Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avira found BOO/Cidox.B on my computer


  • This topic is locked This topic is locked
17 replies to this topic

#1 Slay80

Slay80

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 24 April 2014 - 03:27 PM

Hello together,

 

this is my first topic so first of all I want to say hello to all people involved.

 

I need your help. I don't know how it happened, but it seems that my computer is infected with "BOO/Cidox.B". At least that is what Avira told me just some minutes ago. Since then I have the feeling that some weird things happen. For example a *.flv file was downloaded automatically.

 

Then I tried to use DDS. It has done something (created attach.txt) but no other log was created.

 

Please help me and tell me what to do.

 

Best

Slay

 

 

------

As I have restricted access to my computer the next days, a response may take some time. Apologies for that.



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 25 April 2014 - 11:28 AM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi Slay80,

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters
     
     
    tds2.jpg
  • Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now
     
     
    2012081514h0118.png
  • Click Start Scan and allow the scan process to run
     
     
    tds4-1.jpg
  • If threats are detected select Skip or Cure (if available) for all of them unless otherwise instructed.
    ***Do NOT select Delete!
  • Click Continue
     
     
    tds6.jpg
  • Click Reboot computer
  • Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply

--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • TDSSKiller log

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 05:45 AM

Hi Toffee,

 

Thanks, I am very glad that you help me.

 

I did what you described in your post.

 

TDSSKiller found the malware and I could chose "cure". After rebooting my computer I found three logfiles in my root directory, please find them below:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

TDSSKiller.2.8.16.0_26.04.2014_12.23.24_log.txt

 

12:23:24.0968 3992  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:23:35.0323 3992  ============================================================
12:23:35.0323 3992  Current date / time: 2014/04/26 12:23:35.0323
12:23:35.0323 3992  SystemInfo:
12:23:35.0323 3992  
12:23:35.0324 3992  OS Version: 6.1.7601 ServicePack: 1.0
12:23:35.0324 3992  Product type: Workstation
12:23:35.0324 3992  ComputerName: TERRAX
12:23:35.0324 3992  UserName: Gerhard
12:23:35.0324 3992  Windows directory: C:\Windows
12:23:35.0324 3992  System windows directory: C:\Windows
12:23:35.0324 3992  Running under WOW64
12:23:35.0324 3992  Processor architecture: Intel x64
12:23:35.0324 3992  Number of processors: 2
12:23:35.0324 3992  Page size: 0x1000
12:23:35.0324 3992  Boot type: Normal boot
12:23:35.0324 3992  ============================================================
12:23:38.0897 3992  Drive \Device\Harddisk1\DR1 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:23:38.0905 3992  Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:23:38.0919 3992  ============================================================
12:23:38.0919 3992  \Device\Harddisk1\DR1:
12:23:38.0927 3992  MBR partitions:
12:23:38.0927 3992  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x253B4000
12:23:38.0927 3992  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x253B4800, BlocksNum 0x254A2800
12:23:38.0927 3992  \Device\Harddisk0\DR0:
12:23:38.0927 3992  MBR partitions:
12:23:38.0927 3992  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6590000
12:23:38.0927 3992  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6590800, BlocksNum 0x442C6000
12:23:38.0927 3992  ============================================================
12:23:38.0950 3992  C: <-> \Device\Harddisk1\DR1\Partition1
12:23:38.0974 3992  D: <-> \Device\Harddisk0\DR0\Partition1
12:23:39.0072 3992  E: <-> \Device\Harddisk1\DR1\Partition2
12:23:39.0098 3992  F: <-> \Device\Harddisk0\DR0\Partition2
12:23:39.0098 3992  ============================================================
12:23:39.0098 3992  Initialize success
12:23:39.0098 3992  ============================================================
12:24:10.0756 5048  Deinitialize success
 



#4 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 05:48 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

TDSSKiller.2.8.16.0_26.04.2014_12.26.14_log.txt

 

12:26:14.0262 3616  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:26:17.0453 3616  ============================================================
12:26:17.0453 3616  Current date / time: 2014/04/26 12:26:17.0453
12:26:17.0453 3616  SystemInfo:
12:26:17.0453 3616  
12:26:17.0453 3616  OS Version: 6.1.7601 ServicePack: 1.0
12:26:17.0453 3616  Product type: Workstation
12:26:17.0453 3616  ComputerName: TERRAX
12:26:17.0453 3616  UserName: Gerhard
12:26:17.0453 3616  Windows directory: C:\Windows
12:26:17.0453 3616  System windows directory: C:\Windows
12:26:17.0453 3616  Running under WOW64
12:26:17.0453 3616  Processor architecture: Intel x64
12:26:17.0453 3616  Number of processors: 2
12:26:17.0453 3616  Page size: 0x1000
12:26:17.0453 3616  Boot type: Normal boot
12:26:17.0453 3616  ============================================================
12:26:19.0331 3616  BG loaded
12:26:19.0924 3616  Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:19.0940 3616  Drive \Device\Harddisk1\DR1 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:19.0955 3616  ============================================================
12:26:19.0955 3616  \Device\Harddisk0\DR0:
12:26:19.0955 3616  MBR partitions:
12:26:19.0955 3616  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x253B4000
12:26:19.0955 3616  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x253B4800, BlocksNum 0x254A2800
12:26:19.0955 3616  \Device\Harddisk1\DR1:
12:26:19.0955 3616  MBR partitions:
12:26:19.0955 3616  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6590000
12:26:19.0955 3616  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6590800, BlocksNum 0x442C6000
12:26:19.0955 3616  ============================================================
12:26:20.0033 3616  C: <-> \Device\Harddisk0\DR0\Partition1
12:26:20.0049 3616  D: <-> \Device\Harddisk1\DR1\Partition1
12:26:20.0174 3616  E: <-> \Device\Harddisk0\DR0\Partition2
12:26:20.0189 3616  F: <-> \Device\Harddisk1\DR1\Partition2
12:26:20.0189 3616  ============================================================
12:26:20.0189 3616  Initialize success
12:26:20.0189 3616  ============================================================
12:26:31.0614 3944  ============================================================
12:26:31.0614 3944  Scan started
12:26:31.0614 3944  Mode: Manual; SigCheck; TDLFS;
12:26:31.0614 3944  ============================================================
12:26:34.0680 3944  ================ Scan system memory ========================
12:26:34.0680 3944  System memory - ok
12:26:34.0680 3944  ================ Scan services =============================
12:26:34.0780 3944  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:26:34.0850 3944  1394ohci - ok
12:26:34.0880 3944  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:26:34.0900 3944  ACPI - ok
12:26:34.0900 3944  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:26:34.0960 3944  AcpiPmi - ok
12:26:35.0040 3944  [ C2CE3311D2477B1B24CFB67020AD49B6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:35.0070 3944  AdobeFlashPlayerUpdateSvc - ok
12:26:35.0130 3944  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:26:35.0158 3944  adp94xx - ok
12:26:35.0158 3944  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:26:35.0189 3944  adpahci - ok
12:26:35.0189 3944  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:26:35.0220 3944  adpu320 - ok
12:26:35.0252 3944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:26:35.0361 3944  AeLookupSvc - ok
12:26:35.0392 3944  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
12:26:35.0439 3944  AFD - ok
12:26:35.0470 3944  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:26:35.0486 3944  agp440 - ok
12:26:35.0486 3944  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:26:35.0548 3944  ALG - ok
12:26:35.0595 3944  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:26:35.0595 3944  aliide - ok
12:26:35.0657 3944  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:26:35.0704 3944  AMD External Events Utility - ok
12:26:35.0720 3944  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:26:35.0735 3944  amdide - ok
12:26:35.0766 3944  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:26:35.0798 3944  AmdK8 - ok
12:26:35.0813 3944  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:26:35.0844 3944  AmdPPM - ok
12:26:35.0860 3944  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:26:35.0891 3944  amdsata - ok
12:26:35.0954 3944  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:26:35.0969 3944  amdsbs - ok
12:26:36.0000 3944  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:26:36.0016 3944  amdxata - ok
12:26:36.0094 3944  [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:26:36.0110 3944  AntiVirSchedulerService - ok
12:26:36.0141 3944  [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:26:36.0156 3944  AntiVirService - ok
12:26:36.0234 3944  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:26:36.0375 3944  AppID - ok
12:26:36.0390 3944  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:26:36.0468 3944  AppIDSvc - ok
12:26:36.0484 3944  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
12:26:36.0578 3944  Appinfo - ok
12:26:36.0656 3944  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:26:36.0702 3944  AppMgmt - ok
12:26:36.0749 3944  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:26:36.0780 3944  arc - ok
12:26:36.0843 3944  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:26:36.0858 3944  arcsas - ok
12:26:36.0968 3944  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:26:37.0014 3944  aspnet_state - ok
12:26:37.0046 3944  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:37.0077 3944  AsyncMac - ok
12:26:37.0108 3944  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:26:37.0124 3944  atapi - ok
12:26:37.0233 3944  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:26:37.0311 3944  atikmdag - ok
12:26:37.0358 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:26:37.0420 3944  AudioEndpointBuilder - ok
12:26:37.0436 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:26:37.0467 3944  AudioSrv - ok
12:26:37.0498 3944  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:26:37.0514 3944  avgntflt - ok
12:26:37.0514 3944  [ C3A58DBD18786C338126D30BF8C33D72 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:26:37.0529 3944  avipbb - ok
12:26:37.0576 3944  [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:26:37.0592 3944  avkmgr - ok
12:26:37.0623 3944  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:26:37.0779 3944  AxInstSV - ok
12:26:37.0826 3944  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:26:37.0904 3944  b06bdrv - ok
12:26:37.0935 3944  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:26:37.0982 3944  b57nd60a - ok
12:26:38.0013 3944  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:26:38.0060 3944  BDESVC - ok
12:26:38.0075 3944  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:26:38.0122 3944  Beep - ok
12:26:38.0184 3944  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:26:38.0231 3944  BFE - ok
12:26:38.0262 3944  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:26:38.0325 3944  BITS - ok
12:26:38.0356 3944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:26:38.0372 3944  blbdrive - ok
12:26:38.0418 3944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:26:38.0450 3944  bowser - ok
12:26:38.0465 3944  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:26:38.0512 3944  BrFiltLo - ok
12:26:38.0512 3944  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:26:38.0528 3944  BrFiltUp - ok
12:26:38.0590 3944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:26:38.0621 3944  Browser - ok
12:26:38.0637 3944  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:26:38.0684 3944  Brserid - ok
12:26:38.0699 3944  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:26:38.0730 3944  BrSerWdm - ok
12:26:38.0730 3944  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:26:38.0777 3944  BrUsbMdm - ok
12:26:38.0777 3944  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:26:38.0808 3944  BrUsbSer - ok
12:26:38.0808 3944  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:26:38.0840 3944  BTHMODEM - ok
12:26:38.0871 3944  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:26:38.0918 3944  bthserv - ok
12:26:38.0933 3944  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:26:38.0964 3944  cdfs - ok
12:26:38.0996 3944  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:26:39.0027 3944  cdrom - ok
12:26:39.0058 3944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:26:39.0105 3944  CertPropSvc - ok
12:26:39.0136 3944  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:26:39.0152 3944  circlass - ok
12:26:39.0183 3944  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:26:39.0198 3944  CLFS - ok
12:26:39.0245 3944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:39.0261 3944  clr_optimization_v2.0.50727_32 - ok
12:26:39.0292 3944  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:26:39.0308 3944  clr_optimization_v2.0.50727_64 - ok
12:26:39.0370 3944  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:39.0510 3944  clr_optimization_v4.0.30319_32 - ok
12:26:39.0526 3944  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:26:39.0588 3944  clr_optimization_v4.0.30319_64 - ok
12:26:39.0620 3944  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:26:39.0635 3944  CmBatt - ok
12:26:39.0651 3944  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:26:39.0666 3944  cmdide - ok
12:26:39.0744 3944  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:26:39.0791 3944  CNG - ok
12:26:39.0807 3944  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:26:39.0822 3944  Compbatt - ok
12:26:39.0869 3944  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:26:39.0932 3944  CompositeBus - ok
12:26:39.0947 3944  COMSysApp - ok
12:26:39.0963 3944  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:26:39.0978 3944  crcdisk - ok
12:26:40.0041 3944  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:26:40.0088 3944  CryptSvc - ok
12:26:40.0119 3944  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
12:26:40.0150 3944  CSC - ok
12:26:40.0181 3944  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
12:26:40.0212 3944  CscService - ok
12:26:40.0244 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:26:40.0290 3944  DcomLaunch - ok
12:26:40.0353 3944  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:26:40.0415 3944  defragsvc - ok
12:26:40.0462 3944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:26:40.0509 3944  DfsC - ok
12:26:40.0587 3944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:26:40.0680 3944  Dhcp - ok
12:26:40.0712 3944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:26:40.0774 3944  discache - ok
12:26:40.0790 3944  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:26:40.0805 3944  Disk - ok
12:26:40.0836 3944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:26:40.0914 3944  Dnscache - ok
12:26:40.0961 3944  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:26:41.0039 3944  dot3svc - ok
12:26:41.0086 3944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:26:41.0164 3944  DPS - ok
12:26:41.0226 3944  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:26:41.0320 3944  drmkaud - ok
12:26:41.0351 3944  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:26:41.0367 3944  DXGKrnl - ok
12:26:41.0398 3944  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:26:41.0476 3944  EapHost - ok
12:26:41.0601 3944  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:26:41.0757 3944  ebdrv - ok
12:26:41.0794 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
12:26:41.0836 3944  EFS - ok
12:26:41.0965 3944  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:26:42.0091 3944  ehRecvr - ok
12:26:42.0121 3944  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:26:42.0182 3944  ehSched - ok
12:26:42.0292 3944  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:26:42.0370 3944  elxstor - ok
12:26:42.0385 3944  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:26:42.0401 3944  ErrDev - ok
12:26:42.0479 3944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:26:42.0526 3944  EventSystem - ok
12:26:42.0541 3944  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:26:42.0588 3944  exfat - ok
12:26:42.0604 3944  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:26:42.0666 3944  fastfat - ok
12:26:42.0713 3944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:26:42.0760 3944  Fax - ok
12:26:42.0760 3944  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:26:42.0775 3944  fdc - ok
12:26:42.0791 3944  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:26:42.0838 3944  fdPHost - ok
12:26:42.0838 3944  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:26:42.0884 3944  FDResPub - ok
12:26:42.0900 3944  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:26:42.0916 3944  FileInfo - ok
12:26:42.0931 3944  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:26:42.0962 3944  Filetrace - ok
12:26:42.0978 3944  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:26:42.0994 3944  flpydisk - ok
12:26:43.0009 3944  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:26:43.0040 3944  FltMgr - ok
12:26:43.0087 3944  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
12:26:43.0134 3944  FontCache - ok
12:26:43.0181 3944  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:26:43.0196 3944  FontCache3.0.0.0 - ok
12:26:43.0196 3944  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:26:43.0212 3944  FsDepends - ok
12:26:43.0243 3944  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:26:43.0243 3944  Fs_Rec - ok
12:26:43.0290 3944  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:26:43.0321 3944  fvevol - ok
12:26:43.0337 3944  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:26:43.0352 3944  gagp30kx - ok
12:26:43.0446 3944  [ 8FC1230DBCCEB7016A4F183D4808D335 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:26:43.0493 3944  Garmin Core Update Service - ok
12:26:43.0524 3944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:26:43.0586 3944  gpsvc - ok
12:26:43.0618 3944  [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
12:26:43.0618 3944  grmnusb - ok
12:26:43.0696 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:43.0711 3944  gupdate - ok
12:26:43.0711 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:43.0727 3944  gupdatem - ok
12:26:43.0742 3944  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:26:43.0774 3944  hcw85cir - ok
12:26:43.0805 3944  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:26:43.0836 3944  HdAudAddService - ok
12:26:43.0883 3944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:26:43.0898 3944  HDAudBus - ok
12:26:43.0898 3944  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:26:43.0914 3944  HidBatt - ok
12:26:43.0914 3944  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:26:43.0945 3944  HidBth - ok
12:26:43.0945 3944  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:26:43.0976 3944  HidIr - ok
12:26:43.0992 3944  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:26:44.0023 3944  hidserv - ok
12:26:44.0054 3944  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:26:44.0070 3944  HidUsb - ok
12:26:44.0086 3944  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:26:44.0148 3944  hkmsvc - ok
12:26:44.0164 3944  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:26:44.0210 3944  HomeGroupListener - ok
12:26:44.0226 3944  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:26:44.0257 3944  HomeGroupProvider - ok
12:26:44.0288 3944  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:26:44.0320 3944  HpSAMD - ok
12:26:44.0366 3944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:26:44.0413 3944  HTTP - ok
12:26:44.0429 3944  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:26:44.0444 3944  hwpolicy - ok
12:26:44.0460 3944  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:26:44.0476 3944  i8042prt - ok
12:26:44.0491 3944  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:26:44.0522 3944  iaStorV - ok
12:26:44.0585 3944  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:26:44.0632 3944  idsvc - ok
12:26:44.0632 3944  IEEtwCollectorService - ok
12:26:44.0647 3944  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:26:44.0663 3944  iirsp - ok
12:26:44.0694 3944  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:26:44.0725 3944  IKEEXT - ok
12:26:44.0756 3944  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:26:44.0772 3944  intelide - ok
12:26:44.0788 3944  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:26:44.0803 3944  intelppm - ok
12:26:44.0834 3944  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:26:44.0881 3944  IPBusEnum - ok
12:26:44.0912 3944  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:26:44.0944 3944  IpFilterDriver - ok
12:26:44.0959 3944  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:26:45.0006 3944  iphlpsvc - ok
12:26:45.0022 3944  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:26:45.0037 3944  IPMIDRV - ok
12:26:45.0053 3944  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:26:45.0100 3944  IPNAT - ok
12:26:45.0115 3944  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:26:45.0162 3944  IRENUM - ok
12:26:45.0162 3944  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:26:45.0178 3944  isapnp - ok
12:26:45.0209 3944  [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:26:45.0240 3944  iScsiPrt - ok
12:26:45.0256 3944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:26:45.0271 3944  kbdclass - ok
12:26:45.0287 3944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:26:45.0318 3944  kbdhid - ok
12:26:45.0334 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
12:26:45.0334 3944  KeyIso - ok
12:26:45.0365 3944  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:26:45.0380 3944  KSecDD - ok
12:26:45.0380 3944  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:26:45.0396 3944  KSecPkg - ok
12:26:45.0412 3944  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:26:45.0443 3944  ksthunk - ok
12:26:45.0474 3944  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:26:45.0521 3944  KtmRm - ok
12:26:45.0568 3944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:26:45.0599 3944  LanmanServer - ok
12:26:45.0630 3944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:26:45.0677 3944  LanmanWorkstation - ok
12:26:45.0708 3944  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:26:45.0755 3944  lltdio - ok
12:26:45.0786 3944  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:26:45.0833 3944  lltdsvc - ok
12:26:45.0848 3944  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:26:45.0880 3944  lmhosts - ok
12:26:45.0895 3944  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:26:45.0911 3944  LSI_FC - ok
12:26:45.0911 3944  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:26:45.0926 3944  LSI_SAS - ok
12:26:45.0926 3944  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:26:45.0942 3944  LSI_SAS2 - ok
12:26:45.0958 3944  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:26:45.0973 3944  LSI_SCSI - ok
12:26:45.0973 3944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:26:46.0020 3944  luafv - ok
12:26:46.0036 3944  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:26:46.0082 3944  Mcx2Svc - ok
12:26:46.0082 3944  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:26:46.0098 3944  megasas - ok
12:26:46.0098 3944  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:26:46.0129 3944  MegaSR - ok
12:26:46.0270 3944  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:26:46.0301 3944  Microsoft Office Groove Audit Service - ok
12:26:46.0316 3944  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:26:46.0363 3944  MMCSS - ok
12:26:46.0379 3944  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:26:46.0457 3944  Modem - ok
12:26:46.0457 3944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:26:46.0472 3944  monitor - ok
12:26:46.0519 3944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
12:26:46.0535 3944  mouclass - ok
12:26:46.0550 3944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:26:46.0566 3944  mouhid - ok
12:26:46.0613 3944  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:26:46.0628 3944  mountmgr - ok
12:26:46.0691 3944  [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:26:46.0706 3944  MozillaMaintenance - ok
12:26:46.0738 3944  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:26:46.0753 3944  mpio - ok
12:26:46.0784 3944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:26:46.0816 3944  mpsdrv - ok
12:26:46.0878 3944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:26:46.0940 3944  MpsSvc - ok
12:26:46.0972 3944  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:26:46.0987 3944  MRxDAV - ok
12:26:47.0018 3944  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:26:47.0081 3944  mrxsmb - ok
12:26:47.0081 3944  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:26:47.0112 3944  mrxsmb10 - ok
12:26:47.0128 3944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:26:47.0143 3944  mrxsmb20 - ok
12:26:47.0190 3944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:26:47.0206 3944  msahci - ok
12:26:47.0221 3944  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:26:47.0239 3944  msdsm - ok
12:26:47.0249 3944  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:26:47.0279 3944  MSDTC - ok
12:26:47.0289 3944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:26:47.0320 3944  Msfs - ok
12:26:47.0320 3944  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:26:47.0371 3944  mshidkmdf - ok
12:26:47.0401 3944  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:26:47.0411 3944  msisadrv - ok
12:26:47.0437 3944  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:26:47.0496 3944  MSiSCSI - ok
12:26:47.0496 3944  msiserver - ok
12:26:47.0526 3944  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:26:47.0561 3944  MSKSSRV - ok
12:26:47.0579 3944  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:26:47.0610 3944  MSPCLOCK - ok
12:26:47.0610 3944  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:26:47.0657 3944  MSPQM - ok
12:26:47.0672 3944  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:26:47.0704 3944  MsRPC - ok
12:26:47.0719 3944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:26:47.0719 3944  mssmbios - ok
12:26:47.0735 3944  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:26:47.0844 3944  MSTEE - ok
12:26:47.0844 3944  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:26:47.0875 3944  MTConfig - ok
12:26:47.0906 3944  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:26:47.0922 3944  Mup - ok
12:26:47.0953 3944  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:26:48.0000 3944  napagent - ok
12:26:48.0031 3944  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:26:48.0078 3944  NativeWifiP - ok
12:26:48.0125 3944  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:26:48.0156 3944  NDIS - ok
12:26:48.0172 3944  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:26:48.0203 3944  NdisCap - ok
12:26:48.0218 3944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:26:48.0265 3944  NdisTapi - ok
12:26:48.0281 3944  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:26:48.0328 3944  Ndisuio - ok
12:26:48.0343 3944  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:26:48.0421 3944  NdisWan - ok
12:26:48.0452 3944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:26:48.0546 3944  NDProxy - ok
12:26:48.0562 3944  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:26:48.0624 3944  NetBIOS - ok
12:26:48.0655 3944  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:26:48.0686 3944  NetBT - ok
12:26:48.0702 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
12:26:48.0702 3944  Netlogon - ok
12:26:48.0749 3944  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:26:48.0796 3944  Netman - ok
12:26:48.0827 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0874 3944  NetMsmqActivator - ok
12:26:48.0889 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0889 3944  NetPipeActivator - ok
12:26:48.0905 3944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:26:48.0952 3944  netprofm - ok
12:26:48.0967 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0983 3944  NetTcpActivator - ok
12:26:48.0983 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0998 3944  NetTcpPortSharing - ok
12:26:49.0014 3944  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:26:49.0030 3944  nfrd960 - ok
12:26:49.0092 3944  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:26:49.0154 3944  NlaSvc - ok
12:26:49.0154 3944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:26:49.0186 3944  Npfs - ok
12:26:49.0217 3944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:26:49.0264 3944  nsi - ok
12:26:49.0264 3944  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:26:49.0310 3944  nsiproxy - ok
12:26:49.0373 3944  [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:26:49.0435 3944  Ntfs - ok
12:26:49.0466 3944  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:26:49.0498 3944  Null - ok
12:26:49.0576 3944  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:26:49.0607 3944  nvraid - ok
12:26:49.0622 3944  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:26:49.0638 3944  nvstor - ok
12:26:49.0654 3944  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:26:49.0669 3944  nv_agp - ok
12:26:49.0747 3944  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:26:49.0778 3944  odserv - ok
12:26:49.0810 3944  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:26:49.0825 3944  ohci1394 - ok
12:26:49.0856 3944  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:26:49.0872 3944  ose - ok
12:26:49.0919 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:26:49.0950 3944  p2pimsvc - ok
12:26:49.0966 3944  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:26:49.0981 3944  p2psvc - ok
12:26:50.0012 3944  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:26:50.0028 3944  Parport - ok
12:26:50.0044 3944  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:26:50.0059 3944  partmgr - ok
12:26:50.0075 3944  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:26:50.0106 3944  PcaSvc - ok
12:26:50.0122 3944  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:26:50.0137 3944  pci - ok
12:26:50.0168 3944  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:26:50.0200 3944  pciide - ok
12:26:50.0215 3944  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:26:50.0231 3944  pcmcia - ok
12:26:50.0231 3944  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:26:50.0246 3944  pcw - ok
12:26:50.0356 3944  [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
12:26:50.0402 3944  PDF Architect Helper Service - ok
12:26:50.0480 3944  [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
12:26:50.0512 3944  PDF Architect Service - ok
12:26:50.0558 3944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:26:50.0621 3944  PEAUTH - ok
12:26:50.0652 3944  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:26:50.0730 3944  PeerDistSvc - ok
12:26:50.0792 3944  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:26:50.0824 3944  PerfHost - ok
12:26:50.0886 3944  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:26:50.0948 3944  pla - ok
12:26:50.0980 3944  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:26:51.0011 3944  PlugPlay - ok
12:26:51.0026 3944  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:26:51.0058 3944  PNRPAutoReg - ok
12:26:51.0058 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:26:51.0073 3944  PNRPsvc - ok
12:26:51.0104 3944  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:26:51.0151 3944  PolicyAgent - ok
12:26:51.0167 3944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:26:51.0214 3944  Power - ok
12:26:51.0229 3944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:26:51.0276 3944  PptpMiniport - ok
12:26:51.0292 3944  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:26:51.0307 3944  Processor - ok
12:26:51.0338 3944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:26:51.0370 3944  ProfSvc - ok
12:26:51.0385 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
12:26:51.0385 3944  ProtectedStorage - ok
12:26:51.0416 3944  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:26:51.0463 3944  Psched - ok
12:26:51.0572 3944  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:26:51.0635 3944  ql2300 - ok
12:26:51.0650 3944  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:26:51.0666 3944  ql40xx - ok
12:26:51.0682 3944  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:26:51.0713 3944  QWAVE - ok
12:26:51.0713 3944  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:26:51.0744 3944  QWAVEdrv - ok
12:26:51.0744 3944  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:26:51.0791 3944  RasAcd - ok
12:26:51.0806 3944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:26:51.0838 3944  RasAgileVpn - ok
12:26:51.0853 3944  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:26:51.0947 3944  RasAuto - ok
12:26:51.0994 3944  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:26:52.0025 3944  Rasl2tp - ok
12:26:52.0040 3944  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:26:52.0087 3944  RasMan - ok
12:26:52.0087 3944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:26:52.0134 3944  RasPppoe - ok
12:26:52.0134 3944  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:26:52.0181 3944  RasSstp - ok
12:26:52.0212 3944  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:26:52.0274 3944  rdbss - ok
12:26:52.0290 3944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:26:52.0306 3944  rdpbus - ok
12:26:52.0306 3944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:26:52.0337 3944  RDPCDD - ok
12:26:52.0368 3944  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:26:52.0384 3944  RDPDR - ok
12:26:52.0415 3944  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:26:52.0446 3944  RDPENCDD - ok
12:26:52.0462 3944  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:26:52.0508 3944  RDPREFMP - ok
12:26:52.0566 3944  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:26:52.0603 3944  RdpVideoMiniport - ok
12:26:52.0623 3944  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:26:52.0649 3944  RDPWD - ok
12:26:52.0682 3944  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:26:52.0710 3944  rdyboost - ok
12:26:52.0730 3944  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:26:52.0789 3944  RemoteAccess - ok
12:26:52.0806 3944  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:26:52.0854 3944  RemoteRegistry - ok
12:26:52.0864 3944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:26:52.0910 3944  RpcEptMapper - ok
12:26:52.0943 3944  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:26:52.0990 3944  RpcLocator - ok
12:26:53.0021 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:26:53.0052 3944  RpcSs - ok
12:26:53.0068 3944  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:26:53.0099 3944  rspndr - ok
12:26:53.0146 3944  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:26:53.0177 3944  RTL8167 - ok
12:26:53.0192 3944  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:26:53.0208 3944  s3cap - ok
12:26:53.0224 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
12:26:53.0239 3944  SamSs - ok
12:26:53.0255 3944  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:26:53.0286 3944  sbp2port - ok
12:26:53.0317 3944  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:26:53.0380 3944  SCardSvr - ok
12:26:53.0395 3944  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:26:53.0442 3944  scfilter - ok
12:26:53.0504 3944  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:26:53.0551 3944  Schedule - ok
12:26:53.0582 3944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:26:53.0598 3944  SCPolicySvc - ok
12:26:53.0629 3944  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:26:53.0660 3944  SDRSVC - ok
12:26:53.0754 3944  [ 98EF79CC2B07398AC525F9EA1AE0366F ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:26:53.0816 3944  SDScannerService - ok
12:26:53.0863 3944  [ 14BF6B3AB327D519ED007CDDC56F6900 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:26:53.0894 3944  SDUpdateService - ok
12:26:53.0894 3944  [ 820EBE67AB99F033FDE25B2692157991 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:26:53.0910 3944  SDWSCService - ok
12:26:53.0941 3944  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:26:53.0988 3944  secdrv - ok
12:26:54.0019 3944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:26:54.0066 3944  seclogon - ok
12:26:54.0082 3944  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:26:54.0128 3944  SENS - ok
12:26:54.0144 3944  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:26:54.0175 3944  SensrSvc - ok
12:26:54.0175 3944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:26:54.0191 3944  Serenum - ok
12:26:54.0206 3944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:26:54.0222 3944  Serial - ok
12:26:54.0238 3944  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:26:54.0269 3944  sermouse - ok
12:26:54.0300 3944  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:26:54.0347 3944  SessionEnv - ok
12:26:54.0362 3944  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:26:54.0394 3944  sffdisk - ok
12:26:54.0409 3944  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:26:54.0425 3944  sffp_mmc - ok
12:26:54.0440 3944  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:26:54.0472 3944  sffp_sd - ok
12:26:54.0487 3944  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:26:54.0487 3944  sfloppy - ok
12:26:54.0518 3944  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:26:54.0581 3944  SharedAccess - ok
12:26:54.0612 3944  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:26:54.0643 3944  ShellHWDetection - ok
12:26:54.0659 3944  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:26:54.0674 3944  SiSRaid2 - ok
12:26:54.0674 3944  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:26:54.0690 3944  SiSRaid4 - ok
12:26:54.0752 3944  [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:26:54.0768 3944  SkypeUpdate - ok
12:26:54.0784 3944  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:26:54.0830 3944  Smb - ok
12:26:54.0862 3944  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:26:54.0893 3944  SNMPTRAP - ok
12:26:54.0908 3944  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:26:54.0924 3944  spldr - ok
12:26:54.0955 3944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:26:55.0002 3944  Spooler - ok
12:26:55.0096 3944  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:26:55.0189 3944  sppsvc - ok
12:26:55.0205 3944  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:26:55.0252 3944  sppuinotify - ok
12:26:55.0314 3944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:26:55.0376 3944  srv - ok
12:26:55.0408 3944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:26:55.0423 3944  srv2 - ok
12:26:55.0454 3944  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:26:55.0470 3944  srvnet - ok
12:26:55.0532 3944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:26:55.0579 3944  SSDPSRV - ok
12:26:55.0579 3944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:26:55.0626 3944  SstpSvc - ok
12:26:55.0642 3944  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:26:55.0657 3944  stexstor - ok
12:26:55.0688 3944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:26:55.0735 3944  stisvc - ok
12:26:55.0735 3944  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:26:55.0751 3944  storflt - ok
12:26:55.0782 3944  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:26:55.0813 3944  storvsc - ok
12:26:55.0829 3944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:26:55.0844 3944  swenum - ok
12:26:55.0922 3944  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:26:56.0016 3944  swprv - ok
12:26:56.0032 3944  Synth3dVsc - ok
12:26:56.0094 3944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:26:56.0141 3944  SysMain - ok
12:26:56.0172 3944  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:26:56.0203 3944  TabletInputService - ok
12:26:56.0219 3944  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:26:56.0266 3944  TapiSrv - ok
12:26:56.0297 3944  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:26:56.0328 3944  TBS - ok
12:26:56.0546 3944  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:26:56.0640 3944  Tcpip - ok
12:26:56.0671 3944  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:26:56.0702 3944  TCPIP6 - ok
12:26:56.0718 3944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:26:56.0734 3944  tcpipreg - ok
12:26:56.0749 3944  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:26:56.0780 3944  TDPIPE - ok
12:26:56.0796 3944  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:26:56.0812 3944  TDTCP - ok
12:26:56.0843 3944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:26:56.0874 3944  tdx - ok
12:26:56.0905 3944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:26:56.0921 3944  TermDD - ok
12:26:56.0952 3944  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:26:57.0030 3944  TermService - ok
12:26:57.0061 3944  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:26:57.0077 3944  Themes - ok
12:26:57.0108 3944  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:26:57.0155 3944  THREADORDER - ok
12:26:57.0170 3944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:26:57.0202 3944  TrkWks - ok
12:26:57.0248 3944  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:26:57.0280 3944  TrustedInstaller - ok
12:26:57.0311 3944  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:26:57.0358 3944  tssecsrv - ok
12:26:57.0404 3944  [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:26:57.0451 3944  TsUsbFlt - ok
12:26:57.0451 3944  tsusbhub - ok
12:26:57.0467 3944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:26:57.0514 3944  tunnel - ok
12:26:57.0545 3944  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:26:57.0560 3944  uagp35 - ok
12:26:57.0576 3944  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:26:57.0623 3944  udfs - ok
12:26:57.0716 3944  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:26:57.0763 3944  UI0Detect - ok
12:26:57.0763 3944  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:26:57.0779 3944  uliagpkx - ok
12:26:57.0826 3944  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
12:26:57.0841 3944  umbus - ok
12:26:57.0857 3944  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:26:57.0872 3944  UmPass - ok
12:26:57.0904 3944  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
12:26:57.0935 3944  UmRdpService - ok
12:26:57.0950 3944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:26:57.0997 3944  upnphost - ok
12:26:58.0028 3944  [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:26:58.0075 3944  usbaudio - ok
12:26:58.0091 3944  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:26:58.0106 3944  usbccgp - ok
12:26:58.0138 3944  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:26:58.0169 3944  usbcir - ok
12:26:58.0200 3944  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:26:58.0216 3944  usbehci - ok
12:26:58.0231 3944  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:26:58.0262 3944  usbhub - ok
12:26:58.0278 3944  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:26:58.0294 3944  usbohci - ok
12:26:58.0325 3944  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:26:58.0340 3944  usbprint - ok
12:26:58.0372 3944  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:26:58.0418 3944  usbscan - ok
12:26:58.0434 3944  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:26:58.0465 3944  USBSTOR - ok
12:26:58.0481 3944  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:26:58.0496 3944  usbuhci - ok
12:26:58.0512 3944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:26:58.0559 3944  UxSms - ok
12:26:58.0574 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
12:26:58.0590 3944  VaultSvc - ok
12:26:58.0606 3944  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:26:58.0621 3944  vdrvroot - ok
12:26:58.0637 3944  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:26:58.0699 3944  vds - ok
12:26:58.0715 3944  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:26:58.0730 3944  vga - ok
12:26:58.0730 3944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:26:58.0762 3944  VgaSave - ok
12:26:58.0777 3944  VGPU - ok
12:26:58.0824 3944  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:26:58.0840 3944  vhdmp - ok
12:26:58.0855 3944  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:26:58.0871 3944  viaide - ok
12:26:58.0886 3944  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:26:58.0902 3944  vmbus - ok
12:26:58.0918 3944  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:26:58.0933 3944  VMBusHID - ok
12:26:58.0949 3944  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:26:58.0964 3944  volmgr - ok
12:26:58.0980 3944  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:26:58.0996 3944  volmgrx - ok
12:26:59.0011 3944  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:26:59.0027 3944  volsnap - ok
12:26:59.0058 3944  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:26:59.0074 3944  vsmraid - ok
12:26:59.0120 3944  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:26:59.0198 3944  VSS - ok
12:26:59.0214 3944  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:26:59.0245 3944  vwifibus - ok
12:26:59.0276 3944  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:26:59.0323 3944  W32Time - ok
12:26:59.0323 3944  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:26:59.0354 3944  WacomPen - ok
12:26:59.0401 3944  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0448 3944  WANARP - ok
12:26:59.0448 3944  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0479 3944  Wanarpv6 - ok
12:26:59.0526 3944  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:26:59.0573 3944  wbengine - ok
12:26:59.0588 3944  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:26:59.0604 3944  WbioSrvc - ok
12:26:59.0635 3944  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:26:59.0666 3944  wcncsvc - ok
12:26:59.0682 3944  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:26:59.0713 3944  WcsPlugInService - ok
12:26:59.0729 3944  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:26:59.0744 3944  Wd - ok
12:26:59.0776 3944  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:26:59.0807 3944  Wdf01000 - ok
12:26:59.0822 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:26:59.0885 3944  WdiServiceHost - ok
12:26:59.0900 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:26:59.0916 3944  WdiSystemHost - ok
12:26:59.0978 3944  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
12:27:00.0025 3944  WebClient - ok
12:27:00.0041 3944  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:27:00.0088 3944  Wecsvc - ok
12:27:00.0088 3944  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:27:00.0150 3944  wercplsupport - ok
12:27:00.0166 3944  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:27:00.0197 3944  WerSvc - ok
12:27:00.0244 3944  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:00.0275 3944  WfpLwf - ok
12:27:00.0290 3944  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:27:00.0306 3944  WIMMount - ok
12:27:00.0322 3944  WinDefend - ok
12:27:00.0337 3944  WinHttpAutoProxySvc - ok
12:27:00.0384 3944  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:27:00.0415 3944  Winmgmt - ok
12:27:00.0556 3944  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:27:00.0618 3944  WinRM - ok
12:27:00.0649 3944  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:27:00.0665 3944  WinUsb - ok
12:27:00.0696 3944  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:27:00.0743 3944  Wlansvc - ok
12:27:00.0758 3944  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:27:00.0790 3944  WmiAcpi - ok
12:27:00.0805 3944  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:27:00.0836 3944  wmiApSrv - ok
12:27:00.0852 3944  WMPNetworkSvc - ok
12:27:00.0852 3944  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:27:00.0883 3944  WPCSvc - ok
12:27:00.0914 3944  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:27:00.0914 3944  WPDBusEnum - ok
12:27:00.0946 3944  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:27:00.0992 3944  ws2ifsl - ok
12:27:01.0008 3944  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:27:01.0024 3944  wscsvc - ok
12:27:01.0024 3944  WSearch - ok
12:27:01.0102 3944  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:27:01.0180 3944  wuauserv - ok
12:27:01.0195 3944  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:27:01.0226 3944  WudfPf - ok
12:27:01.0258 3944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:01.0273 3944  WUDFRd - ok
12:27:01.0304 3944  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:27:01.0320 3944  wudfsvc - ok
12:27:01.0336 3944  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:27:01.0382 3944  WwanSvc - ok


