profapi.dll - ok
07:15:49.0783 3384  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
07:15:49.0783 3384  C:\Windows\System32\RpcRtRemote.dll - ok
07:15:49.0783 3384  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
07:15:49.0783 3384  C:\Windows\System32\sxs.dll - ok
07:15:49.0783 3384  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
07:15:49.0783 3384  C:\Windows\System32\WlS0WndH.dll - ok
07:15:49.0783 3384  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
07:15:49.0783 3384  C:\Windows\System32\cryptbase.dll - ok
07:15:49.0783 3384  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
07:15:49.0783 3384  C:\Windows\System32\apphelp.dll - ok
07:15:49.0799 3384  [ 4D71227301DD8D09097B9E4CC6527E5A ] C:\Windows\System32\lsass.exe
07:15:49.0799 3384  C:\Windows\System32\lsass.exe - ok
07:15:49.0799 3384  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
07:15:49.0799 3384  C:\Windows\System32\lsm.exe - ok
07:15:49.0799 3384  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
07:15:49.0799 3384  C:\Windows\System32\services.exe - ok
07:15:49.0799 3384  [ 7C46EC9CCDE6E793713FA01DB2EB918E ] C:\Windows\System32\sspisrv.dll
07:15:49.0799 3384  C:\Windows\System32\sspisrv.dll - ok
07:15:49.0799 3384  [ 086F906B1D30C0A5D35FE0F6362DAB21 ] C:\Windows\System32\lsasrv.dll
07:15:49.0799 3384  C:\Windows\System32\lsasrv.dll - ok
07:15:49.0799 3384  [ B08EA91C774AA734E0B9881F85CD9F42 ] C:\Windows\System32\sspicli.dll
07:15:49.0799 3384  C:\Windows\System32\sspicli.dll - ok
07:15:49.0799 3384  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
07:15:49.0799 3384  C:\Windows\System32\samsrv.dll - ok
07:15:49.0799 3384  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
07:15:49.0799 3384  C:\Windows\System32\scesrv.dll - ok
07:15:49.0799 3384  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
07:15:49.0799 3384  C:\Windows\System32\scext.dll - ok
07:15:49.0814 3384  [ 208EAAFF40DA400190AA0605C797BEA2 ] C:\Windows\System32\secur32.dll
07:15:49.0814 3384  C:\Windows\System32\secur32.dll - ok
07:15:49.0814 3384  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
07:15:49.0814 3384  C:\Windows\System32\srvcli.dll - ok
07:15:49.0814 3384  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
07:15:49.0814 3384  C:\Windows\System32\sysntfy.dll - ok
07:15:49.0814 3384  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
07:15:49.0814 3384  C:\Windows\System32\wmsgapi.dll - ok
07:15:49.0814 3384  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
07:15:49.0814 3384  C:\Windows\System32\aelupsvc.dll - ok
07:15:49.0814 3384  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
07:15:49.0814 3384  C:\Windows\System32\cryptdll.dll - ok
07:15:49.0814 3384  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
07:15:49.0814 3384  C:\Windows\System32\wevtapi.dll - ok
07:15:49.0814 3384  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
07:15:49.0814 3384  C:\Windows\System32\authz.dll - ok
07:15:49.0830 3384  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
07:15:49.0830 3384  C:\Windows\System32\bcrypt.dll - ok
07:15:49.0830 3384  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
07:15:49.0830 3384  C:\Windows\System32\cngaudit.dll - ok
07:15:49.0830 3384  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
07:15:49.0830 3384  C:\Windows\System32\msprivs.dll - ok
07:15:49.0830 3384  [ 747B9BA5412422F27934CB21131F0A3E ] C:\Windows\System32\ncrypt.dll
07:15:49.0830 3384  C:\Windows\System32\ncrypt.dll - ok
07:15:49.0830 3384  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
07:15:49.0830 3384  C:\Windows\System32\netjoin.dll - ok
07:15:49.0830 3384  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
07:15:49.0830 3384  C:\Windows\System32\kerberos.dll - ok
07:15:49.0830 3384  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
07:15:49.0830 3384  C:\Windows\System32\negoexts.dll - ok
07:15:49.0830 3384  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
07:15:49.0830 3384  C:\Windows\System32\alg.exe - ok
07:15:49.0830 3384  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
07:15:49.0830 3384  C:\Windows\System32\appidsvc.dll - ok
07:15:49.0845 3384  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
07:15:49.0845 3384  C:\Windows\System32\cryptsp.dll - ok
07:15:49.0845 3384  [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
07:15:49.0845 3384  C:\Windows\System32\mswsock.dll - ok
07:15:49.0845 3384  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
07:15:49.0845 3384  C:\Windows\System32\wship6.dll - ok
07:15:49.0845 3384  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
07:15:49.0845 3384  C:\Windows\System32\appinfo.dll - ok
07:15:49.0845 3384  [ 4ABA3E75A76195A3E38ED2766C962899 ] C:\Windows\System32\appmgmts.dll
07:15:49.0845 3384  C:\Windows\System32\appmgmts.dll - ok
07:15:49.0845 3384  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
07:15:49.0845 3384  C:\Windows\System32\msv1_0.dll - ok
07:15:49.0845 3384  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
07:15:49.0845 3384  C:\Windows\System32\netlogon.dll - ok
07:15:49.0845 3384  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
07:15:49.0845 3384  C:\Windows\System32\dnsapi.dll - ok
07:15:49.0861 3384  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
07:15:49.0861 3384  C:\Windows\System32\logoncli.dll - ok
07:15:49.0861 3384  [ 31FFED18C7B836CEC1B559347E32E151 ] C:\Windows\System32\schannel.dll
07:15:49.0861 3384  C:\Windows\System32\schannel.dll - ok
07:15:49.0861 3384  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
07:15:49.0861 3384  C:\Windows\System32\wdigest.dll - ok
07:15:49.0861 3384  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
07:15:49.0861 3384  C:\Windows\System32\rsaenh.dll - ok
07:15:49.0861 3384  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
07:15:49.0861 3384  C:\Windows\System32\TSpkg.dll - ok
07:15:49.0861 3384  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
07:15:49.0861 3384  C:\Windows\System32\pku2u.dll - ok
07:15:49.0861 3384  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
07:15:49.0861 3384  C:\Windows\System32\bcryptprimitives.dll - ok
07:15:49.0861 3384  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
07:15:49.0861 3384  C:\Windows\System32\credssp.dll - ok
07:15:49.0861 3384  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
07:15:49.0861 3384  C:\Windows\System32\efslsaext.dll - ok
07:15:49.0877 3384  [ E1BB958681BE311E7CFF06CFEC5F1F2B ] C:\Windows\System32\atmfd.dll
07:15:49.0877 3384  C:\Windows\System32\atmfd.dll - ok
07:15:49.0877 3384  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
07:15:49.0877 3384  C:\Windows\System32\scecli.dll - ok
07:15:49.0877 3384  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
07:15:49.0877 3384  C:\Windows\System32\winlogon.exe - ok
07:15:49.0877 3384  [ ACCEA6BC68D0C9A78EB97EE159028B4E ] C:\Windows\System32\drivers\usbccgp.sys
07:15:49.0877 3384  C:\Windows\System32\drivers\usbccgp.sys - ok
07:15:49.0877 3384  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
07:15:49.0877 3384  C:\Windows\System32\winsta.dll - ok
07:15:49.0877 3384  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
07:15:49.0877 3384  C:\Windows\System32\rascfg.dll - ok
07:15:49.0877 3384  [ 597C3699384E53CC59587ED50CCE5CA2 ] C:\Windows\System32\drivers\hidclass.sys
07:15:49.0877 3384  C:\Windows\System32\drivers\hidclass.sys - ok
07:15:49.0877 3384  [ 856E76B3641746ABBC2946BED1372098 ] C:\Windows\System32\drivers\hidparse.sys
07:15:49.0877 3384  C:\Windows\System32\drivers\hidparse.sys - ok
07:15:49.0892 3384  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\hidusb.sys - ok
07:15:49.0892 3384  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\kbdhid.sys - ok
07:15:49.0892 3384  [ CCB2A61113D093B9B5CCCF1D60D65E7A ] C:\Windows\System32\drivers\VMkbd.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\VMkbd.sys - ok
07:15:49.0892 3384  [ E6CE7188CC47AE5DAFDAF552D370C52F ] C:\Windows\System32\drivers\dc3d.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\dc3d.sys - ok
07:15:49.0892 3384  [ 77EB11DA191D12D12E28D7BD8905C42C ] C:\Windows\System32\drivers\nuidfltr.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\nuidfltr.sys - ok
07:15:49.0892 3384  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\mouhid.sys - ok
07:15:49.0892 3384  [ 5BC4D480DD527EB0CF33A67A090A130E ] C:\Windows\System32\drivers\point64.sys
07:15:49.0892 3384  C:\Windows\System32\drivers\point64.sys - ok
07:15:49.0892 3384  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
07:15:49.0892 3384  C:\Windows\System32\audiosrv.dll - ok
07:15:49.0908 3384  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
07:15:49.0908 3384  C:\Windows\System32\AxInstSv.dll - ok
07:15:49.0908 3384  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
07:15:49.0908 3384  C:\Windows\System32\bdesvc.dll - ok
07:15:49.0908 3384  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
07:15:49.0908 3384  C:\Windows\System32\BFE.DLL - ok
07:15:49.0908 3384  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
07:15:49.0908 3384  C:\Windows\System32\qmgr.dll - ok
07:15:49.0908 3384  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
07:15:49.0908 3384  C:\Windows\System32\browser.dll - ok
07:15:49.0908 3384  [ 2D066FBE63F7026C43C662C094B98076 ] C:\Windows\System32\bridgeres.dll
07:15:49.0908 3384  C:\Windows\System32\bridgeres.dll - ok
07:15:49.0908 3384  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
07:15:49.0908 3384  C:\Windows\System32\bthserv.dll - ok
07:15:49.0908 3384  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
07:15:49.0908 3384  C:\Windows\System32\certprop.dll - ok
07:15:49.0908 3384  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
07:15:49.0908 3384  C:\Windows\System32\clfs.sys - ok
07:15:49.0923 3384  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
07:15:49.0923 3384  C:\Windows\System32\comres.dll - ok
07:15:49.0923 3384  [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
07:15:49.0923 3384  C:\Windows\System32\cryptsvc.dll - ok
07:15:49.0923 3384  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
07:15:49.0923 3384  C:\Windows\System32\cscsvc.dll - ok
07:15:49.0923 3384  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
07:15:49.0923 3384  C:\Windows\System32\oleres.dll - ok
07:15:49.0923 3384  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
07:15:49.0923 3384  C:\Windows\System32\defragsvc.dll - ok
07:15:49.0923 3384  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
07:15:49.0923 3384  C:\Windows\System32\dhcpcore.dll - ok
07:15:49.0923 3384  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
07:15:49.0923 3384  C:\Windows\System32\dot3svc.dll - ok
07:15:49.0923 3384  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
07:15:49.0923 3384  C:\Windows\System32\dps.dll - ok
07:15:49.0923 3384  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
07:15:49.0939 3384  C:\Windows\System32\eapsvc.dll - ok
07:15:49.0939 3384  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
07:15:49.0939 3384  C:\Windows\System32\efssvc.dll - ok
07:15:49.0939 3384  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
07:15:49.0939 3384  C:\Windows\ehome\ehrecvr.exe - ok
07:15:49.0939 3384  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
07:15:49.0939 3384  C:\Windows\ehome\ehsched.exe - ok
07:15:49.0939 3384  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
07:15:49.0939 3384  C:\Windows\System32\wevtsvc.dll - ok
07:15:49.0939 3384  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
07:15:49.0939 3384  C:\Windows\System32\FXSRESM.dll - ok
07:15:49.0939 3384  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
07:15:49.0939 3384  C:\Windows\System32\fdPHost.dll - ok
07:15:49.0939 3384  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
07:15:49.0939 3384  C:\Windows\System32\FDResPub.dll - ok
07:15:49.0939 3384  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
07:15:49.0939 3384  C:\Windows\System32\drivers\fileinfo.sys - ok
07:15:49.0955 3384  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
07:15:49.0955 3384  C:\Windows\System32\drivers\filetrace.sys - ok
07:15:49.0955 3384  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
07:15:49.0955 3384  C:\Windows\System32\drivers\fltMgr.sys - ok
07:15:49.0955 3384  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
07:15:49.0955 3384  C:\Windows\System32\FntCache.dll - ok
07:15:49.0955 3384  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
07:15:49.0955 3384  C:\Windows\System32\drivers\fsdepends.sys - ok
07:15:49.0955 3384  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
07:15:49.0955 3384  C:\Windows\System32\PresentationHost.exe - ok
07:15:49.0955 3384  [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys
07:15:49.0955 3384  C:\Windows\System32\drivers\fvevol.sys - ok
07:15:49.0955 3384  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
07:15:49.0955 3384  C:\Windows\System32\gpapi.dll - ok
07:15:49.0955 3384  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
07:15:49.0955 3384  C:\Windows\System32\hidserv.dll - ok
07:15:49.0955 3384  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
07:15:49.0955 3384  C:\Windows\System32\KMSVC.DLL - ok


#12 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 21 November 2013 - 07:20 PM