12:27:01.0398 3944  ================ Scan global ===============================
12:27:01.0414 3944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:01.0460 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:27:01.0476 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:27:01.0523 3944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:01.0554 3944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:01.0570 3944  [Global] - ok
12:27:01.0570 3944  ================ Scan MBR ==================================
12:27:01.0585 3944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:02.0584 3944  \Device\Harddisk0\DR0 - ok
12:27:02.0584 3944  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
12:27:02.0646 3944  \Device\Harddisk1\DR1 - ok
12:27:02.0646 3944  ================ Scan VBR ==================================
12:27:02.0662 3944  [ 5A3C80711F21A2543A38DE7DFC365D15 ] \Device\Harddisk0\DR0\Partition1
12:27:02.0677 3944  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
12:27:02.0677 3944  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
12:27:02.0708 3944  [ 1B06C49A63F1600C6CE378EB75AA8755 ] \Device\Harddisk0\DR0\Partition2
12:27:02.0724 3944  \Device\Harddisk0\DR0\Partition2 - ok
12:27:02.0724 3944  [ 98D787BB5532543CDA028A42C5517F29 ] \Device\Harddisk1\DR1\Partition1
12:27:02.0724 3944  \Device\Harddisk1\DR1\Partition1 - ok
12:27:02.0724 3944  [ 67A3C569D792D2FD8C316453E6F7AFC3 ] \Device\Harddisk1\DR1\Partition2
12:27:02.0740 3944  \Device\Harddisk1\DR1\Partition2 - ok
12:27:02.0740 3944  ================ Scan active images ========================
12:27:02.0740 3944  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:27:02.0740 3944  C:\Windows\System32\drivers\crashdmp.sys - ok
12:27:02.0740 3944  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
12:27:02.0740 3944  C:\Windows\System32\drivers\Dumpata.sys - ok
12:27:02.0755 3944  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\dumpfve.sys - ok
12:27:02.0755 3944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\msahci.sys - ok
12:27:02.0755 3944  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\beep.sys - ok
12:27:02.0755 3944  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\cdrom.sys - ok
12:27:02.0755 3944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\vga.sys - ok
12:27:02.0755 3944  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\videoprt.sys - ok
12:27:02.0771 3944  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\watchdog.sys - ok
12:27:02.0771 3944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPCDD.sys - ok
12:27:02.0771 3944  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:27:02.0771 3944  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:27:02.0771 3944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\msfs.sys - ok
12:27:02.0771 3944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\npfs.sys - ok
12:27:02.0786 3944  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\tdi.sys - ok
12:27:02.0786 3944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\tdx.sys - ok
12:27:02.0786 3944  [ 79059559E89D06E8B80CE2944BE20228 ] C:\Windows\System32\drivers\afd.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\afd.sys - ok
12:27:02.0786 3944  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\netbios.sys - ok
12:27:02.0786 3944  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\netbt.sys - ok
12:27:02.0802 3944  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\pacer.sys - ok
12:27:02.0802 3944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\serial.sys - ok
12:27:02.0802 3944  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\wfplwf.sys - ok
12:27:02.0802 3944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\termdd.sys - ok
12:27:02.0802 3944  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\wanarp.sys - ok
12:27:02.0802 3944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\discache.sys - ok
12:27:02.0818 3944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\mssmbios.sys - ok
12:27:02.0818 3944  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\nsiproxy.sys - ok
12:27:02.0818 3944  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\rdbss.sys - ok
12:27:02.0818 3944  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\csc.sys - ok
12:27:02.0818 3944  [ C3A58DBD18786C338126D30BF8C33D72 ] C:\Windows\System32\drivers\avipbb.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\avipbb.sys - ok
12:27:02.0818 3944  [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] C:\Windows\System32\drivers\avkmgr.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\avkmgr.sys - ok
12:27:02.0833 3944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\blbdrive.sys - ok
12:27:02.0833 3944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\dfsc.sys - ok
12:27:02.0833 3944  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\intelppm.sys - ok
12:27:02.0833 3944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\tunnel.sys - ok
12:27:02.0833 3944  [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
12:27:02.0833 3944  C:\Windows\System32\ntdll.dll - ok
12:27:02.0833 3944  [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
12:27:02.0833 3944  C:\Windows\System32\smss.exe - ok
12:27:02.0849 3944  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] C:\Windows\System32\drivers\atikmdag.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\atikmdag.sys - ok
12:27:02.0849 3944  [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:27:02.0849 3944  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\dxgmms1.sys - ok
12:27:02.0849 3944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\hdaudbus.sys - ok
12:27:02.0849 3944  [ 18A85013A3E0F7E1755365D287443965 ] C:\Windows\System32\drivers\usbehci.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\usbehci.sys - ok
12:27:02.0849 3944  [ 12FEB33791920678F8433701C822BCFD ] C:\Windows\System32\drivers\usbport.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\usbport.sys - ok
12:27:02.0864 3944  [ DD253AFC3BC6CBA412342DE60C3647F3 ] C:\Windows\System32\drivers\usbuhci.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\usbuhci.sys - ok
12:27:02.0864 3944  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\Rt64win7.sys - ok
12:27:02.0864 3944  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\1394ohci.sys - ok
12:27:02.0864 3944  [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\parport.sys - ok
12:27:02.0864 3944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\serenum.sys - ok
12:27:02.0864 3944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\agilevpn.sys - ok
12:27:02.0880 3944  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\CompositeBus.sys - ok
12:27:02.0880 3944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\ndistapi.sys - ok
12:27:02.0880 3944  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\rasl2tp.sys - ok
12:27:02.0880 3944  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\ndiswan.sys - ok
12:27:02.0880 3944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\raspppoe.sys - ok
12:27:02.0896 3944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\raspptp.sys - ok
12:27:02.0896 3944  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\rassstp.sys - ok
12:27:02.0896 3944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\kbdclass.sys - ok
12:27:02.0896 3944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\mouclass.sys - ok
12:27:02.0896 3944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\rdpbus.sys - ok
12:27:02.0896 3944  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\ks.sys - ok
12:27:02.0911 3944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\swenum.sys - ok
12:27:02.0911 3944  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\umbus.sys - ok
12:27:02.0911 3944  [ 8D1196CFBB223621F2C67D45710F25BA ] C:\Windows\System32\drivers\usbhub.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\usbhub.sys - ok
12:27:02.0911 3944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\ndproxy.sys - ok
12:27:02.0911 3944  [ E0D3CD5841E5C7BE7B94BA946AF1E498 ] C:\Windows\System32\drivers\drmk.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\drmk.sys - ok
12:27:02.0911 3944  [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\HdAudio.sys - ok
12:27:02.0911 3944  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\ksthunk.sys - ok
12:27:02.0927 3944  [ 1E0B4CBBA91C6B041A14ECC2186F7E24 ] C:\Windows\System32\drivers\portcls.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\portcls.sys - ok
12:27:02.0927 3944  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:27:02.0927 3944  C:\Windows\System32\autochk.exe - ok
12:27:02.0927 3944  [ 82446D358A9FB51CB9DA32A5C901D7A0 ] C:\Windows\System32\sdnclean64.exe
12:27:02.0927 3944  C:\Windows\System32\sdnclean64.exe - ok
12:27:02.0927 3944  [ 856E76B3641746ABBC2946BED1372098 ] C:\Windows\System32\drivers\hidparse.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\hidparse.sys - ok
12:27:02.0927 3944  [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
12:27:02.0927 3944  C:\Windows\System32\advapi32.dll - ok
12:27:02.0927 3944  [ 597C3699384E53CC59587ED50CCE5CA2 ] C:\Windows\System32\drivers\hidclass.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\hidclass.sys - ok
12:27:02.0942 3944  [ 1F8534A19A66275C863DE17645CB2A13 ] C:\Windows\System32\iertutil.dll
12:27:02.0942 3944  C:\Windows\System32\iertutil.dll - ok
12:27:02.0942 3944  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:27:02.0942 3944  C:\Windows\System32\imm32.dll - ok
12:27:02.0942 3944  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:27:02.0942 3944  C:\Windows\System32\psapi.dll - ok
12:27:02.0942 3944  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
12:27:02.0942 3944  C:\Windows\System32\drivers\hidusb.sys - ok
12:27:02.0942 3944  [ FFA06EF43987ED0DD42AD59B260C0C78 ] C:\Windows\System32\drivers\usbd.sys
12:27:02.0942 3944  C:\Windows\System32\drivers\usbd.sys - ok
12:27:02.0942 3944  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:27:02.0942 3944  C:\Windows\System32\clbcatq.dll - ok
12:27:02.0958 3944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
12:27:02.0958 3944  C:\Windows\System32\drivers\mouhid.sys - ok
12:27:02.0958 3944  [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
12:27:02.0958 3944  C:\Windows\System32\rpcrt4.dll - ok
12:27:02.0958 3944  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:27:02.0958 3944  C:\Windows\System32\shlwapi.dll - ok
12:27:02.0958 3944  [ 32417AE8280276968E5C551ED85D3525 ] C:\Windows\System32\urlmon.dll
12:27:02.0958 3944  C:\Windows\System32\urlmon.dll - ok
12:27:02.0958 3944  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:27:02.0958 3944  C:\Windows\System32\user32.dll - ok
12:27:02.0958 3944  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:27:02.0958 3944  C:\Windows\System32\difxapi.dll - ok
12:27:02.0974 3944  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
12:27:02.0974 3944  C:\Windows\System32\drivers\USBSTOR.SYS - ok
12:27:02.0974 3944  [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
12:27:02.0974 3944  C:\Windows\System32\lpk.dll - ok
12:27:02.0974 3944  [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
12:27:02.0974 3944  C:\Windows\System32\shell32.dll - ok
12:27:02.0974 3944  [ DCA68B0943D6FA415F0C56C92158A83A ] C:\Windows\System32\drivers\usbccgp.sys
12:27:02.0974 3944  C:\Windows\System32\drivers\usbccgp.sys - ok
12:27:02.0974 3944  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
12:27:02.0974 3944  C:\Windows\System32\usp10.dll - ok
12:27:02.0974 3944  [ D2A513EE880D71BDE7F0257F38B9D019 ] C:\Windows\System32\kernel32.dll
12:27:02.0974 3944  C:\Windows\System32\kernel32.dll - ok
12:27:02.0989 3944  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:27:02.0989 3944  C:\Windows\System32\normaliz.dll - ok
12:27:02.0989 3944  [ F220BA78AB542C70211D73AE4729B2CD ] C:\Windows\System32\wininet.dll
12:27:02.0989 3944  C:\Windows\System32\wininet.dll - ok
12:27:02.0989 3944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
12:27:02.0989 3944  C:\Windows\System32\drivers\kbdhid.sys - ok
12:27:02.0989 3944  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:27:02.0989 3944  C:\Windows\System32\ole32.dll - ok
12:27:02.0989 3944  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:27:02.0989 3944  C:\Windows\System32\setupapi.dll - ok
12:27:02.0989 3944  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:27:02.0989 3944  C:\Windows\System32\Wldap32.dll - ok
12:27:03.0005 3944  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:27:03.0005 3944  C:\Windows\System32\msvcrt.dll - ok
12:27:03.0005 3944  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:27:03.0005 3944  C:\Windows\System32\msctf.dll - ok
12:27:03.0005 3944  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:27:03.0005 3944  C:\Windows\System32\nsi.dll - ok
12:27:03.0005 3944  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:27:03.0005 3944  C:\Windows\System32\ws2_32.dll - ok
12:27:03.0005 3944  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:27:03.0005 3944  C:\Windows\System32\comdlg32.dll - ok
12:27:03.0005 3944  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:27:03.0005 3944  C:\Windows\System32\sechost.dll - ok
12:27:03.0020 3944  [ B4F29F65AD3114051F01E9403346047F ] C:\Windows\System32\imagehlp.dll
12:27:03.0020 3944  C:\Windows\System32\imagehlp.dll - ok
12:27:03.0020 3944  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:27:03.0020 3944  C:\Windows\System32\oleaut32.dll - ok
12:27:03.0020 3944  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
12:27:03.0020 3944  C:\Windows\System32\comctl32.dll - ok
12:27:03.0020 3944  [ 56325BB1FF19F2A5AC8713756AC41140 ] C:\Windows\System32\gdi32.dll
12:27:03.0020 3944  C:\Windows\System32\gdi32.dll - ok
12:27:03.0020 3944  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:27:03.0020 3944  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:27:03.0020 3944  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:27:03.0020 3944  C:\Windows\System32\cfgmgr32.dll - ok
12:27:03.0020 3944  [ 780F6ECC4F55D76C9730E6B6C9B31913 ] C:\Windows\System32\crypt32.dll
12:27:03.0020 3944  C:\Windows\System32\crypt32.dll - ok
12:27:03.0036 3944  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:27:03.0036 3944  C:\Windows\System32\devobj.dll - ok
12:27:03.0036 3944  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:27:03.0036 3944  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:27:03.0036 3944  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:27:03.0036 3944  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:27:03.0052 3944  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:27:03.0052 3944  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:27:03.0052 3944  [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
12:27:03.0052 3944  C:\Windows\System32\KernelBase.dll - ok
12:27:03.0052 3944  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:27:03.0052 3944  C:\Windows\System32\msasn1.dll - ok
12:27:03.0052 3944  [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
12:27:03.0052 3944  C:\Windows\System32\wintrust.dll - ok
12:27:03.0052 3944  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] C:\Windows\System32\drivers\usbscan.sys
12:27:03.0052 3944  C:\Windows\System32\drivers\usbscan.sys - ok
12:27:03.0052 3944  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
12:27:03.0052 3944  C:\Windows\System32\drivers\usbprint.sys - ok
12:27:03.0052 3944  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:27:03.0052 3944  C:\Windows\SysWOW64\normaliz.dll - ok
12:27:03.0067 3944  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:27:03.0067 3944  C:\Windows\System32\drivers\dxapi.sys - ok
12:27:03.0067 3944  [ E918C0DE5CF2AE6BEDBF387C09627D93 ] C:\Windows\System32\win32k.sys
12:27:03.0067 3944  C:\Windows\System32\win32k.sys - ok
12:27:03.0067 3944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:27:03.0067 3944  C:\Windows\System32\basesrv.dll - ok
12:27:03.0067 3944  [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
12:27:03.0067 3944  C:\Windows\System32\csrsrv.dll - ok
12:27:03.0067 3944  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:27:03.0067 3944  C:\Windows\System32\csrss.exe - ok
12:27:03.0067 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
12:27:03.0067 3944  C:\Windows\System32\winsrv.dll - ok
12:27:03.0083 3944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
12:27:03.0083 3944  C:\Windows\System32\drivers\monitor.sys - ok
12:27:03.0083 3944  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:27:03.0083 3944  C:\Windows\System32\tsddd.dll - ok
12:27:03.0083 3944  [ E38D1691B68FCB6224D69B4D4E25EBF3 ] C:\Windows\System32\KBDGR.DLL
12:27:03.0083 3944  C:\Windows\System32\KBDGR.DLL - ok
12:27:03.0083 3944  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:27:03.0083 3944  C:\Windows\System32\profapi.dll - ok
12:27:03.0083 3944  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:27:03.0083 3944  C:\Windows\System32\RpcRtRemote.dll - ok
12:27:03.0083 3944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:27:03.0083 3944  C:\Windows\System32\sxssrv.dll - ok
12:27:03.0098 3944  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:27:03.0098 3944  C:\Windows\System32\wininit.exe - ok
12:27:03.0098 3944  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
12:27:03.0098 3944  C:\Windows\System32\cdd.dll - ok
12:27:03.0098 3944  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:27:03.0098 3944  C:\Windows\System32\KBDUS.DLL - ok
12:27:03.0098 3944  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:27:03.0098 3944  C:\Windows\System32\WlS0WndH.dll - ok
12:27:03.0098 3944  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:27:03.0098 3944  C:\Windows\System32\sxs.dll - ok
12:27:03.0098 3944  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:27:03.0098 3944  C:\Windows\System32\cryptbase.dll - ok
12:27:03.0114 3944  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:27:03.0114 3944  C:\Windows\System32\apphelp.dll - ok
12:27:03.0114 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] C:\Windows\System32\lsass.exe
12:27:03.0114 3944  C:\Windows\System32\lsass.exe - ok
12:27:03.0114 3944  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:27:03.0114 3944  C:\Windows\System32\lsm.exe - ok
12:27:03.0114 3944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:27:03.0114 3944  C:\Windows\System32\services.exe - ok
12:27:03.0114 3944  [ B08EA91C774AA734E0B9881F85CD9F42 ] C:\Windows\System32\sspicli.dll
12:27:03.0114 3944  C:\Windows\System32\sspicli.dll - ok
12:27:03.0114 3944  [ 7C46EC9CCDE6E793713FA01DB2EB918E ] C:\Windows\System32\sspisrv.dll
12:27:03.0114 3944  C:\Windows\System32\sspisrv.dll - ok
12:27:03.0130 3944  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:27:03.0130 3944  C:\Windows\System32\sysntfy.dll - ok
12:27:03.0130 3944  [ 086F906B1D30C0A5D35FE0F6362DAB21 ] C:\Windows\System32\lsasrv.dll
12:27:03.0130 3944  C:\Windows\System32\lsasrv.dll - ok
12:27:03.0130 3944  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:27:03.0130 3944  C:\Windows\System32\scesrv.dll - ok
12:27:03.0130 3944  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:27:03.0130 3944  C:\Windows\System32\scext.dll - ok
12:27:03.0130 3944  [ 208EAAFF40DA400190AA0605C797BEA2 ] C:\Windows\System32\secur32.dll
12:27:03.0130 3944  C:\Windows\System32\secur32.dll - ok
12:27:03.0130 3944  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:27:03.0130 3944  C:\Windows\System32\wmsgapi.dll - ok
12:27:03.0130 3944  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:27:03.0130 3944  C:\Windows\System32\samsrv.dll - ok
12:27:03.0145 3944  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:27:03.0145 3944  C:\Windows\System32\srvcli.dll - ok
12:27:03.0145 3944  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:27:03.0145 3944  C:\Windows\System32\cryptdll.dll - ok
12:27:03.0145 3944  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:27:03.0145 3944  C:\Windows\System32\wevtapi.dll - ok
12:27:03.0145 3944  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:27:03.0145 3944  C:\Windows\System32\authz.dll - ok
12:27:03.0145 3944  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:27:03.0145 3944  C:\Windows\System32\cngaudit.dll - ok
12:27:03.0145 3944  [ 747B9BA5412422F27934CB21131F0A3E ] C:\Windows\System32\ncrypt.dll
12:27:03.0145 3944  C:\Windows\System32\ncrypt.dll - ok
12:27:03.0161 3944  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:27:03.0161 3944  C:\Windows\System32\bcrypt.dll - ok
12:27:03.0161 3944  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:27:03.0161 3944  C:\Windows\System32\msprivs.dll - ok
12:27:03.0161 3944  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:27:03.0161 3944  C:\Windows\System32\kerberos.dll - ok
12:27:03.0161 3944  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:27:03.0161 3944  C:\Windows\System32\negoexts.dll - ok
12:27:03.0161 3944  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:27:03.0161 3944  C:\Windows\System32\netjoin.dll - ok
12:27:03.0161 3944  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:27:03.0161 3944  C:\Windows\System32\cryptsp.dll - ok
12:27:03.0176 3944  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:27:03.0176 3944  C:\Windows\System32\msv1_0.dll - ok
12:27:03.0176 3944  [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
12:27:03.0176 3944  C:\Windows\System32\mswsock.dll - ok
12:27:03.0176 3944  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:27:03.0176 3944  C:\Windows\System32\wship6.dll - ok
12:27:03.0176 3944  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:27:03.0176 3944  C:\Windows\System32\netlogon.dll - ok
12:27:03.0176 3944  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:27:03.0176 3944  C:\Windows\System32\dnsapi.dll - ok
12:27:03.0176 3944  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:27:03.0176 3944  C:\Windows\System32\logoncli.dll - ok
12:27:03.0192 3944  [ 31FFED18C7B836CEC1B559347E32E151 ] C:\Windows\System32\schannel.dll
12:27:03.0192 3944  C:\Windows\System32\schannel.dll - ok
12:27:03.0192 3944  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:27:03.0192 3944  C:\Windows\System32\wdigest.dll - ok
12:27:03.0192 3944  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:27:03.0192 3944  C:\Windows\System32\rsaenh.dll - ok
12:27:03.0192 3944  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:27:03.0192 3944  C:\Windows\System32\TSpkg.dll - ok
12:27:03.0192 3944  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:27:03.0192 3944  C:\Windows\System32\winlogon.exe - ok
12:27:03.0192 3944  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:27:03.0192 3944  C:\Windows\System32\pku2u.dll - ok
12:27:03.0208 3944  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:27:03.0208 3944  C:\Windows\System32\bcryptprimitives.dll - ok
12:27:03.0208 3944  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:27:03.0208 3944  C:\Windows\System32\credssp.dll - ok
12:27:03.0208 3944  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:27:03.0208 3944  C:\Windows\System32\efslsaext.dll - ok
12:27:03.0208 3944  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:27:03.0208 3944  C:\Windows\System32\winsta.dll - ok
12:27:03.0208 3944  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:27:03.0208 3944  C:\Windows\System32\scecli.dll - ok
12:27:03.0208 3944  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:27:03.0208 3944  C:\Windows\System32\ubpm.dll - ok
12:27:03.0223 3944  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
12:27:03.0223 3944  C:\Windows\System32\svchost.exe - ok
12:27:03.0223 3944  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:27:03.0223 3944  C:\Windows\System32\umpnpmgr.dll - ok
12:27:03.0223 3944  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:27:03.0223 3944  C:\Windows\System32\devrtl.dll - ok
12:27:03.0223 3944  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:27:03.0223 3944  C:\Windows\System32\SPInf.dll - ok
12:27:03.0223 3944  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:27:03.0223 3944  C:\Windows\System32\gpapi.dll - ok
12:27:03.0223 3944  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:27:03.0223 3944  C:\Windows\System32\pcwum.dll - ok
12:27:03.0223 3944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:27:03.0223 3944  C:\Windows\System32\umpo.dll - ok
12:27:03.0239 3944  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:27:03.0239 3944  C:\Windows\System32\userenv.dll - ok
12:27:03.0239 3944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
12:27:03.0239 3944  C:\Windows\System32\drivers\luafv.sys - ok
12:27:03.0239 3944  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:27:03.0239 3944  C:\Windows\System32\powrprof.dll - ok
12:27:03.0239 3944  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] C:\Windows\System32\drivers\avgntflt.sys
12:27:03.0239 3944  C:\Windows\System32\drivers\avgntflt.sys - ok
12:27:03.0239 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:27:03.0239 3944  C:\Windows\System32\rpcss.dll - ok
12:27:03.0239 3944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:27:03.0239 3944  C:\Windows\System32\RpcEpMap.dll - ok
12:27:03.0254 3944  [ D696F317BD465A602566F8E1DCCE15F7 ] C:\Windows\System32\atiesrxx.exe
12:27:03.0254 3944  C:\Windows\System32\atiesrxx.exe - ok
12:27:03.0254 3944  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:27:03.0254 3944  C:\Windows\System32\wshqos.dll - ok
12:27:03.0254 3944  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:27:03.0254 3944  C:\Windows\System32\WSHTCPIP.DLL - ok
12:27:03.0254 3944  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:27:03.0254 3944  C:\Windows\System32\FirewallAPI.dll - ok
12:27:03.0254 3944  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:27:03.0254 3944  C:\Windows\System32\wtsapi32.dll - ok
12:27:03.0254 3944  [ 34152997FB906895290E0199AC94B85F ] C:\Windows\System32\authui.dll
12:27:03.0254 3944  C:\Windows\System32\authui.dll - ok
12:27:03.0270 3944  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:27:03.0270 3944  C:\Windows\System32\LogonUI.exe - ok
12:27:03.0270 3944  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:27:03.0270 3944  C:\Windows\System32\version.dll - ok
12:27:03.0270 3944  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:27:03.0270 3944  C:\Windows\System32\wevtsvc.dll - ok
12:27:03.0270 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
12:27:03.0270 3944  C:\Windows\System32\audiosrv.dll - ok
12:27:03.0270 3944  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
12:27:03.0270 3944  C:\Windows\System32\FntCache.dll - ok
12:27:03.0270 3944  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
12:27:03.0270 3944  C:\Windows\System32\mmcss.dll - ok
12:27:03.0286 3944  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:27:03.0286 3944  C:\Windows\System32\MMDevAPI.dll - ok
12:27:03.0286 3944  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:27:03.0286 3944  C:\Windows\System32\propsys.dll - ok
12:27:03.0286 3944  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:27:03.0286 3944  C:\Windows\System32\avrt.dll - ok
12:27:03.0286 3944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:27:03.0286 3944  C:\Windows\System32\profsvc.dll - ok
12:27:03.0286 3944  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:27:03.0286 3944  C:\Windows\System32\adtschema.dll - ok
12:27:03.0286 3944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:27:03.0286 3944  C:\Windows\System32\netprofm.dll - ok
12:27:03.0301 3944  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
12:27:03.0301 3944  C:\Windows\System32\audiodg.exe - ok
12:27:03.0301 3944  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:27:03.0301 3944  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:27:03.0301 3944  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
12:27:03.0301 3944  C:\Windows\System32\WUDFPlatform.dll - ok
12:27:03.0301 3944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:27:03.0301 3944  C:\Windows\System32\MPSSVC.dll - ok
12:27:03.0301 3944  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:27:03.0301 3944  C:\Windows\System32\drivers\fltMgr.sys - ok
12:27:03.0301 3944  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:27:03.0301 3944  C:\Windows\System32\PSHED.DLL - ok
12:27:03.0317 3944  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:27:03.0317 3944  C:\Windows\System32\ntmarta.dll - ok
12:27:03.0317 3944  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
12:27:03.0317 3944  C:\Windows\System32\cscsvc.dll - ok
12:27:03.0317 3944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
12:27:03.0317 3944  C:\Windows\System32\gpsvc.dll - ok
12:27:03.0317 3944  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
12:27:03.0317 3944  C:\Windows\System32\themeservice.dll - ok
12:27:03.0317 3944  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:27:03.0317 3944  C:\Windows\System32\atl.dll - ok
12:27:03.0317 3944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:27:03.0317 3944  C:\Windows\System32\es.dll - ok
12:27:03.0317 3944  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
12:27:03.0317 3944  C:\Windows\System32\comres.dll - ok
12:27:03.0332 3944  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:27:03.0332 3944  C:\Windows\System32\dsrole.dll - ok
12:27:03.0332 3944  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:27:03.0332 3944  C:\Windows\System32\nlaapi.dll - ok
12:27:03.0332 3944  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
12:27:03.0332 3944  C:\Windows\System32\Sens.dll - ok
12:27:03.0332 3944  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:27:03.0332 3944  C:\Windows\System32\slc.dll - ok
12:27:03.0332 3944  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
12:27:03.0332 3944  C:\Windows\System32\PeerDist.dll - ok
12:27:03.0332 3944  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:27:03.0332 3944  C:\Windows\System32\taskschd.dll - ok
12:27:03.0348 3944  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
12:27:03.0348 3944  C:\Windows\System32\mstask.dll - ok
12:27:03.0348 3944  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:27:03.0348 3944  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:27:03.0348 3944  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
12:27:03.0348 3944  C:\Windows\System32\drivers\lltdio.sys - ok
12:27:03.0348 3944  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
12:27:03.0348 3944  C:\Windows\System32\drivers\rspndr.sys - ok
12:27:03.0348 3944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
12:27:03.0348 3944  C:\Windows\System32\uxsms.dll - ok
12:27:03.0348 3944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:27:03.0348 3944  C:\Windows\System32\dhcpcore.dll - ok
12:27:03.0364 3944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:27:03.0364 3944  C:\Windows\System32\dnsrslvr.dll - ok
12:27:03.0364 3944  [ D07EB640618F96490DB88C3CE58DB608 ] C:\Windows\System32\FWPUCLNT.DLL
12:27:03.0364 3944  C:\Windows\System32\FWPUCLNT.DLL - ok
12:27:03.0364 3944  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:27:03.0364 3944  C:\Windows\System32\IPHLPAPI.DLL - ok
12:27:03.0364 3944  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:27:03.0364 3944  C:\Windows\System32\lmhsvc.dll - ok
12:27:03.0364 3944  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:27:03.0364 3944  C:\Windows\System32\nrpsrv.dll - ok
12:27:03.0364 3944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:27:03.0364 3944  C:\Windows\System32\nsisvc.dll - ok
12:27:03.0379 3944  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:27:03.0379 3944  C:\Windows\System32\winnsi.dll - ok
12:27:03.0379 3944  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:27:03.0379 3944  C:\Windows\System32\dhcpcore6.dll - ok
12:27:03.0379 3944  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:27:03.0379 3944  C:\Windows\System32\dnsext.dll - ok
12:27:03.0379 3944  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:27:03.0379 3944  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:27:03.0379 3944  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:27:03.0379 3944  C:\Windows\System32\dhcpcsvc.dll - ok
12:27:03.0379 3944  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
12:27:03.0379 3944  C:\Windows\System32\schedsvc.dll - ok
12:27:03.0395 3944  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
12:27:03.0395 3944  C:\Windows\System32\shsvcs.dll - ok
12:27:03.0395 3944  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:27:03.0395 3944  C:\Windows\System32\dhcpcsvc6.dll - ok
12:27:03.0395 3944  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
12:27:03.0395 3944  C:\Windows\System32\ktmw32.dll - ok
12:27:03.0395 3944  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
12:27:03.0395 3944  C:\Windows\System32\netapi32.dll - ok
12:27:03.0395 3944  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:27:03.0395 3944  C:\Windows\System32\netutils.dll - ok
12:27:03.0395 3944  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:27:03.0395 3944  C:\Windows\System32\wkscli.dll - ok
12:27:03.0410 3944  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:27:03.0410 3944  C:\Windows\System32\xmllite.dll - ok
12:27:03.0410 3944  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
12:27:03.0410 3944  C:\Windows\System32\fveapi.dll - ok
12:27:03.0410 3944  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
12:27:03.0410 3944  C:\Windows\System32\fvecerts.dll - ok
12:27:03.0410 3944  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
12:27:03.0410 3944  C:\Windows\System32\tbs.dll - ok
12:27:03.0410 3944  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:27:03.0410 3944  C:\Windows\System32\cryptui.dll - ok
12:27:03.0410 3944  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:27:03.0410 3944  C:\Windows\System32\samlib.dll - ok
12:27:03.0426 3944  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:27:03.0426 3944  C:\Windows\System32\shacct.dll - ok
12:27:03.0426 3944  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:27:03.0426 3944  C:\Windows\System32\uxtheme.dll - ok
12:27:03.0426 3944  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
12:27:03.0426 3944  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
12:27:03.0426 3944  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:27:03.0426 3944  C:\Windows\System32\dui70.dll - ok
12:27:03.0426 3944  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:27:03.0426 3944  C:\Windows\System32\duser.dll - ok
12:27:03.0426 3944  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:27:03.0426 3944  C:\Windows\System32\wdmaud.drv - ok
12:27:03.0442 3944  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:27:03.0442 3944  C:\Windows\System32\winmm.dll - ok
12:27:03.0442 3944  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:27:03.0442 3944  C:\Windows\System32\ksuser.dll - ok
12:27:03.0442 3944  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:27:03.0442 3944  C:\Windows\System32\SndVolSSO.dll - ok
12:27:03.0442 3944  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
12:27:03.0442 3944  C:\Windows\System32\AudioSes.dll - ok
12:27:03.0442 3944  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:27:03.0442 3944  C:\Windows\System32\dwmapi.dll - ok
12:27:03.0442 3944  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:27:03.0442 3944  C:\Windows\System32\hid.dll - ok
12:27:03.0457 3944  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
12:27:03.0457 3944  C:\Windows\System32\msacm32.dll - ok
12:27:03.0457 3944  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
12:27:03.0457 3944  C:\Windows\System32\msacm32.drv - ok
12:27:03.0457 3944  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
12:27:03.0457 3944  C:\Windows\System32\AudioEng.dll - ok
12:27:03.0457 3944  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
12:27:03.0457 3944  C:\Windows\System32\midimap.dll - ok
12:27:03.0457 3944  [ AFCA5C1ECEAF948FC815178BC077680E ] C:\Windows\System32\WindowsCodecs.dll
12:27:03.0457 3944  C:\Windows\System32\WindowsCodecs.dll - ok
12:27:03.0457 3944  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
12:27:03.0457 3944  C:\Windows\System32\AUDIOKSE.dll - ok
12:27:03.0473 3944  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
12:27:03.0473 3944  C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:27:03.0473 3944  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
12:27:03.0473 3944  C:\Windows\System32\mfplat.dll - ok
12:27:03.0473 3944  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:27:03.0473 3944  C:\Windows\System32\winbrand.dll - ok
12:27:03.0473 3944  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:27:03.0473 3944  C:\Windows\System32\VaultCredProvider.dll - ok
12:27:03.0473 3944  [ 8563BA40DF4F1E93A61B70E2C8B60CF8 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:27:03.0473 3944  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:27:03.0473 3944  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
12:27:03.0473 3944  C:\Windows\System32\BioCredProv.dll - ok
12:27:03.0488 3944  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
12:27:03.0488 3944  C:\Windows\System32\winbio.dll - ok
12:27:03.0488 3944  [ 4403D5ECE7D8323CAF1207D1AA38FA01 ] C:\Windows\System32\credui.dll
12:27:03.0488 3944  C:\Windows\System32\credui.dll - ok
12:27:03.0488 3944  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:27:03.0488 3944  C:\Windows\System32\samcli.dll - ok
12:27:03.0488 3944  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
12:27:03.0488 3944  C:\Windows\System32\vaultcli.dll - ok
12:27:03.0488 3944  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
12:27:03.0488 3944  C:\Windows\System32\certCredProvider.dll - ok
12:27:03.0488 3944  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
12:27:03.0488 3944  C:\Windows\System32\rasplap.dll - ok
12:27:03.0504 3944  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:27:03.0504 3944  C:\Windows\System32\rasapi32.dll - ok
12:27:03.0504 3944  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:27:03.0504 3944  C:\Windows\System32\rasman.dll - ok
12:27:03.0504 3944  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:27:03.0504 3944  C:\Windows\System32\rtutils.dll - ok
12:27:03.0504 3944  [ 23D0CE89D5A6C87DFA023839FE7F4C37 ] C:\Windows\System32\atieclxx.exe
12:27:03.0504 3944  C:\Windows\System32\atieclxx.exe - ok
12:27:03.0504 3944  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:27:03.0504 3944  C:\Windows\System32\UXInit.dll - ok
12:27:03.0504 3944  [ 81D93344A7FF90C1802A021727813E9F ] C:\Windows\System32\atiadlxx.dll
12:27:03.0504 3944  C:\Windows\System32\atiadlxx.dll - ok
12:27:03.0520 3944  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
12:27:03.0520 3944  C:\Windows\System32\taskcomp.dll - ok
12:27:03.0520 3944  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
12:27:03.0520 3944  C:\Windows\System32\wiarpc.dll - ok
12:27:03.0520 3944  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:27:03.0520 3944  C:\Windows\System32\oleacc.dll - ok
12:27:03.0520 3944  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
12:27:03.0520 3944  C:\Windows\System32\UIAutomationCore.dll - ok
12:27:03.0520 3944  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:27:03.0520 3944  C:\Windows\System32\msimg32.dll - ok
12:27:03.0520 3944  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:27:03.0520 3944  C:\Windows\System32\imageres.dll - ok
12:27:03.0520 3944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
12:27:03.0520 3944  C:\Windows\System32\drivers\http.sys - ok
12:27:03.0535 3944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
12:27:03.0535 3944  C:\Windows\System32\spoolsv.exe - ok
12:27:03.0535 3944  [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:27:03.0535 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
12:27:03.0535 3944  [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll
12:27:03.0535 3944  C:\Windows\SysWOW64\ntdll.dll - ok
12:27:03.0535 3944  [ 2A107B611C91CD256466C58C0D776E9D ] C:\Windows\System32\wow64.dll
12:27:03.0535 3944  C:\Windows\System32\wow64.dll - ok
12:27:03.0535 3944  [ 0F090A77E664CB0F70AB8D3B230B760C ] C:\Windows\System32\wow64cpu.dll
12:27:03.0535 3944  C:\Windows\System32\wow64cpu.dll - ok
12:27:03.0551 3944  [ 7434E01FBCA3CB86539C39412A31D5E1 ] C:\Windows\System32\wow64win.dll
12:27:03.0551 3944  C:\Windows\System32\wow64win.dll - ok
12:27:03.0551 3944  [ 76161B9D78A275F8F28DD67436013110 ] C:\Windows\SysWOW64\kernel32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\kernel32.dll - ok
12:27:03.0551 3944  [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\KernelBase.dll - ok
12:27:03.0551 3944  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\user32.dll - ok
12:27:03.0551 3944  [ 56E3313690866F99CD17AA1342F64AE1 ] C:\Windows\SysWOW64\gdi32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\gdi32.dll - ok
12:27:03.0551 3944  [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\lpk.dll - ok
12:27:03.0566 3944  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\usp10.dll - ok
12:27:03.0566 3944  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\msvcrt.dll - ok
12:27:03.0566 3944  [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\advapi32.dll - ok
12:27:03.0566 3944  [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\rpcrt4.dll - ok
12:27:03.0566 3944  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\sechost.dll - ok
12:27:03.0566 3944  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\cryptbase.dll - ok
12:27:03.0566 3944  [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\msvcp100.dll - ok
12:27:03.0582 3944  [ 42B924C5F3924C1EB2539F22C10D7DF1 ] C:\Windows\SysWOW64\sspicli.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\sspicli.dll - ok
12:27:03.0582 3944  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\msvcr100.dll - ok
12:27:03.0582 3944  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\imm32.dll - ok
12:27:03.0582 3944  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\msctf.dll - ok
12:27:03.0582 3944  [ 343CB2631CEAD5A6EC56FFA69937939F ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
12:27:03.0582 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
12:27:03.0582 3944  [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\shell32.dll - ok
12:27:03.0598 3944  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:27:03.0598 3944  C:\Windows\SysWOW64\shlwapi.dll - ok
12:27:03.0598 3944  [ 46065A1F1CA90E084E3217C883F69D4D ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
12:27:03.0598 3944  [ 0E53F1FB5A603B984DC3921D2FF76662 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
12:27:03.0598 3944  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:27:03.0598 3944  C:\Windows\System32\BFE.DLL - ok
12:27:03.0598 3944  [ 18490AD7AB6320CDC0C04B137B385DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
12:27:03.0598 3944  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
12:27:03.0598 3944  C:\Windows\SysWOW64\mpr.dll - ok
12:27:03.0613 3944  [ 1147C3047C28435826EDCE83C1CD8096 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
12:27:03.0613 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
12:27:03.0613 3944  [ B539CFD39BB40964BD36AE037AB0887D ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
12:27:03.0613 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
12:27:03.0613 3944  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:27:03.0613 3944  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:27:03.0613 3944  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\nsi.dll - ok
12:27:03.0613 3944  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\ole32.dll - ok
12:27:03.0613 3944  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\winnsi.dll - ok
12:27:03.0629 3944  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\rasapi32.dll - ok
12:27:03.0629 3944  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\version.dll - ok
12:27:03.0629 3944  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\wtsapi32.dll - ok
12:27:03.0629 3944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\bowser.sys - ok
12:27:03.0629 3944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\mpsdrv.sys - ok
12:27:03.0629 3944  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\mrxsmb.sys - ok
12:27:03.0644 3944  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:27:03.0644 3944  C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:27:03.0644 3944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:27:03.0644 3944  C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:27:03.0644 3944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:27:03.0644 3944  C:\Windows\System32\wkssvc.dll - ok
12:27:03.0644 3944  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
12:27:03.0644 3944  C:\Windows\SysWOW64\rasman.dll - ok
12:27:03.0644 3944  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:27:03.0644 3944  C:\Windows\SysWOW64\ws2_32.dll - ok
12:27:03.0644 3944  [ 6614EDFCF4AFE27E46FC0C1A5EC1269D ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
12:27:03.0644 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
12:27:03.0660 3944  [ 53F5464997776F0AD1F68798787D3537 ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
12:27:03.0660 3944  [ 6971E57164D46323CF949631A0685307 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
12:27:03.0660 3944  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:27:03.0660 3944  C:\Windows\System32\wfapigp.dll - ok
12:27:03.0660 3944  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:27:03.0660 3944  C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:27:03.0660 3944  [ 65AF41A7A2C5B6693E1B4164E7632C3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
12:27:03.0660 3944  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
12:27:03.0660 3944  C:\Windows\SysWOW64\propsys.dll - ok
12:27:03.0676 3944  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:27:03.0676 3944  C:\Windows\System32\mscms.dll - ok
12:27:03.0676 3944  [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
12:27:03.0676 3944  C:\Windows\System32\cryptsvc.dll - ok
12:27:03.0676 3944  [ 63FE35B2DFC1CCD2AA33EA8BA2460BE9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
12:27:03.0676 3944  [ B792BBE05A18481016A7C39269D3E75C ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
12:27:03.0676 3944  [ E7721DCE7EE53A22BBF6CFCAA145FB12 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
12:27:03.0676 3944  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:27:03.0676 3944  C:\Windows\SysWOW64\oleaut32.dll - ok
12:27:03.0691 3944  [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll
12:27:03.0691 3944  C:\Windows\System32\cryptnet.dll - ok
12:27:03.0691 3944  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:27:03.0691 3944  C:\Windows\System32\vssapi.dll - ok
12:27:03.0691 3944  [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
12:27:03.0691 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
12:27:03.0691 3944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
12:27:03.0691 3944  C:\Windows\System32\dps.dll - ok
12:27:03.0691 3944  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
12:27:03.0691 3944  C:\Windows\System32\FDResPub.dll - ok
12:27:03.0691 3944  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:27:03.0691 3944  C:\Windows\System32\pcasvc.dll - ok
12:27:03.0707 3944  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:27:03.0707 3944  C:\Windows\System32\snmptrap.exe - ok
12:27:03.0707 3944  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
12:27:03.0707 3944  C:\Windows\System32\WSDApi.dll - ok
12:27:03.0707 3944  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
12:27:03.0707 3944  C:\Windows\System32\webservices.dll - ok
12:27:03.0707 3944  [ 4004299B7AF4CBFF6540F1798899A11F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:27:03.0707 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:27:03.0707 3944  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:27:03.0707 3944  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:27:03.0707 3944  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:27:03.0707 3944  C:\Windows\System32\fundisc.dll - ok
12:27:03.0722 3944  [ 9C933EE52559A41B704CBB189E7D6495 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
12:27:03.0722 3944  [ EDA04929396FBE9D3C6A93E847657AD4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
12:27:03.0722 3944  [ 23C77897F8DC43B25A1DD03542E479EA ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
12:27:03.0722 3944  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
12:27:03.0722 3944  C:\Windows\System32\PeerDistSh.dll - ok
12:27:03.0722 3944  [ CD135EBBA99C598F30E6093824193038 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll - ok
12:27:03.0722 3944  [ 8BE50E29F27A9DFC3372CD29F02A15EB ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll - ok
12:27:03.0738 3944  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
12:27:03.0738 3944  C:\Windows\SysWOW64\rtutils.dll - ok
12:27:03.0738 3944  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:27:03.0738 3944  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:27:03.0738 3944  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:27:03.0738 3944  C:\Windows\System32\vsstrace.dll - ok
12:27:03.0738 3944  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:27:03.0738 3944  C:\Windows\System32\provsvc.dll - ok
12:27:03.0738 3944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:27:03.0738 3944  C:\Windows\System32\sstpsvc.dll - ok
12:27:03.0738 3944  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:27:03.0738 3944  C:\Windows\System32\winhttp.dll - ok
12:27:03.0754 3944  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:27:03.0754 3944  C:\Windows\System32\webio.dll - ok
12:27:03.0754 3944  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
12:27:03.0754 3944  C:\Windows\System32\httpapi.dll - ok
12:27:03.0754 3944  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
12:27:03.0754 3944  C:\Windows\System32\msxml6.dll - ok
12:27:03.0754 3944  [ D5BE751B837C8B8CB58426EC9B2A29E9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
12:27:03.0754 3944  [ 6A6B49FD47A6BA4949A1E03CA4486439 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll - ok
12:27:03.0754 3944  [ 8682F5AEFD0326B2A772E90EF1EFBE17 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll - ok
12:27:03.0769 3944  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\clbcatq.dll - ok
12:27:03.0769 3944  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\Wldap32.dll - ok
12:27:03.0769 3944  [ F2D9F23FFB2B0B2B8FF5126689615B3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll
12:27:03.0769 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll - ok
12:27:03.0769 3944  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\profapi.dll - ok
12:27:03.0769 3944  [ 76F58DB8F85C125E0D6B3AA42F3BF1D0 ] C:\Windows\SysWOW64\urlmon.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\urlmon.dll - ok
12:27:03.0769 3944  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:27:03.0785 3944  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:27:03.0785 3944  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:27:03.0785 3944  [ 05BD47136DE62FAFE9F95B40E4100144 ] C:\Windows\SysWOW64\iertutil.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\iertutil.dll - ok
12:27:03.0800 3944  [ CC09E0C9A2D89C6E71D093DC8BD121B7 ] C:\Windows\SysWOW64\crypt32.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\crypt32.dll - ok
12:27:03.0800 3944  [ 582632E34C9FF3C658ED56E5FC8D7EC6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll
12:27:03.0800 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll - ok
12:27:03.0800 3944  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\msasn1.dll - ok
12:27:03.0800 3944  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\winhttp.dll - ok
12:27:03.0800 3944  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\webio.dll - ok
12:27:03.0800 3944  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\browcli.dll - ok
12:27:03.0816 3944  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\logoncli.dll - ok
12:27:03.0816 3944  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\netapi32.dll - ok
12:27:03.0816 3944  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\netutils.dll - ok
12:27:03.0816 3944  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\srvcli.dll - ok
12:27:03.0816 3944  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\wkscli.dll - ok
12:27:03.0816 3944  [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\activeds.dll - ok
12:27:03.0832 3944  [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\adsldpc.dll - ok
12:27:03.0832 3944  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\atl.dll - ok
12:27:03.0832 3944  [ 800A35C7425E12379F173FBE7EA2A4F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
12:27:03.0832 3944  [ BE04DE758070B1CBA8B741436C955797 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
12:27:03.0832 3944  [ A8F0298E9947D66E8E16E45F109E35CC ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
12:27:03.0832 3944  [ E4E829EE073E046B0EB19B5FECB19B8C ] C:\Windows\SysWOW64\wininet.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\wininet.dll - ok
12:27:03.0847 3944  [ 6FE2FC00C12815B11E614BE5D545B59D ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
12:27:03.0847 3944  [ FA018F45BA6DC7C5918F0B06F0F0D6D2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
12:27:03.0847 3944  [ 372948BB5E41CE42341C4398DE572E56 ] C:\Windows\SysWOW64\secur32.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\secur32.dll - ok
12:27:03.0847 3944  [ A93DAE6938F2C49E257B1A7F79D587A6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
12:27:03.0847 3944  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:27:03.0847 3944  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\setupapi.dll - ok
12:27:03.0863 3944  [ 39050A12A2EFBEC944C3585374898E54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
12:27:03.0863 3944  [ 7601E307497092E38BB0F8C42127C583 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
12:27:03.0863 3944  [ 0BE5722EA1889F77F251292B2ABBED4F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
12:27:03.0863 3944  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\devobj.dll - ok
12:27:03.0863 3944  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\apphelp.dll - ok
12:27:03.0863 3944  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\sfc.dll - ok
12:27:03.0878 3944  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
12:27:03.0878 3944  C:\Windows\SysWOW64\sfc_os.dll - ok
12:27:03.0878 3944  [ 552DF4A9DD8F4A500E3F8FC9C512D47A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe - ok
12:27:03.0878 3944  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
12:27:03.0878 3944  C:\Windows\SysWOW64\devrtl.dll - ok
12:27:03.0878 3944  [ 3A17A112D51D0DD494D64915D4527B2F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
12:27:03.0878 3944  [ 28BADE8802D00E9EEC8F9045A457ED74 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
12:27:03.0878 3944  [ 2E5E517A5ED5CA1E99DA3AE517089935 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
12:27:03.0894 3944  [ 3B8843D652E63C6531DE9B8A3314764E ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
12:27:03.0894 3944  [ 1844F9B8E28FF898A9FF5A022C1D974D ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
12:27:03.0894 3944  [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
12:27:03.0894 3944  [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
12:27:03.0894 3944  [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
12:27:03.0894 3944  C:\Windows\SysWOW64\mfc100u.dll - ok
12:27:03.0894 3944  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
12:27:03.0894 3944  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
12:27:03.0910 3944  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\msimg32.dll - ok
12:27:03.0910 3944  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\dwmapi.dll - ok
12:27:03.0910 3944  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\uxtheme.dll - ok
12:27:03.0910 3944  [ ECA6624EFEBBE2C0C320AC942620C404 ] C:\Windows\SysWOW64\mfc100deu.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\mfc100deu.dll - ok
12:27:03.0910 3944  [ E5624A279E2E98EAFCB6BCA7DB4DB2CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll
12:27:03.0910 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll - ok
12:27:03.0910 3944  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\FirewallAPI.dll - ok
12:27:03.0925 3944  [ 8FC1230DBCCEB7016A4F183D4808D335 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:27:03.0925 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe - ok
12:27:03.0925 3944  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
12:27:03.0925 3944  C:\Windows\SysWOW64\mscoree.dll - ok
12:27:03.0925 3944  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:27:03.0925 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:27:03.0925 3944  [ 8E2242BB3CB7A632A8CF22BDE2A41AE1 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
12:27:03.0925 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
12:27:03.0925 3944  [ 0DCA5F8AF83975061D9D8340DC471B5C ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
12:27:03.0925 3944  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
12:27:03.0925 3944  [ C1F1E53851FAA7E029CFA07DAF9A5E81 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
12:27:03.0925 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll - ok
12:27:03.0941 3944  [ F1F5356A864A88F355002BDE02EA87EA ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Glib.dll
12:27:03.0941 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Glib.dll - ok
12:27:03.0941 3944  [ 5098A5D0F433048AF91D556330678B52 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll - ok
12:27:03.0941 3944  [ 4676E92357233BD5A097BE3F7D6DB00A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll - ok
12:27:03.0941 3944  [ 9AE06337C568C19ED91FAEAA91C609E3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll - ok
12:27:03.0941 3944  [ 3AD3602258590F5A3C45DC7A029D0140 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
12:27:03.0941 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
12:27:03.0956 3944  [ 7556E8E5F3FFD7AA845A02B1237946C0 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreLibrary.dll
12:27:03.0956 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreLibrary.dll - ok
12:27:03.0956 3944  [ 71ECC01F9928873A5DEB5B475C0F2429 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
12:27:03.0956 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
12:27:03.0956 3944  [ 8B1F5E3195FB646A06D880F8CAB299FA ] C:\Program Files (x86)\Garmin\Core Update Service\NLog.dll
12:27:03.0956 3944  C:\Program Files (x86)\Garmin\Core Update Service\NLog.dll - ok
12:27:03.0956 3944  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\cryptsp.dll - ok
12:27:03.0956 3944  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\rsaenh.dll - ok
12:27:03.0956 3944  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:27:03.0972 3944  [ 30EFD90C995E57399F3AB10E6685C60B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
12:27:03.0972 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll - ok
12:27:03.0972 3944  [ 2E7D051495EFBE01E590D42303967183 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
12:27:03.0972 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll - ok
12:27:03.0972 3944  [ 3F7715D56712A3E598289E87FA122E68 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
12:27:03.0972 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll - ok
12:27:03.0972 3944  [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll
12:27:03.0972 3944  C:\Windows\SysWOW64\wintrust.dll - ok
12:27:03.0972 3944  [ 2AEC3B1ED15DFFCF7BBF3DFD32342CA8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
12:27:03.0972 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll - ok
12:27:03.0988 3944  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\riched20.dll - ok
12:27:03.0988 3944  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 ] C:\Windows\SysWOW64\imagehlp.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\imagehlp.dll - ok
12:27:03.0988 3944  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\bcrypt.dll - ok
12:27:03.0988 3944  [ AD7FB087A238883D1618F29F7BBBD584 ] C:\Windows\SysWOW64\ncrypt.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\ncrypt.dll - ok
12:27:03.0988 3944  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:27:03.0988 3944  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\userenv.dll - ok
12:27:03.0988 3944  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\gpapi.dll - ok
12:27:04.0003 3944  [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\cryptnet.dll - ok
12:27:04.0003 3944  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\SensApi.dll - ok
12:27:04.0003 3944  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\credssp.dll - ok
12:27:04.0003 3944  [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\mswsock.dll - ok
12:27:04.0003 3944  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:27:04.0003 3944  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\wship6.dll - ok
12:27:04.0019 3944  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:27:04.0019 3944  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:27:04.0019 3944  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:27:04.0019 3944  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:27:04.0019 3944  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:27:04.0019 3944  C:\Windows\System32\dllhost.exe - ok
12:27:04.0019 3944  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
12:27:04.0019 3944  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
12:27:04.0019 3944  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:27:04.0019 3944  C:\Windows\System32\IDStore.dll - ok
12:27:04.0019 3944  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
12:27:04.0019 3944  C:\Windows\System32\taskhost.exe - ok
12:27:04.0034 3944  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:27:04.0034 3944  C:\Windows\System32\mpr.dll - ok
12:27:04.0034 3944  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:27:04.0034 3944  C:\Windows\System32\MsCtfMonitor.dll - ok
12:27:04.0034 3944  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:27:04.0034 3944  C:\Windows\System32\msutb.dll - ok
12:27:04.0034 3944  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
12:27:04.0034 3944  C:\Windows\System32\taskeng.exe - ok
12:27:04.0034 3944  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:27:04.0034 3944  C:\Windows\System32\userinit.exe - ok
12:27:04.0034 3944  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
12:27:04.0034 3944  C:\Windows\System32\dwm.exe - ok
12:27:04.0050 3944  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
12:27:04.0050 3944  C:\Windows\System32\dwmredir.dll - ok
12:27:04.0050 3944  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
12:27:04.0050 3944  C:\Windows\System32\dwmcore.dll - ok
12:27:04.0050 3944  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
12:27:04.0050 3944  C:\Windows\System32\d3d10_1.dll - ok
12:27:04.0050 3944  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
12:27:04.0050 3944  C:\Windows\System32\HotStartUserAgent.dll - ok
12:27:04.0050 3944  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
12:27:04.0050 3944  C:\Windows\System32\PlaySndSrv.dll - ok
12:27:04.0050 3944  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:27:04.0050 3944  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:27:04.0066 3944  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
12:27:04.0066 3944  C:\Windows\System32\TSChannel.dll - ok
12:27:04.0066 3944  [ C377219FF688183E4A4F5816EFF82E82 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
12:27:04.0066 3944  [ 7128BC801C1451D460344C4893315265 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
12:27:04.0066 3944  [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
12:27:04.0066 3944  C:\Windows\System32\msvcp110.dll - ok
12:27:04.0066 3944  [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
12:27:04.0066 3944  C:\Windows\System32\msvcr110.dll - ok
12:27:04.0066 3944  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
12:27:04.0081 3944  [ 1075AB2C077B415760C0E948856B5126 ] C:\Windows\System32\wer.dll
12:27:04.0081 3944  C:\Windows\System32\wer.dll - ok
12:27:04.0081 3944  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
12:27:04.0081 3944  C:\Windows\System32\dbghelp.dll - ok
12:27:04.0081 3944  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:27:04.0081 3944  C:\Windows\System32\bthprops.cpl - ok
12:27:04.0081 3944  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
12:27:04.0081 3944  C:\Windows\System32\wsock32.dll - ok
12:27:04.0081 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:04.0081 3944  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:27:04.0081 3944  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
12:27:04.0081 3944  C:\Windows\System32\d3d10_1core.dll - ok
12:27:04.0097 3944  [ 0928B9C3F2193EE265AA5E9B163D96EB ] C:\Program Files (x86)\Google\Update\1.3.23.9\goopdate.dll
12:27:04.0097 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\goopdate.dll - ok
12:27:04.0097 3944  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\msi.dll - ok
12:27:04.0097 3944  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\cscapi.dll - ok
12:27:04.0097 3944  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\ntmarta.dll - ok
12:27:04.0097 3944  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\dbghelp.dll - ok
12:27:04.0097 3944  [ 7E6B107120108B3A15BFECE0DE3201DB ] C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
12:27:04.0097 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe - ok
12:27:04.0112 3944  [ 0D5CE0E5AEC3ACC7930AB955334B8533 ] C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
12:27:04.0112 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe - ok
12:27:04.0112 3944  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:27:04.0112 3944  C:\Windows\System32\cscapi.dll - ok
12:27:04.0112 3944  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
12:27:04.0112 3944  C:\Windows\SysWOW64\mstask.dll - ok
12:27:04.0112 3944  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
12:27:04.0112 3944  C:\Windows\System32\dxgi.dll - ok
12:27:04.0112 3944  [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
12:27:04.0112 3944  C:\Windows\System32\d3d11.dll - ok
12:27:04.0112 3944  [ 0F3B5AA11D6003C851D6A9D2450DC9E1 ] C:\Windows\System32\atidxx64.dll
12:27:04.0112 3944  C:\Windows\System32\atidxx64.dll - ok
12:27:04.0128 3944  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
12:27:04.0128 3944  C:\Windows\System32\uDWM.dll - ok
12:27:04.0128 3944  [ 0D298133C359AB8CB9EB4FA178BF3947 ] C:\Windows\System32\msxml3.dll
12:27:04.0128 3944  C:\Windows\System32\msxml3.dll - ok
12:27:04.0128 3944  [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
12:27:04.0128 3944  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
12:27:04.0128 3944  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:27:04.0128 3944  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:27:04.0128 3944  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
12:27:04.0128 3944  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
12:27:04.0128 3944  [ DE33208D7B10FF672CAA399403150E16 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
12:27:04.0128 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
12:27:04.0144 3944  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:27:04.0144 3944  C:\Windows\System32\rasadhlp.dll - ok
12:27:04.0144 3944  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:27:04.0144 3944  C:\Windows\System32\msi.dll - ok
12:27:04.0144 3944  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
12:27:04.0144 3944  C:\Windows\System32\esent.dll - ok
12:27:04.0144 3944  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
12:27:04.0144 3944  C:\Windows\System32\localspl.dll - ok
12:27:04.0144 3944  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:27:04.0144 3944  C:\Windows\System32\umb.dll - ok
12:27:04.0144 3944  [ 9945FF91CBFEE03D20FE8A2A75A09B19 ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
12:27:04.0144 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
12:27:04.0159 3944  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
12:27:04.0159 3944  C:\Windows\System32\spoolss.dll - ok
12:27:04.0159 3944  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:27:04.0159 3944  C:\Windows\System32\winspool.drv - ok
12:27:04.0159 3944  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
12:27:04.0159 3944  C:\Windows\System32\PrintIsolationProxy.dll - ok
12:27:04.0159 3944  [ 9FEFF98E2A0F71577AB401BE4E05518A ] C:\Windows\System32\CNMLM9P.DLL
12:27:04.0159 3944  C:\Windows\System32\CNMLM9P.DLL - ok
12:27:04.0159 3944  [ 85D546ADDF491C9DFF6993BB0F4059B2 ] C:\Windows\System32\CNCF2Li.DLL
12:27:04.0159 3944  C:\Windows\System32\CNCF2Li.DLL - ok
12:27:04.0159 3944  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
12:27:04.0159 3944  C:\Windows\System32\FXSMON.dll - ok
12:27:04.0175 3944  [ C89B88BCA6D6B72A470D8BF5730254C6 ] C:\Windows\System32\pdfcmon.dll
12:27:04.0175 3944  C:\Windows\System32\pdfcmon.dll - ok
12:27:04.0175 3944  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
12:27:04.0175 3944  C:\Windows\System32\snmpapi.dll - ok
12:27:04.0175 3944  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
12:27:04.0175 3944  C:\Windows\System32\tcpmon.dll - ok
12:27:04.0175 3944  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
12:27:04.0175 3944  C:\Windows\System32\usbmon.dll - ok
12:27:04.0175 3944  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
12:27:04.0175 3944  C:\Windows\System32\wsnmp32.dll - ok
12:27:04.0175 3944  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
12:27:04.0175 3944  C:\Windows\System32\WSDMon.dll - ok
12:27:04.0190 3944  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
12:27:04.0190 3944  C:\Windows\System32\fdPnp.dll - ok
12:27:04.0190 3944  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:27:04.0190 3944  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:27:04.0190 3944  [ E0330C3E6CD6C499A7DE69B560AFEE4D ] C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL
12:27:04.0190 3944  C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL - ok
12:27:04.0190 3944  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
12:27:04.0190 3944  C:\Windows\System32\win32spl.dll - ok
12:27:04.0190 3944  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
12:27:04.0190 3944  C:\Windows\System32\inetpp.dll - ok
12:27:04.0190 3944  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
12:27:04.0190 3944  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
12:27:04.0206 3944  [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
12:27:04.0206 3944  C:\Windows\System32\mgmtapi.dll - ok
12:27:04.0206 3944  [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
12:27:04.0206 3944  C:\Windows\System32\tcpmib.dll - ok
12:27:04.0206 3944  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
12:27:04.0206 3944  [ 915A96EFF6DE6DD482864647332C5A42 ] C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL - ok
12:27:04.0206 3944  [ 6D9AB0B3FC4D67830F363EBC6F1E3DE9 ] C:\Windows\System32\spool\drivers\x64\3\BRUUI13A.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\BRUUI13A.DLL - ok
12:27:04.0206 3944  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:27:04.0206 3944  C:\Windows\explorer.exe - ok
12:27:04.0222 3944  [ 83EEFE83438AEF9FBB7613A106C5E5BB ] C:\Program Files\Java\jre7\bin\javaw.exe
12:27:04.0222 3944  C:\Program Files\Java\jre7\bin\javaw.exe - ok
12:27:04.0222 3944  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:27:04.0222 3944  C:\Windows\System32\ExplorerFrame.dll - ok
12:27:04.0222 3944  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:27:04.0222 3944  C:\Windows\System32\EhStorShell.dll - ok
12:27:04.0222 3944  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
12:27:04.0222 3944  C:\Windows\System32\cscui.dll - ok
12:27:04.0222 3944  [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
12:27:04.0222 3944  C:\Windows\System32\ntprint.dll - ok
12:27:04.0222 3944  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
12:27:04.0222 3944  C:\Windows\System32\cscdll.dll - ok
12:27:04.0222 3944  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:27:04.0222 3944  C:\Windows\System32\ntshrui.dll - ok
12:27:04.0237 3944  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:27:04.0237 3944  C:\Windows\System32\IconCodecService.dll - ok
12:27:04.0237 3944  [ 8D41342D23D15C30700E838FAE84E489 ] C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
12:27:04.0237 3944  C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe - ok
12:27:04.0237 3944  [ 985C307535F81609920B54EBC7C15B50 ] C:\Program Files\VideoLAN\VLC\vlc.exe
12:27:04.0237 3944  C:\Program Files\VideoLAN\VLC\vlc.exe - ok
12:27:04.0237 3944  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\winsta.dll - ok
12:27:04.0237 3944  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\dnsapi.dll - ok
12:27:04.0237 3944  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\rasadhlp.dll - ok
12:27:04.0253 3944  [ F0D0E883EBBDC7615DC9EDEA0FFB2817 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:27:04.0253 3944  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:27:04.0253 3944  [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
12:27:04.0253 3944  C:\Windows\SysWOW64\vdmdbg.dll - ok
12:27:04.0253 3944  [ F89000BD2BF367B9A6423CEB1553E9AF ] C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll - ok
12:27:04.0253 3944  [ 9A521D6FAB1402D71BD900E9054EF7DE ] C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll - ok
12:27:04.0253 3944  [ 42CC7633E6C898923AE57CEBCE6DB2B2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll - ok
12:27:04.0253 3944  [ 9A86820CEDF2C6D2EBF2E6E66E89EA1A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll - ok
12:27:04.0268 3944  [ D5094999316AE489620B3CB70C1AD5C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll
12:27:04.0268 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll - ok
12:27:04.0268 3944  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
12:27:04.0268 3944  C:\Windows\SysWOW64\samcli.dll - ok
12:27:04.0268 3944  [ ABF612BB29A6293A574710716246F58E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
12:27:04.0268 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
12:27:04.0268 3944  [ 441CC7DBC4F8661807A9B1C87CABA81C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
12:27:04.0268 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll - ok
12:27:04.0268 3944  [ DD3DE2DA4D2D40D9EEBE570C44C0FFC6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
12:27:04.0268 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll - ok
12:27:04.0284 3944  [ 4262941C67FDC6B5BF6BD8124EAD7D63 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll - ok
12:27:04.0284 3944  [ 629989BD3F1E1EE48DDD3586DF2736E1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll - ok
12:27:04.0284 3944  [ 62EB3624CD0767800959F9A07C5C1186 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
12:27:04.0284 3944  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
12:27:04.0284 3944  [ 4D7CCF386348589BE92939AEB79DD9B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll - ok
12:27:04.0284 3944  [ 7C414E1CCE3695B7A1BF0EB8E44ED428 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll - ok
12:27:04.0284 3944  [ 1E9087B8EDCC41AD8385487945E8B131 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Device.IO.dll
12:27:04.0284 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Device.IO.dll - ok
12:27:04.0300 3944  [ 5F9482ED6D4598758433E5C0524BDE40 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.DataTypes.dll - ok
12:27:04.0300 3944  [ 0F18CB3F93BA24C924C814B0AB18A21F ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.DotNet.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.DotNet.dll - ok
12:27:04.0300 3944  [ 4202623979CEF62FDE8B0219B280E067 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll - ok
12:27:04.0300 3944  [ 1AE061C8783ABC76D734D4EC4DCBCD21 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.dll - ok
12:27:04.0300 3944  [ 0BE7D95D19CB4D64F1FD3574F34122D3 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll - ok
12:27:04.0315 3944  [ 1B6998BB509DCCDE8881BC311DDD0D3D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\fcffb45098807dbf4f96bb133936789a\System.Security.ni.dll
12:27:04.0315 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\fcffb45098807dbf4f96bb133936789a\System.Security.ni.dll - ok
12:27:04.0315 3944  [ ABB19BD517C6274551229D3A866CCD36 ] C:\Program Files (x86)\Garmin\Core Update Service\System.Threading.Tasks.dll
12:27:04.0315 3944  C:\Program Files (x86)\Garmin\Core Update Service\System.Threading.Tasks.dll - ok
12:27:04.0315 3944  [ 9F22F081FF1874B4A4040C6ABDD2D32B ] C:\Program Files (x86)\Garmin\Core Update Service\Microsoft.Threading.Tasks.dll
12:27:04.0315 3944  C:\Program Files (x86)\Garmin\Core Update Service\Microsoft.Threading.Tasks.dll - ok
12:27:04.0315 3944  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:27:04.0315 3944  C:\Windows\System32\nlasvc.dll - ok
12:27:04.0315 3944  [ 20372BE109FEE1C37E2D5216680DB9EB ] C:\Program Files (x86)\PDF Architect\HelperService.exe
12:27:04.0315 3944  C:\Program Files (x86)\PDF Architect\HelperService.exe - ok
12:27:04.0315 3944  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
12:27:04.0315 3944  C:\Windows\System32\aepic.dll - ok
12:27:04.0331 3944  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:27:04.0331 3944  C:\Windows\System32\ncsi.dll - ok
12:27:04.0331 3944  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:27:04.0331 3944  C:\Windows\System32\sfc.dll - ok
12:27:04.0331 3944  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:27:04.0331 3944  C:\Windows\System32\sfc_os.dll - ok
12:27:04.0331 3944  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
12:27:04.0331 3944  C:\Windows\SysWOW64\sxs.dll - ok
12:27:04.0331 3944  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:27:04.0331 3944  C:\Windows\System32\ssdpapi.dll - ok
12:27:04.0331 3944  [ 50771B093AB06C6C44C9732CB777A219 ] C:\Program Files (x86)\PDF Architect\libcurl.dll
12:27:04.0331 3944  C:\Program Files (x86)\PDF Architect\libcurl.dll - ok
12:27:04.0346 3944  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
12:27:04.0346 3944  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
12:27:04.0346 3944  [ 065687F74C1F79CD31B82A3E48BF7F78 ] C:\Program Files (x86)\PDF Architect\libeay32.dll
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\libeay32.dll - ok
12:27:04.0346 3944  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
12:27:04.0346 3944  C:\Windows\SysWOW64\wsock32.dll - ok
12:27:04.0346 3944  [ A40645BD5D25A0202DC9232C2BD018B3 ] C:\Program Files (x86)\PDF Architect\ssleay32.dll
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\ssleay32.dll - ok
12:27:04.0346 3944  [ B90A279073A815A4AA2C45A09EE004FA ] C:\Program Files (x86)\PDF Architect\ConversionService.exe
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\ConversionService.exe - ok
12:27:04.0346 3944  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
12:27:04.0346 3944  C:\Windows\SysWOW64\winspool.drv - ok
12:27:04.0362 3944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
12:27:04.0362 3944  C:\Windows\System32\drivers\PEAuth.sys - ok
12:27:04.0362 3944  [ EA8386CA87165460D39A1D29FF11080B ] C:\Program Files\Internet Explorer\iexplore.exe
12:27:04.0362 3944  C:\Program Files\Internet Explorer\iexplore.exe - ok
12:27:04.0362 3944  [ 8D60485E65D2D8D87D17173AAAE00067 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll - ok
12:27:04.0362 3944  [ 51137ACA4956480448DD7D61FBA51632 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll - ok
12:27:04.0362 3944  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:27:04.0362 3944  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:27:04.0362 3944  [ 61CD3FDCD727C2F7EA6C2E697740F486 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll - ok
12:27:04.0378 3944  [ 98EF79CC2B07398AC525F9EA1AE0366F ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
12:27:04.0378 3944  [ 6F03F363583DA1AEBC590304DF3BD6EE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
12:27:04.0378 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll - ok
12:27:04.0378 3944  [ A14BB2F5F6457738AAA11367F5172A05 ] C:\Windows\System32\ieframe.dll
12:27:04.0378 3944  C:\Windows\System32\ieframe.dll - ok
12:27:04.0378 3944  [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
12:27:04.0378 3944  [ 9B375BB63F99B113C065A5DB4E632E23 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll - ok
12:27:04.0393 3944  [ 1728FA8A8B98396A1AD3A44CA87DFCBD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
12:27:04.0393 3944  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:27:04.0393 3944  C:\Windows\SysWOW64\psapi.dll - ok
12:27:04.0393 3944  [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
12:27:04.0393 3944  [ 46B5E0D4DE23D31E7B83E376BD99D7C6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll - ok
12:27:04.0393 3944  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
12:27:04.0393 3944  C:\Windows\SysWOW64\pcwum.dll - ok
12:27:04.0409 3944  [ 697F06E4F77571E392C753638A028654 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
12:27:04.0409 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok
12:27:04.0409 3944  [ E7B82D1FB6D8B8644F7EDDE052DDFA5D ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll
12:27:04.0409 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll - ok
12:27:04.0409 3944  [ FB83E56708103345BFDB8A2B7FF7BBA7 ] C:\Program Files (x86)\Garmin\Core Update Service\Ionic.Zip.dll
12:27:04.0409 3944  C:\Program Files (x86)\Garmin\Core Update Service\Ionic.Zip.dll - ok
12:27:04.0409 3944  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
12:27:04.0409 3944  C:\Windows\SysWOW64\oleacc.dll - ok
12:27:04.0409 3944  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
12:27:04.0409 3944  C:\Windows\SysWOW64\shfolder.dll - ok
12:27:04.0409 3944  [ 110145B6EC64C9800468C18ED81B6FC5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
12:27:04.0409 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
12:27:04.0424 3944  [ 25A2EEF8D22E36F3C7B368BCF245BDC3 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
12:27:04.0424 3944  [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
12:27:04.0424 3944  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
12:27:04.0424 3944  C:\Windows\System32\aeevts.dll - ok
12:27:04.0424 3944  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
12:27:04.0424 3944  C:\Windows\SysWOW64\comdlg32.dll - ok
12:27:04.0424 3944  [ 776405A9F755BA8BA5CA9039F0D18067 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
12:27:04.0440 3944  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
12:27:04.0440 3944  C:\Windows\SysWOW64\oledlg.dll - ok
12:27:04.0440 3944  [ 75B5CCDAD97A2A6D245ACA1ACB415DA5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
12:27:04.0440 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
12:27:04.0440 3944  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
12:27:04.0440 3944  C:\Windows\SysWOW64\winmm.dll - ok
12:27:04.0440 3944  [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
12:27:04.0440 3944  C:\Windows\System32\ctfmon.exe - ok
12:27:04.0440 3944  [ 37D0FB9E5E8EDA40B66FC3FB3D660261 ] C:\Windows\System32\mshtml.dll
12:27:04.0440 3944  C:\Windows\System32\mshtml.dll - ok
12:27:04.0440 3944  [ 930B10F03BEF0733B42EA20DC1592C65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll
12:27:04.0440 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll - ok
12:27:04.0456 3944  [ 84F9EDB011F256CE3CA21E06876A7D7A ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
12:27:04.0456 3944  [ 217B846C2B74637EA326C7A07DD30177 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
12:27:04.0456 3944  [ C2ABD6107231B010A1E489622E06575B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
12:27:04.0456 3944  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
12:27:04.0456 3944  C:\Windows\SysWOW64\fltLib.dll - ok
12:27:04.0456 3944  [ AC8E4357A79199AF587514E4805DEEC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
12:27:04.0471 3944  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
12:27:04.0471 3944  C:\Windows\System32\cabinet.dll - ok
12:27:04.0471 3944  [ D8976CD6D0653CB6BBC000950590FBBD ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
12:27:04.0471 3944  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
12:27:04.0471 3944  C:\Windows\System32\p2pcollab.dll - ok
12:27:04.0471 3944  [ B5A72BA66AD8D4317EBEA61C1C5AE0CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
12:27:04.0471 3944  [ 42EE1AA800FFDD2484B2097535672142 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
12:27:04.0471 3944  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
12:27:04.0471 3944  C:\Windows\System32\QAGENTRT.DLL - ok
12:27:04.0487 3944  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
12:27:04.0487 3944  C:\Windows\System32\fveui.dll - ok
12:27:04.0487 3944  [ 64ADDC6760CDED7EA432D7398318D919 ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll
12:27:04.0487 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok
12:27:04.0487 3944  [ 4E8433BA8F7622808E66F17CDAAEE156 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
12:27:04.0487 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
12:27:04.0487 3944  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
12:27:04.0487 3944  C:\Windows\SysWOW64\olepro32.dll - ok
12:27:04.0487 3944  [ 31385A6CAA31BE9D07B0B32E5AA99ABB ] C:\Windows\SysWOW64\jsproxy.dll
12:27:04.0487 3944  C:\Windows\SysWOW64\jsproxy.dll - ok
12:27:04.0487 3944  [ 6BD3E11E7B82E0964D51975371D7F2E0 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll
12:27:04.0487 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll - ok
12:27:04.0502 3944  [ 816D64F554FBD234DD2C77F4E08C7D5C ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
12:27:04.0502 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
12:27:04.0502 3944  [ BF25489459C7A762DD7B3186C7E3984D ] C:\Windows\System32\jscript9.dll
12:27:04.0502 3944  C:\Windows\System32\jscript9.dll - ok
12:27:04.0502 3944  [ E4574405ACBB2BEDF9E6B1B99896540E ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
12:27:04.0502 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
12:27:04.0502 3944  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
12:27:04.0502 3944  C:\Windows\System32\drivers\secdrv.sys - ok
12:27:04.0502 3944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
12:27:04.0502 3944  C:\Windows\System32\seclogon.dll - ok
12:27:04.0502 3944  [ 81CC0C058106D66AC2447F733A0E5C00 ] C:\Program Files\Internet Explorer\sqmapi.dll
12:27:04.0502 3944  C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:27:04.0518 3944  [ 50D9949020E02B847CD48F1243FCB895 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
12:27:04.0518 3944  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
12:27:04.0518 3944  [ 6951736D01DB9FB6316277B801208B9B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll
12:27:04.0518 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll - ok
12:27:04.0518 3944  [ 25D23E5A5A627CC718E478B66AD8AFF7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll
12:27:04.0518 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll - ok
12:27:04.0518 3944  [ EBAD8A4D048ED257E4A45F6356541F86 ] C:\Windows\System32\ieapfltr.dll
12:27:04.0518 3944  C:\Windows\System32\ieapfltr.dll - ok
12:27:04.0518 3944  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
12:27:04.0518 3944  C:\Windows\System32\msimtf.dll - ok
12:27:04.0534 3944  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:27:04.0534 3944  C:\Windows\System32\mlang.dll - ok
12:27:04.0534 3944  [ B608BA52FA1FD29BF81B718818246B4D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
12:27:04.0534 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll - ok
12:27:04.0534 3944  [ C676E5EA388AF7C4C031F56F9B42E362 ] C:\Windows\System32\d2d1.dll
12:27:04.0534 3944  C:\Windows\System32\d2d1.dll - ok
12:27:04.0534 3944  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
12:27:04.0534 3944  C:\Windows\System32\drivers\srvnet.sys - ok
12:27:04.0534 3944  [ 1755023407FDE00D9916505A557569D5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll
12:27:04.0534 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll - ok
12:27:04.0534 3944  [ DD85F00EC31F77315AE992B7B0411D65 ] C:\Windows\System32\DWrite.dll
12:27:04.0534 3944  C:\Windows\System32\DWrite.dll - ok
12:27:04.0549 3944  [ ADF9F919E10832746ED516230420F749 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll
12:27:04.0549 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll - ok
12:27:04.0549 3944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
12:27:04.0549 3944  C:\Windows\System32\drivers\tcpipreg.sys - ok
12:27:04.0549 3944  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
12:27:04.0549 3944  C:\Windows\System32\wbem\WMIsvc.dll - ok
12:27:04.0549 3944  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
12:27:04.0549 3944  C:\Windows\System32\wbemcomn.dll - ok
12:27:04.0549 3944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
12:27:04.0549 3944  C:\Windows\System32\sysmain.dll - ok
12:27:04.0565 3944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
12:27:04.0565 3944  C:\Windows\System32\wiaservc.dll - ok
12:27:04.0565 3944  [ 14BF6B3AB327D519ED007CDDC56F6900 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:27:04.0565 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
12:27:04.0565 3944  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:27:04.0565 3944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
12:27:04.0565 3944  C:\Windows\System32\trkwks.dll - ok
12:27:04.0565 3944  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\fastprox.dll - ok
12:27:04.0565 3944  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:27:04.0580 3944  [ 3BA13294EE41A3A1EDED05F8FACC7516 ] C:\Windows\System32\atiumd64.dll
12:27:04.0580 3944  C:\Windows\System32\atiumd64.dll - ok
12:27:04.0580 3944  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
12:27:04.0580 3944  C:\Windows\System32\wiatrace.dll - ok
12:27:04.0580 3944  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:27:04.0580 3944  C:\Windows\System32\ntdsapi.dll - ok
12:27:04.0580 3944  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\wbemprox.dll - ok
12:27:04.0580 3944  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\wbemcore.dll - ok
12:27:04.0580 3944  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\esscli.dll - ok
12:27:04.0596 3944  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\wbemsvc.dll - ok
12:27:04.0596 3944  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\wmiutils.dll - ok
12:27:04.0596 3944  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\repdrvfs.dll - ok
12:27:04.0596 3944  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
12:27:04.0596 3944  C:\Windows\System32\wsdchngr.dll - ok
12:27:04.0596 3944  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
12:27:04.0596 3944  C:\Windows\SysWOW64\cabinet.dll - ok
12:27:04.0596 3944  [ 3D3A1FA27C458F6C07C509102E8F41A5 ] C:\Windows\System32\CNC330C.DLL
12:27:04.0596 3944  C:\Windows\System32\CNC330C.DLL - ok
12:27:04.0612 3944  [ 10B5362FE389D38BD4DDDABE7DF597E9 ] C:\Windows\System32\CNC330L.DLL
12:27:04.0612 3944  C:\Windows\System32\CNC330L.DLL - ok
12:27:04.0612 3944  [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
12:27:04.0612 3944  C:\Windows\AppPatch\AcGenral.dll - ok
12:27:04.0612 3944  [ A56A3EE04788F69634528CDFB04CA4A4 ] C:\Windows\twain_32\MX330 series\USDRESDE.DLL
12:27:04.0612 3944  C:\Windows\twain_32\MX330 series\USDRESDE.DLL - ok
12:27:04.0612 3944  [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.DLL
12:27:04.0612 3944  C:\Windows\System32\CNHMCA6.DLL - ok
12:27:04.0612 3944  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
12:27:04.0612 3944  C:\Windows\SysWOW64\msacm32.dll - ok
12:27:04.0612 3944  [ D21AB32F16E8DE67D45E5A383B5E52BA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
12:27:04.0612 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll - ok
12:27:04.0627 3944  [ B009D6171147BE129636A49C4178E487 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
12:27:04.0627 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll - ok
12:27:04.0627 3944  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
12:27:04.0627 3944  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
12:27:04.0627 3944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
12:27:04.0627 3944  C:\Windows\System32\drivers\srv2.sys - ok
12:27:04.0627 3944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
12:27:04.0627 3944  C:\Windows\System32\drivers\srv.sys - ok
12:27:04.0627 3944  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
12:27:04.0627 3944  C:\Windows\System32\wscsvc.dll - ok
12:27:04.0627 3944  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
12:27:04.0627 3944  C:\Windows\System32\iphlpsvc.dll - ok
12:27:04.0643 3944  [ 820EBE67AB99F033FDE25B2692157991 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:27:04.0643 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
12:27:04.0643 3944  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
12:27:04.0643 3944  C:\Windows\System32\sqmapi.dll - ok
12:27:04.0643 3944  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
12:27:04.0643 3944  C:\Windows\System32\wdscore.dll - ok
12:27:04.0643 3944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
12:27:04.0643 3944  C:\Windows\System32\srvsvc.dll - ok
12:27:04.0643 3944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
12:27:04.0643 3944  C:\Windows\System32\browser.dll - ok
12:27:04.0643 3944  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
12:27:04.0643 3944  C:\Windows\System32\netmsg.dll - ok
12:27:04.0658 3944  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:27:04.0658 3944  C:\Windows\System32\netcfgx.dll - ok
12:27:04.0658 3944  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
12:27:04.0658 3944  C:\Windows\System32\sscore.dll - ok
12:27:04.0658 3944  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
12:27:04.0658 3944  C:\Windows\System32\clusapi.dll - ok
12:27:04.0658 3944  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
12:27:04.0658 3944  C:\Windows\System32\resutils.dll - ok
12:27:04.0658 3944  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:27:04.0658 3944  C:\Windows\System32\hnetcfg.dll - ok
12:27:04.0658 3944  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
12:27:04.0658 3944  C:\Windows\System32\nci.dll - ok
12:27:04.0674 3944  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
12:27:04.0674 3944  C:\Windows\SysWOW64\wscisvif.dll - ok
12:27:04.0674 3944  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
12:27:04.0674 3944  C:\Windows\SysWOW64\wscapi.dll - ok
12:27:04.0674 3944  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
12:27:04.0674 3944  C:\Windows\System32\hidserv.dll - ok
12:27:04.0674 3944  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:27:04.0674 3944  C:\Windows\System32\npmproxy.dll - ok
12:27:04.0674 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
12:27:04.0674 3944  C:\Windows\System32\wdi.dll - ok
12:27:04.0674 3944  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
12:27:04.0674 3944  C:\Windows\System32\wpdbusenum.dll - ok
12:27:04.0690 3944  [ 292C00C33786517F2AE57CDF990A0D56 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
12:27:04.0690 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe - ok
12:27:04.0690 3944  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
12:27:04.0690 3944  C:\Windows\System32\appinfo.dll - ok
12:27:04.0690 3944  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
12:27:04.0690 3944  C:\Windows\System32\diagperf.dll - ok
12:27:04.0690 3944  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
12:27:04.0690 3944  C:\Windows\System32\perftrack.dll - ok
12:27:04.0690 3944  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:27:04.0690 3944  C:\Windows\System32\PortableDeviceApi.dll - ok
12:27:04.0690 3944  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:27:04.0690 3944  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:27:04.0705 3944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
12:27:04.0705 3944  C:\Windows\System32\drivers\WUDFRd.sys - ok
12:27:04.0705 3944  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
12:27:04.0705 3944  C:\Windows\System32\Apphlpdm.dll - ok
12:27:04.0705 3944  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
12:27:04.0705 3944  C:\Windows\System32\pnpts.dll - ok
12:27:04.0705 3944  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
12:27:04.0705 3944  C:\Windows\System32\wdiasqmmodule.dll - ok
12:27:04.0705 3944  [ E45CC81B9DFA24B1A0A8ECAAD33E8030 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
12:27:04.0705 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
12:27:04.0705 3944  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
12:27:04.0705 3944  C:\Windows\System32\radardt.dll - ok
12:27:04.0721 3944  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
12:27:04.0721 3944  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
12:27:04.0721 3944  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:27:04.0721 3944  C:\Windows\System32\NapiNSP.dll - ok
12:27:04.0721 3944  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:27:04.0721 3944  C:\Windows\System32\pnrpnsp.dll - ok
12:27:04.0721 3944  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:27:04.0721 3944  C:\Windows\System32\winrnr.dll - ok
12:27:04.0721 3944  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:27:04.0721 3944  C:\Windows\System32\runonce.exe - ok
12:27:04.0721 3944  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
12:27:04.0721 3944  C:\Windows\System32\drivers\WUDFPf.sys - ok
12:27:04.0736 3944  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
12:27:04.0736 3944  C:\Windows\System32\WUDFSvc.dll - ok
12:27:04.0736 3944  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:27:04.0736 3944  C:\Windows\SysWOW64\runonce.exe - ok
12:27:04.0736 3944  [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
12:27:04.0736 3944  C:\Windows\System32\WUDFHost.exe - ok
12:27:04.0736 3944  [ 66F9DC09831B0B00272794E3C7E40755 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
12:27:04.0736 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
12:27:04.0736 3944  [ 66DD03D42EB4C1EBDAB89B48A9DA8760 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
12:27:04.0736 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
12:27:04.0736 3944  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
12:27:04.0736 3944  C:\Windows\SysWOW64\wscproxystub.dll - ok
12:27:04.0752 3944  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
12:27:04.0752 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
12:27:04.0752 3944  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
12:27:04.0752 3944  C:\Windows\System32\WUDFx.dll - ok
12:27:04.0752 3944  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
12:27:04.0752 3944  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
12:27:04.0752 3944  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
12:27:04.0752 3944  C:\Windows\System32\WMVCORE.DLL - ok
12:27:04.0752 3944  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
12:27:04.0752 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
12:27:04.0752 3944  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
12:27:04.0752 3944  C:\Windows\System32\WMASF.DLL - ok
12:27:04.0768 3944  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
12:27:04.0768 3944  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
12:27:04.0768 3944  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:27:04.0768 3944  C:\Windows\System32\PortableDeviceTypes.dll - ok
12:27:04.0768 3944  [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
12:27:04.0768 3944  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
12:27:04.0768 3944  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
12:27:04.0768 3944  C:\Windows\System32\dimsjob.dll - ok
12:27:04.0768 3944  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
12:27:04.0768 3944  C:\Windows\System32\pautoenr.dll - ok
12:27:04.0768 3944  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
12:27:04.0768 3944  C:\Windows\System32\certcli.dll - ok
12:27:04.0783 3944  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
12:27:04.0783 3944  C:\Windows\System32\CertEnroll.dll - ok
12:27:04.0783 3944  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
12:27:04.0783 3944  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
12:27:04.0783 3944  C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll - ok
12:27:04.0783 3944  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
12:27:04.0783 3944  [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
12:27:04.0799 3944  [ E4561704CBFA193761743E5AF746C669 ] C:\Windows\SysWOW64\msxml3.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\msxml3.dll - ok
12:27:04.0799 3944  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
12:27:04.0799 3944  C:\Windows\SysWOW64\cmd.exe - ok
12:27:04.0799 3944  [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe
12:27:04.0799 3944  C:\Windows\System32\conhost.exe - ok
12:27:04.0799 3944  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\winbrand.dll - ok
12:27:04.0799 3944  [ 2AFBB91BBD2378933B26E6D68C140D1B ] C:\Windows\SysWOW64\ieframe.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\ieframe.dll - ok
12:27:04.0799 3944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
12:27:04.0799 3944  C:\Windows\System32\aelupsvc.dll - ok
12:27:04.0814 3944  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
12:27:04.0814 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:27:04.0814 3944  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll
12:27:04.0814 3944  C:\Windows\SysWOW64\shdocvw.dll - ok
12:27:04.0814 3944  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:27:04.0814 3944  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
12:27:04.0814 3944  C:\Windows\System32\ncobjapi.dll - ok
12:27:04.0814 3944  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\wbemess.dll - ok
12:27:04.0814 3944  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\NCProv.dll - ok
12:27:04.0830 3944  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
12:27:04.0830 3944  C:\Windows\System32\wuapi.dll - ok
12:27:04.0830 3944  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
12:27:04.0830 3944  C:\Windows\System32\wups.dll - ok
12:27:04.0830 3944  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Gerhard\AppData\Local\Temp\DBF34486-CAE9-4C85-8886-E8AABFD135B9.exe
12:27:04.0830 3944  C:\Users\Gerhard\AppData\Local\Temp\DBF34486-CAE9-4C85-8886-E8AABFD135B9.exe - ok
12:27:04.0830 3944  [ A054EA8FBE16D4D34F06D81A4F0088E2 ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:27:04.0830 3944  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\EhStorShell.dll - ok
12:27:04.0830 3944  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\ntshrui.dll - ok
12:27:04.0846 3944  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
12:27:04.0846 3944  C:\Windows\SysWOW64\slc.dll - ok
12:27:04.0846 3944  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
12:27:04.0846 3944  C:\Windows\SysWOW64\imageres.dll - ok
12:27:04.0846 3944  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
12:27:04.0846 3944  C:\Windows\System32\SensApi.dll - ok
12:27:04.0846 3944  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:27:04.0846 3944  C:\Windows\System32\timedate.cpl - ok
12:27:04.0846 3944  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:27:04.0846 3944  C:\Windows\System32\actxprxy.dll - ok
12:27:04.0846 3944  [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll
12:27:04.0846 3944  C:\Windows\System32\shdocvw.dll - ok
12:27:04.0846 3944  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:27:04.0846 3944  C:\Windows\System32\linkinfo.dll - ok
12:27:04.0861 3944  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:27:04.0861 3944  C:\Windows\System32\msiltcfg.dll - ok
12:27:04.0861 3944  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:27:04.0861 3944  C:\Windows\System32\msftedit.dll - ok
12:27:04.0861 3944  [ 2EBD0C5B090125AECF017C57344C45AB ] C:\Windows\System32\msls31.dll
12:27:04.0861 3944  C:\Windows\System32\msls31.dll - ok
12:27:04.0861 3944  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:27:04.0861 3944  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:27:04.0861 3944  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
12:27:04.0861 3944  C:\Windows\System32\gameux.dll - ok
12:27:04.0861 3944  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
12:27:04.0861 3944  C:\Windows\System32\thumbcache.dll - ok
12:27:04.0877 3944  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:27:04.0877 3944  C:\Windows\System32\DeviceCenter.dll - ok
12:27:04.0877 3944  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:27:04.0877 3944  C:\Windows\System32\networkexplorer.dll - ok
12:27:04.0877 3944  [ F78E0F53F2C2A78EE8E2EABA72AAC8FE ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
12:27:04.0877 3944  C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe - ok
12:27:04.0877 3944  [ 9AA2F3401F9610F1352DB52F66A447B6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
12:27:04.0877 3944  C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe - ok
12:27:04.0877 3944  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
12:27:04.0877 3944  C:\Windows\System32\rundll32.exe - ok
12:27:04.0877 3944  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:27:04.0877 3944  C:\Windows\System32\mscoree.dll - ok
12:27:04.0892 3944  [ D44067027714CC58B8AB0AC38FDA1A0B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:27:04.0892 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:27:04.0892 3944  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
12:27:04.0892 3944  C:\Windows\System32\UIAnimation.dll - ok
12:27:04.0892 3944  [ 15B7225BBA691E4CF8A3D06238D46AE6 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
12:27:04.0892 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
12:27:04.0892 3944  [ DA6C4B5FEEEA4DC7162B5D0C055EB967 ] C:\Windows\System32\imaadp32.acm
12:27:04.0892 3944  C:\Windows\System32\imaadp32.acm - ok
12:27:04.0892 3944  [ 241B07FF7F5943B9C1BF3235F49AC1E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:27:04.0892 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
12:27:04.0892 3944  [ AF49D1C79EA49A7833017F290EE63B82 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
12:27:04.0892 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
12:27:04.0908 3944  [ 1C81E1BEA4847F406BBDB74D19721CE6 ] C:\Windows\System32\msg711.acm
12:27:04.0908 3944  C:\Windows\System32\msg711.acm - ok
12:27:04.0908 3944  [ E5B9A2FA94D21C44DA2B898DC326B0C2 ] C:\Windows\System32\msgsm32.acm
12:27:04.0908 3944  C:\Windows\System32\msgsm32.acm - ok
12:27:04.0908 3944  [ 329FEB3452982A377726DEDAFE9BBDF0 ] C:\Windows\System32\msadp32.acm
12:27:04.0908 3944  C:\Windows\System32\msadp32.acm - ok
12:27:04.0908 3944  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
12:27:04.0908 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
12:27:04.0908 3944  [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
12:27:04.0908 3944  C:\Windows\System32\l3codeca.acm - ok
12:27:04.0924 3944  [ 81FB155132AE12BA18119D5B36A85476 ] C:\Windows\System32\msvcr110_clr0400.dll
12:27:04.0924 3944  C:\Windows\System32\msvcr110_clr0400.dll - ok
12:27:04.0924 3944  [ 4BADC3411348BA8AC7EE6EFCA08ACB3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
12:27:04.0924 3944  [ 75AA0D543EE4D4A3E5C000FCE97C95B5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
12:27:04.0924 3944  [ 31F48225EBCB7ACB5D3DC1C0113677F0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
12:27:04.0924 3944  [ 2C268A7EFE01F7D6292CA29E68803D8E ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe - ok
12:27:04.0924 3944  [ 07AB567D0CE7F5BC08CDB5BFB86CE5F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
12:27:04.0939 3944  [ 0ABC50FDB2E1A5ECA26AEFE942CF273B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll - ok
12:27:04.0939 3944  [ 58FE3DB8D7653404E4B8DF496042F594 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
12:27:04.0939 3944  [ 1D5744CDB2FF4C8F8ECDF321FFE986CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
12:27:04.0939 3944  [ 217B3D0C387328A6DA5C7782BDD2909E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
12:27:04.0939 3944  [ 6A776B4D1B0A88BF9717E3F8EC312786 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
12:27:04.0939 3944  [ A2CB5EFE22B024E8D6F029314D5855C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
12:27:04.0955 3944  [ C4811C73C651A1312C56E5B851DFA2A4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
12:27:04.0955 3944  [ E30A686A17B95F11DF396025DA10E82B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
12:27:04.0955 3944  [ 65060E078CC53E5C8F572F62E8F1D586 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
12:27:04.0955 3944  [ 1D76889EDA45FD47840C2E89C486A59A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
12:27:04.0955 3944  [ B81737A402CA1BCEC7CDD33261E0D820 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll
12:27:04.0955 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll - ok
12:27:04.0955 3944  [ B3319F02D96299F3B63A7B998B1F3174 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
12:27:04.0970 3944  [ 3BDA50E1839E245BD83534F8DEAF9DFD ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
12:27:04.0970 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
12:27:04.0970 3944  [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\srclient.dll - ok
12:27:04.0970 3944  [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\spp.dll - ok
12:27:04.0970 3944  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\vssapi.dll - ok
12:27:04.0970 3944  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\vsstrace.dll - ok
12:27:04.0970 3944  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:27:04.0986 3944  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:27:04.0986 3944  C:\Windows\SysWOW64\duser.dll - ok
12:27:04.0986 3944  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:27:04.0986 3944  C:\Windows\SysWOW64\dui70.dll - ok
12:27:04.0986 3944  [ 3C611E94321D6A82EB4C5BCD34FC9F5D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
12:27:04.0986 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
12:27:04.0986 3944  [ FE085839DF8AF76F958F0184E5C173B6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll
12:27:04.0986 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll - ok
12:27:04.0986 3944  [ F2F7EED54D0970CACE9A579A562AFA7A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll
12:27:04.0986 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll - ok
12:27:04.0986 3944  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\11332078.sys
12:27:04.0986 3944  C:\Windows\System32\drivers\11332078.sys - ok
12:27:05.0002 3944  [ 36AC61A25AFD4929DB8C1675A036C62A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll - ok
12:27:05.0002 3944  [ B64B27F93EE12D85F80F6F1E21975A09 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll - ok
12:27:05.0002 3944  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:27:05.0002 3944  C:\Windows\System32\stobject.dll - ok
12:27:05.0002 3944  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:27:05.0002 3944  C:\Windows\System32\batmeter.dll - ok
12:27:05.0002 3944  [ BAD20F3207CE3BE87053B23B5A68879E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll - ok
12:27:05.0002 3944  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:27:05.0002 3944  C:\Windows\System32\prnfldr.dll - ok
12:27:05.0017 3944  [ 22F7DE8F3E33AA52A80855B590464DFA ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
12:27:05.0017 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
12:27:05.0017 3944  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:27:05.0017 3944  C:\Windows\System32\DXP.dll - ok
12:27:05.0017 3944  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:27:05.0017 3944  C:\Windows\System32\Syncreg.dll - ok
12:27:05.0017 3944  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:27:05.0017 3944  C:\Windows\ehome\ehSSO.dll - ok
12:27:05.0017 3944  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:27:05.0017 3944  C:\Windows\System32\netshell.dll - ok
12:27:05.0017 3944  [ A6D7A403246862BF7D2C90219C5F5664 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll
12:27:05.0017 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll - ok
12:27:05.0033 3944  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:27:05.0033 3944  C:\Windows\System32\AltTab.dll - ok
12:27:05.0033 3944  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:27:05.0033 3944  C:\Windows\System32\WPDShServiceObj.dll - ok
12:27:05.0033 3944  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
12:27:05.0033 3944  C:\Windows\System32\SearchIndexer.exe - ok
12:27:05.0033 3944  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:27:05.0033 3944  C:\Windows\System32\pnidui.dll - ok
12:27:05.0033 3944  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:27:05.0033 3944  C:\Windows\System32\QUTIL.DLL - ok
12:27:05.0033 3944  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
12:27:05.0033 3944  C:\Windows\System32\cscobj.dll - ok
12:27:05.0048 3944  [ 20F4C672A75F86E670EE8B965C6F0BBA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll
12:27:05.0048 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll - ok
12:27:05.0048 3944  [ 4D339C075EA6E3B65EE90246929E05CE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll
12:27:05.0048 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll - ok
12:27:05.0048 3944  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
12:27:05.0048 3944  C:\Windows\System32\tquery.dll - ok
12:27:05.0048 3944  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:27:05.0048 3944  C:\Windows\System32\srchadmin.dll - ok
12:27:05.0048 3944  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
12:27:05.0048 3944  C:\Windows\System32\mssrch.dll - ok
12:27:05.0048 3944  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:27:05.0048 3944  C:\Windows\System32\ActionCenter.dll - ok
12:27:05.0064 3944  [ 0D239F4AC6ADAE0413BBB25687CDD363 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
12:27:05.0064 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
12:27:05.0064 3944  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
12:27:05.0064 3944  C:\Windows\System32\msidle.dll - ok
12:27:05.0064 3944  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
12:27:05.0064 3944  C:\Windows\System32\mssprxy.dll - ok
12:27:05.0064 3944  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:27:05.0064 3944  C:\Windows\System32\netman.dll - ok
12:27:05.0064 3944  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:27:05.0064 3944  C:\Windows\System32\rasdlg.dll - ok
12:27:05.0064 3944  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:27:05.0064 3944  C:\Windows\System32\mprapi.dll - ok
12:27:05.0080 3944  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:27:05.0080 3944  C:\Windows\System32\dot3api.dll - ok
12:27:05.0080 3944  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:27:05.0080 3944  C:\Windows\System32\eappcfg.dll - ok
12:27:05.0080 3944  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:27:05.0080 3944  C:\Windows\System32\wlanhlp.dll - ok
12:27:05.0080 3944  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:27:05.0080 3944  C:\Windows\System32\wlanapi.dll - ok
12:27:05.0080 3944  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:27:05.0080 3944  C:\Windows\System32\wlanutil.dll - ok
12:27:05.0080 3944  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:27:05.0080 3944  C:\Windows\System32\onex.dll - ok
12:27:05.0095 3944  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:27:05.0095 3944  C:\Windows\System32\eappprxy.dll - ok
12:27:05.0095 3944  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:27:05.0095 3944  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:27:05.0095 3944  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:27:05.0095 3944  C:\Windows\System32\WWanAPI.dll - ok
12:27:05.0095 3944  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:27:05.0095 3944  C:\Windows\System32\wwapi.dll - ok
12:27:05.0095 3944  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
12:27:05.0095 3944  C:\Windows\System32\riched20.dll - ok
12:27:05.0095 3944  [ 33B4BBFDB017D48CFDFE77BF88A53A99 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll
12:27:05.0095 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll - ok
12:27:05.0111 3944  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:27:05.0111 3944  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:27:05.0111 3944  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:27:05.0111 3944  C:\Windows\System32\QAGENT.DLL - ok
12:27:05.0111 3944  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:27:05.0111 3944  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:27:05.0111 3944  [ E1B029A730548B18FACE500EE46F659B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll
12:27:05.0111 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll - ok
12:27:05.0111 3944  [ 3CF6F418BF0BDB5450058030277D34AE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
12:27:05.0111 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
12:27:05.0126 3944  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:27:05.0126 3944  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\netprofm.dll - ok
12:27:05.0126 3944  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\nlaapi.dll - ok
12:27:05.0126 3944  [ BDE8ABC23E3C970058B4DC9E260B45F0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
12:27:05.0126 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
12:27:05.0126 3944  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\npmproxy.dll - ok
12:27:05.0126 3944  [ 08588BE486850D6D24D3844A421E60CD ] C:\Program Files (x86)\KeePass Password Safe 2\KeePassLibC64.dll
12:27:05.0126 3944  C:\Program Files (x86)\KeePass Password Safe 2\KeePassLibC64.dll - ok
12:27:05.0142 3944  [ 09FFF8FEE891ED820DD95428E091EA94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
12:27:05.0142 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
12:27:05.0142 3944  [ 90444850B11F7515BAE08E241E3395F6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll
12:27:05.0142 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll - ok
12:27:05.0142 3944  [ 2A53408152061A87E75A8E83486C73D4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll
12:27:05.0142 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll - ok
12:27:05.0142 3944  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:27:05.0142 3944  C:\Windows\System32\FXSST.dll - ok
12:27:05.0142 3944  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
12:27:05.0142 3944  C:\Windows\SysWOW64\wshqos.dll - ok
12:27:05.0142 3944  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:27:05.0142 3944  C:\Windows\System32\FXSAPI.dll - ok
12:27:05.0158 3944  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
12:27:05.0158 3944  C:\Windows\System32\SearchProtocolHost.exe - ok
12:27:05.0158 3944  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
12:27:05.0158 3944  C:\Windows\System32\msshooks.dll - ok
12:27:05.0158 3944  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:27:05.0158 3944  C:\Windows\System32\FXSRESM.dll - ok
12:27:05.0158 3944  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
12:27:05.0158 3944  C:\Windows\System32\SearchFilterHost.exe - ok
12:27:05.0158 3944  [ 3CF0B79908798CD359C042BB007857C0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\a6153cf4b7a0d2e5c0f4f3e02de99150\System.Security.ni.dll
12:27:05.0158 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\a6153cf4b7a0d2e5c0f4f3e02de99150\System.Security.ni.dll - ok
12:27:05.0158 3944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:27:05.0158 3944  C:\Windows\System32\FXSSVC.exe - ok
12:27:05.0173 3944  [ F00AE7B953ABEF1B53FBBA187DFC8238 ] C:\Windows\System32\webcheck.dll
12:27:05.0173 3944  C:\Windows\System32\webcheck.dll - ok
12:27:05.0173 3944  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
12:27:05.0173 3944  C:\Windows\System32\mssph.dll - ok
12:27:05.0173 3944  [ 381406A98CFBCDEB8D464652CD48B90D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\61550457e267014f3e78ff876e8ceafc\System.ServiceModel.ni.dll
12:27:05.0173 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\61550457e267014f3e78ff876e8ceafc\System.ServiceModel.ni.dll - ok
12:27:05.0173 3944  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:27:05.0173 3944  C:\Windows\System32\SyncCenter.dll - ok
12:27:05.0173 3944  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
12:27:05.0173 3944  C:\Windows\System32\mapi32.dll - ok
12:27:05.0173 3944  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
12:27:05.0173 3944  C:\Windows\System32\wmdrmdev.dll - ok
12:27:05.0189 3944  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
12:27:05.0189 3944  C:\Windows\System32\drmv2clt.dll - ok
12:27:05.0189 3944  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
12:27:05.0189 3944  C:\Windows\System32\blackbox.dll - ok
12:27:05.0189 3944  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:27:05.0189 3944  C:\Windows\System32\imapi2.dll - ok
12:27:05.0189 3944  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
12:27:05.0189 3944  C:\Windows\System32\upnp.dll - ok
12:27:05.0189 3944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
12:27:05.0189 3944  C:\Windows\System32\ssdpsrv.dll - ok
12:27:05.0189 3944  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:27:05.0189 3944  C:\Windows\System32\hgcpl.dll - ok
12:27:05.0189 3944  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
12:27:05.0189 3944  C:\Windows\System32\NaturalLanguage6.dll - ok
12:27:05.0204 3944  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
12:27:05.0204 3944  C:\Windows\System32\fdPHost.dll - ok
12:27:05.0204 3944  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
12:27:05.0204 3944  C:\Windows\System32\fdWSD.dll - ok
12:27:05.0204 3944  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
12:27:05.0204 3944  C:\Windows\System32\fdSSDP.dll - ok
12:27:05.0204 3944  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
12:27:05.0204 3944  C:\Windows\System32\fdProxy.dll - ok
12:27:05.0204 3944  [ 164647BBD819458CE5AA8A8C097B83AC ] C:\Windows\System32\NlsData0007.dll
12:27:05.0204 3944  C:\Windows\System32\NlsData0007.dll - ok
12:27:05.0204 3944  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
12:27:05.0204 3944  C:\Windows\System32\ListSvc.dll - ok
12:27:05.0220 3944  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
12:27:05.0220 3944  C:\Windows\System32\P2P.dll - ok
12:27:05.0220 3944  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
12:27:05.0220 3944  C:\Windows\System32\IdListen.dll - ok
12:27:05.0220 3944  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
12:27:05.0220 3944  C:\Windows\System32\hgprint.dll - ok
12:27:05.0220 3944  [ 37A2FBCBD0AF846BEF609CBEB61EEA68 ] C:\Windows\System32\NlsLexicons0007.dll
12:27:05.0220 3944  C:\Windows\System32\NlsLexicons0007.dll - ok
12:27:05.0220 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
12:27:05.0220 3944  C:\Windows\System32\pnrpsvc.dll - ok
12:27:05.0220 3944  [ 4F963F80888646BBAFDAE3102D759C85 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:27:05.0220 3944  C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:27:05.0236 3944  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
12:27:05.0236 3944  C:\Windows\System32\P2PGraph.dll - ok
12:27:05.0236 3944  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
12:27:05.0236 3944  C:\Windows\System32\p2psvc.dll - ok
12:27:05.0236 3944  [ 8CBBB27369F9F07BC5E874E750EAF9D0 ] C:\Windows\System32\wmp.dll
12:27:05.0236 3944  C:\Windows\System32\wmp.dll - ok
12:27:05.0236 3944  [ AB272BBFB05A8585C3405EFA9F605774 ] C:\Windows\System32\wmploc.DLL
12:27:05.0236 3944  C:\Windows\System32\wmploc.DLL - ok
12:27:05.0236 3944  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
12:27:05.0236 3944  C:\Windows\System32\wmpps.dll - ok
12:27:05.0236 3944  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
12:27:05.0236 3944  C:\Windows\System32\wmpmde.dll - ok
12:27:05.0251 3944  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
12:27:05.0251 3944  C:\Windows\System32\WinSATAPI.dll - ok
12:27:05.0251 3944  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
12:27:05.0251 3944  C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:27:05.0251 3944  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
12:27:05.0251 3944  C:\Windows\System32\devenum.dll - ok
12:27:05.0251 3944  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
12:27:05.0251 3944  C:\Windows\System32\msdmo.dll - ok
12:27:05.0251 3944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
12:27:05.0251 3944  C:\Windows\System32\upnphost.dll - ok
12:27:05.0251 3944  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:27:05.0251 3944  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:27:05.0267 3944  [ 576999A364DB2F7AFBBDF4498C72D011 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\97f38be538d81ae29ee2fc7df6a5ee62\System.Data.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\97f38be538d81ae29ee2fc7df6a5ee62\System.Data.ni.dll - ok
12:27:05.0267 3944  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
12:27:05.0267 3944  C:\Windows\System32\wbem\wmiprov.dll - ok
12:27:05.0267 3944  [ 6F2E907125848D3011C66715873378EE ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
12:27:05.0267 3944  C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
12:27:05.0267 3944  [ DBFC838A986EE65B20F78B71780D1F9C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll - ok
12:27:05.0267 3944  [ E4133869739DAED94DFDEF982318CED8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll - ok
12:27:05.0267 3944  [ 1C9B6B2BEEE77D616AB0FD020FE53680 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\18aff3aa7e94bcce5f9e245aeefbbff3\System.Xml.Linq.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\18aff3aa7e94bcce5f9e245aeefbbff3\System.Xml.Linq.ni.dll - ok
12:27:05.0282 3944  [ F1148BE820DFC7E6FB51DF5E67495443 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\c30adaed66244bca283e31931b87a02c\SMDiagnostics.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\c30adaed66244bca283e31931b87a02c\SMDiagnostics.ni.dll - ok
12:27:05.0282 3944  [ 20E8EDA8D706887645374DA4D31D9FF0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\41b1ad2cede1ea3ca12eb3e6ab801f94\System.ServiceModel.Internals.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\41b1ad2cede1ea3ca12eb3e6ab801f94\System.ServiceModel.Internals.ni.dll - ok
12:27:05.0282 3944  [ 2E45B25D5D5F683EB3EBA179976343F0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\9d50adefc85b474397c742aee943a409\System.ServiceModel.Web.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\9d50adefc85b474397c742aee943a409\System.ServiceModel.Web.ni.dll - ok
12:27:05.0282 3944  [ DA49ABBB37E23A62178A84112E4E35DD ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\4b7a906cdb595be192973212e752d9c5\System.IdentityModel.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\4b7a906cdb595be192973212e752d9c5\System.IdentityModel.ni.dll - ok
12:27:05.0282 3944  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
12:27:05.0282 3944  C:\Windows\SysWOW64\msv1_0.dll - ok
12:27:05.0298 3944  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
12:27:05.0298 3944  C:\Windows\SysWOW64\cryptdll.dll - ok
12:27:05.0298 3944  [ 3EE877BDA6C2A64316CABA06F49A9EDE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
12:27:05.0298 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll - ok
12:27:05.0298 3944  [ F8F69B15EA0C42812B7FA6079F8DD9C9 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
12:27:05.0298 3944  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
12:27:05.0298 3944  [ 17D4F16B8B0E2DF855C2F91CD8C17F44 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Services.Interface.ProtoBufService.Dto.dll
12:27:05.0298 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Services.Interface.ProtoBufService.Dto.dll - ok
12:27:05.0298 3944  [ C5A169A35C7F0D503BB68F8B4A8FFBDE ] C:\Program Files (x86)\Garmin\Core Update Service\protobuf-net.dll
12:27:05.0298 3944  C:\Program Files (x86)\Garmin\Core Update Service\protobuf-net.dll - ok
12:27:05.0298 3944  [ 58370BC7DAD40271B0A39845C26F7469 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\9a5f2133b9d4738948dfcf7ebcb82e3e\PresentationFramework.Aero.ni.dll
12:27:05.0298 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\9a5f2133b9d4738948dfcf7ebcb82e3e\PresentationFramework.Aero.ni.dll - ok
12:27:05.0314 3944  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
12:27:05.0314 3944  C:\Windows\System32\d3d9.dll - ok
12:27:05.0314 3944  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
12:27:05.0314 3944  C:\Windows\System32\d3d8thk.dll - ok
12:27:05.0314 3944  [ 62C66F1D84D4405E7ECE5011C6DC6944 ] C:\Windows\System32\atiumd6a.dll
12:27:05.0314 3944  C:\Windows\System32\atiumd6a.dll - ok
12:27:05.0314 3944  [ B2D17C246D94F3CA8097195042F2F5D5 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\a041ca8cc604314c67e218842a591568\PresentationFramework-SystemXml.ni.dll
12:27:05.0314 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\a041ca8cc604314c67e218842a591568\PresentationFramework-SystemXml.ni.dll - ok
12:27:05.0314 3944  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
12:27:05.0314 3944  C:\Windows\System32\udhisapi.dll - ok
12:27:05.0314 3944  ============================================================
12:27:05.0314 3944  Scan finished
12:27:05.0314 3944  ============================================================
12:27:05.0329 3820  Detected object count: 1
12:27:05.0329 3820  Actual detected object count: 1
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 - ok
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
12:27:41.0334 3588  Deinitialize success