07:15:49.0970 3384  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll

07:15:49.0970 3384  C:\Windows\System32\ListSvc.dll - ok
07:15:49.0970 3384  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
07:15:49.0970 3384  C:\Windows\System32\provsvc.dll - ok
07:15:49.0970 3384  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
07:15:49.0970 3384  C:\Windows\System32\drivers\http.sys - ok
07:15:49.0970 3384  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
07:15:49.0970 3384  C:\Windows\System32\drivers\hwpolicy.sys - ok
07:15:49.0970 3384  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
07:15:49.0970 3384  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
07:15:49.0970 3384  [ F34C20D099CF94A606A2B5B0C668B570 ] C:\Windows\System32\ieetwcollectorres.dll
07:15:49.0970 3384  C:\Windows\System32\ieetwcollectorres.dll - ok
07:15:49.0970 3384  [ 344789398EC3EE5A4E00C52B31847946 ] C:\Windows\System32\IKEEXT.DLL
07:15:49.0970 3384  C:\Windows\System32\IKEEXT.DLL - ok
07:15:49.0970 3384  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
07:15:49.0970 3384  C:\Windows\System32\IPBusEnum.dll - ok
07:15:49.0986 3384  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
07:15:49.0986 3384  C:\Windows\System32\iphlpsvc.dll - ok
07:15:49.0986 3384  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
07:15:49.0986 3384  C:\Windows\System32\drivers\irenum.sys - ok
07:15:49.0986 3384  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
07:15:49.0986 3384  C:\Windows\System32\keyiso.dll - ok
07:15:49.0986 3384  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
07:15:49.0986 3384  C:\Windows\System32\srvsvc.dll - ok
07:15:49.0986 3384  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
07:15:49.0986 3384  C:\Windows\System32\wkssvc.dll - ok
07:15:49.0986 3384  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
07:15:49.0986 3384  C:\Windows\System32\drivers\luafv.sys - ok
07:15:49.0986 3384  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
07:15:49.0986 3384  C:\Windows\System32\lltdres.dll - ok
07:15:49.0986 3384  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
07:15:49.0986 3384  C:\Windows\System32\lmhsvc.dll - ok
07:15:50.0001 3384  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
07:15:50.0001 3384  C:\Windows\ehome\ehres.dll - ok
07:15:50.0001 3384  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
07:15:50.0001 3384  C:\Windows\System32\mmcss.dll - ok
07:15:50.0001 3384  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
07:15:50.0001 3384  C:\Windows\System32\drivers\mountmgr.sys - ok
07:15:50.0001 3384  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
07:15:50.0001 3384  C:\Windows\System32\FirewallAPI.dll - ok
07:15:50.0001 3384  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
07:15:50.0001 3384  C:\Windows\System32\WebClnt.dll - ok
07:15:50.0001 3384  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
07:15:50.0001 3384  C:\Windows\System32\drivers\mshidkmdf.sys - ok
07:15:50.0001 3384  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
07:15:50.0001 3384  C:\Windows\System32\iscsidsc.dll - ok
07:15:50.0001 3384  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
07:15:50.0001 3384  C:\Windows\System32\msimsg.dll - ok
07:15:50.0001 3384  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
07:15:50.0001 3384  C:\Windows\System32\drivers\mup.sys - ok
07:15:50.0017 3384  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
07:15:50.0017 3384  C:\Windows\System32\QAGENTRT.DLL - ok
07:15:50.0017 3384  [ 760E38053BF56E501D562B70AD796B88 ] C:\Windows\System32\drivers\ndis.sys
07:15:50.0017 3384  C:\Windows\System32\drivers\ndis.sys - ok
07:15:50.0017 3384  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
07:15:50.0017 3384  C:\Windows\System32\netman.dll - ok
07:15:50.0017 3384  [ 0001E350786A456CEE8150095F076668 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
07:15:50.0017 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll - ok
07:15:50.0017 3384  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
07:15:50.0017 3384  C:\Windows\System32\netprofm.dll - ok
07:15:50.0017 3384  [ B16FFF624FB50B937AB1478BA29493E4 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
07:15:50.0017 3384  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
07:15:50.0017 3384  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
07:15:50.0017 3384  C:\Windows\System32\nlasvc.dll - ok
07:15:50.0017 3384  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
07:15:50.0017 3384  C:\Windows\System32\nsisvc.dll - ok
07:15:50.0017 3384  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
07:15:50.0017 3384  C:\Windows\System32\pnrpsvc.dll - ok
07:15:50.0033 3384  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
07:15:50.0033 3384  C:\Windows\System32\p2psvc.dll - ok
07:15:50.0033 3384  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
07:15:50.0033 3384  C:\Windows\System32\drivers\partmgr.sys - ok
07:15:50.0033 3384  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
07:15:50.0033 3384  C:\Windows\System32\pcasvc.dll - ok
07:15:50.0033 3384  [ B9B0A4299DD2D76A4243F75FD54DC680 ] C:\Windows\System32\PeerDistSvc.dll
07:15:50.0033 3384  C:\Windows\System32\PeerDistSvc.dll - ok
07:15:50.0033 3384  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
07:15:50.0033 3384  C:\Windows\System32\pla.dll - ok
07:15:50.0033 3384  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
07:15:50.0033 3384  C:\Windows\System32\umpnpmgr.dll - ok
07:15:50.0033 3384  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
07:15:50.0033 3384  C:\Windows\System32\pnrpauto.dll - ok
07:15:50.0033 3384  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
07:15:50.0033 3384  C:\Windows\System32\polstore.dll - ok
07:15:50.0048 3384  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
07:15:50.0048 3384  C:\Windows\System32\umpo.dll - ok
07:15:50.0048 3384  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
07:15:50.0048 3384  C:\Windows\System32\profsvc.dll - ok
07:15:50.0048 3384  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
07:15:50.0048 3384  C:\Windows\System32\psbase.dll - ok
07:15:50.0048 3384  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
07:15:50.0048 3384  C:\Windows\System32\qwave.dll - ok
07:15:50.0048 3384  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
07:15:50.0048 3384  C:\Windows\System32\drivers\qwavedrv.sys - ok
07:15:50.0048 3384  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
07:15:50.0048 3384  C:\Windows\System32\rasauto.dll - ok
07:15:50.0048 3384  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
07:15:50.0048 3384  C:\Windows\System32\rasmans.dll - ok
07:15:50.0048 3384  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
07:15:50.0048 3384  C:\Windows\System32\sstpsvc.dll - ok
07:15:50.0048 3384  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
07:15:50.0048 3384  C:\Windows\System32\mprdim.dll - ok
07:15:50.0064 3384  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
07:15:50.0064 3384  C:\Windows\System32\regsvc.dll - ok
07:15:50.0064 3384  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
07:15:50.0064 3384  C:\Windows\System32\RpcEpMap.dll - ok
07:15:50.0064 3384  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
07:15:50.0064 3384  C:\Windows\System32\Locator.exe - ok
07:15:50.0064 3384  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
07:15:50.0064 3384  C:\Windows\System32\SCardSvr.dll - ok
07:15:50.0064 3384  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
07:15:50.0064 3384  C:\Windows\System32\drivers\scfilter.sys - ok
07:15:50.0064 3384  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
07:15:50.0064 3384  C:\Windows\System32\schedsvc.dll - ok
07:15:50.0064 3384  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
07:15:50.0064 3384  C:\Windows\System32\sdrsvc.dll - ok
07:15:50.0064 3384  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
07:15:50.0064 3384  C:\Windows\System32\seclogon.dll - ok
07:15:50.0079 3384  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
07:15:50.0079 3384  C:\Windows\System32\Sens.dll - ok
07:15:50.0079 3384  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
07:15:50.0079 3384  C:\Windows\System32\sensrsvc.dll - ok
07:15:50.0079 3384  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
07:15:50.0079 3384  C:\Windows\System32\ipnathlp.dll - ok
07:15:50.0079 3384  [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
07:15:50.0079 3384  C:\Windows\System32\SessEnv.dll - ok
07:15:50.0079 3384  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
07:15:50.0079 3384  C:\Windows\System32\shsvcs.dll - ok
07:15:50.0079 3384  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
07:15:50.0079 3384  C:\Windows\System32\snmptrap.exe - ok
07:15:50.0095 3384  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
07:15:50.0095 3384  C:\Windows\System32\spoolsv.exe - ok
07:15:50.0095 3384  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
07:15:50.0095 3384  C:\Windows\System32\tcpipcfg.dll - ok
07:15:50.0095 3384  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
07:15:50.0095 3384  C:\Windows\System32\sppsvc.exe - ok
07:15:50.0095 3384  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
07:15:50.0095 3384  C:\Windows\System32\sppuinotify.dll - ok
07:15:50.0095 3384  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
07:15:50.0095 3384  C:\Windows\System32\ssdpsrv.dll - ok
07:15:50.0095 3384  [ D289D2E949609B696161039C3D86FFE9 ] C:\Windows\System32\vmstorfltres.dll
07:15:50.0095 3384  C:\Windows\System32\vmstorfltres.dll - ok
07:15:50.0095 3384  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
07:15:50.0095 3384  C:\Windows\System32\wiaservc.dll - ok
07:15:50.0095 3384  [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
07:15:50.0095 3384  C:\Windows\System32\swprv.dll - ok
07:15:50.0095 3384  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
07:15:50.0095 3384  C:\Windows\System32\sysmain.dll - ok
07:15:50.0111 3384  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
07:15:50.0111 3384  C:\Windows\System32\TabSvc.dll - ok
07:15:50.0111 3384  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
07:15:50.0111 3384  C:\Windows\System32\tapisrv.dll - ok
07:15:50.0111 3384  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
07:15:50.0111 3384  C:\Windows\System32\tbssvc.dll - ok
07:15:50.0111 3384  [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
07:15:50.0111 3384  C:\Windows\System32\termsrv.dll - ok
07:15:50.0111 3384  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
07:15:50.0111 3384  C:\Windows\System32\themeservice.dll - ok
07:15:50.0111 3384  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
07:15:50.0111 3384  C:\Windows\System32\trkwks.dll - ok
07:15:50.0111 3384  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
07:15:50.0111 3384  C:\Windows\servicing\TrustedInstaller.exe - ok
07:15:50.0111 3384  [ 4CE278FC9671BA81A138D70823FCAA09 ] C:\Windows\System32\drivers\tssecsrv.sys
07:15:50.0111 3384  C:\Windows\System32\drivers\tssecsrv.sys - ok
07:15:50.0111 3384  [ E1748D04AE40118B62BC18AC86032192 ] C:\Windows\System32\drivers\tsusbhub.sys
07:15:50.0111 3384  C:\Windows\System32\drivers\tsusbhub.sys - ok
07:15:50.0126 3384  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
07:15:50.0126 3384  C:\Windows\System32\UI0Detect.exe - ok
07:15:50.0126 3384  [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
07:15:50.0126 3384  C:\Windows\System32\umrdp.dll - ok
07:15:50.0126 3384  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
07:15:50.0126 3384  C:\Windows\System32\upnphost.dll - ok
07:15:50.0126 3384  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
07:15:50.0126 3384  C:\Windows\System32\dwm.exe - ok
07:15:50.0126 3384  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
07:15:50.0126 3384  C:\Windows\System32\vaultsvc.dll - ok
07:15:50.0126 3384  [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
07:15:50.0126 3384  C:\Windows\System32\vds.exe - ok
07:15:50.0126 3384  [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
07:15:50.0126 3384  C:\Windows\System32\drivers\volmgrx.sys - ok
07:15:50.0126 3384  [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
07:15:50.0126 3384  C:\Windows\System32\VSSVC.exe - ok
07:15:50.0142 3384  [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
07:15:50.0142 3384  C:\Windows\System32\w32time.dll - ok
07:15:50.0142 3384  [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
07:15:50.0142 3384  C:\Windows\System32\Wat\WatUX.exe - ok
07:15:50.0142 3384  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
07:15:50.0142 3384  C:\Windows\System32\wbengine.exe - ok
07:15:50.0142 3384  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
07:15:50.0142 3384  C:\Windows\System32\wbiosrvc.dll - ok
07:15:50.0142 3384  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
07:15:50.0142 3384  C:\Windows\System32\wcncsvc.dll - ok
07:15:50.0142 3384  [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
07:15:50.0142 3384  C:\Windows\System32\WcsPlugInService.dll - ok
07:15:50.0142 3384  [ E2C933EDBC389386EBE6D2BA953F43D8 ] C:\Windows\System32\drivers\Wdf01000.sys
07:15:50.0142 3384  C:\Windows\System32\drivers\Wdf01000.sys - ok
07:15:50.0142 3384  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
07:15:50.0142 3384  C:\Windows\System32\wdi.dll - ok
07:15:50.0157 3384  [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
07:15:50.0157 3384  C:\Windows\System32\wecsvc.dll - ok
07:15:50.0157 3384  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
07:15:50.0157 3384  C:\Windows\System32\wercplsupport.dll - ok
07:15:50.0157 3384  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
07:15:50.0157 3384  C:\Windows\System32\wersvc.dll - ok
07:15:50.0157 3384  [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
07:15:50.0157 3384  C:\Program Files\Windows Defender\MsMpRes.dll - ok
07:15:50.0157 3384  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
07:15:50.0157 3384  C:\Windows\System32\winhttp.dll - ok
07:15:50.0157 3384  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
07:15:50.0157 3384  C:\Windows\System32\wbem\WMIsvc.dll - ok
07:15:50.0157 3384  [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
07:15:50.0157 3384  C:\Windows\System32\WsmSvc.dll - ok
07:15:50.0157 3384  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
07:15:50.0157 3384  C:\Windows\System32\wlansvc.dll - ok
07:15:50.0157 3384  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
07:15:50.0173 3384  C:\Windows\System32\wbem\WmiApSrv.exe - ok
07:15:50.0173 3384  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
07:15:50.0173 3384  C:\Windows\System32\wpcsvc.dll - ok
07:15:50.0173 3384  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
07:15:50.0173 3384  C:\Windows\System32\wpdbusenum.dll - ok
07:15:50.0173 3384  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
07:15:50.0173 3384  C:\Windows\System32\wscsvc.dll - ok
07:15:50.0173 3384  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
07:15:50.0173 3384  C:\Windows\System32\SearchIndexer.exe - ok
07:15:50.0173 3384  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
07:15:50.0173 3384  C:\Windows\System32\wuaueng.dll - ok
07:15:50.0173 3384  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
07:15:50.0173 3384  C:\Windows\System32\drivers\WUDFPf.sys - ok
07:15:50.0173 3384  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
07:15:50.0173 3384  C:\Windows\System32\WUDFSvc.dll - ok
07:15:50.0173 3384  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
07:15:50.0173 3384  C:\Windows\System32\wwansvc.dll - ok
07:15:50.0189 3384  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
07:15:50.0189 3384  C:\Windows\System32\ubpm.dll - ok
07:15:50.0189 3384  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
07:15:50.0189 3384  C:\Windows\System32\SPInf.dll - ok
07:15:50.0189 3384  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
07:15:50.0189 3384  C:\Windows\System32\svchost.exe - ok
07:15:50.0189 3384  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
07:15:50.0189 3384  C:\Windows\System32\devrtl.dll - ok
07:15:50.0189 3384  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
07:15:50.0189 3384  C:\Windows\System32\userenv.dll - ok
07:15:50.0189 3384  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
07:15:50.0189 3384  C:\Windows\System32\pcwum.dll - ok
07:15:50.0189 3384  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
07:15:50.0189 3384  C:\Windows\System32\powrprof.dll - ok
07:15:50.0189 3384  [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
07:15:50.0189 3384  C:\Windows\System32\drivers\mbam.sys - ok
07:15:50.0189 3384  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
07:15:50.0189 3384  C:\Windows\System32\rpcss.dll - ok
07:15:50.0204 3384  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
07:15:50.0204 3384  C:\Windows\System32\wshqos.dll - ok
07:15:50.0204 3384  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
07:15:50.0204 3384  C:\Windows\System32\WSHTCPIP.DLL - ok
07:15:50.0204 3384  [ 3961E4E1E1D5497C80B5074BFAA2DD9F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
07:15:50.0204 3384  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
07:15:50.0204 3384  [ F685DA9DE290FFE16CD294A2FFECAF45 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
07:15:50.0204 3384  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
07:15:50.0204 3384  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
07:15:50.0204 3384  C:\Windows\System32\version.dll - ok
07:15:50.0204 3384  [ 1F0B36B4E58728F734B34A1204F3D697 ] C:\Program Files\Microsoft Security Client\MpClient.dll
07:15:50.0204 3384  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
07:15:50.0204 3384  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
07:15:50.0204 3384  C:\Windows\System32\authui.dll - ok
07:15:50.0204 3384  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
07:15:50.0204 3384  C:\Windows\System32\LogonUI.exe - ok
07:15:50.0220 3384  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
07:15:50.0220 3384  C:\Windows\System32\wtsapi32.dll - ok
07:15:50.0220 3384  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
07:15:50.0220 3384  C:\Windows\System32\ntmarta.dll - ok
07:15:50.0220 3384  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
07:15:50.0220 3384  C:\Windows\System32\cryptui.dll - ok
07:15:50.0220 3384  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
07:15:50.0220 3384  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
07:15:50.0220 3384  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
07:15:50.0220 3384  C:\Windows\System32\samlib.dll - ok
07:15:50.0220 3384  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
07:15:50.0220 3384  C:\Windows\System32\shacct.dll - ok
07:15:50.0220 3384  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
07:15:50.0220 3384  C:\Windows\System32\propsys.dll - ok
07:15:50.0220 3384  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
07:15:50.0220 3384  C:\Windows\System32\uxtheme.dll - ok
07:15:50.0220 3384  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
07:15:50.0220 3384  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
07:15:50.0235 3384  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
07:15:50.0235 3384  C:\Windows\System32\dui70.dll - ok
07:15:50.0235 3384  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
07:15:50.0235 3384  C:\Windows\System32\duser.dll - ok
07:15:50.0235 3384  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
07:15:50.0235 3384  C:\Windows\System32\hid.dll - ok
07:15:50.0235 3384  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
07:15:50.0235 3384  C:\Windows\System32\SndVolSSO.dll - ok
07:15:50.0235 3384  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
07:15:50.0235 3384  C:\Windows\System32\dwmapi.dll - ok
07:15:50.0235 3384  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
07:15:50.0235 3384  C:\Windows\System32\MMDevAPI.dll - ok
07:15:50.0235 3384  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
07:15:50.0235 3384  C:\Windows\System32\xmllite.dll - ok
07:15:50.0235 3384  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
07:15:50.0235 3384  C:\Windows\System32\WindowsCodecs.dll - ok
07:15:50.0251 3384  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
07:15:50.0251 3384  C:\Windows\System32\VaultCredProvider.dll - ok