#5 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 05:52 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

TDSSKiller.2.8.16.0_26.04.2014_12.29.47_log.txt

12:29:47.0358 3308  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:29:51.0566 3308  ============================================================
12:29:51.0566 3308  Current date / time: 2014/04/26 12:29:51.0566
12:29:51.0566 3308  SystemInfo:
12:29:51.0566 3308  
12:29:51.0566 3308  OS Version: 6.1.7601 ServicePack: 1.0
12:29:51.0566 3308  Product type: Workstation
12:29:51.0566 3308  ComputerName: TERRAX
12:29:51.0566 3308  UserName: Gerhard
12:29:51.0566 3308  Windows directory: C:\Windows
12:29:51.0566 3308  System windows directory: C:\Windows
12:29:51.0566 3308  Running under WOW64
12:29:51.0566 3308  Processor architecture: Intel x64
12:29:51.0566 3308  Number of processors: 2
12:29:51.0566 3308  Page size: 0x1000
12:29:51.0566 3308  Boot type: Normal boot
12:29:51.0566 3308  ============================================================
12:29:52.0868 3308  BG loaded
12:29:53.0836 3308  Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:29:53.0836 3308  Drive \Device\Harddisk1\DR1 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:29:53.0836 3308  ============================================================
12:29:53.0836 3308  \Device\Harddisk0\DR0:
12:29:53.0851 3308  MBR partitions:
12:29:53.0851 3308  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x253B4000
12:29:53.0851 3308  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x253B4800, BlocksNum 0x254A2800
12:29:53.0851 3308  \Device\Harddisk1\DR1:
12:29:53.0851 3308  MBR partitions:
12:29:53.0851 3308  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6590000
12:29:53.0851 3308  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6590800, BlocksNum 0x442C6000
12:29:53.0851 3308  ============================================================
12:29:54.0132 3308  C: <-> \Device\Harddisk0\DR0\Partition1
12:29:54.0288 3308  D: <-> \Device\Harddisk1\DR1\Partition1
12:29:54.0366 3308  E: <-> \Device\Harddisk0\DR0\Partition2
12:29:54.0382 3308  F: <-> \Device\Harddisk1\DR1\Partition2
12:29:54.0382 3308  ============================================================
12:29:54.0382 3308  Initialize success
12:29:54.0382 3308  ============================================================

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

However Avira still gives me warnings:

 

"Der Zugriff auf die Datei 'C:\Users\Gerhard\AppData\Local\fiolgor.dll mit dem Virus oder dem unerwünschten Programm 'TR/Downloader.A.2438' wurde blockiert."

I guess that my problem is not yet solved?

 

Sorry, I had to split up the posts as the log files were too long.

Thanks for you reply,

best

Slay80



#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 26 April 2014 - 05:52 AM

Hi Slay80,

 

You are welcome. I believe the malware Avira is reported has been removed, but can you confirm whether Avira still reports BOO/Cidox.B or not.

You will need to copy TDSSKiller.2.8.16.0_26.04.2014_12.26.14_log.txt again as the last part of the log is cut off (I really need the detections and what was found, so copy the last few lines if the log is too long).

 

We cross posted, once you confirm whether Avira still detects Cidox and the TDSSKiller detections we will move onto any other problems.

 

xXToffeeXx~


Edited by xXToffeeXx, 26 April 2014 - 05:57 AM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 05:59 AM

Hi Toffee,

 

I had to split TDSSKiller.2.8.16.0_26.04.2014_12.26.14_log.txt as it is too long for a post. So here again in two parts:

 

12:26:14.0262 3616  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:26:17.0453 3616  ============================================================
12:26:17.0453 3616  Current date / time: 2014/04/26 12:26:17.0453
12:26:17.0453 3616  SystemInfo:
12:26:17.0453 3616  
12:26:17.0453 3616  OS Version: 6.1.7601 ServicePack: 1.0
12:26:17.0453 3616  Product type: Workstation
12:26:17.0453 3616  ComputerName: TERRAX
12:26:17.0453 3616  UserName: Gerhard
12:26:17.0453 3616  Windows directory: C:\Windows
12:26:17.0453 3616  System windows directory: C:\Windows
12:26:17.0453 3616  Running under WOW64
12:26:17.0453 3616  Processor architecture: Intel x64
12:26:17.0453 3616  Number of processors: 2
12:26:17.0453 3616  Page size: 0x1000
12:26:17.0453 3616  Boot type: Normal boot
12:26:17.0453 3616  ============================================================
12:26:19.0331 3616  BG loaded
12:26:19.0924 3616  Drive \Device\Harddisk0\DR0 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:19.0940 3616  Drive \Device\Harddisk1\DR1 - Size: 0x950AF4DE00 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:19.0955 3616  ============================================================
12:26:19.0955 3616  \Device\Harddisk0\DR0:
12:26:19.0955 3616  MBR partitions:
12:26:19.0955 3616  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x253B4000
12:26:19.0955 3616  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x253B4800, BlocksNum 0x254A2800
12:26:19.0955 3616  \Device\Harddisk1\DR1:
12:26:19.0955 3616  MBR partitions:
12:26:19.0955 3616  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6590000
12:26:19.0955 3616  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6590800, BlocksNum 0x442C6000
12:26:19.0955 3616  ============================================================
12:26:20.0033 3616  C: <-> \Device\Harddisk0\DR0\Partition1
12:26:20.0049 3616  D: <-> \Device\Harddisk1\DR1\Partition1
12:26:20.0174 3616  E: <-> \Device\Harddisk0\DR0\Partition2
12:26:20.0189 3616  F: <-> \Device\Harddisk1\DR1\Partition2
12:26:20.0189 3616  ============================================================
12:26:20.0189 3616  Initialize success
12:26:20.0189 3616  ============================================================
12:26:31.0614 3944  ============================================================
12:26:31.0614 3944  Scan started
12:26:31.0614 3944  Mode: Manual; SigCheck; TDLFS;
12:26:31.0614 3944  ============================================================
12:26:34.0680 3944  ================ Scan system memory ========================
12:26:34.0680 3944  System memory - ok
12:26:34.0680 3944  ================ Scan services =============================
12:26:34.0780 3944  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:26:34.0850 3944  1394ohci - ok
12:26:34.0880 3944  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:26:34.0900 3944  ACPI - ok
12:26:34.0900 3944  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:26:34.0960 3944  AcpiPmi - ok
12:26:35.0040 3944  [ C2CE3311D2477B1B24CFB67020AD49B6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:35.0070 3944  AdobeFlashPlayerUpdateSvc - ok
12:26:35.0130 3944  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:26:35.0158 3944  adp94xx - ok
12:26:35.0158 3944  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:26:35.0189 3944  adpahci - ok
12:26:35.0189 3944  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:26:35.0220 3944  adpu320 - ok
12:26:35.0252 3944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:26:35.0361 3944  AeLookupSvc - ok
12:26:35.0392 3944  [ 79059559E89D06E8B80CE2944BE20228 ] AFD             C:\Windows\system32\drivers\afd.sys
12:26:35.0439 3944  AFD - ok
12:26:35.0470 3944  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
12:26:35.0486 3944  agp440 - ok
12:26:35.0486 3944  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
12:26:35.0548 3944  ALG - ok
12:26:35.0595 3944  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:26:35.0595 3944  aliide - ok
12:26:35.0657 3944  [ D696F317BD465A602566F8E1DCCE15F7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:26:35.0704 3944  AMD External Events Utility - ok
12:26:35.0720 3944  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
12:26:35.0735 3944  amdide - ok
12:26:35.0766 3944  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:26:35.0798 3944  AmdK8 - ok
12:26:35.0813 3944  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:26:35.0844 3944  AmdPPM - ok
12:26:35.0860 3944  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:26:35.0891 3944  amdsata - ok
12:26:35.0954 3944  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:26:35.0969 3944  amdsbs - ok
12:26:36.0000 3944  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:26:36.0016 3944  amdxata - ok
12:26:36.0094 3944  [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:26:36.0110 3944  AntiVirSchedulerService - ok
12:26:36.0141 3944  [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:26:36.0156 3944  AntiVirService - ok
12:26:36.0234 3944  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
12:26:36.0375 3944  AppID - ok
12:26:36.0390 3944  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:26:36.0468 3944  AppIDSvc - ok
12:26:36.0484 3944  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
12:26:36.0578 3944  Appinfo - ok
12:26:36.0656 3944  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:26:36.0702 3944  AppMgmt - ok
12:26:36.0749 3944  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:26:36.0780 3944  arc - ok
12:26:36.0843 3944  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:26:36.0858 3944  arcsas - ok
12:26:36.0968 3944  [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:26:37.0014 3944  aspnet_state - ok
12:26:37.0046 3944  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:37.0077 3944  AsyncMac - ok
12:26:37.0108 3944  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
12:26:37.0124 3944  atapi - ok
12:26:37.0233 3944  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:26:37.0311 3944  atikmdag - ok
12:26:37.0358 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:26:37.0420 3944  AudioEndpointBuilder - ok
12:26:37.0436 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:26:37.0467 3944  AudioSrv - ok
12:26:37.0498 3944  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:26:37.0514 3944  avgntflt - ok
12:26:37.0514 3944  [ C3A58DBD18786C338126D30BF8C33D72 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:26:37.0529 3944  avipbb - ok
12:26:37.0576 3944  [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:26:37.0592 3944  avkmgr - ok
12:26:37.0623 3944  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:26:37.0779 3944  AxInstSV - ok
12:26:37.0826 3944  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:26:37.0904 3944  b06bdrv - ok
12:26:37.0935 3944  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:26:37.0982 3944  b57nd60a - ok
12:26:38.0013 3944  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:26:38.0060 3944  BDESVC - ok
12:26:38.0075 3944  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:26:38.0122 3944  Beep - ok
12:26:38.0184 3944  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
12:26:38.0231 3944  BFE - ok
12:26:38.0262 3944  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
12:26:38.0325 3944  BITS - ok
12:26:38.0356 3944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:26:38.0372 3944  blbdrive - ok
12:26:38.0418 3944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:26:38.0450 3944  bowser - ok
12:26:38.0465 3944  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:26:38.0512 3944  BrFiltLo - ok
12:26:38.0512 3944  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:26:38.0528 3944  BrFiltUp - ok
12:26:38.0590 3944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
12:26:38.0621 3944  Browser - ok
12:26:38.0637 3944  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:26:38.0684 3944  Brserid - ok
12:26:38.0699 3944  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:26:38.0730 3944  BrSerWdm - ok
12:26:38.0730 3944  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:26:38.0777 3944  BrUsbMdm - ok
12:26:38.0777 3944  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:26:38.0808 3944  BrUsbSer - ok
12:26:38.0808 3944  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:26:38.0840 3944  BTHMODEM - ok
12:26:38.0871 3944  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
12:26:38.0918 3944  bthserv - ok
12:26:38.0933 3944  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:26:38.0964 3944  cdfs - ok
12:26:38.0996 3944  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:26:39.0027 3944  cdrom - ok
12:26:39.0058 3944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:26:39.0105 3944  CertPropSvc - ok
12:26:39.0136 3944  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:26:39.0152 3944  circlass - ok
12:26:39.0183 3944  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
12:26:39.0198 3944  CLFS - ok
12:26:39.0245 3944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:39.0261 3944  clr_optimization_v2.0.50727_32 - ok
12:26:39.0292 3944  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:26:39.0308 3944  clr_optimization_v2.0.50727_64 - ok
12:26:39.0370 3944  [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:39.0510 3944  clr_optimization_v4.0.30319_32 - ok
12:26:39.0526 3944  [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:26:39.0588 3944  clr_optimization_v4.0.30319_64 - ok
12:26:39.0620 3944  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:26:39.0635 3944  CmBatt - ok
12:26:39.0651 3944  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:26:39.0666 3944  cmdide - ok
12:26:39.0744 3944  [ EBF28856F69CF094A902F884CF989706 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:26:39.0791 3944  CNG - ok
12:26:39.0807 3944  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:26:39.0822 3944  Compbatt - ok
12:26:39.0869 3944  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:26:39.0932 3944  CompositeBus - ok
12:26:39.0947 3944  COMSysApp - ok
12:26:39.0963 3944  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:26:39.0978 3944  crcdisk - ok
12:26:40.0041 3944  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:26:40.0088 3944  CryptSvc - ok
12:26:40.0119 3944  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
12:26:40.0150 3944  CSC - ok
12:26:40.0181 3944  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
12:26:40.0212 3944  CscService - ok
12:26:40.0244 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:26:40.0290 3944  DcomLaunch - ok
12:26:40.0353 3944  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
12:26:40.0415 3944  defragsvc - ok
12:26:40.0462 3944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:26:40.0509 3944  DfsC - ok
12:26:40.0587 3944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:26:40.0680 3944  Dhcp - ok
12:26:40.0712 3944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
12:26:40.0774 3944  discache - ok
12:26:40.0790 3944  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:26:40.0805 3944  Disk - ok
12:26:40.0836 3944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:26:40.0914 3944  Dnscache - ok
12:26:40.0961 3944  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:26:41.0039 3944  dot3svc - ok
12:26:41.0086 3944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
12:26:41.0164 3944  DPS - ok
12:26:41.0226 3944  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:26:41.0320 3944  drmkaud - ok
12:26:41.0351 3944  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:26:41.0367 3944  DXGKrnl - ok
12:26:41.0398 3944  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
12:26:41.0476 3944  EapHost - ok
12:26:41.0601 3944  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:26:41.0757 3944  ebdrv - ok
12:26:41.0794 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS             C:\Windows\System32\lsass.exe
12:26:41.0836 3944  EFS - ok
12:26:41.0965 3944  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:26:42.0091 3944  ehRecvr - ok
12:26:42.0121 3944  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
12:26:42.0182 3944  ehSched - ok
12:26:42.0292 3944  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:26:42.0370 3944  elxstor - ok
12:26:42.0385 3944  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:26:42.0401 3944  ErrDev - ok
12:26:42.0479 3944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
12:26:42.0526 3944  EventSystem - ok
12:26:42.0541 3944  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
12:26:42.0588 3944  exfat - ok
12:26:42.0604 3944  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:26:42.0666 3944  fastfat - ok
12:26:42.0713 3944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
12:26:42.0760 3944  Fax - ok
12:26:42.0760 3944  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:26:42.0775 3944  fdc - ok
12:26:42.0791 3944  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
12:26:42.0838 3944  fdPHost - ok
12:26:42.0838 3944  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:26:42.0884 3944  FDResPub - ok
12:26:42.0900 3944  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:26:42.0916 3944  FileInfo - ok
12:26:42.0931 3944  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:26:42.0962 3944  Filetrace - ok
12:26:42.0978 3944  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:26:42.0994 3944  flpydisk - ok
12:26:43.0009 3944  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:26:43.0040 3944  FltMgr - ok
12:26:43.0087 3944  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
12:26:43.0134 3944  FontCache - ok
12:26:43.0181 3944  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:26:43.0196 3944  FontCache3.0.0.0 - ok
12:26:43.0196 3944  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:26:43.0212 3944  FsDepends - ok
12:26:43.0243 3944  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:26:43.0243 3944  Fs_Rec - ok
12:26:43.0290 3944  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:26:43.0321 3944  fvevol - ok
12:26:43.0337 3944  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:26:43.0352 3944  gagp30kx - ok
12:26:43.0446 3944  [ 8FC1230DBCCEB7016A4F183D4808D335 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:26:43.0493 3944  Garmin Core Update Service - ok
12:26:43.0524 3944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
12:26:43.0586 3944  gpsvc - ok
12:26:43.0618 3944  [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
12:26:43.0618 3944  grmnusb - ok
12:26:43.0696 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:43.0711 3944  gupdate - ok
12:26:43.0711 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:26:43.0727 3944  gupdatem - ok
12:26:43.0742 3944  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:26:43.0774 3944  hcw85cir - ok
12:26:43.0805 3944  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:26:43.0836 3944  HdAudAddService - ok
12:26:43.0883 3944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:26:43.0898 3944  HDAudBus - ok
12:26:43.0898 3944  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:26:43.0914 3944  HidBatt - ok
12:26:43.0914 3944  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:26:43.0945 3944  HidBth - ok
12:26:43.0945 3944  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:26:43.0976 3944  HidIr - ok
12:26:43.0992 3944  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
12:26:44.0023 3944  hidserv - ok
12:26:44.0054 3944  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:26:44.0070 3944  HidUsb - ok
12:26:44.0086 3944  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:26:44.0148 3944  hkmsvc - ok
12:26:44.0164 3944  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:26:44.0210 3944  HomeGroupListener - ok
12:26:44.0226 3944  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:26:44.0257 3944  HomeGroupProvider - ok
12:26:44.0288 3944  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:26:44.0320 3944  HpSAMD - ok
12:26:44.0366 3944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:26:44.0413 3944  HTTP - ok
12:26:44.0429 3944  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:26:44.0444 3944  hwpolicy - ok
12:26:44.0460 3944  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:26:44.0476 3944  i8042prt - ok
12:26:44.0491 3944  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:26:44.0522 3944  iaStorV - ok
12:26:44.0585 3944  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:26:44.0632 3944  idsvc - ok
12:26:44.0632 3944  IEEtwCollectorService - ok
12:26:44.0647 3944  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:26:44.0663 3944  iirsp - ok
12:26:44.0694 3944  [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT          C:\Windows\System32\ikeext.dll
12:26:44.0725 3944  IKEEXT - ok
12:26:44.0756 3944  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
12:26:44.0772 3944  intelide - ok
12:26:44.0788 3944  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:26:44.0803 3944  intelppm - ok
12:26:44.0834 3944  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:26:44.0881 3944  IPBusEnum - ok
12:26:44.0912 3944  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:26:44.0944 3944  IpFilterDriver - ok
12:26:44.0959 3944  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:26:45.0006 3944  iphlpsvc - ok
12:26:45.0022 3944  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:26:45.0037 3944  IPMIDRV - ok
12:26:45.0053 3944  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:26:45.0100 3944  IPNAT - ok
12:26:45.0115 3944  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:26:45.0162 3944  IRENUM - ok
12:26:45.0162 3944  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:26:45.0178 3944  isapnp - ok
12:26:45.0209 3944  [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:26:45.0240 3944  iScsiPrt - ok
12:26:45.0256 3944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:26:45.0271 3944  kbdclass - ok
12:26:45.0287 3944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:26:45.0318 3944  kbdhid - ok
12:26:45.0334 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso          C:\Windows\system32\lsass.exe
12:26:45.0334 3944  KeyIso - ok
12:26:45.0365 3944  [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:26:45.0380 3944  KSecDD - ok
12:26:45.0380 3944  [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:26:45.0396 3944  KSecPkg - ok
12:26:45.0412 3944  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:26:45.0443 3944  ksthunk - ok
12:26:45.0474 3944  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:26:45.0521 3944  KtmRm - ok
12:26:45.0568 3944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:26:45.0599 3944  LanmanServer - ok
12:26:45.0630 3944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:26:45.0677 3944  LanmanWorkstation - ok
12:26:45.0708 3944  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:26:45.0755 3944  lltdio - ok
12:26:45.0786 3944  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:26:45.0833 3944  lltdsvc - ok
12:26:45.0848 3944  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:26:45.0880 3944  lmhosts - ok
12:26:45.0895 3944  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:26:45.0911 3944  LSI_FC - ok
12:26:45.0911 3944  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:26:45.0926 3944  LSI_SAS - ok
12:26:45.0926 3944  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:26:45.0942 3944  LSI_SAS2 - ok
12:26:45.0958 3944  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:26:45.0973 3944  LSI_SCSI - ok
12:26:45.0973 3944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
12:26:46.0020 3944  luafv - ok
12:26:46.0036 3944  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:26:46.0082 3944  Mcx2Svc - ok
12:26:46.0082 3944  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:26:46.0098 3944  megasas - ok
12:26:46.0098 3944  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:26:46.0129 3944  MegaSR - ok
12:26:46.0270 3944  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:26:46.0301 3944  Microsoft Office Groove Audit Service - ok
12:26:46.0316 3944  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
12:26:46.0363 3944  MMCSS - ok
12:26:46.0379 3944  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
12:26:46.0457 3944  Modem - ok
12:26:46.0457 3944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:26:46.0472 3944  monitor - ok
12:26:46.0519 3944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
12:26:46.0535 3944  mouclass - ok
12:26:46.0550 3944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:26:46.0566 3944  mouhid - ok
12:26:46.0613 3944  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:26:46.0628 3944  mountmgr - ok
12:26:46.0691 3944  [ AEE4E9CC59CDEB55B1ECB0E596E796BE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:26:46.0706 3944  MozillaMaintenance - ok
12:26:46.0738 3944  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:26:46.0753 3944  mpio - ok
12:26:46.0784 3944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:26:46.0816 3944  mpsdrv - ok
12:26:46.0878 3944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:26:46.0940 3944  MpsSvc - ok
12:26:46.0972 3944  [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:26:46.0987 3944  MRxDAV - ok
12:26:47.0018 3944  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:26:47.0081 3944  mrxsmb - ok
12:26:47.0081 3944  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:26:47.0112 3944  mrxsmb10 - ok
12:26:47.0128 3944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:26:47.0143 3944  mrxsmb20 - ok
12:26:47.0190 3944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:26:47.0206 3944  msahci - ok
12:26:47.0221 3944  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:26:47.0239 3944  msdsm - ok
12:26:47.0249 3944  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
12:26:47.0279 3944  MSDTC - ok
12:26:47.0289 3944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:26:47.0320 3944  Msfs - ok
12:26:47.0320 3944  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:26:47.0371 3944  mshidkmdf - ok
12:26:47.0401 3944  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:26:47.0411 3944  msisadrv - ok
12:26:47.0437 3944  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:26:47.0496 3944  MSiSCSI - ok
12:26:47.0496 3944  msiserver - ok
12:26:47.0526 3944  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:26:47.0561 3944  MSKSSRV - ok
12:26:47.0579 3944  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:26:47.0610 3944  MSPCLOCK - ok
12:26:47.0610 3944  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:26:47.0657 3944  MSPQM - ok
12:26:47.0672 3944  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:26:47.0704 3944  MsRPC - ok
12:26:47.0719 3944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:26:47.0719 3944  mssmbios - ok
12:26:47.0735 3944  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:26:47.0844 3944  MSTEE - ok
12:26:47.0844 3944  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:26:47.0875 3944  MTConfig - ok
12:26:47.0906 3944  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:26:47.0922 3944  Mup - ok
12:26:47.0953 3944  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
12:26:48.0000 3944  napagent - ok
12:26:48.0031 3944  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:26:48.0078 3944  NativeWifiP - ok
12:26:48.0125 3944  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:26:48.0156 3944  NDIS - ok
12:26:48.0172 3944  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:26:48.0203 3944  NdisCap - ok
12:26:48.0218 3944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:26:48.0265 3944  NdisTapi - ok
12:26:48.0281 3944  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:26:48.0328 3944  Ndisuio - ok
12:26:48.0343 3944  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:26:48.0421 3944  NdisWan - ok
12:26:48.0452 3944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:26:48.0546 3944  NDProxy - ok
12:26:48.0562 3944  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:26:48.0624 3944  NetBIOS - ok
12:26:48.0655 3944  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:26:48.0686 3944  NetBT - ok
12:26:48.0702 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon        C:\Windows\system32\lsass.exe
12:26:48.0702 3944  Netlogon - ok
12:26:48.0749 3944  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
12:26:48.0796 3944  Netman - ok
12:26:48.0827 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0874 3944  NetMsmqActivator - ok
12:26:48.0889 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0889 3944  NetPipeActivator - ok
12:26:48.0905 3944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
12:26:48.0952 3944  netprofm - ok
12:26:48.0967 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0983 3944  NetTcpActivator - ok
12:26:48.0983 3944  [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:26:48.0998 3944  NetTcpPortSharing - ok
12:26:49.0014 3944  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:26:49.0030 3944  nfrd960 - ok
12:26:49.0092 3944  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:26:49.0154 3944  NlaSvc - ok
12:26:49.0154 3944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:26:49.0186 3944  Npfs - ok
12:26:49.0217 3944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
12:26:49.0264 3944  nsi - ok
12:26:49.0264 3944  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:26:49.0310 3944  nsiproxy - ok
12:26:49.0373 3944  [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:26:49.0435 3944  Ntfs - ok
12:26:49.0466 3944  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
12:26:49.0498 3944  Null - ok
12:26:49.0576 3944  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:26:49.0607 3944  nvraid - ok
12:26:49.0622 3944  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:26:49.0638 3944  nvstor - ok
12:26:49.0654 3944  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:26:49.0669 3944  nv_agp - ok
12:26:49.0747 3944  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:26:49.0778 3944  odserv - ok
12:26:49.0810 3944  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:26:49.0825 3944  ohci1394 - ok
12:26:49.0856 3944  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:26:49.0872 3944  ose - ok
12:26:49.0919 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:26:49.0950 3944  p2pimsvc - ok
12:26:49.0966 3944  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:26:49.0981 3944  p2psvc - ok
12:26:50.0012 3944  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:26:50.0028 3944  Parport - ok
12:26:50.0044 3944  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:26:50.0059 3944  partmgr - ok
12:26:50.0075 3944  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:26:50.0106 3944  PcaSvc - ok
12:26:50.0122 3944  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
12:26:50.0137 3944  pci - ok
12:26:50.0168 3944  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
12:26:50.0200 3944  pciide - ok
12:26:50.0215 3944  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:26:50.0231 3944  pcmcia - ok
12:26:50.0231 3944  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:26:50.0246 3944  pcw - ok
12:26:50.0356 3944  [ 20372BE109FEE1C37E2D5216680DB9EB ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
12:26:50.0402 3944  PDF Architect Helper Service - ok
12:26:50.0480 3944  [ B90A279073A815A4AA2C45A09EE004FA ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
12:26:50.0512 3944  PDF Architect Service - ok
12:26:50.0558 3944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:26:50.0621 3944  PEAUTH - ok
12:26:50.0652 3944  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:26:50.0730 3944  PeerDistSvc - ok
12:26:50.0792 3944  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:26:50.0824 3944  PerfHost - ok
12:26:50.0886 3944  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
12:26:50.0948 3944  pla - ok
12:26:50.0980 3944  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:26:51.0011 3944  PlugPlay - ok
12:26:51.0026 3944  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:26:51.0058 3944  PNRPAutoReg - ok
12:26:51.0058 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:26:51.0073 3944  PNRPsvc - ok
12:26:51.0104 3944  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:26:51.0151 3944  PolicyAgent - ok
12:26:51.0167 3944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
12:26:51.0214 3944  Power - ok
12:26:51.0229 3944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:26:51.0276 3944  PptpMiniport - ok
12:26:51.0292 3944  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:26:51.0307 3944  Processor - ok
12:26:51.0338 3944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:26:51.0370 3944  ProfSvc - ok
12:26:51.0385 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\Windows\system32\lsass.exe
12:26:51.0385 3944  ProtectedStorage - ok
12:26:51.0416 3944  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:26:51.0463 3944  Psched - ok
12:26:51.0572 3944  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:26:51.0635 3944  ql2300 - ok
12:26:51.0650 3944  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:26:51.0666 3944  ql40xx - ok
12:26:51.0682 3944  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
12:26:51.0713 3944  QWAVE - ok
12:26:51.0713 3944  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:26:51.0744 3944  QWAVEdrv - ok
12:26:51.0744 3944  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:26:51.0791 3944  RasAcd - ok
12:26:51.0806 3944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:26:51.0838 3944  RasAgileVpn - ok
12:26:51.0853 3944  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
12:26:51.0947 3944  RasAuto - ok
12:26:51.0994 3944  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:26:52.0025 3944  Rasl2tp - ok
12:26:52.0040 3944  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
12:26:52.0087 3944  RasMan - ok
12:26:52.0087 3944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:26:52.0134 3944  RasPppoe - ok
12:26:52.0134 3944  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:26:52.0181 3944  RasSstp - ok
12:26:52.0212 3944  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:26:52.0274 3944  rdbss - ok
12:26:52.0290 3944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:26:52.0306 3944  rdpbus - ok
12:26:52.0306 3944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:26:52.0337 3944  RDPCDD - ok
12:26:52.0368 3944  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:26:52.0384 3944  RDPDR - ok
12:26:52.0415 3944  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:26:52.0446 3944  RDPENCDD - ok
12:26:52.0462 3944  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:26:52.0508 3944  RDPREFMP - ok
12:26:52.0566 3944  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:26:52.0603 3944  RdpVideoMiniport - ok
12:26:52.0623 3944  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:26:52.0649 3944  RDPWD - ok
12:26:52.0682 3944  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:26:52.0710 3944  rdyboost - ok
12:26:52.0730 3944  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:26:52.0789 3944  RemoteAccess - ok
12:26:52.0806 3944  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:26:52.0854 3944  RemoteRegistry - ok
12:26:52.0864 3944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:26:52.0910 3944  RpcEptMapper - ok
12:26:52.0943 3944  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
12:26:52.0990 3944  RpcLocator - ok
12:26:53.0021 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
12:26:53.0052 3944  RpcSs - ok
12:26:53.0068 3944  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:26:53.0099 3944  rspndr - ok
12:26:53.0146 3944  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:26:53.0177 3944  RTL8167 - ok
12:26:53.0192 3944  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:26:53.0208 3944  s3cap - ok
12:26:53.0224 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs           C:\Windows\system32\lsass.exe
12:26:53.0239 3944  SamSs - ok
12:26:53.0255 3944  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:26:53.0286 3944  sbp2port - ok
12:26:53.0317 3944  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:26:53.0380 3944  SCardSvr - ok
12:26:53.0395 3944  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:26:53.0442 3944  scfilter - ok
12:26:53.0504 3944  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
12:26:53.0551 3944  Schedule - ok
12:26:53.0582 3944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:26:53.0598 3944  SCPolicySvc - ok
12:26:53.0629 3944  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:26:53.0660 3944  SDRSVC - ok
12:26:53.0754 3944  [ 98EF79CC2B07398AC525F9EA1AE0366F ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:26:53.0816 3944  SDScannerService - ok
12:26:53.0863 3944  [ 14BF6B3AB327D519ED007CDDC56F6900 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:26:53.0894 3944  SDUpdateService - ok
12:26:53.0894 3944  [ 820EBE67AB99F033FDE25B2692157991 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:26:53.0910 3944  SDWSCService - ok
12:26:53.0941 3944  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:26:53.0988 3944  secdrv - ok
12:26:54.0019 3944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
12:26:54.0066 3944  seclogon - ok
12:26:54.0082 3944  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
12:26:54.0128 3944  SENS - ok
12:26:54.0144 3944  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:26:54.0175 3944  SensrSvc - ok
12:26:54.0175 3944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:26:54.0191 3944  Serenum - ok
12:26:54.0206 3944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:26:54.0222 3944  Serial - ok
12:26:54.0238 3944  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:26:54.0269 3944  sermouse - ok
12:26:54.0300 3944  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:26:54.0347 3944  SessionEnv - ok
12:26:54.0362 3944  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:26:54.0394 3944  sffdisk - ok
12:26:54.0409 3944  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:26:54.0425 3944  sffp_mmc - ok
12:26:54.0440 3944  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:26:54.0472 3944  sffp_sd - ok
12:26:54.0487 3944  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:26:54.0487 3944  sfloppy - ok
12:26:54.0518 3944  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:26:54.0581 3944  SharedAccess - ok
12:26:54.0612 3944  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:26:54.0643 3944  ShellHWDetection - ok
12:26:54.0659 3944  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:26:54.0674 3944  SiSRaid2 - ok
12:26:54.0674 3944  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:26:54.0690 3944  SiSRaid4 - ok
12:26:54.0752 3944  [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:26:54.0768 3944  SkypeUpdate - ok
12:26:54.0784 3944  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:26:54.0830 3944  Smb - ok
12:26:54.0862 3944  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:26:54.0893 3944  SNMPTRAP - ok
12:26:54.0908 3944  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:26:54.0924 3944  spldr - ok
12:26:54.0955 3944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
12:26:55.0002 3944  Spooler - ok
12:26:55.0096 3944  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
12:26:55.0189 3944  sppsvc - ok
12:26:55.0205 3944  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:26:55.0252 3944  sppuinotify - ok
12:26:55.0314 3944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:26:55.0376 3944  srv - ok
12:26:55.0408 3944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:26:55.0423 3944  srv2 - ok
12:26:55.0454 3944  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:26:55.0470 3944  srvnet - ok
12:26:55.0532 3944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:26:55.0579 3944  SSDPSRV - ok
12:26:55.0579 3944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:26:55.0626 3944  SstpSvc - ok
12:26:55.0642 3944  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:26:55.0657 3944  stexstor - ok
12:26:55.0688 3944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
12:26:55.0735 3944  stisvc - ok
12:26:55.0735 3944  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:26:55.0751 3944  storflt - ok
12:26:55.0782 3944  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:26:55.0813 3944  storvsc - ok
12:26:55.0829 3944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:26:55.0844 3944  swenum - ok
12:26:55.0922 3944  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
12:26:56.0016 3944  swprv - ok
12:26:56.0032 3944  Synth3dVsc - ok
12:26:56.0094 3944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
12:26:56.0141 3944  SysMain - ok
12:26:56.0172 3944  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:26:56.0203 3944  TabletInputService - ok
12:26:56.0219 3944  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:26:56.0266 3944  TapiSrv - ok
12:26:56.0297 3944  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
12:26:56.0328 3944  TBS - ok
12:26:56.0546 3944  [ 40AF23633D197905F03AB5628C558C51 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:26:56.0640 3944  Tcpip - ok
12:26:56.0671 3944  [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:26:56.0702 3944  TCPIP6 - ok
12:26:56.0718 3944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:26:56.0734 3944  tcpipreg - ok
12:26:56.0749 3944  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:26:56.0780 3944  TDPIPE - ok
12:26:56.0796 3944  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:26:56.0812 3944  TDTCP - ok
12:26:56.0843 3944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:26:56.0874 3944  tdx - ok
12:26:56.0905 3944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:26:56.0921 3944  TermDD - ok
12:26:56.0952 3944  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
12:26:57.0030 3944  TermService - ok
12:26:57.0061 3944  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
12:26:57.0077 3944  Themes - ok
12:26:57.0108 3944  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
12:26:57.0155 3944  THREADORDER - ok
12:26:57.0170 3944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
12:26:57.0202 3944  TrkWks - ok
12:26:57.0248 3944  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:26:57.0280 3944  TrustedInstaller - ok
12:26:57.0311 3944  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:26:57.0358 3944  tssecsrv - ok
12:26:57.0404 3944  [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:26:57.0451 3944  TsUsbFlt - ok
12:26:57.0451 3944  tsusbhub - ok
12:26:57.0467 3944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:26:57.0514 3944  tunnel - ok
12:26:57.0545 3944  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:26:57.0560 3944  uagp35 - ok
12:26:57.0576 3944  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:26:57.0623 3944  udfs - ok
12:26:57.0716 3944  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:26:57.0763 3944  UI0Detect - ok
12:26:57.0763 3944  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:26:57.0779 3944  uliagpkx - ok
12:26:57.0826 3944  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
12:26:57.0841 3944  umbus - ok
12:26:57.0857 3944  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:26:57.0872 3944  UmPass - ok
12:26:57.0904 3944  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
12:26:57.0935 3944  UmRdpService - ok
12:26:57.0950 3944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
12:26:57.0997 3944  upnphost - ok
12:26:58.0028 3944  [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:26:58.0075 3944  usbaudio - ok
12:26:58.0091 3944  [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:26:58.0106 3944  usbccgp - ok
12:26:58.0138 3944  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:26:58.0169 3944  usbcir - ok
12:26:58.0200 3944  [ 18A85013A3E0F7E1755365D287443965 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:26:58.0216 3944  usbehci - ok
12:26:58.0231 3944  [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:26:58.0262 3944  usbhub - ok
12:26:58.0278 3944  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:26:58.0294 3944  usbohci - ok
12:26:58.0325 3944  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:26:58.0340 3944  usbprint - ok
12:26:58.0372 3944  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:26:58.0418 3944  usbscan - ok
12:26:58.0434 3944  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:26:58.0465 3944  USBSTOR - ok
12:26:58.0481 3944  [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:26:58.0496 3944  usbuhci - ok
12:26:58.0512 3944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
12:26:58.0559 3944  UxSms - ok
12:26:58.0574 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc        C:\Windows\system32\lsass.exe
12:26:58.0590 3944  VaultSvc - ok
12:26:58.0606 3944  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:26:58.0621 3944  vdrvroot - ok
12:26:58.0637 3944  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
12:26:58.0699 3944  vds - ok
12:26:58.0715 3944  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:26:58.0730 3944  vga - ok
12:26:58.0730 3944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:26:58.0762 3944  VgaSave - ok
12:26:58.0777 3944  VGPU - ok
12:26:58.0824 3944  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:26:58.0840 3944  vhdmp - ok
12:26:58.0855 3944  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:26:58.0871 3944  viaide - ok
12:26:58.0886 3944  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:26:58.0902 3944  vmbus - ok
12:26:58.0918 3944  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:26:58.0933 3944  VMBusHID - ok
12:26:58.0949 3944  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:26:58.0964 3944  volmgr - ok
12:26:58.0980 3944  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:26:58.0996 3944  volmgrx - ok
12:26:59.0011 3944  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:26:59.0027 3944  volsnap - ok
12:26:59.0058 3944  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:26:59.0074 3944  vsmraid - ok
12:26:59.0120 3944  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
12:26:59.0198 3944  VSS - ok
12:26:59.0214 3944  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:26:59.0245 3944  vwifibus - ok
12:26:59.0276 3944  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
12:26:59.0323 3944  W32Time - ok
12:26:59.0323 3944  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:26:59.0354 3944  WacomPen - ok
12:26:59.0401 3944  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0448 3944  WANARP - ok
12:26:59.0448 3944  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:26:59.0479 3944  Wanarpv6 - ok
12:26:59.0526 3944  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
12:26:59.0573 3944  wbengine - ok
12:26:59.0588 3944  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:26:59.0604 3944  WbioSrvc - ok
12:26:59.0635 3944  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:26:59.0666 3944  wcncsvc - ok
12:26:59.0682 3944  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:26:59.0713 3944  WcsPlugInService - ok
12:26:59.0729 3944  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:26:59.0744 3944  Wd - ok
12:26:59.0776 3944  [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:26:59.0807 3944  Wdf01000 - ok
12:26:59.0822 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:26:59.0885 3944  WdiServiceHost - ok
12:26:59.0900 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:26:59.0916 3944  WdiSystemHost - ok
12:26:59.0978 3944  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient       C:\Windows\System32\webclnt.dll
12:27:00.0025 3944  WebClient - ok
12:27:00.0041 3944  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:27:00.0088 3944  Wecsvc - ok
12:27:00.0088 3944  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:27:00.0150 3944  wercplsupport - ok
12:27:00.0166 3944  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:27:00.0197 3944  WerSvc - ok
12:27:00.0244 3944  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:00.0275 3944  WfpLwf - ok
12:27:00.0290 3944  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:27:00.0306 3944  WIMMount - ok
12:27:00.0322 3944  WinDefend - ok
12:27:00.0337 3944  WinHttpAutoProxySvc - ok
12:27:00.0384 3944  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:27:00.0415 3944  Winmgmt - ok
12:27:00.0556 3944  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
12:27:00.0618 3944  WinRM - ok
12:27:00.0649 3944  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
12:27:00.0665 3944  WinUsb - ok
12:27:00.0696 3944  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:27:00.0743 3944  Wlansvc - ok
12:27:00.0758 3944  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:27:00.0790 3944  WmiAcpi - ok
12:27:00.0805 3944  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:27:00.0836 3944  wmiApSrv - ok
12:27:00.0852 3944  WMPNetworkSvc - ok
12:27:00.0852 3944  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:27:00.0883 3944  WPCSvc - ok
12:27:00.0914 3944  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:27:00.0914 3944  WPDBusEnum - ok
12:27:00.0946 3944  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:27:00.0992 3944  ws2ifsl - ok
12:27:01.0008 3944  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
12:27:01.0024 3944  wscsvc - ok
12:27:01.0024 3944  WSearch - ok
12:27:01.0102 3944  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:27:01.0180 3944  wuauserv - ok
12:27:01.0195 3944  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:27:01.0226 3944  WudfPf - ok
12:27:01.0258 3944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:01.0273 3944  WUDFRd - ok
12:27:01.0304 3944  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:27:01.0320 3944  wudfsvc - ok
12:27:01.0336 3944  [ 04F82965C09CBDF646B487E145060301 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:27:01.0382 3944  WwanSvc - ok