07:15:50.0251 3384  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
07:15:50.0251 3384  C:\Windows\System32\winbrand.dll - ok
07:15:50.0251 3384  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
07:15:50.0251 3384  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
07:15:50.0251 3384  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
07:15:50.0251 3384  C:\Windows\System32\BioCredProv.dll - ok
07:15:50.0251 3384  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
07:15:50.0251 3384  C:\Windows\System32\winbio.dll - ok
07:15:50.0251 3384  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
07:15:50.0251 3384  C:\Windows\System32\credui.dll - ok
07:15:50.0251 3384  [ DC30EFE14E68DCA59A1C4E5DDC00F55A ] C:\Program Files\Microsoft Security Client\EppManifest.dll
07:15:50.0251 3384  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
07:15:50.0251 3384  [ 4EAAAAB8759644D572522FBCDD196A13 ] C:\Windows\System32\atiesrxx.exe
07:15:50.0251 3384  C:\Windows\System32\atiesrxx.exe - ok
07:15:50.0267 3384  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
07:15:50.0267 3384  C:\Windows\System32\netapi32.dll - ok
07:15:50.0267 3384  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
07:15:50.0267 3384  C:\Windows\System32\vaultcli.dll - ok
07:15:50.0267 3384  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
07:15:50.0267 3384  C:\Windows\System32\netutils.dll - ok
07:15:50.0267 3384  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
07:15:50.0267 3384  C:\Windows\System32\wkscli.dll - ok
07:15:50.0267 3384  [ 1DE6AE65F2784BBCA8F0FE38A20F353E ] C:\Program Files\Microsoft Security Client\MpRTP.dll
07:15:50.0267 3384  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
07:15:50.0267 3384  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
07:15:50.0267 3384  C:\Windows\System32\samcli.dll - ok
07:15:50.0267 3384  [ 254E1E15DDAC8BA03644C1A3B0ECE9F9 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
07:15:50.0267 3384  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
07:15:50.0267 3384  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
07:15:50.0267 3384  C:\Windows\System32\certCredProvider.dll - ok
07:15:50.0267 3384  [ C6B88D62F20AC646C6BD5C032EC2FAF9 ] C:\Windows\System32\drivers\MpFilter.sys
07:15:50.0267 3384  C:\Windows\System32\drivers\MpFilter.sys - ok
07:15:50.0282 3384  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
07:15:50.0282 3384  C:\Windows\System32\fltLib.dll - ok
07:15:50.0282 3384  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
07:15:50.0282 3384  C:\Windows\System32\rasplap.dll - ok
07:15:50.0282 3384  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
07:15:50.0282 3384  C:\Windows\System32\adtschema.dll - ok
07:15:50.0282 3384  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
07:15:50.0282 3384  C:\Windows\System32\avrt.dll - ok
07:15:50.0282 3384  [ FE1FBABBC1C7984D1B6E0ACA6ED49FEE ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpengine.dll
07:15:50.0282 3384  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpengine.dll - ok
07:15:50.0282 3384  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
07:15:50.0282 3384  C:\Windows\System32\rasapi32.dll - ok
07:15:50.0282 3384  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
07:15:50.0282 3384  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
07:15:50.0282 3384  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
07:15:50.0282 3384  C:\Windows\System32\MPSSVC.dll - ok
07:15:50.0298 3384  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
07:15:50.0298 3384  C:\Windows\System32\PSHED.DLL - ok
07:15:50.0298 3384  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
07:15:50.0298 3384  C:\Windows\System32\rasman.dll - ok
07:15:50.0298 3384  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
07:15:50.0298 3384  C:\Windows\System32\rtutils.dll - ok
07:15:50.0298 3384  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
07:15:50.0298 3384  C:\Windows\System32\audiodg.exe - ok
07:15:50.0298 3384  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
07:15:50.0298 3384  C:\Windows\System32\PeerDist.dll - ok
07:15:50.0298 3384  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
07:15:50.0298 3384  C:\Windows\System32\atl.dll - ok
07:15:50.0298 3384  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
07:15:50.0298 3384  C:\Windows\System32\gpsvc.dll - ok
07:15:50.0298 3384  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
07:15:50.0298 3384  C:\Windows\System32\es.dll - ok
07:15:50.0298 3384  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
07:15:50.0298 3384  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
07:15:50.0313 3384  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
07:15:50.0313 3384  C:\Windows\System32\taskschd.dll - ok
07:15:50.0313 3384  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
07:15:50.0313 3384  C:\Windows\System32\dsrole.dll - ok
07:15:50.0313 3384  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
07:15:50.0313 3384  C:\Windows\System32\nlaapi.dll - ok
07:15:50.0313 3384  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
07:15:50.0313 3384  C:\Windows\System32\slc.dll - ok
07:15:50.0313 3384  [ 0620FE89F70FC0895DC312EEBAA62B06 ] C:\Windows\System32\atieclxx.exe
07:15:50.0313 3384  C:\Windows\System32\atieclxx.exe - ok
07:15:50.0313 3384  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
07:15:50.0313 3384  C:\Windows\System32\UXInit.dll - ok
07:15:50.0313 3384  [ 500CE062629FB734989AEEC2A23A6CD8 ] C:\Windows\System32\atiadlxx.dll
07:15:50.0313 3384  C:\Windows\System32\atiadlxx.dll - ok
07:15:50.0313 3384  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
07:15:50.0313 3384  C:\Windows\System32\IPHLPAPI.DLL - ok
07:15:50.0329 3384  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
07:15:50.0329 3384  C:\Windows\System32\mstask.dll - ok
07:15:50.0329 3384  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
07:15:50.0329 3384  C:\Windows\System32\imageres.dll - ok
07:15:50.0329 3384  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
07:15:50.0329 3384  C:\Windows\System32\winnsi.dll - ok
07:15:50.0329 3384  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
07:15:50.0329 3384  C:\Windows\System32\uxsms.dll - ok
07:15:50.0329 3384  [ 04CD4347CD9E8C40F78AD51F7FF426D0 ] C:\Windows\System32\drivers\vmnetbridge.sys
07:15:50.0329 3384  C:\Windows\System32\drivers\vmnetbridge.sys - ok
07:15:50.0329 3384  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
07:15:50.0329 3384  C:\Windows\System32\drivers\lltdio.sys - ok
07:15:50.0329 3384  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
07:15:50.0329 3384  C:\Windows\System32\drivers\nwifi.sys - ok
07:15:50.0329 3384  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
07:15:50.0329 3384  C:\Windows\System32\dhcpcore6.dll - ok
07:15:50.0345 3384  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
07:15:50.0345 3384  C:\Windows\System32\dhcpcsvc.dll - ok
07:15:50.0345 3384  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
07:15:50.0345 3384  C:\Windows\System32\dnsrslvr.dll - ok
07:15:50.0345 3384  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
07:15:50.0345 3384  C:\Windows\System32\drivers\ndisuio.sys - ok
07:15:50.0345 3384  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
07:15:50.0345 3384  C:\Windows\System32\drivers\rspndr.sys - ok
07:15:50.0345 3384  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
07:15:50.0345 3384  C:\Windows\System32\eapphost.dll - ok
07:15:50.0345 3384  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
07:15:50.0345 3384  C:\Windows\System32\nrpsrv.dll - ok
07:15:50.0345 3384  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
07:15:50.0345 3384  C:\Windows\System32\dhcpcsvc6.dll - ok
07:15:50.0345 3384  [ D07EB640618F96490DB88C3CE58DB608 ] C:\Windows\System32\FWPUCLNT.DLL
07:15:50.0345 3384  C:\Windows\System32\FWPUCLNT.DLL - ok
07:15:50.0345 3384  [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
07:15:50.0345 3384  C:\Windows\System32\rastls.dll - ok
07:15:50.0360 3384  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
07:15:50.0360 3384  C:\Windows\System32\dnsext.dll - ok
07:15:50.0360 3384  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
07:15:50.0360 3384  C:\Windows\System32\raschap.dll - ok
07:15:50.0360 3384  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
07:15:50.0360 3384  C:\Windows\System32\umb.dll - ok
07:15:50.0360 3384  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
07:15:50.0360 3384  C:\Windows\System32\wlanmsm.dll - ok
07:15:50.0360 3384  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
07:15:50.0360 3384  C:\Windows\System32\wlansec.dll - ok
07:15:50.0360 3384  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
07:15:50.0360 3384  C:\Windows\System32\onex.dll - ok
07:15:50.0360 3384  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
07:15:50.0360 3384  C:\Windows\System32\eappcfg.dll - ok
07:15:50.0360 3384  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
07:15:50.0360 3384  C:\Windows\System32\eappprxy.dll - ok
07:15:50.0376 3384  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
07:15:50.0376 3384  C:\Windows\System32\l2gpstore.dll - ok
07:15:50.0376 3384  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
07:15:50.0376 3384  C:\Windows\System32\wlanutil.dll - ok
07:15:50.0376 3384  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
07:15:50.0376 3384  C:\Windows\System32\wlgpclnt.dll - ok
07:15:50.0376 3384  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
07:15:50.0376 3384  C:\Windows\System32\WinSCard.dll - ok
07:15:50.0376 3384  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
07:15:50.0376 3384  C:\Windows\System32\msxml6.dll - ok
07:15:50.0376 3384  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
07:15:50.0376 3384  C:\Windows\System32\ktmw32.dll - ok
07:15:50.0376 3384  [ 1211F31E221ABEE09607913D612513B0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpasbase.vdm
07:15:50.0376 3384  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpasbase.vdm - ok
07:15:50.0376 3384  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
07:15:50.0376 3384  C:\Windows\System32\fveapi.dll - ok
07:15:50.0376 3384  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
07:15:50.0376 3384  C:\Windows\System32\netcfgx.dll - ok
07:15:50.0391 3384  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
07:15:50.0391 3384  C:\Windows\System32\fvecerts.dll - ok
07:15:50.0391 3384  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
07:15:50.0391 3384  C:\Windows\System32\tbs.dll - ok
07:15:50.0391 3384  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
07:15:50.0391 3384  C:\Windows\System32\wiarpc.dll - ok
07:15:50.0391 3384  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
07:15:50.0391 3384  C:\Windows\System32\taskcomp.dll - ok
07:15:50.0391 3384  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
07:15:50.0391 3384  C:\Windows\System32\drivers\bowser.sys - ok
07:15:50.0391 3384  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
07:15:50.0391 3384  C:\Windows\System32\drivers\mpsdrv.sys - ok
07:15:50.0391 3384  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
07:15:50.0391 3384  C:\Windows\System32\drivers\mrxsmb.sys - ok
07:15:50.0391 3384  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
07:15:50.0391 3384  C:\Windows\System32\drivers\mrxsmb10.sys - ok
07:15:50.0407 3384  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
07:15:50.0407 3384  C:\Windows\System32\drivers\mrxsmb20.sys - ok
07:15:50.0407 3384  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
07:15:50.0407 3384  C:\Windows\System32\wfapigp.dll - ok
07:15:50.0407 3384  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
07:15:50.0407 3384  C:\Windows\System32\mscms.dll - ok
07:15:50.0407 3384  [ 6E02DDFFA0E8C069A92A0888B0CB8415 ] C:\Windows\System32\drivers\hcmon.sys
07:15:50.0407 3384  C:\Windows\System32\drivers\hcmon.sys - ok
07:15:50.0407 3384  [ D6DA9DDCB8DEA5FD995D37BA346D84DC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
07:15:50.0407 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
07:15:50.0407 3384  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
07:15:50.0407 3384  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
07:15:50.0407 3384  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
07:15:50.0407 3384  C:\Windows\System32\PeerDistSh.dll - ok
07:15:50.0407 3384  [ DF7831FCB0289D90376711FBCA80FEDD ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpasdlta.vdm
07:15:50.0407 3384  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpasdlta.vdm - ok
07:15:50.0423 3384  [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpavbase.vdm
07:15:50.0423 3384  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpavbase.vdm - ok
07:15:50.0423 3384  [ 24BE51E79EBE1BFE88DCE0B0507CB994 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpavdlta.vdm
07:15:50.0423 3384  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{40F991CA-B7E9-4DDD-B686-4F23510876C8}\mpavdlta.vdm - ok
07:15:50.0423 3384  [ 581D88B25C4D4121824FED2CA38E562F ] C:\Mikes\Antivirus\SuperAntiSpyware\SASCore64.exe
07:15:50.0423 3384  C:\Mikes\Antivirus\SuperAntiSpyware\SASCore64.exe - ok
07:15:50.0423 3384  [ EBAC38A198308359FD89C10704265E5E ] C:\Windows\System32\drivers\vmx86.sys
07:15:50.0423 3384  C:\Windows\System32\drivers\vmx86.sys - ok
07:15:50.0423 3384  [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:15:50.0423 3384  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
07:15:50.0423 3384  [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll
07:15:50.0423 3384  C:\Windows\SysWOW64\ntdll.dll - ok
07:15:50.0423 3384  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
07:15:50.0423 3384  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
07:15:50.0423 3384  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
07:15:50.0423 3384  C:\Windows\System32\wscapi.dll - ok
07:15:50.0438 3384  [ 70833F5A59F65908698093889C34BCA2 ] C:\Windows\System32\wow64.dll
07:15:50.0438 3384  C:\Windows\System32\wow64.dll - ok
07:15:50.0438 3384  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
07:15:50.0438 3384  C:\Windows\System32\wow64win.dll - ok
07:15:50.0438 3384  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
07:15:50.0438 3384  C:\Windows\System32\wow64cpu.dll - ok
07:15:50.0438 3384  [ 365A5034093AD9E04F433046C4CDF6AB ] C:\Windows\SysWOW64\kernel32.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\kernel32.dll - ok
07:15:50.0438 3384  [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\KernelBase.dll - ok
07:15:50.0438 3384  [ 56E3313690866F99CD17AA1342F64AE1 ] C:\Windows\SysWOW64\gdi32.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\gdi32.dll - ok
07:15:50.0438 3384  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\user32.dll - ok
07:15:50.0438 3384  [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\lpk.dll - ok
07:15:50.0438 3384  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
07:15:50.0438 3384  C:\Windows\SysWOW64\usp10.dll - ok
07:15:50.0454 3384  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\msvcrt.dll - ok
07:15:50.0454 3384  [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\advapi32.dll - ok
07:15:50.0454 3384  [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\rpcrt4.dll - ok
07:15:50.0454 3384  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\sechost.dll - ok
07:15:50.0454 3384  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
07:15:50.0454 3384  C:\Windows\System32\dllhost.exe - ok
07:15:50.0454 3384  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\cryptbase.dll - ok
07:15:50.0454 3384  [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\shell32.dll - ok
07:15:50.0454 3384  [ 42B924C5F3924C1EB2539F22C10D7DF1 ] C:\Windows\SysWOW64\sspicli.dll
07:15:50.0454 3384  C:\Windows\SysWOW64\sspicli.dll - ok
07:15:50.0469 3384  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
07:15:50.0469 3384  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
07:15:50.0469 3384  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
07:15:50.0469 3384  C:\Windows\System32\IDStore.dll - ok
07:15:50.0469 3384  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
07:15:50.0469 3384  C:\Windows\System32\KBDUS.DLL - ok
07:15:50.0469 3384  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
07:15:50.0469 3384  C:\Windows\System32\taskhost.exe - ok
07:15:50.0469 3384  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
07:15:50.0469 3384  C:\Program Files\Bonjour\mdnsNSP.dll - ok
07:15:50.0469 3384  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
07:15:50.0469 3384  C:\Windows\System32\mpr.dll - ok
07:15:50.0469 3384  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
07:15:50.0469 3384  C:\Windows\System32\PlaySndSrv.dll - ok
07:15:50.0469 3384  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
07:15:50.0469 3384  C:\Windows\System32\taskeng.exe - ok
07:15:50.0469 3384  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
07:15:50.0469 3384  C:\Windows\System32\dwmredir.dll - ok
07:15:50.0485 3384  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
07:15:50.0485 3384  C:\Windows\System32\userinit.exe - ok
07:15:50.0485 3384  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
07:15:50.0485 3384  C:\Windows\System32\dwmcore.dll - ok
07:15:50.0485 3384  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
07:15:50.0485 3384  C:\Windows\System32\d3d10_1.dll - ok
07:15:50.0485 3384  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
07:15:50.0485 3384  C:\Windows\System32\d3d10_1core.dll - ok
07:15:50.0485 3384  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
07:15:50.0485 3384  C:\Windows\System32\HotStartUserAgent.dll - ok
07:15:50.0485 3384  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
07:15:50.0485 3384  C:\Windows\System32\MsCtfMonitor.dll - ok
07:15:50.0485 3384  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
07:15:50.0485 3384  C:\Windows\System32\msutb.dll - ok
07:15:50.0485 3384  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
07:15:50.0485 3384  C:\Windows\System32\dxgi.dll - ok
07:15:50.0501 3384  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
07:15:50.0501 3384  C:\Windows\System32\esent.dll - ok
07:15:50.0501 3384  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:15:50.0501 3384  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
07:15:50.0501 3384  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
07:15:50.0501 3384  C:\Windows\System32\TSChannel.dll - ok
07:15:50.0501 3384  [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
07:15:50.0501 3384  C:\Windows\System32\d3d11.dll - ok
07:15:50.0501 3384  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
07:15:50.0501 3384  C:\Windows\SysWOW64\shlwapi.dll - ok
07:15:50.0501 3384  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
07:15:50.0501 3384  C:\Windows\SysWOW64\imm32.dll - ok
07:15:50.0501 3384  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
07:15:50.0501 3384  C:\Windows\SysWOW64\msctf.dll - ok
07:15:50.0501 3384  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
07:15:50.0501 3384  C:\Windows\explorer.exe - ok
07:15:50.0501 3384  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
07:15:50.0501 3384  C:\Windows\System32\winmm.dll - ok
07:15:50.0516 3384  [ D1F1D20DADF0C6882306126026E54EE2 ] C:\Windows\System32\aticfx64.dll
07:15:50.0516 3384  C:\Windows\System32\aticfx64.dll - ok
07:15:50.0516 3384  [ 1C045AA40FC86CAF02D64B6218DC1DD6 ] C:\Windows\System32\atiuxp64.dll
07:15:50.0516 3384  C:\Windows\System32\atiuxp64.dll - ok
07:15:50.0516 3384  [ 6935BD1DD8CD2149DAC2C395F33EFF08 ] C:\Windows\System32\atidxx64.dll
07:15:50.0516 3384  C:\Windows\System32\atidxx64.dll - ok
07:15:50.0516 3384  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
07:15:50.0516 3384  C:\Windows\System32\uDWM.dll - ok
07:15:50.0516 3384  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
07:15:50.0516 3384  C:\Windows\SysWOW64\ole32.dll - ok
07:15:50.0516 3384  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
07:15:50.0516 3384  C:\Windows\SysWOW64\oleaut32.dll - ok
07:15:50.0516 3384  [ 6D6B5D52BB81F82F5D0103E6175D1F4F ] C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll
07:15:50.0516 3384  C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll - ok
07:15:50.0516 3384  [ CC09E0C9A2D89C6E71D093DC8BD121B7 ] C:\Windows\SysWOW64\crypt32.dll