12:27:01.0398 3944  ================ Scan global ===============================
12:27:01.0414 3944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:27:01.0460 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:27:01.0476 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:27:01.0523 3944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:27:01.0554 3944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:27:01.0570 3944  [Global] - ok
12:27:01.0570 3944  ================ Scan MBR ==================================
12:27:01.0585 3944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:02.0584 3944  \Device\Harddisk0\DR0 - ok
12:27:02.0584 3944  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
12:27:02.0646 3944  \Device\Harddisk1\DR1 - ok
12:27:02.0646 3944  ================ Scan VBR ==================================
12:27:02.0662 3944  [ 5A3C80711F21A2543A38DE7DFC365D15 ] \Device\Harddisk0\DR0\Partition1
12:27:02.0677 3944  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
12:27:02.0677 3944  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
12:27:02.0708 3944  [ 1B06C49A63F1600C6CE378EB75AA8755 ] \Device\Harddisk0\DR0\Partition2
12:27:02.0724 3944  \Device\Harddisk0\DR0\Partition2 - ok
12:27:02.0724 3944  [ 98D787BB5532543CDA028A42C5517F29 ] \Device\Harddisk1\DR1\Partition1
12:27:02.0724 3944  \Device\Harddisk1\DR1\Partition1 - ok
12:27:02.0724 3944  [ 67A3C569D792D2FD8C316453E6F7AFC3 ] \Device\Harddisk1\DR1\Partition2
12:27:02.0740 3944  \Device\Harddisk1\DR1\Partition2 - ok
12:27:02.0740 3944  ================ Scan active images ========================
12:27:02.0740 3944  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:27:02.0740 3944  C:\Windows\System32\drivers\crashdmp.sys - ok
12:27:02.0740 3944  [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
12:27:02.0740 3944  C:\Windows\System32\drivers\Dumpata.sys - ok
12:27:02.0755 3944  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\dumpfve.sys - ok
12:27:02.0755 3944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\msahci.sys - ok
12:27:02.0755 3944  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\beep.sys - ok
12:27:02.0755 3944  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\cdrom.sys - ok
12:27:02.0755 3944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:27:02.0755 3944  C:\Windows\System32\drivers\vga.sys - ok
12:27:02.0755 3944  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\videoprt.sys - ok
12:27:02.0771 3944  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\watchdog.sys - ok
12:27:02.0771 3944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPCDD.sys - ok
12:27:02.0771 3944  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:27:02.0771 3944  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:27:02.0771 3944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\msfs.sys - ok
12:27:02.0771 3944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:27:02.0771 3944  C:\Windows\System32\drivers\npfs.sys - ok
12:27:02.0786 3944  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\tdi.sys - ok
12:27:02.0786 3944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\tdx.sys - ok
12:27:02.0786 3944  [ 79059559E89D06E8B80CE2944BE20228 ] C:\Windows\System32\drivers\afd.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\afd.sys - ok
12:27:02.0786 3944  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\netbios.sys - ok
12:27:02.0786 3944  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:27:02.0786 3944  C:\Windows\System32\drivers\netbt.sys - ok
12:27:02.0802 3944  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\pacer.sys - ok
12:27:02.0802 3944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\serial.sys - ok
12:27:02.0802 3944  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\wfplwf.sys - ok
12:27:02.0802 3944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\termdd.sys - ok
12:27:02.0802 3944  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\wanarp.sys - ok
12:27:02.0802 3944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
12:27:02.0802 3944  C:\Windows\System32\drivers\discache.sys - ok
12:27:02.0818 3944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\mssmbios.sys - ok
12:27:02.0818 3944  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\nsiproxy.sys - ok
12:27:02.0818 3944  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\rdbss.sys - ok
12:27:02.0818 3944  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\csc.sys - ok
12:27:02.0818 3944  [ C3A58DBD18786C338126D30BF8C33D72 ] C:\Windows\System32\drivers\avipbb.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\avipbb.sys - ok
12:27:02.0818 3944  [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] C:\Windows\System32\drivers\avkmgr.sys
12:27:02.0818 3944  C:\Windows\System32\drivers\avkmgr.sys - ok
12:27:02.0833 3944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\blbdrive.sys - ok
12:27:02.0833 3944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\dfsc.sys - ok
12:27:02.0833 3944  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\intelppm.sys - ok
12:27:02.0833 3944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:27:02.0833 3944  C:\Windows\System32\drivers\tunnel.sys - ok
12:27:02.0833 3944  [ CAAAC014C5C56A69F710B5F1B836DE22 ] C:\Windows\System32\ntdll.dll
12:27:02.0833 3944  C:\Windows\System32\ntdll.dll - ok
12:27:02.0833 3944  [ F0970A4BC8395659C22BF53D0FADF16F ] C:\Windows\System32\smss.exe
12:27:02.0833 3944  C:\Windows\System32\smss.exe - ok
12:27:02.0849 3944  [ 52BD95CAA9CAE8977FE043E9AD6D2D0E ] C:\Windows\System32\drivers\atikmdag.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\atikmdag.sys - ok
12:27:02.0849 3944  [ 88612F1CE3BF42256913BF6E61C70D52 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:27:02.0849 3944  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\dxgmms1.sys - ok
12:27:02.0849 3944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\hdaudbus.sys - ok
12:27:02.0849 3944  [ 18A85013A3E0F7E1755365D287443965 ] C:\Windows\System32\drivers\usbehci.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\usbehci.sys - ok
12:27:02.0849 3944  [ 12FEB33791920678F8433701C822BCFD ] C:\Windows\System32\drivers\usbport.sys
12:27:02.0849 3944  C:\Windows\System32\drivers\usbport.sys - ok
12:27:02.0864 3944  [ DD253AFC3BC6CBA412342DE60C3647F3 ] C:\Windows\System32\drivers\usbuhci.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\usbuhci.sys - ok
12:27:02.0864 3944  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\Rt64win7.sys - ok
12:27:02.0864 3944  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\1394ohci.sys - ok
12:27:02.0864 3944  [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\parport.sys - ok
12:27:02.0864 3944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\serenum.sys - ok
12:27:02.0864 3944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:27:02.0864 3944  C:\Windows\System32\drivers\agilevpn.sys - ok
12:27:02.0880 3944  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\CompositeBus.sys - ok
12:27:02.0880 3944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\ndistapi.sys - ok
12:27:02.0880 3944  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\rasl2tp.sys - ok
12:27:02.0880 3944  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\ndiswan.sys - ok
12:27:02.0880 3944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:27:02.0880 3944  C:\Windows\System32\drivers\raspppoe.sys - ok
12:27:02.0896 3944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\raspptp.sys - ok
12:27:02.0896 3944  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\rassstp.sys - ok
12:27:02.0896 3944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\kbdclass.sys - ok
12:27:02.0896 3944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\mouclass.sys - ok
12:27:02.0896 3944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\rdpbus.sys - ok
12:27:02.0896 3944  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:27:02.0896 3944  C:\Windows\System32\drivers\ks.sys - ok
12:27:02.0911 3944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\swenum.sys - ok
12:27:02.0911 3944  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\umbus.sys - ok
12:27:02.0911 3944  [ 8D1196CFBB223621F2C67D45710F25BA ] C:\Windows\System32\drivers\usbhub.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\usbhub.sys - ok
12:27:02.0911 3944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\ndproxy.sys - ok
12:27:02.0911 3944  [ E0D3CD5841E5C7BE7B94BA946AF1E498 ] C:\Windows\System32\drivers\drmk.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\drmk.sys - ok
12:27:02.0911 3944  [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\HdAudio.sys - ok
12:27:02.0911 3944  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
12:27:02.0911 3944  C:\Windows\System32\drivers\ksthunk.sys - ok
12:27:02.0927 3944  [ 1E0B4CBBA91C6B041A14ECC2186F7E24 ] C:\Windows\System32\drivers\portcls.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\portcls.sys - ok
12:27:02.0927 3944  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:27:02.0927 3944  C:\Windows\System32\autochk.exe - ok
12:27:02.0927 3944  [ 82446D358A9FB51CB9DA32A5C901D7A0 ] C:\Windows\System32\sdnclean64.exe
12:27:02.0927 3944  C:\Windows\System32\sdnclean64.exe - ok
12:27:02.0927 3944  [ 856E76B3641746ABBC2946BED1372098 ] C:\Windows\System32\drivers\hidparse.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\hidparse.sys - ok
12:27:02.0927 3944  [ 63A580C88CFAF72A92550940054569EF ] C:\Windows\System32\advapi32.dll
12:27:02.0927 3944  C:\Windows\System32\advapi32.dll - ok
12:27:02.0927 3944  [ 597C3699384E53CC59587ED50CCE5CA2 ] C:\Windows\System32\drivers\hidclass.sys
12:27:02.0927 3944  C:\Windows\System32\drivers\hidclass.sys - ok
12:27:02.0942 3944  [ 1F8534A19A66275C863DE17645CB2A13 ] C:\Windows\System32\iertutil.dll
12:27:02.0942 3944  C:\Windows\System32\iertutil.dll - ok
12:27:02.0942 3944  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:27:02.0942 3944  C:\Windows\System32\imm32.dll - ok
12:27:02.0942 3944  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:27:02.0942 3944  C:\Windows\System32\psapi.dll - ok
12:27:02.0942 3944  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
12:27:02.0942 3944  C:\Windows\System32\drivers\hidusb.sys - ok
12:27:02.0942 3944  [ FFA06EF43987ED0DD42AD59B260C0C78 ] C:\Windows\System32\drivers\usbd.sys
12:27:02.0942 3944  C:\Windows\System32\drivers\usbd.sys - ok
12:27:02.0942 3944  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:27:02.0942 3944  C:\Windows\System32\clbcatq.dll - ok
12:27:02.0958 3944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
12:27:02.0958 3944  C:\Windows\System32\drivers\mouhid.sys - ok
12:27:02.0958 3944  [ 26036E228D2467DE6975AD819C22C043 ] C:\Windows\System32\rpcrt4.dll
12:27:02.0958 3944  C:\Windows\System32\rpcrt4.dll - ok
12:27:02.0958 3944  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:27:02.0958 3944  C:\Windows\System32\shlwapi.dll - ok
12:27:02.0958 3944  [ 32417AE8280276968E5C551ED85D3525 ] C:\Windows\System32\urlmon.dll
12:27:02.0958 3944  C:\Windows\System32\urlmon.dll - ok
12:27:02.0958 3944  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:27:02.0958 3944  C:\Windows\System32\user32.dll - ok
12:27:02.0958 3944  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:27:02.0958 3944  C:\Windows\System32\difxapi.dll - ok
12:27:02.0974 3944  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
12:27:02.0974 3944  C:\Windows\System32\drivers\USBSTOR.SYS - ok
12:27:02.0974 3944  [ 796B47A4B82EF1C39F13435B88834C48 ] C:\Windows\System32\lpk.dll
12:27:02.0974 3944  C:\Windows\System32\lpk.dll - ok
12:27:02.0974 3944  [ AD662B34B161198B9D66A564EDDA7D43 ] C:\Windows\System32\shell32.dll
12:27:02.0974 3944  C:\Windows\System32\shell32.dll - ok
12:27:02.0974 3944  [ DCA68B0943D6FA415F0C56C92158A83A ] C:\Windows\System32\drivers\usbccgp.sys
12:27:02.0974 3944  C:\Windows\System32\drivers\usbccgp.sys - ok
12:27:02.0974 3944  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
12:27:02.0974 3944  C:\Windows\System32\usp10.dll - ok
12:27:02.0974 3944  [ D2A513EE880D71BDE7F0257F38B9D019 ] C:\Windows\System32\kernel32.dll
12:27:02.0974 3944  C:\Windows\System32\kernel32.dll - ok
12:27:02.0989 3944  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:27:02.0989 3944  C:\Windows\System32\normaliz.dll - ok
12:27:02.0989 3944  [ F220BA78AB542C70211D73AE4729B2CD ] C:\Windows\System32\wininet.dll
12:27:02.0989 3944  C:\Windows\System32\wininet.dll - ok
12:27:02.0989 3944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
12:27:02.0989 3944  C:\Windows\System32\drivers\kbdhid.sys - ok
12:27:02.0989 3944  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:27:02.0989 3944  C:\Windows\System32\ole32.dll - ok
12:27:02.0989 3944  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:27:02.0989 3944  C:\Windows\System32\setupapi.dll - ok
12:27:02.0989 3944  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:27:02.0989 3944  C:\Windows\System32\Wldap32.dll - ok
12:27:03.0005 3944  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:27:03.0005 3944  C:\Windows\System32\msvcrt.dll - ok
12:27:03.0005 3944  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:27:03.0005 3944  C:\Windows\System32\msctf.dll - ok
12:27:03.0005 3944  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:27:03.0005 3944  C:\Windows\System32\nsi.dll - ok
12:27:03.0005 3944  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:27:03.0005 3944  C:\Windows\System32\ws2_32.dll - ok
12:27:03.0005 3944  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:27:03.0005 3944  C:\Windows\System32\comdlg32.dll - ok
12:27:03.0005 3944  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:27:03.0005 3944  C:\Windows\System32\sechost.dll - ok
12:27:03.0020 3944  [ B4F29F65AD3114051F01E9403346047F ] C:\Windows\System32\imagehlp.dll
12:27:03.0020 3944  C:\Windows\System32\imagehlp.dll - ok
12:27:03.0020 3944  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:27:03.0020 3944  C:\Windows\System32\oleaut32.dll - ok
12:27:03.0020 3944  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\System32\comctl32.dll
12:27:03.0020 3944  C:\Windows\System32\comctl32.dll - ok
12:27:03.0020 3944  [ 56325BB1FF19F2A5AC8713756AC41140 ] C:\Windows\System32\gdi32.dll
12:27:03.0020 3944  C:\Windows\System32\gdi32.dll - ok
12:27:03.0020 3944  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:27:03.0020 3944  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:27:03.0020 3944  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:27:03.0020 3944  C:\Windows\System32\cfgmgr32.dll - ok
12:27:03.0020 3944  [ 780F6ECC4F55D76C9730E6B6C9B31913 ] C:\Windows\System32\crypt32.dll
12:27:03.0020 3944  C:\Windows\System32\crypt32.dll - ok
12:27:03.0036 3944  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:27:03.0036 3944  C:\Windows\System32\devobj.dll - ok
12:27:03.0036 3944  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:27:03.0036 3944  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:27:03.0036 3944  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:27:03.0036 3944  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:27:03.0036 3944  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:27:03.0052 3944  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:27:03.0052 3944  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:27:03.0052 3944  [ B22C00ED0491FD7B8803D7DDE2849F4C ] C:\Windows\System32\KernelBase.dll
12:27:03.0052 3944  C:\Windows\System32\KernelBase.dll - ok
12:27:03.0052 3944  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:27:03.0052 3944  C:\Windows\System32\msasn1.dll - ok
12:27:03.0052 3944  [ 959041D7014C97133D859B45BCA0FC58 ] C:\Windows\System32\wintrust.dll
12:27:03.0052 3944  C:\Windows\System32\wintrust.dll - ok
12:27:03.0052 3944  [ 9661DA76B4531B2DA272ECCE25A8AF24 ] C:\Windows\System32\drivers\usbscan.sys
12:27:03.0052 3944  C:\Windows\System32\drivers\usbscan.sys - ok
12:27:03.0052 3944  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
12:27:03.0052 3944  C:\Windows\System32\drivers\usbprint.sys - ok
12:27:03.0052 3944  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:27:03.0052 3944  C:\Windows\SysWOW64\normaliz.dll - ok
12:27:03.0067 3944  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:27:03.0067 3944  C:\Windows\System32\drivers\dxapi.sys - ok
12:27:03.0067 3944  [ E918C0DE5CF2AE6BEDBF387C09627D93 ] C:\Windows\System32\win32k.sys
12:27:03.0067 3944  C:\Windows\System32\win32k.sys - ok
12:27:03.0067 3944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:27:03.0067 3944  C:\Windows\System32\basesrv.dll - ok
12:27:03.0067 3944  [ 216BABD555BC550952320EEA89C25DDF ] C:\Windows\System32\csrsrv.dll
12:27:03.0067 3944  C:\Windows\System32\csrsrv.dll - ok
12:27:03.0067 3944  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:27:03.0067 3944  C:\Windows\System32\csrss.exe - ok
12:27:03.0067 3944  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\System32\winsrv.dll
12:27:03.0067 3944  C:\Windows\System32\winsrv.dll - ok
12:27:03.0083 3944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
12:27:03.0083 3944  C:\Windows\System32\drivers\monitor.sys - ok
12:27:03.0083 3944  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:27:03.0083 3944  C:\Windows\System32\tsddd.dll - ok
12:27:03.0083 3944  [ E38D1691B68FCB6224D69B4D4E25EBF3 ] C:\Windows\System32\KBDGR.DLL
12:27:03.0083 3944  C:\Windows\System32\KBDGR.DLL - ok
12:27:03.0083 3944  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:27:03.0083 3944  C:\Windows\System32\profapi.dll - ok
12:27:03.0083 3944  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:27:03.0083 3944  C:\Windows\System32\RpcRtRemote.dll - ok
12:27:03.0083 3944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:27:03.0083 3944  C:\Windows\System32\sxssrv.dll - ok
12:27:03.0098 3944  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:27:03.0098 3944  C:\Windows\System32\wininit.exe - ok
12:27:03.0098 3944  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
12:27:03.0098 3944  C:\Windows\System32\cdd.dll - ok
12:27:03.0098 3944  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:27:03.0098 3944  C:\Windows\System32\KBDUS.DLL - ok
12:27:03.0098 3944  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:27:03.0098 3944  C:\Windows\System32\WlS0WndH.dll - ok
12:27:03.0098 3944  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:27:03.0098 3944  C:\Windows\System32\sxs.dll - ok
12:27:03.0098 3944  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:27:03.0098 3944  C:\Windows\System32\cryptbase.dll - ok
12:27:03.0114 3944  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:27:03.0114 3944  C:\Windows\System32\apphelp.dll - ok
12:27:03.0114 3944  [ 4D71227301DD8D09097B9E4CC6527E5A ] C:\Windows\System32\lsass.exe
12:27:03.0114 3944  C:\Windows\System32\lsass.exe - ok
12:27:03.0114 3944  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:27:03.0114 3944  C:\Windows\System32\lsm.exe - ok
12:27:03.0114 3944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:27:03.0114 3944  C:\Windows\System32\services.exe - ok
12:27:03.0114 3944  [ B08EA91C774AA734E0B9881F85CD9F42 ] C:\Windows\System32\sspicli.dll
12:27:03.0114 3944  C:\Windows\System32\sspicli.dll - ok
12:27:03.0114 3944  [ 7C46EC9CCDE6E793713FA01DB2EB918E ] C:\Windows\System32\sspisrv.dll
12:27:03.0114 3944  C:\Windows\System32\sspisrv.dll - ok
12:27:03.0130 3944  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:27:03.0130 3944  C:\Windows\System32\sysntfy.dll - ok
12:27:03.0130 3944  [ 086F906B1D30C0A5D35FE0F6362DAB21 ] C:\Windows\System32\lsasrv.dll
12:27:03.0130 3944  C:\Windows\System32\lsasrv.dll - ok
12:27:03.0130 3944  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:27:03.0130 3944  C:\Windows\System32\scesrv.dll - ok
12:27:03.0130 3944  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:27:03.0130 3944  C:\Windows\System32\scext.dll - ok
12:27:03.0130 3944  [ 208EAAFF40DA400190AA0605C797BEA2 ] C:\Windows\System32\secur32.dll
12:27:03.0130 3944  C:\Windows\System32\secur32.dll - ok
12:27:03.0130 3944  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:27:03.0130 3944  C:\Windows\System32\wmsgapi.dll - ok
12:27:03.0130 3944  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:27:03.0130 3944  C:\Windows\System32\samsrv.dll - ok
12:27:03.0145 3944  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:27:03.0145 3944  C:\Windows\System32\srvcli.dll - ok
12:27:03.0145 3944  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:27:03.0145 3944  C:\Windows\System32\cryptdll.dll - ok
12:27:03.0145 3944  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:27:03.0145 3944  C:\Windows\System32\wevtapi.dll - ok
12:27:03.0145 3944  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:27:03.0145 3944  C:\Windows\System32\authz.dll - ok
12:27:03.0145 3944  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:27:03.0145 3944  C:\Windows\System32\cngaudit.dll - ok
12:27:03.0145 3944  [ 747B9BA5412422F27934CB21131F0A3E ] C:\Windows\System32\ncrypt.dll
12:27:03.0145 3944  C:\Windows\System32\ncrypt.dll - ok
12:27:03.0161 3944  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:27:03.0161 3944  C:\Windows\System32\bcrypt.dll - ok
12:27:03.0161 3944  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:27:03.0161 3944  C:\Windows\System32\msprivs.dll - ok
12:27:03.0161 3944  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:27:03.0161 3944  C:\Windows\System32\kerberos.dll - ok
12:27:03.0161 3944  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:27:03.0161 3944  C:\Windows\System32\negoexts.dll - ok
12:27:03.0161 3944  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:27:03.0161 3944  C:\Windows\System32\netjoin.dll - ok
12:27:03.0161 3944  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:27:03.0161 3944  C:\Windows\System32\cryptsp.dll - ok
12:27:03.0176 3944  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:27:03.0176 3944  C:\Windows\System32\msv1_0.dll - ok
12:27:03.0176 3944  [ 9A9F9F1A77D6A80EE28B57664F00013E ] C:\Windows\System32\mswsock.dll
12:27:03.0176 3944  C:\Windows\System32\mswsock.dll - ok
12:27:03.0176 3944  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:27:03.0176 3944  C:\Windows\System32\wship6.dll - ok
12:27:03.0176 3944  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:27:03.0176 3944  C:\Windows\System32\netlogon.dll - ok
12:27:03.0176 3944  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:27:03.0176 3944  C:\Windows\System32\dnsapi.dll - ok
12:27:03.0176 3944  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:27:03.0176 3944  C:\Windows\System32\logoncli.dll - ok
12:27:03.0192 3944  [ 31FFED18C7B836CEC1B559347E32E151 ] C:\Windows\System32\schannel.dll
12:27:03.0192 3944  C:\Windows\System32\schannel.dll - ok
12:27:03.0192 3944  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:27:03.0192 3944  C:\Windows\System32\wdigest.dll - ok
12:27:03.0192 3944  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:27:03.0192 3944  C:\Windows\System32\rsaenh.dll - ok
12:27:03.0192 3944  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:27:03.0192 3944  C:\Windows\System32\TSpkg.dll - ok
12:27:03.0192 3944  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:27:03.0192 3944  C:\Windows\System32\winlogon.exe - ok
12:27:03.0192 3944  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:27:03.0192 3944  C:\Windows\System32\pku2u.dll - ok
12:27:03.0208 3944  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:27:03.0208 3944  C:\Windows\System32\bcryptprimitives.dll - ok
12:27:03.0208 3944  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:27:03.0208 3944  C:\Windows\System32\credssp.dll - ok
12:27:03.0208 3944  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:27:03.0208 3944  C:\Windows\System32\efslsaext.dll - ok
12:27:03.0208 3944  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:27:03.0208 3944  C:\Windows\System32\winsta.dll - ok
12:27:03.0208 3944  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:27:03.0208 3944  C:\Windows\System32\scecli.dll - ok
12:27:03.0208 3944  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:27:03.0208 3944  C:\Windows\System32\ubpm.dll - ok
12:27:03.0223 3944  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
12:27:03.0223 3944  C:\Windows\System32\svchost.exe - ok
12:27:03.0223 3944  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:27:03.0223 3944  C:\Windows\System32\umpnpmgr.dll - ok
12:27:03.0223 3944  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:27:03.0223 3944  C:\Windows\System32\devrtl.dll - ok
12:27:03.0223 3944  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:27:03.0223 3944  C:\Windows\System32\SPInf.dll - ok
12:27:03.0223 3944  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:27:03.0223 3944  C:\Windows\System32\gpapi.dll - ok
12:27:03.0223 3944  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:27:03.0223 3944  C:\Windows\System32\pcwum.dll - ok
12:27:03.0223 3944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:27:03.0223 3944  C:\Windows\System32\umpo.dll - ok
12:27:03.0239 3944  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:27:03.0239 3944  C:\Windows\System32\userenv.dll - ok
12:27:03.0239 3944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
12:27:03.0239 3944  C:\Windows\System32\drivers\luafv.sys - ok
12:27:03.0239 3944  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:27:03.0239 3944  C:\Windows\System32\powrprof.dll - ok
12:27:03.0239 3944  [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] C:\Windows\System32\drivers\avgntflt.sys
12:27:03.0239 3944  C:\Windows\System32\drivers\avgntflt.sys - ok
12:27:03.0239 3944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:27:03.0239 3944  C:\Windows\System32\rpcss.dll - ok
12:27:03.0239 3944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:27:03.0239 3944  C:\Windows\System32\RpcEpMap.dll - ok
12:27:03.0254 3944  [ D696F317BD465A602566F8E1DCCE15F7 ] C:\Windows\System32\atiesrxx.exe
12:27:03.0254 3944  C:\Windows\System32\atiesrxx.exe - ok
12:27:03.0254 3944  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:27:03.0254 3944  C:\Windows\System32\wshqos.dll - ok
12:27:03.0254 3944  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:27:03.0254 3944  C:\Windows\System32\WSHTCPIP.DLL - ok
12:27:03.0254 3944  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:27:03.0254 3944  C:\Windows\System32\FirewallAPI.dll - ok
12:27:03.0254 3944  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:27:03.0254 3944  C:\Windows\System32\wtsapi32.dll - ok
12:27:03.0254 3944  [ 34152997FB906895290E0199AC94B85F ] C:\Windows\System32\authui.dll
12:27:03.0254 3944  C:\Windows\System32\authui.dll - ok
12:27:03.0270 3944  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:27:03.0270 3944  C:\Windows\System32\LogonUI.exe - ok
12:27:03.0270 3944  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:27:03.0270 3944  C:\Windows\System32\version.dll - ok
12:27:03.0270 3944  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:27:03.0270 3944  C:\Windows\System32\wevtsvc.dll - ok
12:27:03.0270 3944  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
12:27:03.0270 3944  C:\Windows\System32\audiosrv.dll - ok
12:27:03.0270 3944  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
12:27:03.0270 3944  C:\Windows\System32\FntCache.dll - ok
12:27:03.0270 3944  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
12:27:03.0270 3944  C:\Windows\System32\mmcss.dll - ok
12:27:03.0286 3944  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:27:03.0286 3944  C:\Windows\System32\MMDevAPI.dll - ok
12:27:03.0286 3944  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:27:03.0286 3944  C:\Windows\System32\propsys.dll - ok
12:27:03.0286 3944  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:27:03.0286 3944  C:\Windows\System32\avrt.dll - ok
12:27:03.0286 3944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:27:03.0286 3944  C:\Windows\System32\profsvc.dll - ok
12:27:03.0286 3944  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:27:03.0286 3944  C:\Windows\System32\adtschema.dll - ok
12:27:03.0286 3944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:27:03.0286 3944  C:\Windows\System32\netprofm.dll - ok
12:27:03.0301 3944  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
12:27:03.0301 3944  C:\Windows\System32\audiodg.exe - ok
12:27:03.0301 3944  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:27:03.0301 3944  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:27:03.0301 3944  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
12:27:03.0301 3944  C:\Windows\System32\WUDFPlatform.dll - ok
12:27:03.0301 3944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:27:03.0301 3944  C:\Windows\System32\MPSSVC.dll - ok
12:27:03.0301 3944  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:27:03.0301 3944  C:\Windows\System32\drivers\fltMgr.sys - ok
12:27:03.0301 3944  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:27:03.0301 3944  C:\Windows\System32\PSHED.DLL - ok
12:27:03.0317 3944  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:27:03.0317 3944  C:\Windows\System32\ntmarta.dll - ok
12:27:03.0317 3944  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
12:27:03.0317 3944  C:\Windows\System32\cscsvc.dll - ok
12:27:03.0317 3944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
12:27:03.0317 3944  C:\Windows\System32\gpsvc.dll - ok
12:27:03.0317 3944  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
12:27:03.0317 3944  C:\Windows\System32\themeservice.dll - ok
12:27:03.0317 3944  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:27:03.0317 3944  C:\Windows\System32\atl.dll - ok
12:27:03.0317 3944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:27:03.0317 3944  C:\Windows\System32\es.dll - ok
12:27:03.0317 3944  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
12:27:03.0317 3944  C:\Windows\System32\comres.dll - ok
12:27:03.0332 3944  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:27:03.0332 3944  C:\Windows\System32\dsrole.dll - ok
12:27:03.0332 3944  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:27:03.0332 3944  C:\Windows\System32\nlaapi.dll - ok
12:27:03.0332 3944  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
12:27:03.0332 3944  C:\Windows\System32\Sens.dll - ok
12:27:03.0332 3944  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:27:03.0332 3944  C:\Windows\System32\slc.dll - ok
12:27:03.0332 3944  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
12:27:03.0332 3944  C:\Windows\System32\PeerDist.dll - ok
12:27:03.0332 3944  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:27:03.0332 3944  C:\Windows\System32\taskschd.dll - ok
12:27:03.0348 3944  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
12:27:03.0348 3944  C:\Windows\System32\mstask.dll - ok
12:27:03.0348 3944  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:27:03.0348 3944  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:27:03.0348 3944  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
12:27:03.0348 3944  C:\Windows\System32\drivers\lltdio.sys - ok
12:27:03.0348 3944  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
12:27:03.0348 3944  C:\Windows\System32\drivers\rspndr.sys - ok
12:27:03.0348 3944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
12:27:03.0348 3944  C:\Windows\System32\uxsms.dll - ok
12:27:03.0348 3944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:27:03.0348 3944  C:\Windows\System32\dhcpcore.dll - ok
12:27:03.0364 3944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:27:03.0364 3944  C:\Windows\System32\dnsrslvr.dll - ok
12:27:03.0364 3944  [ D07EB640618F96490DB88C3CE58DB608 ] C:\Windows\System32\FWPUCLNT.DLL
12:27:03.0364 3944  C:\Windows\System32\FWPUCLNT.DLL - ok
12:27:03.0364 3944  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:27:03.0364 3944  C:\Windows\System32\IPHLPAPI.DLL - ok
12:27:03.0364 3944  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:27:03.0364 3944  C:\Windows\System32\lmhsvc.dll - ok
12:27:03.0364 3944  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:27:03.0364 3944  C:\Windows\System32\nrpsrv.dll - ok
12:27:03.0364 3944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:27:03.0364 3944  C:\Windows\System32\nsisvc.dll - ok
12:27:03.0379 3944  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:27:03.0379 3944  C:\Windows\System32\winnsi.dll - ok
12:27:03.0379 3944  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:27:03.0379 3944  C:\Windows\System32\dhcpcore6.dll - ok
12:27:03.0379 3944  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:27:03.0379 3944  C:\Windows\System32\dnsext.dll - ok
12:27:03.0379 3944  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:27:03.0379 3944  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:27:03.0379 3944  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:27:03.0379 3944  C:\Windows\System32\dhcpcsvc.dll - ok
12:27:03.0379 3944  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
12:27:03.0379 3944  C:\Windows\System32\schedsvc.dll - ok
12:27:03.0395 3944  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
12:27:03.0395 3944  C:\Windows\System32\shsvcs.dll - ok
12:27:03.0395 3944  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:27:03.0395 3944  C:\Windows\System32\dhcpcsvc6.dll - ok
12:27:03.0395 3944  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
12:27:03.0395 3944  C:\Windows\System32\ktmw32.dll - ok
12:27:03.0395 3944  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
12:27:03.0395 3944  C:\Windows\System32\netapi32.dll - ok
12:27:03.0395 3944  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:27:03.0395 3944  C:\Windows\System32\netutils.dll - ok
12:27:03.0395 3944  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:27:03.0395 3944  C:\Windows\System32\wkscli.dll - ok
12:27:03.0410 3944  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:27:03.0410 3944  C:\Windows\System32\xmllite.dll - ok
12:27:03.0410 3944  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
12:27:03.0410 3944  C:\Windows\System32\fveapi.dll - ok
12:27:03.0410 3944  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
12:27:03.0410 3944  C:\Windows\System32\fvecerts.dll - ok
12:27:03.0410 3944  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
12:27:03.0410 3944  C:\Windows\System32\tbs.dll - ok
12:27:03.0410 3944  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:27:03.0410 3944  C:\Windows\System32\cryptui.dll - ok
12:27:03.0410 3944  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:27:03.0410 3944  C:\Windows\System32\samlib.dll - ok
12:27:03.0426 3944  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:27:03.0426 3944  C:\Windows\System32\shacct.dll - ok
12:27:03.0426 3944  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:27:03.0426 3944  C:\Windows\System32\uxtheme.dll - ok
12:27:03.0426 3944  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
12:27:03.0426 3944  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
12:27:03.0426 3944  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:27:03.0426 3944  C:\Windows\System32\dui70.dll - ok
12:27:03.0426 3944  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:27:03.0426 3944  C:\Windows\System32\duser.dll - ok
12:27:03.0426 3944  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:27:03.0426 3944  C:\Windows\System32\wdmaud.drv - ok
12:27:03.0442 3944  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:27:03.0442 3944  C:\Windows\System32\winmm.dll - ok
12:27:03.0442 3944  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:27:03.0442 3944  C:\Windows\System32\ksuser.dll - ok
12:27:03.0442 3944  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:27:03.0442 3944  C:\Windows\System32\SndVolSSO.dll - ok
12:27:03.0442 3944  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
12:27:03.0442 3944  C:\Windows\System32\AudioSes.dll - ok
12:27:03.0442 3944  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:27:03.0442 3944  C:\Windows\System32\dwmapi.dll - ok
12:27:03.0442 3944  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:27:03.0442 3944  C:\Windows\System32\hid.dll - ok
12:27:03.0457 3944  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
12:27:03.0457 3944  C:\Windows\System32\msacm32.dll - ok
12:27:03.0457 3944  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
12:27:03.0457 3944  C:\Windows\System32\msacm32.drv - ok
12:27:03.0457 3944  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
12:27:03.0457 3944  C:\Windows\System32\AudioEng.dll - ok
12:27:03.0457 3944  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
12:27:03.0457 3944  C:\Windows\System32\midimap.dll - ok
12:27:03.0457 3944  [ AFCA5C1ECEAF948FC815178BC077680E ] C:\Windows\System32\WindowsCodecs.dll
12:27:03.0457 3944  C:\Windows\System32\WindowsCodecs.dll - ok
12:27:03.0457 3944  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
12:27:03.0457 3944  C:\Windows\System32\AUDIOKSE.dll - ok
12:27:03.0473 3944  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
12:27:03.0473 3944  C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:27:03.0473 3944  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
12:27:03.0473 3944  C:\Windows\System32\mfplat.dll - ok
12:27:03.0473 3944  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:27:03.0473 3944  C:\Windows\System32\winbrand.dll - ok
12:27:03.0473 3944  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:27:03.0473 3944  C:\Windows\System32\VaultCredProvider.dll - ok
12:27:03.0473 3944  [ 8563BA40DF4F1E93A61B70E2C8B60CF8 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:27:03.0473 3944  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:27:03.0473 3944  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
12:27:03.0473 3944  C:\Windows\System32\BioCredProv.dll - ok
12:27:03.0488 3944  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
12:27:03.0488 3944  C:\Windows\System32\winbio.dll - ok
12:27:03.0488 3944  [ 4403D5ECE7D8323CAF1207D1AA38FA01 ] C:\Windows\System32\credui.dll
12:27:03.0488 3944  C:\Windows\System32\credui.dll - ok
12:27:03.0488 3944  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:27:03.0488 3944  C:\Windows\System32\samcli.dll - ok
12:27:03.0488 3944  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
12:27:03.0488 3944  C:\Windows\System32\vaultcli.dll - ok
12:27:03.0488 3944  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
12:27:03.0488 3944  C:\Windows\System32\certCredProvider.dll - ok
12:27:03.0488 3944  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
12:27:03.0488 3944  C:\Windows\System32\rasplap.dll - ok
12:27:03.0504 3944  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:27:03.0504 3944  C:\Windows\System32\rasapi32.dll - ok
12:27:03.0504 3944  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:27:03.0504 3944  C:\Windows\System32\rasman.dll - ok
12:27:03.0504 3944  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:27:03.0504 3944  C:\Windows\System32\rtutils.dll - ok
12:27:03.0504 3944  [ 23D0CE89D5A6C87DFA023839FE7F4C37 ] C:\Windows\System32\atieclxx.exe
12:27:03.0504 3944  C:\Windows\System32\atieclxx.exe - ok
12:27:03.0504 3944  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:27:03.0504 3944  C:\Windows\System32\UXInit.dll - ok
12:27:03.0504 3944  [ 81D93344A7FF90C1802A021727813E9F ] C:\Windows\System32\atiadlxx.dll
12:27:03.0504 3944  C:\Windows\System32\atiadlxx.dll - ok
12:27:03.0520 3944  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
12:27:03.0520 3944  C:\Windows\System32\taskcomp.dll - ok
12:27:03.0520 3944  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
12:27:03.0520 3944  C:\Windows\System32\wiarpc.dll - ok
12:27:03.0520 3944  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:27:03.0520 3944  C:\Windows\System32\oleacc.dll - ok
12:27:03.0520 3944  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
12:27:03.0520 3944  C:\Windows\System32\UIAutomationCore.dll - ok
12:27:03.0520 3944  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:27:03.0520 3944  C:\Windows\System32\msimg32.dll - ok
12:27:03.0520 3944  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:27:03.0520 3944  C:\Windows\System32\imageres.dll - ok
12:27:03.0520 3944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
12:27:03.0520 3944  C:\Windows\System32\drivers\http.sys - ok
12:27:03.0535 3944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
12:27:03.0535 3944  C:\Windows\System32\spoolsv.exe - ok
12:27:03.0535 3944  [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:27:03.0535 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
12:27:03.0535 3944  [ A2B0924D50F4435FD389499047CE553A ] C:\Windows\SysWOW64\ntdll.dll
12:27:03.0535 3944  C:\Windows\SysWOW64\ntdll.dll - ok
12:27:03.0535 3944  [ 2A107B611C91CD256466C58C0D776E9D ] C:\Windows\System32\wow64.dll
12:27:03.0535 3944  C:\Windows\System32\wow64.dll - ok
12:27:03.0535 3944  [ 0F090A77E664CB0F70AB8D3B230B760C ] C:\Windows\System32\wow64cpu.dll
12:27:03.0535 3944  C:\Windows\System32\wow64cpu.dll - ok
12:27:03.0551 3944  [ 7434E01FBCA3CB86539C39412A31D5E1 ] C:\Windows\System32\wow64win.dll
12:27:03.0551 3944  C:\Windows\System32\wow64win.dll - ok
12:27:03.0551 3944  [ 76161B9D78A275F8F28DD67436013110 ] C:\Windows\SysWOW64\kernel32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\kernel32.dll - ok
12:27:03.0551 3944  [ 1B7343C3765638D4D17CB925F84F8ABE ] C:\Windows\SysWOW64\KernelBase.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\KernelBase.dll - ok
12:27:03.0551 3944  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\user32.dll - ok
12:27:03.0551 3944  [ 56E3313690866F99CD17AA1342F64AE1 ] C:\Windows\SysWOW64\gdi32.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\gdi32.dll - ok
12:27:03.0551 3944  [ CC23295DA8F7B5C53F93804D2F5D30EB ] C:\Windows\SysWOW64\lpk.dll
12:27:03.0551 3944  C:\Windows\SysWOW64\lpk.dll - ok
12:27:03.0566 3944  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\usp10.dll - ok
12:27:03.0566 3944  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\msvcrt.dll - ok
12:27:03.0566 3944  [ D67472125471784DE7147946EDA25FEB ] C:\Windows\SysWOW64\advapi32.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\advapi32.dll - ok
12:27:03.0566 3944  [ 4DC999CED9429939D75682EBD7D48901 ] C:\Windows\SysWOW64\rpcrt4.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\rpcrt4.dll - ok
12:27:03.0566 3944  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\sechost.dll - ok
12:27:03.0566 3944  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\cryptbase.dll - ok
12:27:03.0566 3944  [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
12:27:03.0566 3944  C:\Windows\SysWOW64\msvcp100.dll - ok
12:27:03.0582 3944  [ 42B924C5F3924C1EB2539F22C10D7DF1 ] C:\Windows\SysWOW64\sspicli.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\sspicli.dll - ok
12:27:03.0582 3944  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\msvcr100.dll - ok
12:27:03.0582 3944  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\imm32.dll - ok
12:27:03.0582 3944  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\msctf.dll - ok
12:27:03.0582 3944  [ 343CB2631CEAD5A6EC56FFA69937939F ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
12:27:03.0582 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
12:27:03.0582 3944  [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\SysWOW64\shell32.dll
12:27:03.0582 3944  C:\Windows\SysWOW64\shell32.dll - ok
12:27:03.0598 3944  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:27:03.0598 3944  C:\Windows\SysWOW64\shlwapi.dll - ok
12:27:03.0598 3944  [ 46065A1F1CA90E084E3217C883F69D4D ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
12:27:03.0598 3944  [ 0E53F1FB5A603B984DC3921D2FF76662 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
12:27:03.0598 3944  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:27:03.0598 3944  C:\Windows\System32\BFE.DLL - ok
12:27:03.0598 3944  [ 18490AD7AB6320CDC0C04B137B385DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
12:27:03.0598 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
12:27:03.0598 3944  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
12:27:03.0598 3944  C:\Windows\SysWOW64\mpr.dll - ok
12:27:03.0613 3944  [ 1147C3047C28435826EDCE83C1CD8096 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
12:27:03.0613 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
12:27:03.0613 3944  [ B539CFD39BB40964BD36AE037AB0887D ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
12:27:03.0613 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
12:27:03.0613 3944  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:27:03.0613 3944  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:27:03.0613 3944  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\nsi.dll - ok
12:27:03.0613 3944  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\ole32.dll - ok
12:27:03.0613 3944  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:27:03.0613 3944  C:\Windows\SysWOW64\winnsi.dll - ok
12:27:03.0629 3944  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\rasapi32.dll - ok
12:27:03.0629 3944  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\version.dll - ok
12:27:03.0629 3944  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
12:27:03.0629 3944  C:\Windows\SysWOW64\wtsapi32.dll - ok
12:27:03.0629 3944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\bowser.sys - ok
12:27:03.0629 3944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\mpsdrv.sys - ok
12:27:03.0629 3944  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:27:03.0629 3944  C:\Windows\System32\drivers\mrxsmb.sys - ok
12:27:03.0644 3944  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:27:03.0644 3944  C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:27:03.0644 3944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:27:03.0644 3944  C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:27:03.0644 3944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:27:03.0644 3944  C:\Windows\System32\wkssvc.dll - ok
12:27:03.0644 3944  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
12:27:03.0644 3944  C:\Windows\SysWOW64\rasman.dll - ok
12:27:03.0644 3944  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:27:03.0644 3944  C:\Windows\SysWOW64\ws2_32.dll - ok
12:27:03.0644 3944  [ 6614EDFCF4AFE27E46FC0C1A5EC1269D ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
12:27:03.0644 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
12:27:03.0660 3944  [ 53F5464997776F0AD1F68798787D3537 ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
12:27:03.0660 3944  [ 6971E57164D46323CF949631A0685307 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
12:27:03.0660 3944  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:27:03.0660 3944  C:\Windows\System32\wfapigp.dll - ok
12:27:03.0660 3944  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:27:03.0660 3944  C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:27:03.0660 3944  [ 65AF41A7A2C5B6693E1B4164E7632C3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:27:03.0660 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
12:27:03.0660 3944  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
12:27:03.0660 3944  C:\Windows\SysWOW64\propsys.dll - ok
12:27:03.0676 3944  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:27:03.0676 3944  C:\Windows\System32\mscms.dll - ok
12:27:03.0676 3944  [ 6B400F211BEE880A37A1ED0368776BF4 ] C:\Windows\System32\cryptsvc.dll
12:27:03.0676 3944  C:\Windows\System32\cryptsvc.dll - ok
12:27:03.0676 3944  [ 63FE35B2DFC1CCD2AA33EA8BA2460BE9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
12:27:03.0676 3944  [ B792BBE05A18481016A7C39269D3E75C ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
12:27:03.0676 3944  [ E7721DCE7EE53A22BBF6CFCAA145FB12 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
12:27:03.0676 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
12:27:03.0676 3944  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:27:03.0676 3944  C:\Windows\SysWOW64\oleaut32.dll - ok
12:27:03.0691 3944  [ A6B726DCA228F7878E38368A1BDC68BE ] C:\Windows\System32\cryptnet.dll
12:27:03.0691 3944  C:\Windows\System32\cryptnet.dll - ok
12:27:03.0691 3944  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:27:03.0691 3944  C:\Windows\System32\vssapi.dll - ok
12:27:03.0691 3944  [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
12:27:03.0691 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
12:27:03.0691 3944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
12:27:03.0691 3944  C:\Windows\System32\dps.dll - ok
12:27:03.0691 3944  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
12:27:03.0691 3944  C:\Windows\System32\FDResPub.dll - ok
12:27:03.0691 3944  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:27:03.0691 3944  C:\Windows\System32\pcasvc.dll - ok
12:27:03.0707 3944  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:27:03.0707 3944  C:\Windows\System32\snmptrap.exe - ok
12:27:03.0707 3944  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
12:27:03.0707 3944  C:\Windows\System32\WSDApi.dll - ok
12:27:03.0707 3944  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
12:27:03.0707 3944  C:\Windows\System32\webservices.dll - ok
12:27:03.0707 3944  [ 4004299B7AF4CBFF6540F1798899A11F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:27:03.0707 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:27:03.0707 3944  [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:27:03.0707 3944  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:27:03.0707 3944  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:27:03.0707 3944  C:\Windows\System32\fundisc.dll - ok
12:27:03.0722 3944  [ 9C933EE52559A41B704CBB189E7D6495 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
12:27:03.0722 3944  [ EDA04929396FBE9D3C6A93E847657AD4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
12:27:03.0722 3944  [ 23C77897F8DC43B25A1DD03542E479EA ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
12:27:03.0722 3944  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
12:27:03.0722 3944  C:\Windows\System32\PeerDistSh.dll - ok
12:27:03.0722 3944  [ CD135EBBA99C598F30E6093824193038 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll - ok
12:27:03.0722 3944  [ 8BE50E29F27A9DFC3372CD29F02A15EB ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll
12:27:03.0722 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll - ok
12:27:03.0738 3944  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
12:27:03.0738 3944  C:\Windows\SysWOW64\rtutils.dll - ok
12:27:03.0738 3944  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:27:03.0738 3944  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:27:03.0738 3944  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:27:03.0738 3944  C:\Windows\System32\vsstrace.dll - ok
12:27:03.0738 3944  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:27:03.0738 3944  C:\Windows\System32\provsvc.dll - ok
12:27:03.0738 3944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:27:03.0738 3944  C:\Windows\System32\sstpsvc.dll - ok
12:27:03.0738 3944  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:27:03.0738 3944  C:\Windows\System32\winhttp.dll - ok
12:27:03.0754 3944  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:27:03.0754 3944  C:\Windows\System32\webio.dll - ok
12:27:03.0754 3944  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
12:27:03.0754 3944  C:\Windows\System32\httpapi.dll - ok
12:27:03.0754 3944  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
12:27:03.0754 3944  C:\Windows\System32\msxml6.dll - ok
12:27:03.0754 3944  [ D5BE751B837C8B8CB58426EC9B2A29E9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
12:27:03.0754 3944  [ 6A6B49FD47A6BA4949A1E03CA4486439 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll - ok
12:27:03.0754 3944  [ 8682F5AEFD0326B2A772E90EF1EFBE17 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll
12:27:03.0754 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll - ok
12:27:03.0769 3944  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\clbcatq.dll - ok
12:27:03.0769 3944  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\Wldap32.dll - ok
12:27:03.0769 3944  [ F2D9F23FFB2B0B2B8FF5126689615B3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll
12:27:03.0769 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll - ok
12:27:03.0769 3944  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\profapi.dll - ok
12:27:03.0769 3944  [ 76F58DB8F85C125E0D6B3AA42F3BF1D0 ] C:\Windows\SysWOW64\urlmon.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\urlmon.dll - ok
12:27:03.0769 3944  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:27:03.0769 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:27:03.0785 3944  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:27:03.0785 3944  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:27:03.0785 3944  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:27:03.0785 3944  [ 05BD47136DE62FAFE9F95B40E4100144 ] C:\Windows\SysWOW64\iertutil.dll
12:27:03.0785 3944  C:\Windows\SysWOW64\iertutil.dll - ok
12:27:03.0800 3944  [ CC09E0C9A2D89C6E71D093DC8BD121B7 ] C:\Windows\SysWOW64\crypt32.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\crypt32.dll - ok
12:27:03.0800 3944  [ 582632E34C9FF3C658ED56E5FC8D7EC6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll
12:27:03.0800 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll - ok
12:27:03.0800 3944  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\msasn1.dll - ok
12:27:03.0800 3944  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\winhttp.dll - ok
12:27:03.0800 3944  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\webio.dll - ok
12:27:03.0800 3944  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
12:27:03.0800 3944  C:\Windows\SysWOW64\browcli.dll - ok
12:27:03.0816 3944  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\logoncli.dll - ok
12:27:03.0816 3944  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\netapi32.dll - ok
12:27:03.0816 3944  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\netutils.dll - ok
12:27:03.0816 3944  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\srvcli.dll - ok
12:27:03.0816 3944  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\wkscli.dll - ok
12:27:03.0816 3944  [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
12:27:03.0816 3944  C:\Windows\SysWOW64\activeds.dll - ok
12:27:03.0832 3944  [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\adsldpc.dll - ok
12:27:03.0832 3944  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\atl.dll - ok
12:27:03.0832 3944  [ 800A35C7425E12379F173FBE7EA2A4F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
12:27:03.0832 3944  [ BE04DE758070B1CBA8B741436C955797 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
12:27:03.0832 3944  [ A8F0298E9947D66E8E16E45F109E35CC ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
12:27:03.0832 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
12:27:03.0832 3944  [ E4E829EE073E046B0EB19B5FECB19B8C ] C:\Windows\SysWOW64\wininet.dll
12:27:03.0832 3944  C:\Windows\SysWOW64\wininet.dll - ok
12:27:03.0847 3944  [ 6FE2FC00C12815B11E614BE5D545B59D ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
12:27:03.0847 3944  [ FA018F45BA6DC7C5918F0B06F0F0D6D2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
12:27:03.0847 3944  [ 372948BB5E41CE42341C4398DE572E56 ] C:\Windows\SysWOW64\secur32.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\secur32.dll - ok
12:27:03.0847 3944  [ A93DAE6938F2C49E257B1A7F79D587A6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
12:27:03.0847 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
12:27:03.0847 3944  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:27:03.0847 3944  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:27:03.0847 3944  C:\Windows\SysWOW64\setupapi.dll - ok
12:27:03.0863 3944  [ 39050A12A2EFBEC944C3585374898E54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
12:27:03.0863 3944  [ 7601E307497092E38BB0F8C42127C583 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
12:27:03.0863 3944  [ 0BE5722EA1889F77F251292B2ABBED4F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
12:27:03.0863 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
12:27:03.0863 3944  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\devobj.dll - ok
12:27:03.0863 3944  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\apphelp.dll - ok
12:27:03.0863 3944  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
12:27:03.0863 3944  C:\Windows\SysWOW64\sfc.dll - ok
12:27:03.0878 3944  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
12:27:03.0878 3944  C:\Windows\SysWOW64\sfc_os.dll - ok
12:27:03.0878 3944  [ 552DF4A9DD8F4A500E3F8FC9C512D47A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe - ok
12:27:03.0878 3944  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
12:27:03.0878 3944  C:\Windows\SysWOW64\devrtl.dll - ok
12:27:03.0878 3944  [ 3A17A112D51D0DD494D64915D4527B2F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
12:27:03.0878 3944  [ 28BADE8802D00E9EEC8F9045A457ED74 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
12:27:03.0878 3944  [ 2E5E517A5ED5CA1E99DA3AE517089935 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
12:27:03.0878 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
12:27:03.0894 3944  [ 3B8843D652E63C6531DE9B8A3314764E ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
12:27:03.0894 3944  [ 1844F9B8E28FF898A9FF5A022C1D974D ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
12:27:03.0894 3944  [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
12:27:03.0894 3944  [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
12:27:03.0894 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
12:27:03.0894 3944  [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
12:27:03.0894 3944  C:\Windows\SysWOW64\mfc100u.dll - ok
12:27:03.0894 3944  [ 75F5E1FE8D55CF8E577E0EC5F2290D3F ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
12:27:03.0894 3944  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
12:27:03.0910 3944  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\msimg32.dll - ok
12:27:03.0910 3944  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\dwmapi.dll - ok
12:27:03.0910 3944  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\uxtheme.dll - ok
12:27:03.0910 3944  [ ECA6624EFEBBE2C0C320AC942620C404 ] C:\Windows\SysWOW64\mfc100deu.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\mfc100deu.dll - ok
12:27:03.0910 3944  [ E5624A279E2E98EAFCB6BCA7DB4DB2CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll
12:27:03.0910 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll - ok
12:27:03.0910 3944  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:27:03.0910 3944  C:\Windows\SysWOW64\FirewallAPI.dll - ok
12:27:03.0925 3944  [ 8FC1230DBCCEB7016A4F183D4808D335 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
12:27:03.0925 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe - ok
12:27:03.0925 3944  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
12:27:03.0925 3944  C:\Windows\SysWOW64\mscoree.dll - ok
12:27:03.0925 3944  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:27:03.0925 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:27:03.0925 3944  [ 8E2242BB3CB7A632A8CF22BDE2A41AE1 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
12:27:03.0925 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
12:27:03.0925 3944  [ 0DCA5F8AF83975061D9D8340DC471B5C ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
12:27:03.0925 3944  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
12:27:03.0925 3944  [ C1F1E53851FAA7E029CFA07DAF9A5E81 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
12:27:03.0925 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll - ok
12:27:03.0941 3944  [ F1F5356A864A88F355002BDE02EA87EA ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Glib.dll
12:27:03.0941 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Glib.dll - ok
12:27:03.0941 3944  [ 5098A5D0F433048AF91D556330678B52 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll - ok
12:27:03.0941 3944  [ 4676E92357233BD5A097BE3F7D6DB00A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll - ok
12:27:03.0941 3944  [ 9AE06337C568C19ED91FAEAA91C609E3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll
12:27:03.0941 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\b6c7a1ca929c1b10f36b683c9f1a0517\System.Xml.Linq.ni.dll - ok
12:27:03.0941 3944  [ 3AD3602258590F5A3C45DC7A029D0140 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
12:27:03.0941 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
12:27:03.0956 3944  [ 7556E8E5F3FFD7AA845A02B1237946C0 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreLibrary.dll
12:27:03.0956 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreLibrary.dll - ok
12:27:03.0956 3944  [ 71ECC01F9928873A5DEB5B475C0F2429 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
12:27:03.0956 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
12:27:03.0956 3944  [ 8B1F5E3195FB646A06D880F8CAB299FA ] C:\Program Files (x86)\Garmin\Core Update Service\NLog.dll
12:27:03.0956 3944  C:\Program Files (x86)\Garmin\Core Update Service\NLog.dll - ok
12:27:03.0956 3944  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\cryptsp.dll - ok
12:27:03.0956 3944  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\rsaenh.dll - ok
12:27:03.0956 3944  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:27:03.0956 3944  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:27:03.0972 3944  [ 30EFD90C995E57399F3AB10E6685C60B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
12:27:03.0972 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll - ok
12:27:03.0972 3944  [ 2E7D051495EFBE01E590D42303967183 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
12:27:03.0972 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll - ok
12:27:03.0972 3944  [ 3F7715D56712A3E598289E87FA122E68 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
12:27:03.0972 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll - ok
12:27:03.0972 3944  [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\SysWOW64\wintrust.dll
12:27:03.0972 3944  C:\Windows\SysWOW64\wintrust.dll - ok
12:27:03.0972 3944  [ 2AEC3B1ED15DFFCF7BBF3DFD32342CA8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
12:27:03.0972 3944  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll - ok
12:27:03.0988 3944  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\riched20.dll - ok
12:27:03.0988 3944  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37 ] C:\Windows\SysWOW64\imagehlp.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\imagehlp.dll - ok
12:27:03.0988 3944  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\bcrypt.dll - ok
12:27:03.0988 3944  [ AD7FB087A238883D1618F29F7BBBD584 ] C:\Windows\SysWOW64\ncrypt.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\ncrypt.dll - ok
12:27:03.0988 3944  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:27:03.0988 3944  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\userenv.dll - ok
12:27:03.0988 3944  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
12:27:03.0988 3944  C:\Windows\SysWOW64\gpapi.dll - ok
12:27:04.0003 3944  [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\SysWOW64\cryptnet.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\cryptnet.dll - ok
12:27:04.0003 3944  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\SensApi.dll - ok
12:27:04.0003 3944  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\credssp.dll - ok
12:27:04.0003 3944  [ E94C583CDE2348950155F2AF2876F34D ] C:\Windows\SysWOW64\mswsock.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\mswsock.dll - ok
12:27:04.0003 3944  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:27:04.0003 3944  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:27:04.0003 3944  C:\Windows\SysWOW64\wship6.dll - ok
12:27:04.0019 3944  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:27:04.0019 3944  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:27:04.0019 3944  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:27:04.0019 3944  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:27:04.0019 3944  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:27:04.0019 3944  C:\Windows\System32\dllhost.exe - ok
12:27:04.0019 3944  [ 9028D1621C43DF8DFBD1C76860412A11 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
12:27:04.0019 3944  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
12:27:04.0019 3944  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:27:04.0019 3944  C:\Windows\System32\IDStore.dll - ok
12:27:04.0019 3944  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
12:27:04.0019 3944  C:\Windows\System32\taskhost.exe - ok
12:27:04.0034 3944  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:27:04.0034 3944  C:\Windows\System32\mpr.dll - ok
12:27:04.0034 3944  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:27:04.0034 3944  C:\Windows\System32\MsCtfMonitor.dll - ok
12:27:04.0034 3944  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:27:04.0034 3944  C:\Windows\System32\msutb.dll - ok
12:27:04.0034 3944  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
12:27:04.0034 3944  C:\Windows\System32\taskeng.exe - ok
12:27:04.0034 3944  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:27:04.0034 3944  C:\Windows\System32\userinit.exe - ok
12:27:04.0034 3944  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
12:27:04.0034 3944  C:\Windows\System32\dwm.exe - ok
12:27:04.0050 3944  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
12:27:04.0050 3944  C:\Windows\System32\dwmredir.dll - ok
12:27:04.0050 3944  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
12:27:04.0050 3944  C:\Windows\System32\dwmcore.dll - ok
12:27:04.0050 3944  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
12:27:04.0050 3944  C:\Windows\System32\d3d10_1.dll - ok
12:27:04.0050 3944  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
12:27:04.0050 3944  C:\Windows\System32\HotStartUserAgent.dll - ok
12:27:04.0050 3944  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
12:27:04.0050 3944  C:\Windows\System32\PlaySndSrv.dll - ok
12:27:04.0050 3944  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:27:04.0050 3944  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:27:04.0066 3944  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
12:27:04.0066 3944  C:\Windows\System32\TSChannel.dll - ok
12:27:04.0066 3944  [ C377219FF688183E4A4F5816EFF82E82 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
12:27:04.0066 3944  [ 7128BC801C1451D460344C4893315265 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
12:27:04.0066 3944  [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
12:27:04.0066 3944  C:\Windows\System32\msvcp110.dll - ok
12:27:04.0066 3944  [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
12:27:04.0066 3944  C:\Windows\System32\msvcr110.dll - ok
12:27:04.0066 3944  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
12:27:04.0066 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
12:27:04.0081 3944  [ 1075AB2C077B415760C0E948856B5126 ] C:\Windows\System32\wer.dll
12:27:04.0081 3944  C:\Windows\System32\wer.dll - ok
12:27:04.0081 3944  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
12:27:04.0081 3944  C:\Windows\System32\dbghelp.dll - ok
12:27:04.0081 3944  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:27:04.0081 3944  C:\Windows\System32\bthprops.cpl - ok
12:27:04.0081 3944  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
12:27:04.0081 3944  C:\Windows\System32\wsock32.dll - ok
12:27:04.0081 3944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:27:04.0081 3944  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:27:04.0081 3944  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
12:27:04.0081 3944  C:\Windows\System32\d3d10_1core.dll - ok
12:27:04.0097 3944  [ 0928B9C3F2193EE265AA5E9B163D96EB ] C:\Program Files (x86)\Google\Update\1.3.23.9\goopdate.dll
12:27:04.0097 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\goopdate.dll - ok
12:27:04.0097 3944  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\msi.dll - ok
12:27:04.0097 3944  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\cscapi.dll - ok
12:27:04.0097 3944  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\ntmarta.dll - ok
12:27:04.0097 3944  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
12:27:04.0097 3944  C:\Windows\SysWOW64\dbghelp.dll - ok
12:27:04.0097 3944  [ 7E6B107120108B3A15BFECE0DE3201DB ] C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
12:27:04.0097 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe - ok
12:27:04.0112 3944  [ 0D5CE0E5AEC3ACC7930AB955334B8533 ] C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
12:27:04.0112 3944  C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe - ok
12:27:04.0112 3944  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:27:04.0112 3944  C:\Windows\System32\cscapi.dll - ok
12:27:04.0112 3944  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
12:27:04.0112 3944  C:\Windows\SysWOW64\mstask.dll - ok
12:27:04.0112 3944  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
12:27:04.0112 3944  C:\Windows\System32\dxgi.dll - ok
12:27:04.0112 3944  [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
12:27:04.0112 3944  C:\Windows\System32\d3d11.dll - ok
12:27:04.0112 3944  [ 0F3B5AA11D6003C851D6A9D2450DC9E1 ] C:\Windows\System32\atidxx64.dll
12:27:04.0112 3944  C:\Windows\System32\atidxx64.dll - ok
12:27:04.0128 3944  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
12:27:04.0128 3944  C:\Windows\System32\uDWM.dll - ok
12:27:04.0128 3944  [ 0D298133C359AB8CB9EB4FA178BF3947 ] C:\Windows\System32\msxml3.dll
12:27:04.0128 3944  C:\Windows\System32\msxml3.dll - ok
12:27:04.0128 3944  [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
12:27:04.0128 3944  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
12:27:04.0128 3944  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:27:04.0128 3944  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:27:04.0128 3944  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
12:27:04.0128 3944  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
12:27:04.0128 3944  [ DE33208D7B10FF672CAA399403150E16 ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
12:27:04.0128 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
12:27:04.0144 3944  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:27:04.0144 3944  C:\Windows\System32\rasadhlp.dll - ok
12:27:04.0144 3944  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:27:04.0144 3944  C:\Windows\System32\msi.dll - ok
12:27:04.0144 3944  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
12:27:04.0144 3944  C:\Windows\System32\esent.dll - ok
12:27:04.0144 3944  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
12:27:04.0144 3944  C:\Windows\System32\localspl.dll - ok
12:27:04.0144 3944  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:27:04.0144 3944  C:\Windows\System32\umb.dll - ok
12:27:04.0144 3944  [ 9945FF91CBFEE03D20FE8A2A75A09B19 ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
12:27:04.0144 3944  C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
12:27:04.0159 3944  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
12:27:04.0159 3944  C:\Windows\System32\spoolss.dll - ok
12:27:04.0159 3944  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:27:04.0159 3944  C:\Windows\System32\winspool.drv - ok
12:27:04.0159 3944  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
12:27:04.0159 3944  C:\Windows\System32\PrintIsolationProxy.dll - ok
12:27:04.0159 3944  [ 9FEFF98E2A0F71577AB401BE4E05518A ] C:\Windows\System32\CNMLM9P.DLL
12:27:04.0159 3944  C:\Windows\System32\CNMLM9P.DLL - ok
12:27:04.0159 3944  [ 85D546ADDF491C9DFF6993BB0F4059B2 ] C:\Windows\System32\CNCF2Li.DLL
12:27:04.0159 3944  C:\Windows\System32\CNCF2Li.DLL - ok
12:27:04.0159 3944  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
12:27:04.0159 3944  C:\Windows\System32\FXSMON.dll - ok
12:27:04.0175 3944  [ C89B88BCA6D6B72A470D8BF5730254C6 ] C:\Windows\System32\pdfcmon.dll
12:27:04.0175 3944  C:\Windows\System32\pdfcmon.dll - ok
12:27:04.0175 3944  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
12:27:04.0175 3944  C:\Windows\System32\snmpapi.dll - ok
12:27:04.0175 3944  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
12:27:04.0175 3944  C:\Windows\System32\tcpmon.dll - ok
12:27:04.0175 3944  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
12:27:04.0175 3944  C:\Windows\System32\usbmon.dll - ok
12:27:04.0175 3944  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
12:27:04.0175 3944  C:\Windows\System32\wsnmp32.dll - ok
12:27:04.0175 3944  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
12:27:04.0175 3944  C:\Windows\System32\WSDMon.dll - ok
12:27:04.0190 3944  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
12:27:04.0190 3944  C:\Windows\System32\fdPnp.dll - ok
12:27:04.0190 3944  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:27:04.0190 3944  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:27:04.0190 3944  [ E0330C3E6CD6C499A7DE69B560AFEE4D ] C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL
12:27:04.0190 3944  C:\Windows\System32\spool\prtprocs\x64\CNMPD9P.DLL - ok
12:27:04.0190 3944  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
12:27:04.0190 3944  C:\Windows\System32\win32spl.dll - ok
12:27:04.0190 3944  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
12:27:04.0190 3944  C:\Windows\System32\inetpp.dll - ok
12:27:04.0190 3944  [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
12:27:04.0190 3944  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
12:27:04.0206 3944  [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
12:27:04.0206 3944  C:\Windows\System32\mgmtapi.dll - ok
12:27:04.0206 3944  [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
12:27:04.0206 3944  C:\Windows\System32\tcpmib.dll - ok
12:27:04.0206 3944  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
12:27:04.0206 3944  [ 915A96EFF6DE6DD482864647332C5A42 ] C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\CNCFIMi.DLL - ok
12:27:04.0206 3944  [ 6D9AB0B3FC4D67830F363EBC6F1E3DE9 ] C:\Windows\System32\spool\drivers\x64\3\BRUUI13A.DLL
12:27:04.0206 3944  C:\Windows\System32\spool\drivers\x64\3\BRUUI13A.DLL - ok
12:27:04.0206 3944  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:27:04.0206 3944  C:\Windows\explorer.exe - ok
12:27:04.0222 3944  [ 83EEFE83438AEF9FBB7613A106C5E5BB ] C:\Program Files\Java\jre7\bin\javaw.exe
12:27:04.0222 3944  C:\Program Files\Java\jre7\bin\javaw.exe - ok
12:27:04.0222 3944  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:27:04.0222 3944  C:\Windows\System32\ExplorerFrame.dll - ok
12:27:04.0222 3944  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:27:04.0222 3944  C:\Windows\System32\EhStorShell.dll - ok
12:27:04.0222 3944  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
12:27:04.0222 3944  C:\Windows\System32\cscui.dll - ok
12:27:04.0222 3944  [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
12:27:04.0222 3944  C:\Windows\System32\ntprint.dll - ok
12:27:04.0222 3944  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
12:27:04.0222 3944  C:\Windows\System32\cscdll.dll - ok
12:27:04.0222 3944  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:27:04.0222 3944  C:\Windows\System32\ntshrui.dll - ok
12:27:04.0237 3944  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:27:04.0237 3944  C:\Windows\System32\IconCodecService.dll - ok
12:27:04.0237 3944  [ 8D41342D23D15C30700E838FAE84E489 ] C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe
12:27:04.0237 3944  C:\Program Files\Tracker Software\PDF Viewer\PDFXCview.exe - ok
12:27:04.0237 3944  [ 985C307535F81609920B54EBC7C15B50 ] C:\Program Files\VideoLAN\VLC\vlc.exe
12:27:04.0237 3944  C:\Program Files\VideoLAN\VLC\vlc.exe - ok
12:27:04.0237 3944  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\winsta.dll - ok
12:27:04.0237 3944  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\dnsapi.dll - ok
12:27:04.0237 3944  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:27:04.0237 3944  C:\Windows\SysWOW64\rasadhlp.dll - ok
12:27:04.0253 3944  [ F0D0E883EBBDC7615DC9EDEA0FFB2817 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:27:04.0253 3944  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:27:04.0253 3944  [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
12:27:04.0253 3944  C:\Windows\SysWOW64\vdmdbg.dll - ok
12:27:04.0253 3944  [ F89000BD2BF367B9A6423CEB1553E9AF ] C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll - ok
12:27:04.0253 3944  [ 9A521D6FAB1402D71BD900E9054EF7DE ] C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll - ok
12:27:04.0253 3944  [ 42CC7633E6C898923AE57CEBCE6DB2B2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll - ok
12:27:04.0253 3944  [ 9A86820CEDF2C6D2EBF2E6E66E89EA1A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll
12:27:04.0253 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll - ok
12:27:04.0268 3944  [ D5094999316AE489620B3CB70C1AD5C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll
12:27:04.0268 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll - ok
12:27:04.0268 3944  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
12:27:04.0268 3944  C:\Windows\SysWOW64\samcli.dll - ok
12:27:04.0268 3944  [ ABF612BB29A6293A574710716246F58E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
12:27:04.0268 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
12:27:04.0268 3944  [ 441CC7DBC4F8661807A9B1C87CABA81C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
12:27:04.0268 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll - ok
12:27:04.0268 3944  [ DD3DE2DA4D2D40D9EEBE570C44C0FFC6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
12:27:04.0268 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll - ok
12:27:04.0284 3944  [ 4262941C67FDC6B5BF6BD8124EAD7D63 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\24bf0c88c0465485f4b842df043b3f45\System.ServiceModel.ni.dll - ok
12:27:04.0284 3944  [ 629989BD3F1E1EE48DDD3586DF2736E1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll - ok
12:27:04.0284 3944  [ 62EB3624CD0767800959F9A07C5C1186 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
12:27:04.0284 3944  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
12:27:04.0284 3944  [ 4D7CCF386348589BE92939AEB79DD9B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f6d7bb59f318c130d68816a89335d05e\System.Runtime.Serialization.ni.dll - ok
12:27:04.0284 3944  [ 7C414E1CCE3695B7A1BF0EB8E44ED428 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll
12:27:04.0284 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\f4354d6580fbb745c0c8acba382a7b84\System.ServiceProcess.ni.dll - ok
12:27:04.0284 3944  [ 1E9087B8EDCC41AD8385487945E8B131 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Device.IO.dll
12:27:04.0284 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Device.IO.dll - ok
12:27:04.0300 3944  [ 5F9482ED6D4598758433E5C0524BDE40 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.DataTypes.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.DataTypes.dll - ok
12:27:04.0300 3944  [ 0F18CB3F93BA24C924C814B0AB18A21F ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.DotNet.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.DotNet.dll - ok
12:27:04.0300 3944  [ 4202623979CEF62FDE8B0219B280E067 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.IO.DotNet.dll - ok
12:27:04.0300 3944  [ 1AE061C8783ABC76D734D4EC4DCBCD21 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.Detection.dll - ok
12:27:04.0300 3944  [ 0BE7D95D19CB4D64F1FD3574F34122D3 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll
12:27:04.0300 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.Device.PortableDeviceLib.dll - ok
12:27:04.0315 3944  [ 1B6998BB509DCCDE8881BC311DDD0D3D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\fcffb45098807dbf4f96bb133936789a\System.Security.ni.dll
12:27:04.0315 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\fcffb45098807dbf4f96bb133936789a\System.Security.ni.dll - ok
12:27:04.0315 3944  [ ABB19BD517C6274551229D3A866CCD36 ] C:\Program Files (x86)\Garmin\Core Update Service\System.Threading.Tasks.dll
12:27:04.0315 3944  C:\Program Files (x86)\Garmin\Core Update Service\System.Threading.Tasks.dll - ok
12:27:04.0315 3944  [ 9F22F081FF1874B4A4040C6ABDD2D32B ] C:\Program Files (x86)\Garmin\Core Update Service\Microsoft.Threading.Tasks.dll
12:27:04.0315 3944  C:\Program Files (x86)\Garmin\Core Update Service\Microsoft.Threading.Tasks.dll - ok
12:27:04.0315 3944  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:27:04.0315 3944  C:\Windows\System32\nlasvc.dll - ok
12:27:04.0315 3944  [ 20372BE109FEE1C37E2D5216680DB9EB ] C:\Program Files (x86)\PDF Architect\HelperService.exe
12:27:04.0315 3944  C:\Program Files (x86)\PDF Architect\HelperService.exe - ok
12:27:04.0315 3944  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
12:27:04.0315 3944  C:\Windows\System32\aepic.dll - ok
12:27:04.0331 3944  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:27:04.0331 3944  C:\Windows\System32\ncsi.dll - ok
12:27:04.0331 3944  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:27:04.0331 3944  C:\Windows\System32\sfc.dll - ok
12:27:04.0331 3944  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:27:04.0331 3944  C:\Windows\System32\sfc_os.dll - ok
12:27:04.0331 3944  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
12:27:04.0331 3944  C:\Windows\SysWOW64\sxs.dll - ok
12:27:04.0331 3944  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:27:04.0331 3944  C:\Windows\System32\ssdpapi.dll - ok
12:27:04.0331 3944  [ 50771B093AB06C6C44C9732CB777A219 ] C:\Program Files (x86)\PDF Architect\libcurl.dll
12:27:04.0331 3944  C:\Program Files (x86)\PDF Architect\libcurl.dll - ok
12:27:04.0346 3944  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
12:27:04.0346 3944  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
12:27:04.0346 3944  [ 065687F74C1F79CD31B82A3E48BF7F78 ] C:\Program Files (x86)\PDF Architect\libeay32.dll
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\libeay32.dll - ok
12:27:04.0346 3944  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
12:27:04.0346 3944  C:\Windows\SysWOW64\wsock32.dll - ok
12:27:04.0346 3944  [ A40645BD5D25A0202DC9232C2BD018B3 ] C:\Program Files (x86)\PDF Architect\ssleay32.dll
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\ssleay32.dll - ok
12:27:04.0346 3944  [ B90A279073A815A4AA2C45A09EE004FA ] C:\Program Files (x86)\PDF Architect\ConversionService.exe
12:27:04.0346 3944  C:\Program Files (x86)\PDF Architect\ConversionService.exe - ok
12:27:04.0346 3944  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
12:27:04.0346 3944  C:\Windows\SysWOW64\winspool.drv - ok
12:27:04.0362 3944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
12:27:04.0362 3944  C:\Windows\System32\drivers\PEAuth.sys - ok
12:27:04.0362 3944  [ EA8386CA87165460D39A1D29FF11080B ] C:\Program Files\Internet Explorer\iexplore.exe
12:27:04.0362 3944  C:\Program Files\Internet Explorer\iexplore.exe - ok
12:27:04.0362 3944  [ 8D60485E65D2D8D87D17173AAAE00067 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\34b53ecafa1d7ccc7ca961d722b5d983\System.ServiceModel.Internals.ni.dll - ok
12:27:04.0362 3944  [ 51137ACA4956480448DD7D61FBA51632 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\78652b7fa68ee058bff6a118c657f565\SMDiagnostics.ni.dll - ok
12:27:04.0362 3944  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:27:04.0362 3944  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:27:04.0362 3944  [ 61CD3FDCD727C2F7EA6C2E697740F486 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll
12:27:04.0362 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bedc417d3c5dcb1c9a5f15dd733c556\System.ServiceModel.Web.ni.dll - ok
12:27:04.0378 3944  [ 98EF79CC2B07398AC525F9EA1AE0366F ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
12:27:04.0378 3944  [ 6F03F363583DA1AEBC590304DF3BD6EE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll
12:27:04.0378 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\1e5e19d119e04b93da3d45153abd60fd\System.IdentityModel.ni.dll - ok
12:27:04.0378 3944  [ A14BB2F5F6457738AAA11367F5172A05 ] C:\Windows\System32\ieframe.dll
12:27:04.0378 3944  C:\Windows\System32\ieframe.dll - ok
12:27:04.0378 3944  [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
12:27:04.0378 3944  [ 9B375BB63F99B113C065A5DB4E632E23 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll
12:27:04.0378 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\scan.dll - ok
12:27:04.0393 3944  [ 1728FA8A8B98396A1AD3A44CA87DFCBD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
12:27:04.0393 3944  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:27:04.0393 3944  C:\Windows\SysWOW64\psapi.dll - ok
12:27:04.0393 3944  [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
12:27:04.0393 3944  [ 46B5E0D4DE23D31E7B83E376BD99D7C6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll
12:27:04.0393 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll - ok
12:27:04.0393 3944  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
12:27:04.0393 3944  C:\Windows\SysWOW64\pcwum.dll - ok
12:27:04.0409 3944  [ 697F06E4F77571E392C753638A028654 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
12:27:04.0409 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess.resources\v4.0_4.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll - ok
12:27:04.0409 3944  [ E7B82D1FB6D8B8644F7EDDE052DDFA5D ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll
12:27:04.0409 3944  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.resources\v4.0_4.0.0.0_de_b77a5c561934e089\System.resources.dll - ok
12:27:04.0409 3944  [ FB83E56708103345BFDB8A2B7FF7BBA7 ] C:\Program Files (x86)\Garmin\Core Update Service\Ionic.Zip.dll
12:27:04.0409 3944  C:\Program Files (x86)\Garmin\Core Update Service\Ionic.Zip.dll - ok
12:27:04.0409 3944  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
12:27:04.0409 3944  C:\Windows\SysWOW64\oleacc.dll - ok
12:27:04.0409 3944  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
12:27:04.0409 3944  C:\Windows\SysWOW64\shfolder.dll - ok
12:27:04.0409 3944  [ 110145B6EC64C9800468C18ED81B6FC5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
12:27:04.0409 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
12:27:04.0424 3944  [ 25A2EEF8D22E36F3C7B368BCF245BDC3 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
12:27:04.0424 3944  [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
12:27:04.0424 3944  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
12:27:04.0424 3944  C:\Windows\System32\aeevts.dll - ok
12:27:04.0424 3944  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
12:27:04.0424 3944  C:\Windows\SysWOW64\comdlg32.dll - ok
12:27:04.0424 3944  [ 776405A9F755BA8BA5CA9039F0D18067 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
12:27:04.0424 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
12:27:04.0440 3944  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
12:27:04.0440 3944  C:\Windows\SysWOW64\oledlg.dll - ok
12:27:04.0440 3944  [ 75B5CCDAD97A2A6D245ACA1ACB415DA5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
12:27:04.0440 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
12:27:04.0440 3944  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
12:27:04.0440 3944  C:\Windows\SysWOW64\winmm.dll - ok
12:27:04.0440 3944  [ 42B6A94DD747DF2B5F628A2752E62A98 ] C:\Windows\System32\ctfmon.exe
12:27:04.0440 3944  C:\Windows\System32\ctfmon.exe - ok
12:27:04.0440 3944  [ 37D0FB9E5E8EDA40B66FC3FB3D660261 ] C:\Windows\System32\mshtml.dll
12:27:04.0440 3944  C:\Windows\System32\mshtml.dll - ok
12:27:04.0440 3944  [ 930B10F03BEF0733B42EA20DC1592C65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll
12:27:04.0440 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll - ok
12:27:04.0456 3944  [ 84F9EDB011F256CE3CA21E06876A7D7A ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
12:27:04.0456 3944  [ 217B846C2B74637EA326C7A07DD30177 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
12:27:04.0456 3944  [ C2ABD6107231B010A1E489622E06575B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
12:27:04.0456 3944  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
12:27:04.0456 3944  C:\Windows\SysWOW64\fltLib.dll - ok
12:27:04.0456 3944  [ AC8E4357A79199AF587514E4805DEEC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
12:27:04.0456 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
12:27:04.0471 3944  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
12:27:04.0471 3944  C:\Windows\System32\cabinet.dll - ok
12:27:04.0471 3944  [ D8976CD6D0653CB6BBC000950590FBBD ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
12:27:04.0471 3944  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
12:27:04.0471 3944  C:\Windows\System32\p2pcollab.dll - ok
12:27:04.0471 3944  [ B5A72BA66AD8D4317EBEA61C1C5AE0CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
12:27:04.0471 3944  [ 42EE1AA800FFDD2484B2097535672142 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
12:27:04.0471 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
12:27:04.0471 3944  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
12:27:04.0471 3944  C:\Windows\System32\QAGENTRT.DLL - ok
12:27:04.0487 3944  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
12:27:04.0487 3944  C:\Windows\System32\fveui.dll - ok