07:15:50.0516 3384  C:\Windows\SysWOW64\crypt32.dll - ok
07:15:50.0532 3384  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
07:15:50.0532 3384  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
07:15:50.0532 3384  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\netapi32.dll - ok
07:15:50.0532 3384  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\netutils.dll - ok
07:15:50.0532 3384  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\nsi.dll - ok
07:15:50.0532 3384  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\srvcli.dll - ok
07:15:50.0532 3384  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\winnsi.dll - ok
07:15:50.0532 3384  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\msasn1.dll - ok
07:15:50.0532 3384  [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll
07:15:50.0532 3384  C:\Windows\SysWOW64\wintrust.dll - ok
07:15:50.0532 3384  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
07:15:50.0532 3384  C:\Windows\System32\ExplorerFrame.dll - ok
07:15:50.0547 3384  [ BB8E9045B93F41BECA6AAFD1F86350DE ] C:\Windows\System32\AcSignIcon.dll
07:15:50.0547 3384  C:\Windows\System32\AcSignIcon.dll - ok
07:15:50.0547 3384  [ 85ED13922DF97474AF9979CA456C6748 ] C:\Windows\System32\mfc100u.dll
07:15:50.0547 3384  C:\Windows\System32\mfc100u.dll - ok
07:15:50.0547 3384  [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
07:15:50.0547 3384  C:\Windows\System32\msvcr100.dll - ok
07:15:50.0547 3384  [ D6417C90885BC6589974F60C0DF4BFA5 ] C:\Windows\System32\CbFsMntNtf3.dll
07:15:50.0547 3384  C:\Windows\System32\CbFsMntNtf3.dll - ok
07:15:50.0547 3384  [ 5E2F28A979A0CE9B43F1815A593617C5 ] C:\Windows\System32\mfc100enu.dll
07:15:50.0547 3384  C:\Windows\System32\mfc100enu.dll - ok
07:15:50.0547 3384  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
07:15:50.0547 3384  C:\Windows\System32\msimg32.dll - ok
07:15:50.0547 3384  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
07:15:50.0547 3384  C:\Windows\System32\EhStorShell.dll - ok
07:15:50.0547 3384  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
07:15:50.0547 3384  C:\Windows\System32\cscdll.dll - ok
07:15:50.0563 3384  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
07:15:50.0563 3384  C:\Windows\System32\cscui.dll - ok
07:15:50.0563 3384  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
07:15:50.0563 3384  C:\Windows\System32\cscapi.dll - ok
07:15:50.0563 3384  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
07:15:50.0563 3384  C:\Windows\System32\ntshrui.dll - ok
07:15:50.0563 3384  [ F939A695AF5B60863717564D84FAEA34 ] C:\Mikes\PS3\FTP\SmartFTP\sfShellTools.dll
07:15:50.0563 3384  C:\Mikes\PS3\FTP\SmartFTP\sfShellTools.dll - ok
07:15:50.0563 3384  [ 7CAA1B97A3311EB5A695E3C9028616E7 ] C:\Windows\System32\msvcp110.dll
07:15:50.0563 3384  C:\Windows\System32\msvcp110.dll - ok
07:15:50.0563 3384  [ 7C3B449F661D99A9B1033A14033D2987 ] C:\Windows\System32\msvcr110.dll
07:15:50.0563 3384  C:\Windows\System32\msvcr110.dll - ok
07:15:50.0563 3384  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
07:15:50.0563 3384  C:\Windows\System32\IconCodecService.dll - ok
07:15:50.0563 3384  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
07:15:50.0563 3384  C:\Windows\System32\rasadhlp.dll - ok
07:15:50.0563 3384  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
07:15:50.0563 3384  C:\Windows\SysWOW64\wkscli.dll - ok
07:15:50.0579 3384  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
07:15:50.0579 3384  C:\Windows\System32\localspl.dll - ok
07:15:50.0579 3384  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
07:15:50.0579 3384  C:\Windows\System32\spoolss.dll - ok
07:15:50.0579 3384  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
07:15:50.0579 3384  C:\Windows\System32\winspool.drv - ok
07:15:50.0579 3384  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
07:15:50.0579 3384  C:\Windows\System32\PrintIsolationProxy.dll - ok
07:15:50.0579 3384  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
07:15:50.0579 3384  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
07:15:50.0579 3384  [ FA132E1DAB518B28F4B20DB154A647FC ] C:\Windows\System32\CNMLMB5.DLL
07:15:50.0579 3384  C:\Windows\System32\CNMLMB5.DLL - ok
07:15:50.0579 3384  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
07:15:50.0579 3384  C:\Windows\System32\FXSMON.dll - ok
07:15:50.0579 3384  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
07:15:50.0579 3384  C:\Windows\System32\tcpmon.dll - ok
07:15:50.0594 3384  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
07:15:50.0594 3384  C:\Windows\System32\snmpapi.dll - ok
07:15:50.0594 3384  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
07:15:50.0594 3384  C:\Windows\System32\wsnmp32.dll - ok
07:15:50.0594 3384  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
07:15:50.0594 3384  C:\Windows\System32\usbmon.dll - ok
07:15:50.0594 3384  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
07:15:50.0594 3384  C:\Windows\System32\WSDApi.dll - ok
07:15:50.0594 3384  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
07:15:50.0594 3384  C:\Windows\System32\WSDMon.dll - ok
07:15:50.0594 3384  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
07:15:50.0594 3384  C:\Windows\System32\webservices.dll - ok
07:15:50.0594 3384  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:15:50.0594 3384  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
07:15:50.0594 3384  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
07:15:50.0594 3384  C:\Windows\System32\fdPnp.dll - ok
07:15:50.0610 3384  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
07:15:50.0610 3384  C:\Windows\System32\fundisc.dll - ok
07:15:50.0610 3384  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
07:15:50.0610 3384  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
07:15:50.0610 3384  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
07:15:50.0610 3384  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
07:15:50.0610 3384  [ 80942B137077DA7D2375B3041DA9127F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
07:15:50.0610 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
07:15:50.0610 3384  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
07:15:50.0610 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
07:15:50.0610 3384  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
07:15:50.0610 3384  C:\Windows\SysWOW64\version.dll - ok
07:15:50.0610 3384  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
07:15:50.0610 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
07:15:50.0610 3384  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
07:15:50.0610 3384  C:\Windows\SysWOW64\ws2_32.dll - ok
07:15:50.0625 3384  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
07:15:50.0625 3384  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
07:15:50.0625 3384  [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
07:15:50.0625 3384  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
07:15:50.0625 3384  C:\Windows\SysWOW64\wsock32.dll - ok
07:15:50.0625 3384  [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
07:15:50.0625 3384  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
07:15:50.0625 3384  C:\Windows\SysWOW64\winmm.dll - ok
07:15:50.0625 3384  [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
07:15:50.0625 3384  [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
07:15:50.0625 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
07:15:50.0641 3384  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
07:15:50.0641 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
07:15:50.0641 3384  [ 4FB01397DEBE38C59B51D031C144F0DA ] C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL
07:15:50.0641 3384  C:\Windows\System32\spool\prtprocs\x64\CNMPDB5.DLL - ok
07:15:50.0641 3384  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
07:15:50.0641 3384  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
07:15:50.0641 3384  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
07:15:50.0641 3384  C:\Windows\System32\win32spl.dll - ok
07:15:50.0641 3384  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
07:15:50.0641 3384  C:\Windows\System32\inetpp.dll - ok
07:15:50.0641 3384  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
07:15:50.0641 3384  C:\Windows\SysWOW64\profapi.dll - ok
07:15:50.0641 3384  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
07:15:50.0641 3384  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
07:15:50.0641 3384  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
07:15:50.0641 3384  C:\Windows\SysWOW64\setupapi.dll - ok
07:15:50.0657 3384  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\cfgmgr32.dll - ok
07:15:50.0657 3384  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\devobj.dll - ok
07:15:50.0657 3384  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\dnssd.dll - ok
07:15:50.0657 3384  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\userenv.dll - ok
07:15:50.0657 3384  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\wtsapi32.dll - ok
07:15:50.0657 3384  [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
07:15:50.0657 3384  C:\Windows\System32\ntprint.dll - ok
07:15:50.0657 3384  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
07:15:50.0657 3384  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
07:15:50.0657 3384  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\ntmarta.dll - ok
07:15:50.0657 3384  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
07:15:50.0657 3384  C:\Windows\SysWOW64\Wldap32.dll - ok
07:15:50.0672 3384  [ F431DC5D94F4B2FDBC927655D8A9B10E ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
07:15:50.0672 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe - ok
07:15:50.0672 3384  [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll
07:15:50.0672 3384  C:\Windows\SysWOW64\mswsock.dll - ok
07:15:50.0672 3384  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
07:15:50.0672 3384  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
07:15:50.0672 3384  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
07:15:50.0672 3384  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
07:15:50.0672 3384  [ B5EB5BD3066959611E1F7A80FD6CC172 ] C:\Windows\SysWOW64\wininet.dll
07:15:50.0672 3384  C:\Windows\SysWOW64\wininet.dll - ok
07:15:50.0672 3384  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
07:15:50.0672 3384  C:\Windows\SysWOW64\mscoree.dll - ok
07:15:50.0672 3384  [ AB22BFF47D0C26749E4951680F64349C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
07:15:50.0672 3384  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
07:15:50.0672 3384  [ D34EEFD07A6578D9C4CF9C1A2F255468 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
07:15:50.0672 3384  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
07:15:50.0688 3384  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\imagehlp.dll - ok
07:15:50.0688 3384  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\msi.dll - ok
07:15:50.0688 3384  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\msimg32.dll - ok
07:15:50.0688 3384  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
07:15:50.0688 3384  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
07:15:50.0688 3384  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
07:15:50.0688 3384  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
07:15:50.0688 3384  [ B68750104FBA545C633B7E9AEA660208 ] C:\Windows\SysWOW64\iertutil.dll
07:15:50.0688 3384  C:\Windows\SysWOW64\iertutil.dll - ok
07:15:50.0703 3384  [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
07:15:50.0703 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
07:15:50.0703 3384  [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
07:15:50.0703 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
07:15:50.0703 3384  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
07:15:50.0703 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
07:15:50.0703 3384  [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
07:15:50.0703 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
07:15:50.0703 3384  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
07:15:50.0703 3384  C:\Windows\SysWOW64\uxtheme.dll - ok
07:15:50.0703 3384  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
07:15:50.0703 3384  C:\Windows\SysWOW64\cscapi.dll - ok
07:15:50.0703 3384  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
07:15:50.0703 3384  C:\Windows\SysWOW64\dbghelp.dll - ok
07:15:50.0703 3384  [ CF7B0E597C1F34E528285495721DEEE9 ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
07:15:50.0703 3384  C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe - ok
07:15:50.0719 3384  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
07:15:50.0719 3384  C:\Windows\SysWOW64\apphelp.dll - ok
07:15:50.0719 3384  [ 0DC0DE2966A6DBA4CFBF6639DF44F5BA ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
07:15:50.0719 3384  C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe - ok
07:15:50.0719 3384  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
07:15:50.0719 3384  C:\Windows\SysWOW64\clbcatq.dll - ok
07:15:50.0719 3384  [ 011285619951BC4C92FE322E08ABF050 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
07:15:50.0719 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
07:15:50.0719 3384  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
07:15:50.0719 3384  C:\Windows\SysWOW64\mstask.dll - ok
07:15:50.0719 3384  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
07:15:50.0719 3384  C:\Windows\System32\dbghelp.dll - ok
07:15:50.0719 3384  [ 956B6ACA4EFF31046403F0DD6235332E ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
07:15:50.0719 3384  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
07:15:50.0719 3384  [ 313576E467C2497B7FBDBB8075E2897C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\10ac4ed5a22a4882529e01cf7bd8b895\mscorlib.ni.dll
07:15:50.0719 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\10ac4ed5a22a4882529e01cf7bd8b895\mscorlib.ni.dll - ok
07:15:50.0735 3384  [ EAB245F6F0BFAE3FC8AEF94F6F109255 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
07:15:50.0735 3384  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
07:15:50.0735 3384  [ F85BF9D729BF07E1EC8CFFE88111D699 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\bff5f538eab1eb8a5c42e9867715de33\System.ni.dll
07:15:50.0735 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\bff5f538eab1eb8a5c42e9867715de33\System.ni.dll - ok
07:15:50.0735 3384  [ 72A518339CE57F4824DF2333C38DC644 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0a81bada44a029dd28fed217513ad24d\System.Configuration.ni.dll
07:15:50.0735 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0a81bada44a029dd28fed217513ad24d\System.Configuration.ni.dll - ok
07:15:50.0735 3384  [ F03E4BC9DAC312C3A0C57D1572F4DAE6 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Shared.ResourcesAndLocale.dll
07:15:50.0735 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Shared.ResourcesAndLocale.dll - ok
07:15:50.0735 3384  [ 9A13C8FF61A0B7A84723A83C3C05FF87 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\2f9397ea05512f313f5f21c9d7bc20a3\System.ServiceProcess.ni.dll
07:15:50.0735 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\2f9397ea05512f313f5f21c9d7bc20a3\System.ServiceProcess.ni.dll - ok
07:15:50.0735 3384  [ 67E2070DD07F66D60F550BA82910C3E2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d5cfc19d54290dc150dedcc6a58cf6ba\System.Xml.ni.dll
07:15:50.0735 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d5cfc19d54290dc150dedcc6a58cf6ba\System.Xml.ni.dll - ok
07:15:50.0735 3384  [ 60A8F8BCB1B435BBCFC04CFA6B3BDF8E ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
07:15:50.0735 3384  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
07:15:50.0750 3384  [ 4D485FD86B47FC693BE2D0EAA7F40969 ] C:\Mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe
07:15:50.0750 3384  C:\Mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe - ok
07:15:50.0750 3384  [ AE23898A58E747DFFB59D98813D02946 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Exception.dll
07:15:50.0750 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Exception.dll - ok
07:15:50.0750 3384  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
07:15:50.0750 3384  C:\Windows\System32\wsock32.dll - ok
07:15:50.0750 3384  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
07:15:50.0750 3384  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
07:15:50.0750 3384  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
07:15:50.0750 3384  C:\Windows\System32\NapiNSP.dll - ok
07:15:50.0750 3384  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
07:15:50.0750 3384  C:\Windows\System32\pnrpnsp.dll - ok
07:15:50.0750 3384  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
07:15:50.0750 3384  C:\Windows\System32\winrnr.dll - ok
07:15:50.0750 3384  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
07:15:50.0750 3384  C:\Program Files\Bonjour\mDNSResponder.exe - ok
07:15:50.0750 3384  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
07:15:50.0750 3384  C:\Windows\System32\vpnikeapi.dll - ok
07:15:50.0766 3384  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Mikes\Antivirus\MBAM\mbamscheduler.exe
07:15:50.0766 3384  C:\Mikes\Antivirus\MBAM\mbamscheduler.exe - ok
07:15:50.0766 3384  [ C2F1F7A0DFE45B4E8307EF069C8E0CBD ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Indexing.dll
07:15:50.0766 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Indexing.dll - ok
07:15:50.0766 3384  [ 0720A084A23F1FD3E656EA0D205DC9D5 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.MetaStore.dll
07:15:50.0766 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.MetaStore.dll - ok
07:15:50.0766 3384  [ 5B1CE390DFE9277A4C8369DE597052C3 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Content.dll
07:15:50.0766 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Content.dll - ok
07:15:50.0766 3384  [ F3DA25EBA882A81612DDFE3C951C4154 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Contracts.dll
07:15:50.0766 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Contracts.dll - ok
07:15:50.0766 3384  [ 404019744D69D822467EE5F4FEF3E8DF ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Services.dll
07:15:50.0766 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Services.dll - ok
07:15:50.0766 3384  [ 1A7D3623D91F5B8213F1EB50951C3518 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\aab789fb8e9675f0a3d90602148e2175\System.Core.ni.dll
07:15:50.0766 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\aab789fb8e9675f0a3d90602148e2175\System.Core.ni.dll - ok
07:15:50.0781 3384  [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll
07:15:50.0781 3384  C:\Windows\System32\cryptnet.dll - ok
07:15:50.0781 3384  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
07:15:50.0781 3384  C:\Windows\System32\vssapi.dll - ok
07:15:50.0781 3384  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
07:15:50.0781 3384  C:\Windows\System32\vsstrace.dll - ok
07:15:50.0781 3384  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Mikes\Antivirus\MBAM\mbam.dll
07:15:50.0781 3384  C:\Mikes\Antivirus\MBAM\mbam.dll - ok
07:15:50.0781 3384  [ 9275F02BEA644F43A459E316A932658F ] C:\Mikes\Antivirus\MBAM\mbamnet.dll
07:15:50.0781 3384  C:\Mikes\Antivirus\MBAM\mbamnet.dll - ok
07:15:50.0781 3384  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Mikes\Antivirus\MBAM\mbamservice.exe
07:15:50.0781 3384  C:\Mikes\Antivirus\MBAM\mbamservice.exe - ok
07:15:50.0781 3384  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
07:15:50.0781 3384  C:\Windows\SysWOW64\cryptsp.dll - ok
07:15:50.0781 3384  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Mikes\Antivirus\MBAM\mbamcore.dll
07:15:50.0781 3384  C:\Mikes\Antivirus\MBAM\mbamcore.dll - ok
07:15:50.0781 3384  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
07:15:50.0781 3384  C:\Windows\SysWOW64\rsaenh.dll - ok
07:15:50.0797 3384  [ 881E1D8AAB2B477062EBA2FEADF02338 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\422e81c400aee0242d9ad3c12c623cff\System.ServiceModel.ni.dll
07:15:50.0797 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\422e81c400aee0242d9ad3c12c623cff\System.ServiceModel.ni.dll - ok
07:15:50.0797 3384  [ E2E7F20A0E525932859058DEC8F979DE ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Logging.dll
07:15:50.0797 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Logging.dll - ok
07:15:50.0797 3384  [ 156FDE0E85025D180598E8FBD4DB3D23 ] C:\Program Files (x86)\Autodesk\Content Service\System.Data.SqlServerCE.dll
07:15:50.0797 3384  C:\Program Files (x86)\Autodesk\Content Service\System.Data.SqlServerCE.dll - ok
07:15:50.0797 3384  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
07:15:50.0797 3384  C:\Windows\SysWOW64\mpr.dll - ok
07:15:50.0797 3384  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
07:15:50.0797 3384  C:\Windows\SysWOW64\psapi.dll - ok
07:15:50.0797 3384  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
07:15:50.0797 3384  C:\Windows\System32\webio.dll - ok
07:15:50.0797 3384  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
07:15:50.0797 3384  C:\Windows\System32\httpapi.dll - ok
07:15:50.0797 3384  [ 9F98EFA7BB6535E456D3B6E83D8F5474 ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe
07:15:50.0797 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe - ok
07:15:50.0813 3384  [ A80CC74B408EBA846F45BD003639AC14 ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libconfig.dll
07:15:50.0813 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libconfig.dll - ok
07:15:50.0813 3384  [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
07:15:50.0813 3384  C:\Windows\System32\msvcp100.dll - ok
07:15:50.0813 3384  [ 598BC97CD90850067D3519903544120E ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libfactory.dll
07:15:50.0813 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libfactory.dll - ok
07:15:50.0813 3384  [ 932E1C9ACBDBE5AA288DC9C7BCEE68E0 ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mxml1.dll
07:15:50.0813 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mxml1.dll - ok
07:15:50.0813 3384  [ 28F5F119EEACB872120904945362CA4C ] C:\Windows\System32\vcomp100.dll
07:15:50.0813 3384  C:\Windows\System32\vcomp100.dll - ok
07:15:50.0813 3384  [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
07:15:50.0813 3384  C:\Windows\System32\pdh.dll - ok
07:15:50.0813 3384  [ 2BB47863177507783F5398A54F27B25C ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libmemmgr.dll
07:15:50.0813 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\libmemmgr.dll - ok
07:15:50.0813 3384  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
07:15:50.0813 3384  C:\Windows\System32\aepic.dll - ok
07:15:50.0813 3384  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
07:15:50.0813 3384  C:\Windows\System32\drivers\PEAuth.sys - ok
07:15:50.0828 3384  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
07:15:50.0828 3384  C:\Windows\System32\ncsi.dll - ok
07:15:50.0828 3384  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
07:15:50.0828 3384  C:\Windows\System32\ssdpapi.dll - ok
07:15:50.0828 3384  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
07:15:50.0828 3384  C:\Windows\System32\drivers\secdrv.sys - ok
07:15:50.0828 3384  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
07:15:50.0828 3384  C:\Windows\System32\drivers\srvnet.sys - ok
07:15:50.0828 3384  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
07:15:50.0828 3384  C:\Windows\System32\sfc.dll - ok
07:15:50.0828 3384  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
07:15:50.0828 3384  C:\Windows\System32\sfc_os.dll - ok
07:15:50.0828 3384  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
07:15:50.0828 3384  C:\Windows\System32\drivers\tcpipreg.sys - ok
07:15:50.0828 3384  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
07:15:50.0828 3384  C:\Windows\System32\wiatrace.dll - ok
07:15:50.0844 3384  [ 668C12E04D5AB4981864B12494AF907F ] C:\Windows\System32\drivers\vmnetuserif.sys
07:15:50.0844 3384  C:\Windows\System32\drivers\vmnetuserif.sys - ok
07:15:50.0844 3384  [ 363B76E94C65E235C2D6F676B49829E5 ] C:\Windows\SysWOW64\vmnat.exe
07:15:50.0844 3384  C:\Windows\SysWOW64\vmnat.exe - ok
07:15:50.0844 3384  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
07:15:50.0844 3384  C:\Windows\System32\wbemcomn.dll - ok
07:15:50.0844 3384  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
07:15:50.0844 3384  C:\Windows\SysWOW64\dnsapi.dll - ok
07:15:50.0844 3384  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
07:15:50.0844 3384  C:\Windows\SysWOW64\shfolder.dll - ok
07:15:50.0844 3384  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
07:15:50.0844 3384  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
07:15:50.0844 3384  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
07:15:50.0844 3384  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
07:15:50.0844 3384  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
07:15:50.0844 3384  C:\Windows\System32\rastapi.dll - ok
07:15:50.0859 3384  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
07:15:50.0859 3384  C:\Windows\System32\tapi32.dll - ok
07:15:50.0859 3384  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
07:15:50.0859 3384  C:\Windows\System32\wbem\WinMgmtR.dll - ok
07:15:50.0859 3384  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
07:15:50.0859 3384  C:\Windows\System32\unimdm.tsp - ok
07:15:50.0859 3384  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
07:15:50.0859 3384  C:\Windows\System32\hidphone.tsp - ok
07:15:50.0859 3384  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
07:15:50.0859 3384  C:\Windows\System32\kmddsp.tsp - ok
07:15:50.0859 3384  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
07:15:50.0859 3384  C:\Windows\System32\ndptsp.tsp - ok
07:15:50.0859 3384  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
07:15:50.0859 3384  C:\Windows\System32\uniplat.dll - ok
07:15:50.0859 3384  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
07:15:50.0859 3384  C:\Windows\System32\drivers\srv2.sys - ok
07:15:50.0859 3384  [ 549CD7035F5CF5CEE4DE11539C9715F4 ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmware-authd.exe
07:15:50.0859 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmware-authd.exe - ok
07:15:50.0875 3384  [ D977289AB4177ACA6EC4FCF42104DDC4 ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmwarebase.dll
07:15:50.0875 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmwarebase.dll - ok
07:15:50.0875 3384  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
07:15:50.0875 3384  C:\Windows\SysWOW64\winspool.drv - ok
07:15:50.0875 3384  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
07:15:50.0875 3384  C:\Windows\SysWOW64\webio.dll - ok
07:15:50.0875 3384  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
07:15:50.0875 3384  C:\Windows\SysWOW64\winhttp.dll - ok
07:15:50.0875 3384  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
07:15:50.0875 3384  C:\Windows\SysWOW64\cryptui.dll - ok
07:15:50.0875 3384  [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
07:15:50.0875 3384  C:\Windows\SysWOW64\WinSCard.dll - ok
07:15:50.0875 3384  [ 56801359C38F8F1C4012C694F048FA02 ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\libxml2.dll
07:15:50.0875 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\libxml2.dll - ok
07:15:50.0875 3384  [ C0FC279A2E86BCF02315FD9C9208990C ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\iconv.dll
07:15:50.0875 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\iconv.dll - ok
07:15:50.0891 3384  [ 71DF546DBD04A9ABF54FE1CF4E404490 ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\libeay32.dll
07:15:50.0891 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\libeay32.dll - ok
07:15:50.0891 3384  [ FFAFCDB6A31C10CC0240ED9178F6F6D0 ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\ssleay32.dll
07:15:50.0891 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\ssleay32.dll - ok
07:15:50.0891 3384  [ 9C9D86BEDE5D4A357FD7924F2CB02791 ] C:\Windows\SysWOW64\vmnetdhcp.exe
07:15:50.0891 3384  C:\Windows\SysWOW64\vmnetdhcp.exe - ok
07:15:50.0891 3384  [ 093B967896BA9EF2ADFCD75E185B9DA9 ] C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
07:15:50.0891 3384  C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe - ok
07:15:50.0891 3384  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
07:15:50.0891 3384  C:\Windows\System32\aeevts.dll - ok
07:15:50.0891 3384  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
07:15:50.0891 3384  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
07:15:50.0891 3384  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
07:15:50.0891 3384  C:\Windows\System32\sqmapi.dll - ok
07:15:50.0891 3384  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
07:15:50.0891 3384  C:\Windows\System32\wbem\wbemprox.dll - ok
07:15:50.0906 3384  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
07:15:50.0906 3384  C:\Windows\System32\wdscore.dll - ok
07:15:50.0906 3384  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
07:15:50.0906 3384  C:\Windows\System32\hnetcfg.dll - ok
07:15:50.0906 3384  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
07:15:50.0906 3384  C:\Windows\System32\nci.dll - ok
07:15:50.0906 3384  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
07:15:50.0906 3384  C:\Windows\System32\wbem\wbemcore.dll - ok
07:15:50.0906 3384  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
07:15:50.0906 3384  C:\Windows\System32\wbem\esscli.dll - ok
07:15:50.0906 3384  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
07:15:50.0906 3384  C:\Windows\System32\drivers\srv.sys - ok
07:15:50.0906 3384  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
07:15:50.0906 3384  C:\Windows\System32\wbem\fastprox.dll - ok
07:15:50.0906 3384  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
07:15:50.0906 3384  C:\Windows\System32\ntdsapi.dll - ok
07:15:50.0922 3384  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
07:15:50.0922 3384  C:\Windows\System32\wbem\wbemsvc.dll - ok
07:15:50.0922 3384  [ 147514F0CE974DA05AAF899EFC903CF9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\d69f27bb71380c2ab718af1ad5d21da9\System.Data.ni.dll
07:15:50.0922 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\d69f27bb71380c2ab718af1ad5d21da9\System.Data.ni.dll - ok
07:15:50.0922 3384  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
07:15:50.0922 3384  C:\Windows\System32\netmsg.dll - ok
07:15:50.0922 3384  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
07:15:50.0922 3384  C:\Windows\System32\wbem\wmiutils.dll - ok
07:15:50.0922 3384  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
07:15:50.0922 3384  C:\Windows\System32\clusapi.dll - ok
07:15:50.0922 3384  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
07:15:50.0922 3384  C:\Windows\System32\sscore.dll - ok
07:15:50.0922 3384  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
07:15:50.0922 3384  C:\Windows\System32\wbem\repdrvfs.dll - ok
07:15:50.0922 3384  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
07:15:50.0922 3384  C:\Windows\System32\rasppp.dll - ok
07:15:50.0937 3384  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
07:15:50.0937 3384  C:\Windows\System32\resutils.dll - ok
07:15:50.0937 3384  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
07:15:50.0937 3384  C:\Windows\System32\vpnike.dll - ok
07:15:50.0937 3384  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
07:15:50.0937 3384  C:\Windows\System32\mprapi.dll - ok
07:15:50.0937 3384  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
07:15:50.0937 3384  C:\Windows\System32\netshell.dll - ok
07:15:50.0937 3384  [ ABE4F2B914D25047C52F19CB828F5045 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
07:15:50.0937 3384  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
07:15:50.0937 3384  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
07:15:50.0937 3384  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
07:15:50.0937 3384  [ F37DB76A0940114CC48A75A2CDC87BB3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2e0c740c709204d6313ed6943f00d1a1\System.Transactions.ni.dll
07:15:50.0937 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2e0c740c709204d6313ed6943f00d1a1\System.Transactions.ni.dll - ok
07:15:50.0937 3384  [ 44BCD8E217B7C4254EF081755BAEE9BC ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
07:15:50.0937 3384  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
07:15:50.0953 3384  [ 4300447A5D8D42D3EFDA70DC5A55D6E5 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Utilities.dll
07:15:50.0953 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Utilities.dll - ok
07:15:50.0953 3384  [ 063AA78559CCD459E8613A727EE1CBE4 ] C:\Program Files (x86)\Autodesk\Content Service\sqlceme35.dll
07:15:50.0953 3384  C:\Program Files (x86)\Autodesk\Content Service\sqlceme35.dll - ok
07:15:50.0953 3384  [ 0BE914C883471E9F728E9E690D51BDEC ] C:\Program Files (x86)\Autodesk\Content Service\sqlceer35EN.dll
07:15:50.0953 3384  C:\Program Files (x86)\Autodesk\Content Service\sqlceer35EN.dll - ok
07:15:50.0953 3384  [ F400387A9F86CA917D89E53D46DEB02E ] C:\Program Files (x86)\Autodesk\Content Service\sqlcese35.dll
07:15:50.0953 3384  C:\Program Files (x86)\Autodesk\Content Service\sqlcese35.dll - ok
07:15:50.0953 3384  [ 30B8190C119EE82A2FEA935C82F90BF8 ] C:\Program Files (x86)\Autodesk\Content Service\sqlceqp35.dll
07:15:50.0953 3384  C:\Program Files (x86)\Autodesk\Content Service\sqlceqp35.dll - ok
07:15:50.0953 3384  [ A99B2FD850D364542C4910E8EA8B73FA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4682f62316a79ac86bc30f476d3d13a1\System.EnterpriseServices.ni.dll
07:15:50.0953 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4682f62316a79ac86bc30f476d3d13a1\System.EnterpriseServices.ni.dll - ok
07:15:50.0953 3384  [ B8CC9A70D2956CC58176883864AA5F62 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
07:15:50.0953 3384  C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
07:15:50.0953 3384  [ D6B925CA5740453B124A2D9B0505EDA0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4682f62316a79ac86bc30f476d3d13a1\System.EnterpriseServices.Wrapper.dll
07:15:50.0953 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\4682f62316a79ac86bc30f476d3d13a1\System.EnterpriseServices.Wrapper.dll - ok
07:15:50.0969 3384  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
07:15:50.0969 3384  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
07:15:50.0969 3384  [ 61A30DEAE67AE7D42160394F16A810F0 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Scheduler.dll
07:15:50.0969 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Scheduler.dll - ok
07:15:50.0969 3384  [ A722DD3D6894B9EC6E53106D02830B74 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Users.dll
07:15:50.0969 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.Users.dll - ok
07:15:50.0969 3384  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
07:15:50.0969 3384  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
07:15:50.0969 3384  [ B89CB7F3F1A1E2807E708F5435DEB13D ] C:\Program Files (x86)\Autodesk\Content Service\log4net.dll
07:15:50.0969 3384  C:\Program Files (x86)\Autodesk\Content Service\log4net.dll - ok
07:15:50.0969 3384  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
07:15:50.0969 3384  C:\Windows\System32\ncobjapi.dll - ok
07:15:50.0969 3384  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
07:15:50.0969 3384  C:\Windows\System32\wbem\wbemess.dll - ok
07:15:50.0969 3384  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
07:15:50.0969 3384  C:\Windows\System32\bthprops.cpl - ok
07:15:50.0984 3384  [ 4C759C5DE4A29D7088793D534F9F1A87 ] C:\Program Files (x86)\Autodesk\Content Service\Lucene.Net.dll
07:15:50.0984 3384  C:\Program Files (x86)\Autodesk\Content Service\Lucene.Net.dll - ok
07:15:50.0984 3384  [ F9C6C2C4B5F265C1CF727B5660278073 ] C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.FileStore.dll
07:15:50.0984 3384  C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.FileStore.dll - ok
07:15:50.0984 3384  [ F0C75E760F1C5D0120ED46646A640C26 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\51d256bd62eb113246c273261df1ff7a\SMDiagnostics.ni.dll
07:15:50.0984 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\51d256bd62eb113246c273261df1ff7a\SMDiagnostics.ni.dll - ok
07:15:50.0984 3384  [ A772FF769F9C973651DD25AB05F14C97 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\b76a01cb02537ad8be9cbe7b2f0a7bb8\System.ServiceModel.Internals.ni.dll
07:15:50.0984 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\b76a01cb02537ad8be9cbe7b2f0a7bb8\System.ServiceModel.Internals.ni.dll - ok
07:15:50.0984 3384  [ 820D36DF9736F73236D01AF888AF5DA5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d52a9aa8e6d3f00094be8796b1e7734f\System.Runtime.Serialization.ni.dll
07:15:50.0984 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d52a9aa8e6d3f00094be8796b1e7734f\System.Runtime.Serialization.ni.dll - ok
07:15:50.0984 3384  [ E09EA2AE4A399519531D4FF3AAED5DA6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\3b22371f606d65e393e20f60e5e2a740\System.ServiceModel.Web.ni.dll
07:15:50.0984 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\3b22371f606d65e393e20f60e5e2a740\System.ServiceModel.Web.ni.dll - ok
07:15:50.0984 3384  [ 0273C05D454E1B4867412FC427B774B3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\9a9f464c64af02fe78f24913f8310bdd\System.Web.Services.ni.dll
07:15:50.0984 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\9a9f464c64af02fe78f24913f8310bdd\System.Web.Services.ni.dll - ok
07:15:51.0000 3384  [ 5C5B892527154FDF3D157D5742E086E4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\162959a31d165ab1e5479ce4e1b7ed43\System.IdentityModel.ni.dll
07:15:51.0000 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\162959a31d165ab1e5479ce4e1b7ed43\System.IdentityModel.ni.dll - ok
07:15:51.0000 3384  [ D3FBB581EFAEFAC5056DB8591011C65E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\742467db809c3946cc750d6e9b65e6e2\System.Net.Http.ni.dll
07:15:51.0000 3384  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\742467db809c3946cc750d6e9b65e6e2\System.Net.Http.ni.dll - ok
07:15:51.0000 3384  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
07:15:51.0000 3384  C:\Windows\SysWOW64\pcwum.dll - ok
07:15:51.0000 3384  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
07:15:51.0000 3384  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
07:15:51.0000 3384  [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
07:15:51.0000 3384  C:\Windows\SysWOW64\httpapi.dll - ok
07:15:51.0000 3384  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
07:15:51.0000 3384  C:\Windows\SysWOW64\wship6.dll - ok
07:15:51.0000 3384  [ F0D0E883EBBDC7615DC9EDEA0FFB2817 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
07:15:51.0000 3384  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
07:15:51.0000 3384  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
07:15:51.0000 3384  C:\Windows\SysWOW64\perfos.dll - ok
07:15:51.0000 3384  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
07:15:51.0000 3384  C:\Windows\SysWOW64\rasadhlp.dll - ok
07:15:51.0015 3384  [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
07:15:51.0015 3384  C:\Windows\SysWOW64\perfproc.dll - ok
07:15:51.0015 3384  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
07:15:51.0015 3384  C:\Windows\System32\diagperf.dll - ok
07:15:51.0015 3384  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
07:15:51.0015 3384  C:\Windows\System32\perftrack.dll - ok
07:15:51.0015 3384  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
07:15:51.0015 3384  C:\Windows\System32\PortableDeviceApi.dll - ok
07:15:51.0015 3384  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
07:15:51.0015 3384  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
07:15:51.0015 3384  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
07:15:51.0015 3384  C:\Windows\System32\wer.dll - ok
07:15:51.0015 3384  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
07:15:51.0015 3384  C:\Windows\System32\Apphlpdm.dll - ok
07:15:51.0015 3384  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
07:15:51.0015 3384  C:\Windows\System32\npmproxy.dll - ok
07:15:51.0031 3384  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
07:15:51.0031 3384  C:\Windows\System32\pnpts.dll - ok
07:15:51.0031 3384  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
07:15:51.0031 3384  C:\Windows\System32\radardt.dll - ok
07:15:51.0031 3384  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
07:15:51.0031 3384  C:\Windows\System32\wdiasqmmodule.dll - ok
07:15:51.0031 3384  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
07:15:51.0031 3384  C:\Windows\System32\dimsjob.dll - ok
07:15:51.0031 3384  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
07:15:51.0031 3384  C:\Windows\System32\pautoenr.dll - ok
07:15:51.0031 3384  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
07:15:51.0031 3384  C:\Windows\System32\certcli.dll - ok
07:15:51.0031 3384  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
07:15:51.0031 3384  C:\Windows\System32\CertEnroll.dll - ok
07:15:51.0031 3384  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
07:15:51.0031 3384  C:\Windows\System32\runonce.exe - ok
07:15:51.0031 3384  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
07:15:51.0031 3384  C:\Windows\SysWOW64\runonce.exe - ok
07:15:51.0047 3384  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\propsys.dll - ok
07:15:51.0047 3384  [ 2EE1E467D73642AFDDB03019F58C252B ] C:\Windows\SysWOW64\urlmon.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\urlmon.dll - ok
07:15:51.0047 3384  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
07:15:51.0047 3384  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
07:15:51.0047 3384  [ 372948BB5E41CE42341C4398DE572E56 ] C:\Windows\SysWOW64\secur32.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\secur32.dll - ok
07:15:51.0047 3384  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
07:15:51.0047 3384  C:\Windows\SysWOW64\cmd.exe - ok
07:15:51.0047 3384  [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe
07:15:51.0047 3384  C:\Windows\System32\conhost.exe - ok
07:15:51.0047 3384  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
07:15:51.0047 3384  C:\Windows\SysWOW64\winbrand.dll - ok
07:15:51.0062 3384  [ 22868FAAF9C851BFA924B8D7EDB6CBC1 ] C:\Windows\SysWOW64\ieframe.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\ieframe.dll - ok
07:15:51.0062 3384  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
07:15:51.0062 3384  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\shdocvw.dll - ok
07:15:51.0062 3384  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Moschetti\AppData\Local\Temp\666FAC6F-753C-41ED-BBF2-E7EC87FB7D4D.exe
07:15:51.0062 3384  C:\Users\Moschetti\AppData\Local\Temp\666FAC6F-753C-41ED-BBF2-E7EC87FB7D4D.exe - ok
07:15:51.0062 3384  [ AD7FB087A238883D1618F29F7BBBD584 ] C:\Windows\SysWOW64\ncrypt.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\ncrypt.dll - ok
07:15:51.0062 3384  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\bcrypt.dll - ok
07:15:51.0062 3384  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
07:15:51.0062 3384  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
07:15:51.0062 3384  C:\Windows\SysWOW64\gpapi.dll - ok
07:15:51.0078 3384  [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\cryptnet.dll - ok
07:15:51.0078 3384  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\SensApi.dll - ok
07:15:51.0078 3384  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\dwmapi.dll - ok
07:15:51.0078 3384  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
07:15:51.0078 3384  [ F689C06F2C986E0D57BB8A8A9C37AE4E ] C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
07:15:51.0078 3384  C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL - ok
07:15:51.0078 3384  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\msvcr100.dll - ok
07:15:51.0078 3384  [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\msvcp100.dll - ok
07:15:51.0078 3384  [ C85670AB64068F8080998AEBA6C5019C ] C:\Windows\SysWOW64\atl100.dll
07:15:51.0078 3384  C:\Windows\SysWOW64\atl100.dll - ok
07:15:51.0078 3384  [ EF2429D3A5EB12DB1B5C92D3C3AE825A ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\Cultures\OFFICE.ODF
07:15:51.0078 3384  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\Cultures\OFFICE.ODF - ok
07:15:51.0093 3384  [ 87ABF3846E27647F1D502805F80D3B88 ] C:\PROGRA~2\MICROS~3\Office15\1033\GrooveIntlResource.dll
07:15:51.0093 3384  C:\PROGRA~2\MICROS~3\Office15\1033\GrooveIntlResource.dll - ok
07:15:51.0093 3384  [ D0AADBCF6F9A77471B46156058DDC2A1 ] C:\Windows\SysWOW64\CbFsMntNtf3.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\CbFsMntNtf3.dll - ok
07:15:51.0093 3384  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\winsta.dll - ok
07:15:51.0093 3384  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\EhStorShell.dll - ok
07:15:51.0093 3384  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\ntshrui.dll - ok
07:15:51.0093 3384  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\slc.dll - ok
07:15:51.0093 3384  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
07:15:51.0093 3384  C:\Windows\SysWOW64\imageres.dll - ok
07:15:51.0093 3384  [ 195D45D9972BD2D8666FF7B3BF58CB1A ] C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmnetBridge.dll
07:15:51.0093 3384  C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmnetBridge.dll - ok
07:15:51.0109 3384  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
07:15:51.0109 3384  C:\Windows\System32\ndiscapCfg.dll - ok
07:15:51.0109 3384  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
07:15:51.0109 3384  C:\Windows\System32\mprmsg.dll - ok
07:15:51.0109 3384  [ 7AE492D6FD81E9EBAB1B28F1225B8C44 ] C:\Windows\System32\vnetlib64.dll
07:15:51.0109 3384  C:\Windows\System32\vnetlib64.dll - ok
07:15:51.0125 3384  [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
07:15:51.0125 3384  C:\Windows\System32\newdev.dll - ok
07:15:51.0125 3384  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
07:15:51.0125 3384  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
07:15:51.0125 3384  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
07:15:51.0125 3384  C:\Windows\System32\wbem\cimwin32.dll - ok
07:15:51.0125 3384  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
07:15:51.0125 3384  C:\Windows\System32\framedynos.dll - ok
07:15:51.0125 3384  [ 0464F693C59CC02CF261DE7E4D33E5B7 ] C:\Windows\System32\wbem\WmiPerfClass.dll
07:15:51.0125 3384  C:\Windows\System32\wbem\WmiPerfClass.dll - ok
07:15:51.0125 3384  [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
07:15:51.0125 3384  C:\Windows\System32\wlaninst.dll - ok
07:15:51.0125 3384  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
07:15:51.0125 3384  C:\Windows\System32\wwaninst.dll - ok
07:15:51.0125 3384  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
07:15:51.0125 3384  C:\Windows\System32\rundll32.exe - ok
07:15:51.0140 3384  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
07:15:51.0140 3384  C:\Windows\System32\actxprxy.dll - ok
07:15:51.0140 3384  [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
07:15:51.0140 3384  C:\Windows\System32\spfileq.dll - ok
07:15:51.0140 3384  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
07:15:51.0140 3384  C:\Windows\System32\SensApi.dll - ok
07:15:51.0140 3384  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
07:15:51.0140 3384  C:\Windows\System32\IPSECSVC.DLL - ok
07:15:51.0140 3384  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
07:15:51.0140 3384  C:\Windows\System32\FwRemoteSvr.dll - ok
07:15:51.0140 3384  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
07:15:51.0140 3384  C:\Windows\SysWOW64\sfc.dll - ok
07:15:51.0140 3384  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
07:15:51.0140 3384  C:\Windows\SysWOW64\sfc_os.dll - ok
07:15:51.0140 3384  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
07:15:51.0140 3384  C:\Windows\SysWOW64\devrtl.dll - ok
07:15:51.0140 3384  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
07:15:51.0140 3384  C:\Windows\System32\wmploc.DLL - ok
07:15:51.0156 3384  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
07:15:51.0156 3384  C:\Windows\System32\themeui.dll - ok
07:15:51.0156 3384  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
07:15:51.0156 3384  C:\Windows\SysWOW64\credssp.dll - ok
07:15:51.0156 3384  [ 05018A4E76F1636EFBB7DCB76900872A ] C:\Windows\System32\ie4uinit.exe
07:15:51.0156 3384  C:\Windows\System32\ie4uinit.exe - ok
07:15:51.0156 3384  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
07:15:51.0156 3384  C:\Windows\System32\timedate.cpl - ok
07:15:51.0156 3384  [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll
07:15:51.0156 3384  C:\Windows\System32\shdocvw.dll - ok
07:15:51.0156 3384  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
07:15:51.0156 3384  C:\Windows\System32\linkinfo.dll - ok
07:15:51.0156 3384  [ F4BF5F909E33BD8B6C489B0EC58CB0EA ] C:\Program Files\iTunes\iTunesMiniPlayer.dll
07:15:51.0156 3384  C:\Program Files\iTunes\iTunesMiniPlayer.dll - ok
07:15:51.0156 3384  [ 8D50E5EB371B8EE29847185863E1A309 ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
07:15:51.0156 3384  C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll - ok
07:15:51.0171 3384  [ EAEF04815B7D64F5759EA17324A8E909 ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
07:15:51.0171 3384  C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll - ok
07:15:51.0171 3384  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
07:15:51.0171 3384  C:\Windows\System32\gameux.dll - ok
07:15:51.0171 3384  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
07:15:51.0171 3384  C:\Windows\System32\wbem\NCProv.dll - ok
07:15:51.0171 3384  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
07:15:51.0171 3384  C:\Windows\System32\msftedit.dll - ok
07:15:51.0171 3384  [ 2EBD0C5B090125AECF017C57344C45AB ] C:\Windows\System32\msls31.dll
07:15:51.0171 3384  C:\Windows\System32\msls31.dll - ok
07:15:51.0171 3384  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
07:15:51.0171 3384  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
07:15:51.0171 3384  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
07:15:51.0171 3384  C:\Windows\System32\DeviceCenter.dll - ok
07:15:51.0171 3384  [ 99805F1C432031799DC0FD34CCE3446F ] C:\Program Files\Microsoft Security Client\msseces.exe
07:15:51.0171 3384  C:\Program Files\Microsoft Security Client\msseces.exe - ok
07:15:51.0187 3384  [ FF01BF4D9C1D6AB832E0A788E75CC330 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
07:15:51.0187 3384  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
07:15:51.0187 3384  [ 74BB6162D79CEDFCA1421DE2685C3139 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
07:15:51.0187 3384  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
07:15:51.0187 3384  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
07:15:51.0187 3384  C:\Windows\System32\msxml3.dll - ok
07:15:51.0187 3384  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
07:15:51.0187 3384  C:\Windows\System32\thumbcache.dll - ok
07:15:51.0187 3384  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
07:15:51.0187 3384  C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
07:15:51.0187 3384  [ F296A16807B11E1EDD3713CDDAB07485 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
07:15:51.0187 3384  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
07:15:51.0187 3384  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
07:15:51.0187 3384  C:\Windows\System32\cabinet.dll - ok
07:15:51.0187 3384  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
07:15:51.0187 3384  C:\Windows\System32\p2pcollab.dll - ok
07:15:51.0203 3384  [ 510F5EB8E614E08D96BF971EBBB484CD ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
07:15:51.0203 3384  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
07:15:51.0203 3384  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
07:15:51.0203 3384  C:\Windows\System32\fveui.dll - ok
07:15:51.0203 3384  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
07:15:51.0203 3384  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
07:15:51.0203 3384  [ 5A662F668767C6A3228391859113F6AD ] C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
07:15:51.0203 3384  C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL - ok
07:15:51.0203 3384  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
07:15:51.0203 3384  C:\Windows\System32\networkexplorer.dll - ok
07:15:51.0203 3384  [ F40DA99A763D5584EC5D6F7B563FE5D6 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
07:15:51.0203 3384  C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
07:15:51.0203 3384  [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
07:15:51.0203 3384  C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
07:15:51.0203 3384  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
07:15:51.0203 3384  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
07:15:51.0218 3384  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
07:15:51.0218 3384  C:\Windows\System32\wdmaud.drv - ok
07:15:51.0218 3384  [ F2F9D7A00C960F1B63580BEF6851BE39 ] C:\Mikes\Games\Steam\Steam.exe
07:15:51.0218 3384  C:\Mikes\Games\Steam\Steam.exe - ok
07:15:51.0218 3384  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
07:15:51.0218 3384  C:\Windows\System32\ksuser.dll - ok
07:15:51.0218 3384  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
07:15:51.0218 3384  C:\Windows\System32\AudioSes.dll - ok
07:15:51.0218 3384  [ DA5FBAA5D62B4FD393947DE5EE8715BE ] C:\Users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe
07:15:51.0218 3384  C:\Users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe - ok
07:15:51.0218 3384  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
07:15:51.0218 3384  C:\Windows\SysWOW64\taskschd.dll - ok
07:15:51.0218 3384  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
07:15:51.0218 3384  C:\Windows\System32\msi.dll - ok
07:15:51.0218 3384  [ D030C3837700CF4C2F943152948631FA ] C:\Program Files (x86)\Common Files\Autodesk Shared\AcSignCore16.dll
07:15:51.0218 3384  C:\Program Files (x86)\Common Files\Autodesk Shared\AcSignCore16.dll - ok
07:15:51.0234 3384  [ 152C02B5BC6832E610FBB55AD89F398F ] C:\Mikes\Calibre\calibre-parallel.exe
07:15:51.0234 3384  C:\Mikes\Calibre\calibre-parallel.exe - ok
07:15:51.0234 3384  [ BD155B2063D1303410FEFD7B2F02B912 ] C:\Mikes\Calibre\calibre.exe
07:15:51.0234 3384  C:\Mikes\Calibre\calibre.exe - ok
07:15:51.0234 3384  [ 4857974E3BEEAB4BCAA25AE3441CFE25 ] C:\Mikes\Microsoft Office\Office15\CLVIEW.EXE
07:15:51.0234 3384  C:\Mikes\Microsoft Office\Office15\CLVIEW.EXE - ok
07:15:51.0234 3384  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
07:15:51.0234 3384  C:\Windows\System32\msiltcfg.dll - ok
07:15:51.0234 3384  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
07:15:51.0234 3384  C:\Windows\SysWOW64\ddraw.dll - ok
07:15:51.0234 3384  [ D410B0CF8441295F13C70DFE3E14F5F6 ] C:\Mikes\Catia\Catia\win_b64\code\bin\CNEXT.exe
07:15:51.0234 3384  C:\Mikes\Catia\Catia\win_b64\code\bin\CNEXT.exe - ok
07:15:51.0234 3384  [ 2342EC9254F4C60CA98441BD65C89E12 ] C:\Windows\SysWOW64\dciman32.dll
07:15:51.0234 3384  C:\Windows\SysWOW64\dciman32.dll - ok
07:15:51.0234 3384  [ 8492663C2D88A29B597D2F07549E3EBB ] C:\Mikes\Games\Steam\crashhandler.dll
07:15:51.0234 3384  C:\Mikes\Games\Steam\crashhandler.dll - ok
07:15:51.0234 3384  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
07:15:51.0234 3384  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
07:15:51.0249 3384  [ 2C3DD3A5F9278192D1D26E2AACD26BED ] C:\Mikes\Gamecube\Dolphin.exe
07:15:51.0249 3384  C:\Mikes\Gamecube\Dolphin.exe - ok
07:15:51.0249 3384  [ E9D23E811F7BA9244DA19D3B7B453086 ] C:\Mikes\Games\Steam\steamerrorreporter.exe
07:15:51.0249 3384  C:\Mikes\Games\Steam\steamerrorreporter.exe - ok
07:15:51.0249 3384  [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
07:15:51.0249 3384  C:\Windows\SysWOW64\dxva2.dll - ok
07:15:51.0249 3384  [ 5797FBA31E551A1AA9923BAEF2B8856B ] C:\Mikes\Games\Steam\tier0_s.dll
07:15:51.0249 3384  C:\Mikes\Games\Steam\tier0_s.dll - ok
07:15:51.0249 3384  [ 1F750E18DDB9649AF66B22B8C7D2DB6E ] C:\Mikes\Games\Steam\vstdlib_s.dll
07:15:51.0249 3384  C:\Mikes\Games\Steam\vstdlib_s.dll - ok
07:15:51.0249 3384  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
07:15:51.0249 3384  C:\Windows\System32\oleacc.dll - ok
07:15:51.0249 3384  [ 22DA0DDAF1BF9E0FB5C705319024429B ] C:\Mikes\uTorrent\uTorrent.exe
07:15:51.0249 3384  C:\Mikes\uTorrent\uTorrent.exe - ok
07:15:51.0249 3384  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
07:15:51.0249 3384  C:\Windows\System32\stobject.dll - ok
07:15:51.0249 3384  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
07:15:51.0249 3384  C:\Windows\System32\batmeter.dll - ok
07:15:51.0265 3384  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\nlaapi.dll - ok
07:15:51.0265 3384  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
07:15:51.0265 3384  [ 97F4EEEEDCDBE88B99368BA5013B836A ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
07:15:51.0265 3384  C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
07:15:51.0265 3384  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\NapiNSP.dll - ok
07:15:51.0265 3384  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\comdlg32.dll - ok
07:15:51.0265 3384  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\netprofm.dll - ok
07:15:51.0265 3384  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
07:15:51.0265 3384  C:\Windows\System32\dsound.dll - ok
07:15:51.0265 3384  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
07:15:51.0265 3384  C:\Windows\SysWOW64\pnrpnsp.dll - ok
07:15:51.0281 3384  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
07:15:51.0281 3384  C:\Windows\SysWOW64\winrnr.dll - ok
07:15:51.0281 3384  [ 294F5A00BA13873A4A4BC1424C69D435 ] C:\Program Files\Internet Explorer\sqmapi.dll
07:15:51.0281 3384  C:\Program Files\Internet Explorer\sqmapi.dll - ok
07:15:51.0281 3384  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
07:15:51.0281 3384  C:\Windows\SysWOW64\npmproxy.dll - ok
07:15:51.0281 3384  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
07:15:51.0281 3384  C:\Windows\System32\msacm32.drv - ok
07:15:51.0281 3384  [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
07:15:51.0281 3384  C:\Windows\System32\opengl32.dll - ok
07:15:51.0281 3384  [ 19FB619F2E59A1D9FC8FF5661A89977F ] C:\Mikes\DAEMON Tools\DTLite.exe
07:15:51.0281 3384  C:\Mikes\DAEMON Tools\DTLite.exe - ok
07:15:51.0281 3384  [ AA0AC5B8C45AF41D1215B156272FC869 ] C:\Windows\SysWOW64\aticfx32.dll
07:15:51.0281 3384  C:\Windows\SysWOW64\aticfx32.dll - ok
07:15:51.0281 3384  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
07:15:51.0281 3384  C:\Windows\System32\msacm32.dll - ok
07:15:51.0296 3384  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
07:15:51.0296 3384  C:\Windows\System32\midimap.dll - ok
07:15:51.0296 3384  [ F10ADB851EF1BD5144FE6D1691CD7576 ] C:\Users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
07:15:51.0296 3384  C:\Users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - ok
07:15:51.0296 3384  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
07:15:51.0296 3384  C:\Windows\SysWOW64\FirewallAPI.dll - ok
07:15:51.0296 3384  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
07:15:51.0296 3384  C:\Windows\System32\AudioEng.dll - ok
07:15:51.0296 3384  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
07:15:51.0296 3384  C:\Windows\System32\UIAnimation.dll - ok
07:15:51.0296 3384  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
07:15:51.0296 3384  C:\Windows\System32\prnfldr.dll - ok
07:15:51.0296 3384  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
07:15:51.0296 3384  C:\Windows\System32\AUDIOKSE.dll - ok
07:15:51.0296 3384  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
07:15:51.0296 3384  C:\Windows\SysWOW64\hnetcfg.dll - ok
07:15:51.0296 3384  [ 5D09A0DCE86829EB91A82EA13691CAC6 ] C:\Windows\SysWOW64\atiu9pag.dll
07:15:51.0296 3384  C:\Windows\SysWOW64\atiu9pag.dll - ok
07:15:51.0312 3384  [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
07:15:51.0312 3384  C:\Windows\System32\glu32.dll - ok
07:15:51.0312 3384  [ AAB979089E192ACC0FE1E3C018F8B591 ] C:\Users\Moschetti\AppData\Local\Akamai\netsession_win.exe
07:15:51.0312 3384  C:\Users\Moschetti\AppData\Local\Akamai\netsession_win.exe - ok
07:15:51.0312 3384  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
07:15:51.0312 3384  C:\Windows\SysWOW64\atl.dll - ok
07:15:51.0312 3384  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
07:15:51.0312 3384  C:\Windows\System32\DXP.dll - ok
07:15:51.0312 3384  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
07:15:51.0312 3384  C:\Windows\System32\ddraw.dll - ok
07:15:51.0312 3384  [ 1248D3C920BFC59FE8B9D1C0808167D7 ] C:\Program Files (x86)\XFastUsb\XFastUsb.exe
07:15:51.0312 3384  C:\Program Files (x86)\XFastUsb\XFastUsb.exe - ok
07:15:51.0312 3384  [ EB9F220E8DC22310B199AE6A49B7E168 ] C:\Windows\SysWOW64\atiumdag.dll
07:15:51.0312 3384  C:\Windows\SysWOW64\atiumdag.dll - ok
07:15:51.0312 3384  [ 7E6CA0FBCFDD2B6E2D99EDD8B673A192 ] C:\Windows\System32\MBWrp64.dll
07:15:51.0312 3384  C:\Windows\System32\MBWrp64.dll - ok
07:15:51.0327 3384  [ AB5C596EA671E9E3DB6FC4529B85D7A7 ] C:\Windows\System32\RtkAPO64.dll
07:15:51.0327 3384  C:\Windows\System32\RtkAPO64.dll - ok
07:15:51.0327 3384  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
07:15:51.0327 3384  C:\Windows\System32\Syncreg.dll - ok
07:15:51.0327 3384  [ A5ED9421B8D09ED4F57CDA386307713E ] C:\Windows\System32\dciman32.dll
07:15:51.0327 3384  C:\Windows\System32\dciman32.dll - ok
07:15:51.0327 3384  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
07:15:51.0327 3384  C:\Windows\System32\AltTab.dll - ok
07:15:51.0327 3384  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
07:15:51.0327 3384  C:\Windows\System32\oledlg.dll - ok
07:15:51.0327 3384  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
07:15:51.0327 3384  C:\Windows\ehome\ehSSO.dll - ok
07:15:51.0327 3384  [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
07:15:51.0327 3384  C:\Windows\System32\RtkCfg64.dll - ok
07:15:51.0327 3384  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
07:15:51.0327 3384  C:\Windows\System32\pnidui.dll - ok
07:15:51.0327 3384  [ 1CA3B562482F5151CFEC894E177D484D ] C:\Mikes\DAEMON Tools\DTCommonRes.dll
07:15:51.0327 3384  C:\Mikes\DAEMON Tools\DTCommonRes.dll - ok
07:15:51.0343 3384  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
07:15:51.0343 3384  C:\Windows\System32\QUTIL.DLL - ok
07:15:51.0343 3384  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
07:15:51.0343 3384  C:\Windows\System32\ActionCenter.dll - ok
07:15:51.0343 3384  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
07:15:51.0343 3384  C:\Windows\System32\WMALFXGFXDSP.dll - ok
07:15:51.0343 3384  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
07:15:51.0343 3384  C:\Windows\System32\WPDShServiceObj.dll - ok
07:15:51.0343 3384  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
07:15:51.0343 3384  C:\Windows\System32\PortableDeviceTypes.dll - ok
07:15:51.0343 3384  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
07:15:51.0343 3384  C:\Windows\SysWOW64\pdh.dll - ok
07:15:51.0343 3384  [ 95951E6A277F78FA13A85F2F408F4C0B ] C:\Windows\System32\ieframe.dll
07:15:51.0343 3384  C:\Windows\System32\ieframe.dll - ok
07:15:51.0343 3384  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
07:15:51.0343 3384  C:\Windows\System32\mfplat.dll - ok
07:15:51.0343 3384  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
07:15:51.0343 3384  C:\Windows\SysWOW64\security.dll - ok
07:15:51.0359 3384  [ 4CB7CEE3F7540B0BEDBD158D75F06509 ] C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CLIStart.exe
07:15:51.0359 3384  C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CLIStart.exe - ok
07:15:51.0359 3384  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
07:15:51.0359 3384  C:\Windows\SysWOW64\msv1_0.dll - ok
07:15:51.0359 3384  [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
07:15:51.0359 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
07:15:51.0359 3384  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
07:15:51.0359 3384  C:\Windows\SysWOW64\cryptdll.dll - ok
07:15:51.0359 3384  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
07:15:51.0359 3384  C:\Windows\SysWOW64\hid.dll - ok
07:15:51.0359 3384  [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
07:15:51.0359 3384  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
07:15:51.0359 3384  [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
07:15:51.0359 3384  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
07:15:51.0359 3384  [ 8608FB2C0383CDECD405E2611F04ED68 ] C:\Windows\SysWOW64\atiadlxy.dll
07:15:51.0359 3384  C:\Windows\SysWOW64\atiadlxy.dll - ok
07:15:51.0374 3384  [ 2402608897A8BCBAC7469A7DB1C874DA ] C:\Windows\SysWOW64\atiumdva.dll
07:15:51.0374 3384  C:\Windows\SysWOW64\atiumdva.dll - ok
07:15:51.0374 3384  [ 8FE651ACBA3344E645CFEB6286FFF6B8 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
07:15:51.0374 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
07:15:51.0374 3384  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:15:51.0374 3384  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
07:15:51.0374 3384  [ FB1A303207C1124C2B61A50E5A32AC21 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
07:15:51.0374 3384  C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
07:15:51.0374 3384  [ 1E09DFA4048196C9D3CC40C485A39422 ] C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\MOM.exe
07:15:51.0374 3384  C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\MOM.exe - ok
07:15:51.0374 3384  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
07:15:51.0374 3384  C:\Windows\System32\mscoree.dll - ok
07:15:51.0374 3384  [ 4CB25D0504423D7BCCB9C547E253A67F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
07:15:51.0374 3384  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
07:15:51.0374 3384  [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
07:15:51.0374 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
07:15:51.0390 3384  [ E18FB695084BF2D748E977813119CE6F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
07:15:51.0390 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
07:15:51.0390 3384  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
07:15:51.0390 3384  C:\Windows\SysWOW64\oleacc.dll - ok
07:15:51.0390 3384  [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
07:15:51.0390 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
07:15:51.0390 3384  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
07:15:51.0390 3384  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
07:15:51.0390 3384  [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
07:15:51.0390 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
07:15:51.0390 3384  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
07:15:51.0390 3384  C:\Windows\SysWOW64\cabinet.dll - ok
07:15:51.0390 3384  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
07:15:51.0390 3384  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
07:15:51.0390 3384  [ 204619D1E01030D30D1A8AE40F4A44E8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
07:15:51.0390 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
07:15:51.0405 3384  [ 2FF5C1A6DCA598A89F41F7D014D40A40 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
07:15:51.0405 3384  C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
07:15:51.0405 3384  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
07:15:51.0405 3384  C:\Windows\SysWOW64\sxs.dll - ok
07:15:51.0405 3384  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
07:15:51.0405 3384  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
07:15:51.0405 3384  [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
07:15:51.0405 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
07:15:51.0405 3384  [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
07:15:51.0405 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
07:15:51.0405 3384  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
07:15:51.0405 3384  C:\Windows\SysWOW64\oledlg.dll - ok
07:15:51.0405 3384  [ 4823DFE702BAE876CB31F58573D7EB55 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
07:15:51.0405 3384  C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
07:15:51.0405 3384  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
07:15:51.0405 3384  C:\Windows\SysWOW64\wshqos.dll - ok
07:15:51.0421 3384  [ DDB28B382DC5C76D6BBA4A6566776A68 ] C:\Mikes\DAEMON Tools\Engine.dll
07:15:51.0421 3384  C:\Mikes\DAEMON Tools\Engine.dll - ok
07:15:51.0421 3384  [ 61DC2C38CEC0B2DF22B09F1A6E0B00DD ] C:\Windows\SysWOW64\mscat32.dll
07:15:51.0421 3384  C:\Windows\SysWOW64\mscat32.dll - ok
07:15:51.0421 3384  [ 1ED597D505C38960E60F7EBB713D860A ] C:\Mikes\Microsoft Office\Office15\EXCEL.EXE
07:15:51.0421 3384  C:\Mikes\Microsoft Office\Office15\EXCEL.EXE - ok
07:15:51.0421 3384  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
07:15:51.0421 3384  C:\Windows\SysWOW64\msxml3.dll - ok
07:15:51.0421 3384  [ AA6F6457116B559B76BC6A012CB4C293 ] C:\Windows\SysWOW64\schannel.dll
07:15:51.0421 3384  C:\Windows\SysWOW64\schannel.dll - ok
07:15:51.0421 3384  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
07:15:51.0421 3384  C:\Windows\System32\dssenh.dll - ok
07:15:51.0421 3384  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
07:15:51.0421 3384  C:\Windows\System32\tquery.dll - ok
07:15:51.0421 3384  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
07:15:51.0421 3384  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
07:15:51.0421 3384  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
07:15:51.0421 3384  C:\Windows\System32\mssrch.dll - ok
07:15:51.0437 3384  [ ACA30B753EF16345AE2100E40603BF14 ] C:\Windows\System32\msvcr110_clr0400.dll
07:15:51.0437 3384  C:\Windows\System32\msvcr110_clr0400.dll - ok
07:15:51.0437 3384  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
07:15:51.0437 3384  C:\Windows\System32\msidle.dll - ok
07:15:51.0437 3384  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
07:15:51.0437 3384  C:\Windows\System32\FXSST.dll - ok
07:15:51.0437 3384  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
07:15:51.0437 3384  C:\Windows\System32\mssprxy.dll - ok
07:15:51.0437 3384  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
07:15:51.0437 3384  C:\Windows\SysWOW64\mssprxy.dll - ok
07:15:51.0437 3384  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
07:15:51.0437 3384  C:\Windows\System32\en-US\tquery.dll.mui - ok
07:15:51.0437 3384  [ 1D1C62A470A5C0B1630B9C952F9B8E3B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\0832c089ad313c3a508ac8e56b7dab72\mscorlib.ni.dll
07:15:51.0437 3384  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\0832c089ad313c3a508ac8e56b7dab72\mscorlib.ni.dll - ok
07:15:51.0437 3384  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
07:15:51.0437 3384  C:\Windows\System32\FXSAPI.dll - ok
07:15:51.0452 3384  [ 23496328DFF74807919802AC0523CF72 ] C:\Mikes\AutoCAD\Inventor Fusion 2013\Inventor Fusion.exe
07:15:51.0452 3384  C:\Mikes\AutoCAD\Inventor Fusion 2013\Inventor Fusion.exe - ok
07:15:51.0452 3384  [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Mikes\DAEMON Tools\imgengine.dll
07:15:51.0452 3384  C:\Mikes\DAEMON Tools\imgengine.dll - ok
07:15:51.0452 3384  [ B2E59F5E8BDD0D44A3E5558B55BFA6F7 ] C:\Mikes\AutoCAD\Inventor\Inventor 2014\Bin\Inventor.exe
07:15:51.0452 3384  C:\Mikes\AutoCAD\Inventor\Inventor 2014\Bin\Inventor.exe - ok
07:15:51.0452 3384  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
07:15:51.0452 3384  C:\Windows\System32\cscobj.dll - ok
07:15:51.0452 3384  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
07:15:51.0452 3384  C:\Windows\System32\FXSSVC.exe - ok
07:15:51.0452 3384  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
07:15:51.0452 3384  C:\Windows\System32\srchadmin.dll - ok
07:15:51.0452 3384  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\19477727.sys
07:15:51.0452 3384  C:\Windows\System32\drivers\19477727.sys - ok
07:15:51.0452 3384  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
07:15:51.0452 3384  C:\Windows\System32\rasdlg.dll - ok
07:15:51.0452 3384  [ 344EAA539954FEA3E74CB4A124E4A3B7 ] C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LMU.exe
07:15:51.0452 3384  C:\Program Files\Common Files\Autodesk Shared\AdLM\R7\LMU.exe - ok
07:15:51.0468 3384  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
07:15:51.0468 3384  C:\Windows\SysWOW64\riched20.dll - ok
07:15:51.0468 3384  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
07:15:51.0468 3384  C:\Windows\System32\dot3api.dll - ok
07:15:51.0468 3384  [ 823CA5736CDCEF449243A95422DDE309 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
07:15:51.0468 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
07:15:51.0468 3384  [ 7AE3E53CAE91A7570AD990FAF113AE05 ] C:\Debug\logviewer.exe
07:15:51.0468 3384  C:\Debug\logviewer.exe - ok
07:15:51.0468 3384  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
07:15:51.0468 3384  C:\Windows\System32\wlanhlp.dll - ok
07:15:51.0468 3384  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
07:15:51.0468 3384  C:\Windows\System32\wlanapi.dll - ok
07:15:51.0468 3384  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
07:15:51.0468 3384  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
07:15:51.0468 3384  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
07:15:51.0468 3384  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
07:15:51.0483 3384  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
07:15:51.0483 3384  C:\Windows\System32\WWanAPI.dll - ok
07:15:51.0483 3384  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
07:15:51.0483 3384  C:\Windows\SysWOW64\mscms.dll - ok
07:15:51.0483 3384  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
07:15:51.0483 3384  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
07:15:51.0483 3384  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
07:15:51.0483 3384  C:\Windows\System32\wwapi.dll - ok
07:15:51.0483 3384  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
07:15:51.0483 3384  C:\Windows\System32\QAGENT.DLL - ok
07:15:51.0483 3384  [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
07:15:51.0483 3384  C:\Windows\SysWOW64\icm32.dll - ok
07:15:51.0483 3384  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
07:15:51.0483 3384  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
07:15:51.0483 3384  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
07:15:51.0483 3384  C:\Windows\SysWOW64\duser.dll - ok
07:15:51.0483 3384  [ 764664FDC823738CD3E280A6D06F1958 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\d6f71afba4c1be4438ed3c797020a567\System.ni.dll
07:15:51.0483 3384  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\d6f71afba4c1be4438ed3c797020a567\System.ni.dll - ok
07:15:51.0499 3384  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
07:15:51.0499 3384  C:\Windows\SysWOW64\dui70.dll - ok
07:15:51.0499 3384  [ B3EE7BD189C5925D4C0D2BBFCA00FDD1 ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
07:15:51.0499 3384  C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
07:15:51.0499 3384  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
07:15:51.0499 3384  C:\Windows\System32\drmv2clt.dll - ok
07:15:51.0499 3384  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
07:15:51.0499 3384  C:\Windows\System32\wmdrmdev.dll - ok
07:15:51.0499 3384  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
07:15:51.0499 3384  C:\Windows\System32\blackbox.dll - ok
07:15:51.0499 3384  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
07:15:51.0499 3384  C:\Windows\System32\upnp.dll - ok
07:15:51.0499 3384  [ C02CEBE626E1BC4895E4A28BC634AFBD ] C:\Mikes\MPC\mpc-hc64.exe
07:15:51.0499 3384  C:\Mikes\MPC\mpc-hc64.exe - ok
07:15:51.0499 3384  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
07:15:51.0499 3384  C:\Windows\System32\wmp.dll - ok
07:15:51.0499 3384  [ 1CEE8A7556571071D5F59DE736C0AF65 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\6ed431612b3846b005a199d37de665f8\System.Drawing.ni.dll
07:15:51.0499 3384  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\6ed431612b3846b005a199d37de665f8\System.Drawing.ni.dll - ok
07:15:51.0515 3384  [ B000A8E0B73618A00EDF8A736F08DFAA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\bea921c43c1421cd834c505a694ed821\System.Windows.Forms.ni.dll
07:15:51.0515 3384  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\bea921c43c1421cd834c505a694ed821\System.Windows.Forms.ni.dll - ok
07:15:51.0515 3384  [ FFA7B9993483779A6FA4E7CAFFBC1398 ] C:\Program Files\Internet Explorer\ieproxy.dll
07:15:51.0515 3384  C:\Program Files\Internet Explorer\ieproxy.dll - ok
07:15:51.0515 3384  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
07:15:51.0515 3384  C:\Windows\System32\wmpps.dll - ok
07:15:51.0515 3384  [ 0F35FA6A2F5B7F234F7F1E0FD12BC867 ] C:\Mikes\Microsoft Office\Office15\MSOSYNC.EXE
07:15:51.0515 3384  C:\Mikes\Microsoft Office\Office15\MSOSYNC.EXE - ok
07:15:51.0515 3384  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
07:15:51.0515 3384  C:\Windows\System32\wmpmde.dll - ok
07:15:51.0515 3384  [ B34C121D1B4CC1863539D94129251667 ] C:\Mikes\Microsoft Office\Office15\MSOUC.EXE
07:15:51.0515 3384  C:\Mikes\Microsoft Office\Office15\MSOUC.EXE - ok
07:15:51.0515 3384  [ BE7DB77744A9FA7EFCCA82B5B6DD45CA ] C:\Mikes\Microsoft Office\Office15\MSPUB.EXE
07:15:51.0515 3384  C:\Mikes\Microsoft Office\Office15\MSPUB.EXE - ok
07:15:51.0515 3384  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
07:15:51.0515 3384  C:\Windows\System32\WinSATAPI.dll - ok
07:15:51.0530 3384  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
07:15:51.0530 3384  C:\Windows\System32\MSMPEG2ENC.DLL - ok
07:15:51.0530 3384  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
07:15:51.0530 3384  C:\Windows\System32\devenum.dll - ok
07:15:51.0530 3384  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
07:15:51.0530 3384  C:\Windows\System32\msdmo.dll - ok
07:15:51.0530 3384  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
07:15:51.0530 3384  C:\Windows\System32\wbem\wmiprov.dll - ok
07:15:51.0530 3384  [ 1E11EE6EBA9876A9FFAFBB4499209EE8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
07:15:51.0530 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
07:15:51.0530 3384  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:15:51.0530 3384  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
07:15:51.0530 3384  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
07:15:51.0530 3384  C:\Windows\System32\udhisapi.dll - ok
07:15:51.0530 3384  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:15:51.0530 3384  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
07:15:51.0546 3384  [ 9E9FDE34D66404232E5188EE419CFC80 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\afc1f124d379b0c4c6fe50adc31bb3fc\System.Runtime.Remoting.ni.dll
07:15:51.0546 3384  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\afc1f124d379b0c4c6fe50adc31bb3fc\System.Runtime.Remoting.ni.dll - ok
07:15:51.0546 3384  [ 2D2256BB3F6324025147EBA4872AB686 ] C:\Program Files (x86)\Google\Update\1.3.21.165\goopdateres_en-GB.dll
07:15:51.0546 3384  C:\Program Files (x86)\Google\Update\1.3.21.165\goopdateres_en-GB.dll - ok
07:15:51.0546 3384  [ 9AD4BEE2FE76D4CA39AC969B617E94FB ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:15:51.0546 3384  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
07:15:51.0546 3384  [ 656248B44E3FE08FD524E7C270E2AAE9 ] C:\Windows\System32\CbFsNetRdr3.dll
07:15:51.0546 3384  C:\Windows\System32\CbFsNetRdr3.dll - ok
07:15:51.0546 3384  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
07:15:51.0546 3384  C:\Windows\System32\drprov.dll - ok
07:15:51.0546 3384  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
07:15:51.0546 3384  C:\Windows\System32\ntlanman.dll - ok
07:15:51.0546 3384  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
07:15:51.0546 3384  C:\Windows\System32\davclnt.dll - ok
07:15:51.0546 3384  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
07:15:51.0546 3384  C:\Windows\System32\davhlpr.dll - ok
07:15:51.0561 3384  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
07:15:51.0561 3384  C:\Windows\System32\drivers\spsys.sys - ok
07:15:51.0561 3384  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
07:15:51.0561 3384  C:\Windows\System32\wuapi.dll - ok
07:15:51.0561 3384  [ 74CDE657245C114B98816E89B8D4CCD1 ] C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CCC.exe
07:15:51.0561 3384  C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CCC.exe - ok
07:15:51.0561 3384  ============================================================
07:15:51.0561 3384  Scan finished
07:15:51.0561 3384  ============================================================
07:15:51.0561 3388  Detected object count: 2
07:15:51.0561 3388  Actual detected object count: 2
07:16:13.0167 3388  !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
07:16:13.0167 3388  !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:16:13.0167 3388  BBDemon ( UnsignedFile.Multi.Generic ) - skipped by user
07:16:13.0167 3388  BBDemon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
07:16:40.0202 3324  Deinitialize success


#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 21 November 2013 - 08:23 PM


Hello lost1010



Please download Farbar Recovery Scan Tool and save it to your desktop.


Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 lost1010

lost1010
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:09:20 PM

Posted 21 November 2013 - 08:38 PM

Heya Gringo

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-11-2013
Ran by Moschetti (administrator) on MOSCHETTI-PC on 22-11-2013 12:36:37
Running from C:\Users\Moschetti\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Valve Corporation) C:\Mikes\Games\Steam\Steam.exe
(Flux Software LLC) C:\Users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe
(BitTorrent, Inc.) C:\Mikes\uTorrent\uTorrent.exe
(Spotify Ltd) C:\Users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Moschetti\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Akamai Technologies, Inc.) C:\Users\Moschetti\AppData\Local\Akamai\netsession_win.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dassault Systemes) C:\Mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Mikes\Antivirus\MBAM\mbamscheduler.exe
(ATI Technologies Inc.) C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CCC.exe
(Autodesk, Inc.) C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Mikes\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-09-27] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-11-30] (Realtek Semiconductor)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464944 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2076272 2012-11-02] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKCU\...\Run: [Steam] - C:\Mikes\Games\Steam\Steam.exe [1820584 2013-10-31] (Valve Corporation)
HKCU\...\Run: [F.lux] - C:\Users\Moschetti\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKCU\...\Run: [uTorrent] - C:\Mikes\uTorrent\uTorrent.exe [399224 2013-02-02] (BitTorrent, Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Mikes\DAEMON Tools\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Moschetti\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1105408 2013-05-21] (Spotify Ltd)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Moschetti\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKCU\...\Policies\Explorer: [] 
HKLM-x32\...\Run: [XFastUsb] - C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4942336 2013-02-02] (FNet Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] - C:\Mikes\Drivers\Graphics Card\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0C5DF6E7C100CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Mikes\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Mikes\System Tools\Java\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Mikes\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Mikes\System Tools\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Mikes\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
Chrome: 
=======
CHR HomePage: hxxp://www.rmit.edu.au/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Honey) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj\2.0.5.3_0
CHR Extension: (Adblock Plus) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.6.1_0
CHR Extension: (Google Search) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (TinEye Reverse Image Search) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.3_0
CHR Extension: (Reddit Enhancement Suite) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.1_0
CHR Extension: (Google Mail Checker) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
CHR Extension: (Ghostery) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0
CHR Extension: (Hover Zoom) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl\4.24_0
CHR Extension: (Gmail) - C:\Users\MOSCHE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Mikes\Antivirus\SuperAntiSpyware\SASCORE64.EXE [140672 2012-07-12] (SUPERAntiSpyware.com)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
R2 BBDemon; C:\Mikes\Catia\Catia\win_b64\code\bin\CATSysDemon.exe [46592 2008-02-02] (Dassault Systemes)
S3 Hamachi2Svc; C:\Mikes\Hamachi\hamachi-2.exe [2746704 2013-10-01] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Mikes\Antivirus\MBAM\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Mikes\Antivirus\MBAM\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mitsijm2014; C:\Mikes\AutoCAD\Inventor\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-26] (Autodesk, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-09-27] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-09-27] (Microsoft Corporation)
R2 VMAuthdService; C:\Mikes\Downloads\Where is Carmen Sandiego games [TheCreeper]\vmware-authd.exe [86096 2013-10-18] (VMware, Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R3 cbfs3; C:\Windows\System32\DRIVERS\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-02] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2013-02-02] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2013-02-02] (FNet Co., Ltd.)
R1 LUM; C:\Windows\system32\drivers\LUM.sys [24848 2007-06-06] (IBM)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [91352 2013-11-20] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R1 SASDIFSV; C:\Mikes\Antivirus\SuperAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Mikes\Antivirus\SuperAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-11-22 12:36 - 2013-11-22 12:36 - 00000000 ____D C:\FRST
2013-11-22 12:02 - 2013-11-22 12:37 - 00014772 _____ C:\Users\Moschetti\Desktop\FRST.txt
2013-11-22 12:00 - 2013-11-22 12:01 - 01957964 _____ (Farbar) C:\Users\Moschetti\Desktop\FRST64.exe
2013-11-22 11:14 - 2013-11-22 11:14 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-21 07:19 - 2013-11-22 11:25 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-21 07:11 - 2013-11-21 07:11 - 00000000 ____D C:\Users\Moschetti\AppData\Local\VMware
2013-11-21 07:10 - 2013-11-21 07:11 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\VMware
2013-11-21 07:09 - 2013-10-18 12:46 - 00064080 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2013-11-21 07:09 - 2013-10-18 12:44 - 00032848 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2013-11-21 07:09 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2013-11-21 07:09 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2013-11-21 07:09 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2013-11-21 07:08 - 2013-11-21 07:08 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-11-21 07:08 - 2013-10-18 12:45 - 00930384 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2013-11-21 07:08 - 2013-10-18 12:45 - 00437328 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2013-11-21 07:08 - 2013-10-18 12:45 - 00358480 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2013-11-21 07:08 - 2013-10-18 12:45 - 00030800 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2013-11-21 07:08 - 2013-10-09 08:04 - 00053816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2013-11-21 07:07 - 2013-11-22 11:08 - 00000000 ____D C:\ProgramData\VMware
2013-11-21 07:06 - 2013-11-21 07:06 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Moschetti\Desktop\TDSSKiller.exe
2013-11-20 18:51 - 2013-11-20 18:51 - 00002760 _____ C:\Users\Moschetti\Desktop\RKreport[0]_D_11202013_185151.txt
2013-11-20 18:51 - 2013-11-20 18:51 - 00002642 _____ C:\Users\Moschetti\Desktop\RKreport[0]_S_11202013_185127.txt
2013-11-20 18:49 - 2013-11-20 18:51 - 00000000 ____D C:\Users\Moschetti\Desktop\RK_Quarantine
2013-11-20 18:48 - 2013-11-20 18:49 - 04161024 _____ C:\Users\Moschetti\Desktop\RogueKillerX64.exe
2013-11-20 17:29 - 2013-11-20 17:29 - 00019149 _____ C:\Users\Moschetti\Desktop\comboFIX+.txt
2013-11-20 15:16 - 2013-11-20 15:16 - 00026150 _____ C:\Users\Moschetti\Desktop\comboFIX.txt
2013-11-20 15:10 - 2011-06-26 17:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-20 15:10 - 2010-11-08 04:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-20 15:10 - 2009-04-20 15:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-20 15:10 - 2000-08-31 11:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-20 15:10 - 2000-08-31 11:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-20 15:10 - 2000-08-31 11:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-20 15:10 - 2000-08-31 11:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-20 15:10 - 2000-08-31 11:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-20 15:09 - 2013-11-20 16:25 - 00000000 ____D C:\Qoobox
2013-11-20 15:05 - 2013-11-20 15:08 - 05146522 ____R (Swearware) C:\Users\Moschetti\Desktop\ComboFix.exe
2013-11-20 14:06 - 2013-11-20 14:06 - 00000625 _____ C:\Users\Moschetti\Desktop\JRT.txt
2013-11-20 14:01 - 2013-11-20 14:01 - 01034531 _____ (Thisisu) C:\Users\Moschetti\Desktop\JRT.exe
2013-11-20 13:58 - 2013-11-20 13:58 - 00000950 _____ C:\Users\Moschetti\Desktop\AdwCleaner[S1].txt
2013-11-20 13:53 - 2013-11-20 13:54 - 01085542 _____ C:\Users\Moschetti\Desktop\AdwCleaner.exe
2013-11-20 10:22 - 2013-11-20 10:22 - 00020318 _____ C:\Users\Moschetti\Desktop\dds.txt
2013-11-20 10:22 - 2013-11-20 10:22 - 00010881 _____ C:\Users\Moschetti\Desktop\attach.txt
2013-11-19 11:02 - 2013-11-19 11:05 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\mIRC
2013-11-18 16:43 - 2013-11-18 16:43 - 00000000 ____D C:\Users\Moschetti\AppData\Local\CrashDumps
2013-11-18 11:26 - 2011-09-20 03:02 - 00083968 _____ (Esage Lab) C:\Users\Moschetti\Desktop\boot_cleaner.exe
2013-11-18 11:08 - 2013-11-18 11:10 - 00688992 ____R (Swearware) C:\Users\Moschetti\Desktop\dds.com
2013-11-18 10:41 - 2013-11-18 10:41 - 00000000 ____D C:\Windows\ERUNT
2013-11-17 21:54 - 2013-11-20 16:21 - 00000000 ____D C:\Windows\erdnt
2013-11-17 20:47 - 2013-11-20 17:31 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-17 20:00 - 2013-11-17 20:00 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\Program Files\HitmanPro
2013-11-17 19:41 - 2013-11-17 20:01 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-17 19:07 - 2013-11-17 19:36 - 10264904 _____ (SurfRight B.V.) C:\Users\Moschetti\Desktop\HitmanPro_x64.exe
2013-11-17 18:01 - 2013-11-17 18:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 13:24 - 2013-11-17 13:24 - 00000000 ____D C:\Users\Moschetti\Documents\Nexus Mod Manager
2013-11-17 13:24 - 2013-11-17 13:24 - 00000000 ____D C:\Users\Moschetti\AppData\Local\Black_Tree_Gaming
2013-11-15 11:14 - 2013-11-15 11:14 - 00011059 _____ C:\Users\Moschetti\Downloads\ANZ.csv
2013-11-13 16:20 - 2013-10-06 07:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 16:20 - 2013-10-06 06:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 15:26 - 2013-09-28 12:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 15:26 - 2013-09-25 13:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 15:26 - 2013-09-25 13:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 15:26 - 2013-09-25 13:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 15:26 - 2013-09-25 13:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 15:26 - 2013-09-25 13:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 15:26 - 2013-09-25 13:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 15:26 - 2013-09-25 13:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 15:26 - 2013-09-25 13:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 15:26 - 2013-09-25 12:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 15:26 - 2013-09-25 12:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 15:26 - 2013-09-25 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 15:26 - 2013-09-25 12:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 15:26 - 2013-09-25 12:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 15:26 - 2013-07-04 23:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-13 15:13 - 2013-10-12 13:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 15:13 - 2013-10-12 13:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 15:13 - 2013-10-12 13:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 15:13 - 2013-10-12 13:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 15:13 - 2013-10-12 13:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 15:13 - 2013-10-03 13:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 15:13 - 2013-10-03 13:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 03:04 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-13 03:01 - 2013-11-13 03:01 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-13 03:00 - 2013-11-13 03:04 - 00009487 _____ C:\Windows\IE11_main.log
2013-11-12 20:43 - 2013-03-12 17:41 - 00000000 ____D C:\Users\Moschetti\Downloads\Math Circus
2013-11-12 20:35 - 2013-11-12 20:41 - 01858965 _____ (Igor Pavlov) C:\Users\Moschetti\Downloads\Math Circus.exe
2013-11-11 11:12 - 2013-11-11 11:13 - 01663518 _____ C:\Users\Moschetti\Downloads\VirtualDubMod_1_5_10_2_All_inclusive.zip
2013-11-10 18:15 - 2013-11-10 18:15 - 00000000 ____D C:\Users\Moschetti\Documents\FOMM
2013-11-10 18:07 - 2013-11-10 18:07 - 00000000 ____D C:\Users\Moschetti\AppData\Local\FOMM
2013-11-10 18:04 - 2013-11-10 19:00 - 00000000 ____D C:\Users\Moschetti\AppData\Local\FalloutNV
2013-11-10 11:23 - 2013-11-10 11:23 - 00034026 _____ C:\Users\Moschetti\Downloads\Stability-Extra Marks.xlsx
2013-11-02 10:20 - 2013-11-02 10:20 - 00279296 _____ C:\Windows\Minidump\110213-34273-01.dmp
2013-10-30 14:25 - 2013-10-30 14:25 - 00274984 _____ C:\Windows\Minidump\103013-34413-01.dmp
2013-10-30 14:21 - 2013-10-30 14:21 - 00274984 _____ C:\Windows\Minidump\103013-37346-01.dmp
2013-10-30 14:18 - 2013-10-30 14:18 - 00274984 _____ C:\Windows\Minidump\103013-31917-01.dmp
2013-10-30 11:21 - 2013-10-30 11:21 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-26 15:27 - 2013-10-26 15:27 - 00000000 ____D C:\Users\Moschetti\Documents\WB Games
2013-10-25 20:27 - 2013-11-09 22:20 - 00000000 ____D C:\ProgramData\LogMeIn
2013-10-25 20:27 - 2013-10-25 20:27 - 00000000 ____D C:\Users\Moschetti\AppData\Local\LogMeIn
2013-10-25 17:43 - 2013-11-03 21:22 - 00000000 ____D C:\Users\Moschetti\AppData\Local\LogMeIn Hamachi
 
==================== One Month Modified Files and Folders =======
 
2013-11-22 12:37 - 2013-11-22 12:02 - 00014772 _____ C:\Users\Moschetti\Desktop\FRST.txt
2013-11-22 12:36 - 2013-11-22 12:36 - 00000000 ____D C:\FRST
2013-11-22 12:29 - 2013-02-02 08:25 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\uTorrent
2013-11-22 12:22 - 2013-02-02 12:48 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-22 12:01 - 2013-11-22 12:00 - 01957964 _____ (Farbar) C:\Users\Moschetti\Desktop\FRST64.exe
2013-11-22 11:25 - 2013-11-21 07:19 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-11-22 11:15 - 2009-07-14 15:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-22 11:15 - 2009-07-14 15:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-22 11:14 - 2013-11-22 11:14 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2013-11-22 11:12 - 2013-02-02 08:20 - 01936798 _____ C:\Windows\WindowsUpdate.log
2013-11-22 11:08 - 2013-11-21 07:07 - 00000000 ____D C:\ProgramData\VMware
2013-11-22 11:08 - 2013-02-02 12:48 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-22 11:08 - 2010-11-21 14:47 - 00308058 _____ C:\Windows\PFRO.log
2013-11-22 11:08 - 2009-07-14 16:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-22 11:08 - 2009-07-14 15:51 - 00060521 _____ C:\Windows\setupact.log
2013-11-22 09:23 - 2013-06-09 19:01 - 00000000 ____D C:\Users\Moschetti\AppData\Local\Akamai
2013-11-21 07:16 - 2013-02-02 08:19 - 00000000 ____D C:\Users\Moschetti
2013-11-21 07:11 - 2013-11-21 07:11 - 00000000 ____D C:\Users\Moschetti\AppData\Local\VMware
2013-11-21 07:11 - 2013-11-21 07:10 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\VMware
2013-11-21 07:08 - 2013-11-21 07:08 - 00000000 ____D C:\Program Files\Common Files\VMware
2013-11-21 07:08 - 2013-02-02 15:52 - 00791308 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-21 07:06 - 2013-11-21 07:06 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Moschetti\Desktop\TDSSKiller.exe
2013-11-20 18:51 - 2013-11-20 18:51 - 00002760 _____ C:\Users\Moschetti\Desktop\RKreport[0]_D_11202013_185151.txt
2013-11-20 18:51 - 2013-11-20 18:51 - 00002642 _____ C:\Users\Moschetti\Desktop\RKreport[0]_S_11202013_185127.txt
2013-11-20 18:51 - 2013-11-20 18:49 - 00000000 ____D C:\Users\Moschetti\Desktop\RK_Quarantine
2013-11-20 18:49 - 2013-11-20 18:48 - 04161024 _____ C:\Users\Moschetti\Desktop\RogueKillerX64.exe
2013-11-20 17:31 - 2013-11-17 20:47 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-11-20 17:29 - 2013-11-20 17:29 - 00019149 _____ C:\Users\Moschetti\Desktop\comboFIX+.txt
2013-11-20 16:25 - 2013-11-20 15:09 - 00000000 ____D C:\Qoobox
2013-11-20 16:22 - 2009-07-14 13:34 - 00000215 _____ C:\Windows\system.ini
2013-11-20 16:21 - 2013-11-17 21:54 - 00000000 ____D C:\Windows\erdnt
2013-11-20 15:16 - 2013-11-20 15:16 - 00026150 _____ C:\Users\Moschetti\Desktop\comboFIX.txt
2013-11-20 15:08 - 2013-11-20 15:05 - 05146522 ____R (Swearware) C:\Users\Moschetti\Desktop\ComboFix.exe
2013-11-20 14:06 - 2013-11-20 14:06 - 00000625 _____ C:\Users\Moschetti\Desktop\JRT.txt
2013-11-20 14:01 - 2013-11-20 14:01 - 01034531 _____ (Thisisu) C:\Users\Moschetti\Desktop\JRT.exe
2013-11-20 13:58 - 2013-11-20 13:58 - 00000950 _____ C:\Users\Moschetti\Desktop\AdwCleaner[S1].txt
2013-11-20 13:54 - 2013-11-20 13:53 - 01085542 _____ C:\Users\Moschetti\Desktop\AdwCleaner.exe
2013-11-20 10:22 - 2013-11-20 10:22 - 00020318 _____ C:\Users\Moschetti\Desktop\dds.txt
2013-11-20 10:22 - 2013-11-20 10:22 - 00010881 _____ C:\Users\Moschetti\Desktop\attach.txt
2013-11-19 21:21 - 2010-11-21 14:27 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-19 11:05 - 2013-11-19 11:02 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\mIRC
2013-11-19 11:01 - 2013-02-02 12:53 - 00000000 ____D C:\Mikes
2013-11-18 22:18 - 2009-07-14 16:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-18 16:43 - 2013-11-18 16:43 - 00000000 ____D C:\Users\Moschetti\AppData\Local\CrashDumps
2013-11-18 11:10 - 2013-11-18 11:08 - 00688992 ____R (Swearware) C:\Users\Moschetti\Desktop\dds.com
2013-11-18 10:41 - 2013-11-18 10:41 - 00000000 ____D C:\Windows\ERUNT
2013-11-17 23:49 - 2009-07-14 16:32 - 00000000 ____D C:\Windows\addins
2013-11-17 20:01 - 2013-11-17 19:41 - 00000000 ____D C:\ProgramData\HitmanPro
2013-11-17 20:00 - 2013-11-17 20:00 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2013-11-17 19:42 - 2013-11-17 19:42 - 00000000 ____D C:\Program Files\HitmanPro
2013-11-17 19:36 - 2013-11-17 19:07 - 10264904 _____ (SurfRight B.V.) C:\Users\Moschetti\Desktop\HitmanPro_x64.exe
2013-11-17 18:01 - 2013-11-17 18:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-17 18:01 - 2013-02-03 10:55 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-17 13:24 - 2013-11-17 13:24 - 00000000 ____D C:\Users\Moschetti\Documents\Nexus Mod Manager
2013-11-17 13:24 - 2013-11-17 13:24 - 00000000 ____D C:\Users\Moschetti\AppData\Local\Black_Tree_Gaming
2013-11-17 13:02 - 2009-07-14 14:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-11-15 11:14 - 2013-11-15 11:14 - 00011059 _____ C:\Users\Moschetti\Downloads\ANZ.csv
2013-11-15 08:23 - 2013-02-02 12:50 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-11-14 04:00 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\rescache
2013-11-14 03:05 - 2009-07-14 13:34 - 00000478 _____ C:\Windows\win.ini
2013-11-13 03:23 - 2013-02-02 08:19 - 00001413 _____ C:\Users\Moschetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-13 03:20 - 2009-07-14 14:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-13 03:04 - 2013-11-13 03:00 - 00009487 _____ C:\Windows\IE11_main.log
2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-11-13 03:01 - 2013-11-13 03:01 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-11-13 03:01 - 2013-11-13 03:01 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-11-13 03:01 - 2013-11-13 03:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-11-12 20:41 - 2013-11-12 20:35 - 01858965 _____ (Igor Pavlov) C:\Users\Moschetti\Downloads\Math Circus.exe
2013-11-11 11:13 - 2013-11-11 11:12 - 01663518 _____ C:\Users\Moschetti\Downloads\VirtualDubMod_1_5_10_2_All_inclusive.zip
2013-11-10 19:01 - 2013-02-02 20:01 - 00151644 _____ C:\Windows\DirectX.log
2013-11-10 19:00 - 2013-11-10 18:04 - 00000000 ____D C:\Users\Moschetti\AppData\Local\FalloutNV
2013-11-10 18:15 - 2013-11-10 18:15 - 00000000 ____D C:\Users\Moschetti\Documents\FOMM
2013-11-10 18:09 - 2013-02-10 11:18 - 00000000 ____D C:\Users\Moschetti\Documents\My Games
2013-11-10 18:07 - 2013-11-10 18:07 - 00000000 ____D C:\Users\Moschetti\AppData\Local\FOMM
2013-11-10 11:23 - 2013-11-10 11:23 - 00034026 _____ C:\Users\Moschetti\Downloads\Stability-Extra Marks.xlsx
2013-11-09 22:20 - 2013-10-25 20:27 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-06 11:10 - 2013-10-18 17:42 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\TEdit
2013-11-03 21:22 - 2013-10-25 17:43 - 00000000 ____D C:\Users\Moschetti\AppData\Local\LogMeIn Hamachi
2013-11-02 10:20 - 2013-11-02 10:20 - 00279296 _____ C:\Windows\Minidump\110213-34273-01.dmp
2013-11-02 10:20 - 2013-02-02 16:56 - 677286781 _____ C:\Windows\MEMORY.DMP
2013-11-02 10:20 - 2013-02-02 16:56 - 00000000 ____D C:\Windows\Minidump
2013-10-30 14:55 - 2013-02-03 10:44 - 00000000 ____D C:\Users\Moschetti\AppData\Local\cache
2013-10-30 14:25 - 2013-10-30 14:25 - 00274984 _____ C:\Windows\Minidump\103013-34413-01.dmp
2013-10-30 14:21 - 2013-10-30 14:21 - 00274984 _____ C:\Windows\Minidump\103013-37346-01.dmp
2013-10-30 14:18 - 2013-10-30 14:18 - 00274984 _____ C:\Windows\Minidump\103013-31917-01.dmp
2013-10-30 11:21 - 2013-10-30 11:21 - 00000000 ____D C:\Users\Moschetti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\project64 1.6
2013-10-26 15:27 - 2013-10-26 15:27 - 00000000 ____D C:\Users\Moschetti\Documents\WB Games
2013-10-25 20:27 - 2013-10-25 20:27 - 00000000 ____D C:\Users\Moschetti\AppData\Local\LogMeIn
2013-10-25 17:44 - 2009-07-14 14:20 - 00000000 __RHD C:\Users\Public\Libraries
 
Some content of TEMP:
====================
C:\Users\Moschetti\AppData\Local\Temp\jna1328559114347518433.dll
C:\Users\Moschetti\AppData\Local\Temp\jna1839292034637589013.dll
C:\Users\Moschetti\AppData\Local\Temp\jna2798729548779647202.dll
C:\Users\Moschetti\AppData\Local\Temp\jna4722582134556971015.dll
C:\Users\Moschetti\AppData\Local\Temp\jna5945452616102545985.dll
C:\Users\Moschetti\AppData\Local\Temp\libcurl-4.dll
C:\Users\Moschetti\AppData\Local\Temp\libeay32.dll
C:\Users\Moschetti\AppData\Local\Temp\libidn-11.dll
C:\Users\Moschetti\AppData\Local\Temp\librtmp.dll
C:\Users\Moschetti\AppData\Local\Temp\libssh2.dll
C:\Users\Moschetti\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Moschetti\AppData\Local\Temp\ssleay32.dll
C:\Users\Moschetti\AppData\Local\Temp\zlib1.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2013-11-20 00:25
 
==================== End Of Log ============================

 

Attached Files



#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:20 AM

Posted 21 November 2013 - 08:54 PM

Hello lost1010



I need you to download this script I have made for you --> Attached File  fixlist.txt   143bytes   7 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users