12:27:04.0487 3944  [ 64ADDC6760CDED7EA432D7398318D919 ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll
12:27:04.0487 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok
12:27:04.0487 3944  [ 4E8433BA8F7622808E66F17CDAAEE156 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
12:27:04.0487 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
12:27:04.0487 3944  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
12:27:04.0487 3944  C:\Windows\SysWOW64\olepro32.dll - ok
12:27:04.0487 3944  [ 31385A6CAA31BE9D07B0B32E5AA99ABB ] C:\Windows\SysWOW64\jsproxy.dll
12:27:04.0487 3944  C:\Windows\SysWOW64\jsproxy.dll - ok
12:27:04.0487 3944  [ 6BD3E11E7B82E0964D51975371D7F2E0 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll
12:27:04.0487 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll - ok
12:27:04.0502 3944  [ 816D64F554FBD234DD2C77F4E08C7D5C ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
12:27:04.0502 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
12:27:04.0502 3944  [ BF25489459C7A762DD7B3186C7E3984D ] C:\Windows\System32\jscript9.dll
12:27:04.0502 3944  C:\Windows\System32\jscript9.dll - ok
12:27:04.0502 3944  [ E4574405ACBB2BEDF9E6B1B99896540E ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
12:27:04.0502 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
12:27:04.0502 3944  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
12:27:04.0502 3944  C:\Windows\System32\drivers\secdrv.sys - ok
12:27:04.0502 3944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
12:27:04.0502 3944  C:\Windows\System32\seclogon.dll - ok
12:27:04.0502 3944  [ 81CC0C058106D66AC2447F733A0E5C00 ] C:\Program Files\Internet Explorer\sqmapi.dll
12:27:04.0502 3944  C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:27:04.0518 3944  [ 50D9949020E02B847CD48F1243FCB895 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
12:27:04.0518 3944  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
12:27:04.0518 3944  [ 6951736D01DB9FB6316277B801208B9B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll
12:27:04.0518 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAV.dll - ok
12:27:04.0518 3944  [ 25D23E5A5A627CC718E478B66AD8AFF7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll
12:27:04.0518 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdquar.dll - ok
12:27:04.0518 3944  [ EBAD8A4D048ED257E4A45F6356541F86 ] C:\Windows\System32\ieapfltr.dll
12:27:04.0518 3944  C:\Windows\System32\ieapfltr.dll - ok
12:27:04.0518 3944  [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
12:27:04.0518 3944  C:\Windows\System32\msimtf.dll - ok
12:27:04.0534 3944  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:27:04.0534 3944  C:\Windows\System32\mlang.dll - ok
12:27:04.0534 3944  [ B608BA52FA1FD29BF81B718818246B4D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
12:27:04.0534 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll - ok
12:27:04.0534 3944  [ C676E5EA388AF7C4C031F56F9B42E362 ] C:\Windows\System32\d2d1.dll
12:27:04.0534 3944  C:\Windows\System32\d2d1.dll - ok
12:27:04.0534 3944  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
12:27:04.0534 3944  C:\Windows\System32\drivers\srvnet.sys - ok
12:27:04.0534 3944  [ 1755023407FDE00D9916505A557569D5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll
12:27:04.0534 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\bdcore.dll - ok
12:27:04.0534 3944  [ DD85F00EC31F77315AE992B7B0411D65 ] C:\Windows\System32\DWrite.dll
12:27:04.0534 3944  C:\Windows\System32\DWrite.dll - ok
12:27:04.0549 3944  [ ADF9F919E10832746ED516230420F749 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll
12:27:04.0549 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\av\avxdisk.dll - ok
12:27:04.0549 3944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
12:27:04.0549 3944  C:\Windows\System32\drivers\tcpipreg.sys - ok
12:27:04.0549 3944  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
12:27:04.0549 3944  C:\Windows\System32\wbem\WMIsvc.dll - ok
12:27:04.0549 3944  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
12:27:04.0549 3944  C:\Windows\System32\wbemcomn.dll - ok
12:27:04.0549 3944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
12:27:04.0549 3944  C:\Windows\System32\sysmain.dll - ok
12:27:04.0565 3944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
12:27:04.0565 3944  C:\Windows\System32\wiaservc.dll - ok
12:27:04.0565 3944  [ 14BF6B3AB327D519ED007CDDC56F6900 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:27:04.0565 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
12:27:04.0565 3944  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:27:04.0565 3944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
12:27:04.0565 3944  C:\Windows\System32\trkwks.dll - ok
12:27:04.0565 3944  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\fastprox.dll - ok
12:27:04.0565 3944  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
12:27:04.0565 3944  C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:27:04.0580 3944  [ 3BA13294EE41A3A1EDED05F8FACC7516 ] C:\Windows\System32\atiumd64.dll
12:27:04.0580 3944  C:\Windows\System32\atiumd64.dll - ok
12:27:04.0580 3944  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
12:27:04.0580 3944  C:\Windows\System32\wiatrace.dll - ok
12:27:04.0580 3944  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:27:04.0580 3944  C:\Windows\System32\ntdsapi.dll - ok
12:27:04.0580 3944  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\wbemprox.dll - ok
12:27:04.0580 3944  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\wbemcore.dll - ok
12:27:04.0580 3944  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
12:27:04.0580 3944  C:\Windows\System32\wbem\esscli.dll - ok
12:27:04.0596 3944  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\wbemsvc.dll - ok
12:27:04.0596 3944  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\wmiutils.dll - ok
12:27:04.0596 3944  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
12:27:04.0596 3944  C:\Windows\System32\wbem\repdrvfs.dll - ok
12:27:04.0596 3944  [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
12:27:04.0596 3944  C:\Windows\System32\wsdchngr.dll - ok
12:27:04.0596 3944  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
12:27:04.0596 3944  C:\Windows\SysWOW64\cabinet.dll - ok
12:27:04.0596 3944  [ 3D3A1FA27C458F6C07C509102E8F41A5 ] C:\Windows\System32\CNC330C.DLL
12:27:04.0596 3944  C:\Windows\System32\CNC330C.DLL - ok
12:27:04.0612 3944  [ 10B5362FE389D38BD4DDDABE7DF597E9 ] C:\Windows\System32\CNC330L.DLL
12:27:04.0612 3944  C:\Windows\System32\CNC330L.DLL - ok
12:27:04.0612 3944  [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
12:27:04.0612 3944  C:\Windows\AppPatch\AcGenral.dll - ok
12:27:04.0612 3944  [ A56A3EE04788F69634528CDFB04CA4A4 ] C:\Windows\twain_32\MX330 series\USDRESDE.DLL
12:27:04.0612 3944  C:\Windows\twain_32\MX330 series\USDRESDE.DLL - ok
12:27:04.0612 3944  [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.DLL
12:27:04.0612 3944  C:\Windows\System32\CNHMCA6.DLL - ok
12:27:04.0612 3944  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
12:27:04.0612 3944  C:\Windows\SysWOW64\msacm32.dll - ok
12:27:04.0612 3944  [ D21AB32F16E8DE67D45E5A383B5E52BA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
12:27:04.0612 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll - ok
12:27:04.0627 3944  [ B009D6171147BE129636A49C4178E487 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
12:27:04.0627 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll - ok
12:27:04.0627 3944  [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
12:27:04.0627 3944  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
12:27:04.0627 3944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
12:27:04.0627 3944  C:\Windows\System32\drivers\srv2.sys - ok
12:27:04.0627 3944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
12:27:04.0627 3944  C:\Windows\System32\drivers\srv.sys - ok
12:27:04.0627 3944  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
12:27:04.0627 3944  C:\Windows\System32\wscsvc.dll - ok
12:27:04.0627 3944  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
12:27:04.0627 3944  C:\Windows\System32\iphlpsvc.dll - ok
12:27:04.0643 3944  [ 820EBE67AB99F033FDE25B2692157991 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:27:04.0643 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
12:27:04.0643 3944  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
12:27:04.0643 3944  C:\Windows\System32\sqmapi.dll - ok
12:27:04.0643 3944  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
12:27:04.0643 3944  C:\Windows\System32\wdscore.dll - ok
12:27:04.0643 3944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
12:27:04.0643 3944  C:\Windows\System32\srvsvc.dll - ok
12:27:04.0643 3944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
12:27:04.0643 3944  C:\Windows\System32\browser.dll - ok
12:27:04.0643 3944  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
12:27:04.0643 3944  C:\Windows\System32\netmsg.dll - ok
12:27:04.0658 3944  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:27:04.0658 3944  C:\Windows\System32\netcfgx.dll - ok
12:27:04.0658 3944  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
12:27:04.0658 3944  C:\Windows\System32\sscore.dll - ok
12:27:04.0658 3944  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
12:27:04.0658 3944  C:\Windows\System32\clusapi.dll - ok
12:27:04.0658 3944  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
12:27:04.0658 3944  C:\Windows\System32\resutils.dll - ok
12:27:04.0658 3944  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:27:04.0658 3944  C:\Windows\System32\hnetcfg.dll - ok
12:27:04.0658 3944  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
12:27:04.0658 3944  C:\Windows\System32\nci.dll - ok
12:27:04.0674 3944  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
12:27:04.0674 3944  C:\Windows\SysWOW64\wscisvif.dll - ok
12:27:04.0674 3944  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
12:27:04.0674 3944  C:\Windows\SysWOW64\wscapi.dll - ok
12:27:04.0674 3944  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
12:27:04.0674 3944  C:\Windows\System32\hidserv.dll - ok
12:27:04.0674 3944  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:27:04.0674 3944  C:\Windows\System32\npmproxy.dll - ok
12:27:04.0674 3944  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
12:27:04.0674 3944  C:\Windows\System32\wdi.dll - ok
12:27:04.0674 3944  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
12:27:04.0674 3944  C:\Windows\System32\wpdbusenum.dll - ok
12:27:04.0690 3944  [ 292C00C33786517F2AE57CDF990A0D56 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
12:27:04.0690 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe - ok
12:27:04.0690 3944  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
12:27:04.0690 3944  C:\Windows\System32\appinfo.dll - ok
12:27:04.0690 3944  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
12:27:04.0690 3944  C:\Windows\System32\diagperf.dll - ok
12:27:04.0690 3944  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
12:27:04.0690 3944  C:\Windows\System32\perftrack.dll - ok
12:27:04.0690 3944  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:27:04.0690 3944  C:\Windows\System32\PortableDeviceApi.dll - ok
12:27:04.0690 3944  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:27:04.0690 3944  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:27:04.0705 3944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
12:27:04.0705 3944  C:\Windows\System32\drivers\WUDFRd.sys - ok
12:27:04.0705 3944  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
12:27:04.0705 3944  C:\Windows\System32\Apphlpdm.dll - ok
12:27:04.0705 3944  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
12:27:04.0705 3944  C:\Windows\System32\pnpts.dll - ok
12:27:04.0705 3944  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
12:27:04.0705 3944  C:\Windows\System32\wdiasqmmodule.dll - ok
12:27:04.0705 3944  [ E45CC81B9DFA24B1A0A8ECAAD33E8030 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
12:27:04.0705 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
12:27:04.0705 3944  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
12:27:04.0705 3944  C:\Windows\System32\radardt.dll - ok
12:27:04.0721 3944  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
12:27:04.0721 3944  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
12:27:04.0721 3944  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:27:04.0721 3944  C:\Windows\System32\NapiNSP.dll - ok
12:27:04.0721 3944  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:27:04.0721 3944  C:\Windows\System32\pnrpnsp.dll - ok
12:27:04.0721 3944  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:27:04.0721 3944  C:\Windows\System32\winrnr.dll - ok
12:27:04.0721 3944  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:27:04.0721 3944  C:\Windows\System32\runonce.exe - ok
12:27:04.0721 3944  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
12:27:04.0721 3944  C:\Windows\System32\drivers\WUDFPf.sys - ok
12:27:04.0736 3944  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
12:27:04.0736 3944  C:\Windows\System32\WUDFSvc.dll - ok
12:27:04.0736 3944  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:27:04.0736 3944  C:\Windows\SysWOW64\runonce.exe - ok
12:27:04.0736 3944  [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
12:27:04.0736 3944  C:\Windows\System32\WUDFHost.exe - ok
12:27:04.0736 3944  [ 66F9DC09831B0B00272794E3C7E40755 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
12:27:04.0736 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
12:27:04.0736 3944  [ 66DD03D42EB4C1EBDAB89B48A9DA8760 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
12:27:04.0736 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
12:27:04.0736 3944  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
12:27:04.0736 3944  C:\Windows\SysWOW64\wscproxystub.dll - ok
12:27:04.0752 3944  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
12:27:04.0752 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
12:27:04.0752 3944  [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
12:27:04.0752 3944  C:\Windows\System32\WUDFx.dll - ok
12:27:04.0752 3944  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
12:27:04.0752 3944  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
12:27:04.0752 3944  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
12:27:04.0752 3944  C:\Windows\System32\WMVCORE.DLL - ok
12:27:04.0752 3944  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
12:27:04.0752 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
12:27:04.0752 3944  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
12:27:04.0752 3944  C:\Windows\System32\WMASF.DLL - ok
12:27:04.0768 3944  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
12:27:04.0768 3944  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
12:27:04.0768 3944  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:27:04.0768 3944  C:\Windows\System32\PortableDeviceTypes.dll - ok
12:27:04.0768 3944  [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
12:27:04.0768 3944  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
12:27:04.0768 3944  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
12:27:04.0768 3944  C:\Windows\System32\dimsjob.dll - ok
12:27:04.0768 3944  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
12:27:04.0768 3944  C:\Windows\System32\pautoenr.dll - ok
12:27:04.0768 3944  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
12:27:04.0768 3944  C:\Windows\System32\certcli.dll - ok
12:27:04.0783 3944  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
12:27:04.0783 3944  C:\Windows\System32\CertEnroll.dll - ok
12:27:04.0783 3944  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
12:27:04.0783 3944  [ 3C7DEF3CBBCA6284867AA4621D5D8A54 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll
12:27:04.0783 3944  C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.dll - ok
12:27:04.0783 3944  [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
12:27:04.0783 3944  [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
12:27:04.0783 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
12:27:04.0799 3944  [ E4561704CBFA193761743E5AF746C669 ] C:\Windows\SysWOW64\msxml3.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\msxml3.dll - ok
12:27:04.0799 3944  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
12:27:04.0799 3944  C:\Windows\SysWOW64\cmd.exe - ok
12:27:04.0799 3944  [ BF95EA5809E3BBF55370F7CB309FEBD0 ] C:\Windows\System32\conhost.exe
12:27:04.0799 3944  C:\Windows\System32\conhost.exe - ok
12:27:04.0799 3944  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\winbrand.dll - ok
12:27:04.0799 3944  [ 2AFBB91BBD2378933B26E6D68C140D1B ] C:\Windows\SysWOW64\ieframe.dll
12:27:04.0799 3944  C:\Windows\SysWOW64\ieframe.dll - ok
12:27:04.0799 3944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
12:27:04.0799 3944  C:\Windows\System32\aelupsvc.dll - ok
12:27:04.0814 3944  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
12:27:04.0814 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:27:04.0814 3944  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\SysWOW64\shdocvw.dll
12:27:04.0814 3944  C:\Windows\SysWOW64\shdocvw.dll - ok
12:27:04.0814 3944  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:27:04.0814 3944  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
12:27:04.0814 3944  C:\Windows\System32\ncobjapi.dll - ok
12:27:04.0814 3944  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\wbemess.dll - ok
12:27:04.0814 3944  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
12:27:04.0814 3944  C:\Windows\System32\wbem\NCProv.dll - ok
12:27:04.0830 3944  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
12:27:04.0830 3944  C:\Windows\System32\wuapi.dll - ok
12:27:04.0830 3944  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
12:27:04.0830 3944  C:\Windows\System32\wups.dll - ok
12:27:04.0830 3944  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Gerhard\AppData\Local\Temp\DBF34486-CAE9-4C85-8886-E8AABFD135B9.exe
12:27:04.0830 3944  C:\Users\Gerhard\AppData\Local\Temp\DBF34486-CAE9-4C85-8886-E8AABFD135B9.exe - ok
12:27:04.0830 3944  [ A054EA8FBE16D4D34F06D81A4F0088E2 ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:27:04.0830 3944  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\EhStorShell.dll - ok
12:27:04.0830 3944  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
12:27:04.0830 3944  C:\Windows\SysWOW64\ntshrui.dll - ok
12:27:04.0846 3944  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
12:27:04.0846 3944  C:\Windows\SysWOW64\slc.dll - ok
12:27:04.0846 3944  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
12:27:04.0846 3944  C:\Windows\SysWOW64\imageres.dll - ok
12:27:04.0846 3944  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
12:27:04.0846 3944  C:\Windows\System32\SensApi.dll - ok
12:27:04.0846 3944  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:27:04.0846 3944  C:\Windows\System32\timedate.cpl - ok
12:27:04.0846 3944  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:27:04.0846 3944  C:\Windows\System32\actxprxy.dll - ok
12:27:04.0846 3944  [ 23B001185B7C3CB1F4BDEB143E6B45B7 ] C:\Windows\System32\shdocvw.dll
12:27:04.0846 3944  C:\Windows\System32\shdocvw.dll - ok
12:27:04.0846 3944  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:27:04.0846 3944  C:\Windows\System32\linkinfo.dll - ok
12:27:04.0861 3944  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:27:04.0861 3944  C:\Windows\System32\msiltcfg.dll - ok
12:27:04.0861 3944  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:27:04.0861 3944  C:\Windows\System32\msftedit.dll - ok
12:27:04.0861 3944  [ 2EBD0C5B090125AECF017C57344C45AB ] C:\Windows\System32\msls31.dll
12:27:04.0861 3944  C:\Windows\System32\msls31.dll - ok
12:27:04.0861 3944  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:27:04.0861 3944  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:27:04.0861 3944  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
12:27:04.0861 3944  C:\Windows\System32\gameux.dll - ok
12:27:04.0861 3944  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
12:27:04.0861 3944  C:\Windows\System32\thumbcache.dll - ok
12:27:04.0877 3944  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:27:04.0877 3944  C:\Windows\System32\DeviceCenter.dll - ok
12:27:04.0877 3944  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:27:04.0877 3944  C:\Windows\System32\networkexplorer.dll - ok
12:27:04.0877 3944  [ F78E0F53F2C2A78EE8E2EABA72AAC8FE ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
12:27:04.0877 3944  C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe - ok
12:27:04.0877 3944  [ 9AA2F3401F9610F1352DB52F66A447B6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
12:27:04.0877 3944  C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe - ok
12:27:04.0877 3944  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
12:27:04.0877 3944  C:\Windows\System32\rundll32.exe - ok
12:27:04.0877 3944  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:27:04.0877 3944  C:\Windows\System32\mscoree.dll - ok
12:27:04.0892 3944  [ D44067027714CC58B8AB0AC38FDA1A0B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:27:04.0892 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:27:04.0892 3944  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
12:27:04.0892 3944  C:\Windows\System32\UIAnimation.dll - ok
12:27:04.0892 3944  [ 15B7225BBA691E4CF8A3D06238D46AE6 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
12:27:04.0892 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
12:27:04.0892 3944  [ DA6C4B5FEEEA4DC7162B5D0C055EB967 ] C:\Windows\System32\imaadp32.acm
12:27:04.0892 3944  C:\Windows\System32\imaadp32.acm - ok
12:27:04.0892 3944  [ 241B07FF7F5943B9C1BF3235F49AC1E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:27:04.0892 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
12:27:04.0892 3944  [ AF49D1C79EA49A7833017F290EE63B82 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
12:27:04.0892 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
12:27:04.0908 3944  [ 1C81E1BEA4847F406BBDB74D19721CE6 ] C:\Windows\System32\msg711.acm
12:27:04.0908 3944  C:\Windows\System32\msg711.acm - ok
12:27:04.0908 3944  [ E5B9A2FA94D21C44DA2B898DC326B0C2 ] C:\Windows\System32\msgsm32.acm
12:27:04.0908 3944  C:\Windows\System32\msgsm32.acm - ok
12:27:04.0908 3944  [ 329FEB3452982A377726DEDAFE9BBDF0 ] C:\Windows\System32\msadp32.acm
12:27:04.0908 3944  C:\Windows\System32\msadp32.acm - ok
12:27:04.0908 3944  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
12:27:04.0908 3944  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
12:27:04.0908 3944  [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
12:27:04.0908 3944  C:\Windows\System32\l3codeca.acm - ok
12:27:04.0924 3944  [ 81FB155132AE12BA18119D5B36A85476 ] C:\Windows\System32\msvcr110_clr0400.dll
12:27:04.0924 3944  C:\Windows\System32\msvcr110_clr0400.dll - ok
12:27:04.0924 3944  [ 4BADC3411348BA8AC7EE6EFCA08ACB3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
12:27:04.0924 3944  [ 75AA0D543EE4D4A3E5C000FCE97C95B5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
12:27:04.0924 3944  [ 31F48225EBCB7ACB5D3DC1C0113677F0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
12:27:04.0924 3944  [ 2C268A7EFE01F7D6292CA29E68803D8E ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe - ok
12:27:04.0924 3944  [ 07AB567D0CE7F5BC08CDB5BFB86CE5F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
12:27:04.0924 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
12:27:04.0939 3944  [ 0ABC50FDB2E1A5ECA26AEFE942CF273B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll - ok
12:27:04.0939 3944  [ 58FE3DB8D7653404E4B8DF496042F594 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
12:27:04.0939 3944  [ 1D5744CDB2FF4C8F8ECDF321FFE986CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
12:27:04.0939 3944  [ 217B3D0C387328A6DA5C7782BDD2909E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
12:27:04.0939 3944  [ 6A776B4D1B0A88BF9717E3F8EC312786 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
12:27:04.0939 3944  [ A2CB5EFE22B024E8D6F029314D5855C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
12:27:04.0939 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
12:27:04.0955 3944  [ C4811C73C651A1312C56E5B851DFA2A4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
12:27:04.0955 3944  [ E30A686A17B95F11DF396025DA10E82B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
12:27:04.0955 3944  [ 65060E078CC53E5C8F572F62E8F1D586 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
12:27:04.0955 3944  [ 1D76889EDA45FD47840C2E89C486A59A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
12:27:04.0955 3944  [ B81737A402CA1BCEC7CDD33261E0D820 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll
12:27:04.0955 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\abf62e6545d2802fc60286678a67e6bf\mscorlib.ni.dll - ok
12:27:04.0955 3944  [ B3319F02D96299F3B63A7B998B1F3174 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
12:27:04.0955 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
12:27:04.0970 3944  [ 3BDA50E1839E245BD83534F8DEAF9DFD ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
12:27:04.0970 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
12:27:04.0970 3944  [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\srclient.dll - ok
12:27:04.0970 3944  [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\spp.dll - ok
12:27:04.0970 3944  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\vssapi.dll - ok
12:27:04.0970 3944  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\vsstrace.dll - ok
12:27:04.0970 3944  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:27:04.0970 3944  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:27:04.0986 3944  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:27:04.0986 3944  C:\Windows\SysWOW64\duser.dll - ok
12:27:04.0986 3944  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:27:04.0986 3944  C:\Windows\SysWOW64\dui70.dll - ok
12:27:04.0986 3944  [ 3C611E94321D6A82EB4C5BCD34FC9F5D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
12:27:04.0986 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
12:27:04.0986 3944  [ FE085839DF8AF76F958F0184E5C173B6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll
12:27:04.0986 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System\4d4a15d5d7968df7dedd4cf853848d90\System.ni.dll - ok
12:27:04.0986 3944  [ F2F7EED54D0970CACE9A579A562AFA7A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll
12:27:04.0986 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\7926c26400ff262c7fc48b729377085b\System.Drawing.ni.dll - ok
12:27:04.0986 3944  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\11332078.sys
12:27:04.0986 3944  C:\Windows\System32\drivers\11332078.sys - ok
12:27:05.0002 3944  [ 36AC61A25AFD4929DB8C1675A036C62A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\8be42454b4d7db7686ea494691d18b16\WindowsBase.ni.dll - ok
12:27:05.0002 3944  [ B64B27F93EE12D85F80F6F1E21975A09 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4764e3995ebd7b6b438eef937cde1332\System.Windows.Forms.ni.dll - ok
12:27:05.0002 3944  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:27:05.0002 3944  C:\Windows\System32\stobject.dll - ok
12:27:05.0002 3944  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:27:05.0002 3944  C:\Windows\System32\batmeter.dll - ok
12:27:05.0002 3944  [ BAD20F3207CE3BE87053B23B5A68879E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll
12:27:05.0002 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\bb1efedf0f2aa2ebbf9f0bf640c9721d\PresentationCore.ni.dll - ok
12:27:05.0002 3944  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:27:05.0002 3944  C:\Windows\System32\prnfldr.dll - ok
12:27:05.0017 3944  [ 22F7DE8F3E33AA52A80855B590464DFA ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
12:27:05.0017 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
12:27:05.0017 3944  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:27:05.0017 3944  C:\Windows\System32\DXP.dll - ok
12:27:05.0017 3944  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:27:05.0017 3944  C:\Windows\System32\Syncreg.dll - ok
12:27:05.0017 3944  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:27:05.0017 3944  C:\Windows\ehome\ehSSO.dll - ok
12:27:05.0017 3944  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:27:05.0017 3944  C:\Windows\System32\netshell.dll - ok
12:27:05.0017 3944  [ A6D7A403246862BF7D2C90219C5F5664 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll
12:27:05.0017 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\fa4b9cda7a89969191429507a934c352\System.Xml.ni.dll - ok
12:27:05.0033 3944  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:27:05.0033 3944  C:\Windows\System32\AltTab.dll - ok
12:27:05.0033 3944  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:27:05.0033 3944  C:\Windows\System32\WPDShServiceObj.dll - ok
12:27:05.0033 3944  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
12:27:05.0033 3944  C:\Windows\System32\SearchIndexer.exe - ok
12:27:05.0033 3944  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:27:05.0033 3944  C:\Windows\System32\pnidui.dll - ok
12:27:05.0033 3944  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:27:05.0033 3944  C:\Windows\System32\QUTIL.DLL - ok
12:27:05.0033 3944  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
12:27:05.0033 3944  C:\Windows\System32\cscobj.dll - ok
12:27:05.0048 3944  [ 20F4C672A75F86E670EE8B965C6F0BBA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll
12:27:05.0048 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\13bb14bb88e6c577c79001039d678bbd\System.Configuration.ni.dll - ok
12:27:05.0048 3944  [ 4D339C075EA6E3B65EE90246929E05CE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll
12:27:05.0048 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\91b87b18c4453c04c9cebdeea2952826\PresentationFramework.ni.dll - ok
12:27:05.0048 3944  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
12:27:05.0048 3944  C:\Windows\System32\tquery.dll - ok
12:27:05.0048 3944  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:27:05.0048 3944  C:\Windows\System32\srchadmin.dll - ok
12:27:05.0048 3944  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
12:27:05.0048 3944  C:\Windows\System32\mssrch.dll - ok
12:27:05.0048 3944  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:27:05.0048 3944  C:\Windows\System32\ActionCenter.dll - ok
12:27:05.0064 3944  [ 0D239F4AC6ADAE0413BBB25687CDD363 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
12:27:05.0064 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
12:27:05.0064 3944  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
12:27:05.0064 3944  C:\Windows\System32\msidle.dll - ok
12:27:05.0064 3944  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
12:27:05.0064 3944  C:\Windows\System32\mssprxy.dll - ok
12:27:05.0064 3944  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:27:05.0064 3944  C:\Windows\System32\netman.dll - ok
12:27:05.0064 3944  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:27:05.0064 3944  C:\Windows\System32\rasdlg.dll - ok
12:27:05.0064 3944  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:27:05.0064 3944  C:\Windows\System32\mprapi.dll - ok
12:27:05.0080 3944  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:27:05.0080 3944  C:\Windows\System32\dot3api.dll - ok
12:27:05.0080 3944  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:27:05.0080 3944  C:\Windows\System32\eappcfg.dll - ok
12:27:05.0080 3944  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:27:05.0080 3944  C:\Windows\System32\wlanhlp.dll - ok
12:27:05.0080 3944  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:27:05.0080 3944  C:\Windows\System32\wlanapi.dll - ok
12:27:05.0080 3944  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:27:05.0080 3944  C:\Windows\System32\wlanutil.dll - ok
12:27:05.0080 3944  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:27:05.0080 3944  C:\Windows\System32\onex.dll - ok
12:27:05.0095 3944  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:27:05.0095 3944  C:\Windows\System32\eappprxy.dll - ok
12:27:05.0095 3944  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:27:05.0095 3944  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:27:05.0095 3944  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:27:05.0095 3944  C:\Windows\System32\WWanAPI.dll - ok
12:27:05.0095 3944  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:27:05.0095 3944  C:\Windows\System32\wwapi.dll - ok
12:27:05.0095 3944  [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
12:27:05.0095 3944  C:\Windows\System32\riched20.dll - ok
12:27:05.0095 3944  [ 33B4BBFDB017D48CFDFE77BF88A53A99 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll
12:27:05.0095 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\e3882692d8f0e323f93b4d95c204b7b7\System.Xaml.ni.dll - ok
12:27:05.0111 3944  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:27:05.0111 3944  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:27:05.0111 3944  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:27:05.0111 3944  C:\Windows\System32\QAGENT.DLL - ok
12:27:05.0111 3944  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:27:05.0111 3944  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:27:05.0111 3944  [ E1B029A730548B18FACE500EE46F659B ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll
12:27:05.0111 3944  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll - ok
12:27:05.0111 3944  [ 3CF6F418BF0BDB5450058030277D34AE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
12:27:05.0111 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
12:27:05.0126 3944  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:27:05.0126 3944  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\netprofm.dll - ok
12:27:05.0126 3944  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\nlaapi.dll - ok
12:27:05.0126 3944  [ BDE8ABC23E3C970058B4DC9E260B45F0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
12:27:05.0126 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
12:27:05.0126 3944  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
12:27:05.0126 3944  C:\Windows\SysWOW64\npmproxy.dll - ok
12:27:05.0126 3944  [ 08588BE486850D6D24D3844A421E60CD ] C:\Program Files (x86)\KeePass Password Safe 2\KeePassLibC64.dll
12:27:05.0126 3944  C:\Program Files (x86)\KeePass Password Safe 2\KeePassLibC64.dll - ok
12:27:05.0142 3944  [ 09FFF8FEE891ED820DD95428E091EA94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
12:27:05.0142 3944  C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
12:27:05.0142 3944  [ 90444850B11F7515BAE08E241E3395F6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll
12:27:05.0142 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\1d513cb1b284a419e8b3df381ce7f270\System.Core.ni.dll - ok
12:27:05.0142 3944  [ 2A53408152061A87E75A8E83486C73D4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll
12:27:05.0142 3944  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsecimpl.dll - ok
12:27:05.0142 3944  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:27:05.0142 3944  C:\Windows\System32\FXSST.dll - ok
12:27:05.0142 3944  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
12:27:05.0142 3944  C:\Windows\SysWOW64\wshqos.dll - ok
12:27:05.0142 3944  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:27:05.0142 3944  C:\Windows\System32\FXSAPI.dll - ok
12:27:05.0158 3944  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
12:27:05.0158 3944  C:\Windows\System32\SearchProtocolHost.exe - ok
12:27:05.0158 3944  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
12:27:05.0158 3944  C:\Windows\System32\msshooks.dll - ok
12:27:05.0158 3944  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:27:05.0158 3944  C:\Windows\System32\FXSRESM.dll - ok
12:27:05.0158 3944  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
12:27:05.0158 3944  C:\Windows\System32\SearchFilterHost.exe - ok
12:27:05.0158 3944  [ 3CF0B79908798CD359C042BB007857C0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\a6153cf4b7a0d2e5c0f4f3e02de99150\System.Security.ni.dll
12:27:05.0158 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Security\a6153cf4b7a0d2e5c0f4f3e02de99150\System.Security.ni.dll - ok
12:27:05.0158 3944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:27:05.0158 3944  C:\Windows\System32\FXSSVC.exe - ok
12:27:05.0173 3944  [ F00AE7B953ABEF1B53FBBA187DFC8238 ] C:\Windows\System32\webcheck.dll
12:27:05.0173 3944  C:\Windows\System32\webcheck.dll - ok
12:27:05.0173 3944  [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
12:27:05.0173 3944  C:\Windows\System32\mssph.dll - ok
12:27:05.0173 3944  [ 381406A98CFBCDEB8D464652CD48B90D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\61550457e267014f3e78ff876e8ceafc\System.ServiceModel.ni.dll
12:27:05.0173 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\61550457e267014f3e78ff876e8ceafc\System.ServiceModel.ni.dll - ok
12:27:05.0173 3944  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:27:05.0173 3944  C:\Windows\System32\SyncCenter.dll - ok
12:27:05.0173 3944  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
12:27:05.0173 3944  C:\Windows\System32\mapi32.dll - ok
12:27:05.0173 3944  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
12:27:05.0173 3944  C:\Windows\System32\wmdrmdev.dll - ok
12:27:05.0189 3944  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
12:27:05.0189 3944  C:\Windows\System32\drmv2clt.dll - ok
12:27:05.0189 3944  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
12:27:05.0189 3944  C:\Windows\System32\blackbox.dll - ok
12:27:05.0189 3944  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:27:05.0189 3944  C:\Windows\System32\imapi2.dll - ok
12:27:05.0189 3944  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
12:27:05.0189 3944  C:\Windows\System32\upnp.dll - ok
12:27:05.0189 3944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
12:27:05.0189 3944  C:\Windows\System32\ssdpsrv.dll - ok
12:27:05.0189 3944  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:27:05.0189 3944  C:\Windows\System32\hgcpl.dll - ok
12:27:05.0189 3944  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
12:27:05.0189 3944  C:\Windows\System32\NaturalLanguage6.dll - ok
12:27:05.0204 3944  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
12:27:05.0204 3944  C:\Windows\System32\fdPHost.dll - ok
12:27:05.0204 3944  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
12:27:05.0204 3944  C:\Windows\System32\fdWSD.dll - ok
12:27:05.0204 3944  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
12:27:05.0204 3944  C:\Windows\System32\fdSSDP.dll - ok
12:27:05.0204 3944  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
12:27:05.0204 3944  C:\Windows\System32\fdProxy.dll - ok
12:27:05.0204 3944  [ 164647BBD819458CE5AA8A8C097B83AC ] C:\Windows\System32\NlsData0007.dll
12:27:05.0204 3944  C:\Windows\System32\NlsData0007.dll - ok
12:27:05.0204 3944  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
12:27:05.0204 3944  C:\Windows\System32\ListSvc.dll - ok
12:27:05.0220 3944  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
12:27:05.0220 3944  C:\Windows\System32\P2P.dll - ok
12:27:05.0220 3944  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
12:27:05.0220 3944  C:\Windows\System32\IdListen.dll - ok
12:27:05.0220 3944  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
12:27:05.0220 3944  C:\Windows\System32\hgprint.dll - ok
12:27:05.0220 3944  [ 37A2FBCBD0AF846BEF609CBEB61EEA68 ] C:\Windows\System32\NlsLexicons0007.dll
12:27:05.0220 3944  C:\Windows\System32\NlsLexicons0007.dll - ok
12:27:05.0220 3944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
12:27:05.0220 3944  C:\Windows\System32\pnrpsvc.dll - ok
12:27:05.0220 3944  [ 4F963F80888646BBAFDAE3102D759C85 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:27:05.0220 3944  C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:27:05.0236 3944  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
12:27:05.0236 3944  C:\Windows\System32\P2PGraph.dll - ok
12:27:05.0236 3944  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
12:27:05.0236 3944  C:\Windows\System32\p2psvc.dll - ok
12:27:05.0236 3944  [ 8CBBB27369F9F07BC5E874E750EAF9D0 ] C:\Windows\System32\wmp.dll
12:27:05.0236 3944  C:\Windows\System32\wmp.dll - ok
12:27:05.0236 3944  [ AB272BBFB05A8585C3405EFA9F605774 ] C:\Windows\System32\wmploc.DLL
12:27:05.0236 3944  C:\Windows\System32\wmploc.DLL - ok
12:27:05.0236 3944  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
12:27:05.0236 3944  C:\Windows\System32\wmpps.dll - ok
12:27:05.0236 3944  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
12:27:05.0236 3944  C:\Windows\System32\wmpmde.dll - ok
12:27:05.0251 3944  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
12:27:05.0251 3944  C:\Windows\System32\WinSATAPI.dll - ok
12:27:05.0251 3944  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
12:27:05.0251 3944  C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:27:05.0251 3944  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
12:27:05.0251 3944  C:\Windows\System32\devenum.dll - ok
12:27:05.0251 3944  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
12:27:05.0251 3944  C:\Windows\System32\msdmo.dll - ok
12:27:05.0251 3944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
12:27:05.0251 3944  C:\Windows\System32\upnphost.dll - ok
12:27:05.0251 3944  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:27:05.0251 3944  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:27:05.0267 3944  [ 576999A364DB2F7AFBBDF4498C72D011 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\97f38be538d81ae29ee2fc7df6a5ee62\System.Data.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\97f38be538d81ae29ee2fc7df6a5ee62\System.Data.ni.dll - ok
12:27:05.0267 3944  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
12:27:05.0267 3944  C:\Windows\System32\wbem\wmiprov.dll - ok
12:27:05.0267 3944  [ 6F2E907125848D3011C66715873378EE ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
12:27:05.0267 3944  C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
12:27:05.0267 3944  [ DBFC838A986EE65B20F78B71780D1F9C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7e7ed14f2b9a7e3d94307462aa99f5b9\System.Runtime.Serialization.ni.dll - ok
12:27:05.0267 3944  [ E4133869739DAED94DFDEF982318CED8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\99f3ab10177d29e82e0d8122a7005ba9\System.ServiceProcess.ni.dll - ok
12:27:05.0267 3944  [ 1C9B6B2BEEE77D616AB0FD020FE53680 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\18aff3aa7e94bcce5f9e245aeefbbff3\System.Xml.Linq.ni.dll
12:27:05.0267 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml.Linq\18aff3aa7e94bcce5f9e245aeefbbff3\System.Xml.Linq.ni.dll - ok
12:27:05.0282 3944  [ F1148BE820DFC7E6FB51DF5E67495443 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\c30adaed66244bca283e31931b87a02c\SMDiagnostics.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\c30adaed66244bca283e31931b87a02c\SMDiagnostics.ni.dll - ok
12:27:05.0282 3944  [ 20E8EDA8D706887645374DA4D31D9FF0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\41b1ad2cede1ea3ca12eb3e6ab801f94\System.ServiceModel.Internals.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\41b1ad2cede1ea3ca12eb3e6ab801f94\System.ServiceModel.Internals.ni.dll - ok
12:27:05.0282 3944  [ 2E45B25D5D5F683EB3EBA179976343F0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\9d50adefc85b474397c742aee943a409\System.ServiceModel.Web.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\9d50adefc85b474397c742aee943a409\System.ServiceModel.Web.ni.dll - ok
12:27:05.0282 3944  [ DA49ABBB37E23A62178A84112E4E35DD ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\4b7a906cdb595be192973212e752d9c5\System.IdentityModel.ni.dll
12:27:05.0282 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\4b7a906cdb595be192973212e752d9c5\System.IdentityModel.ni.dll - ok
12:27:05.0282 3944  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
12:27:05.0282 3944  C:\Windows\SysWOW64\msv1_0.dll - ok
12:27:05.0298 3944  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
12:27:05.0298 3944  C:\Windows\SysWOW64\cryptdll.dll - ok
12:27:05.0298 3944  [ 3EE877BDA6C2A64316CABA06F49A9EDE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll
12:27:05.0298 3944  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\2053b0e14f1e64a5c5d6d1c4d01485a2\System.Transactions.ni.dll - ok
12:27:05.0298 3944  [ F8F69B15EA0C42812B7FA6079F8DD9C9 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
12:27:05.0298 3944  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
12:27:05.0298 3944  [ 17D4F16B8B0E2DF855C2F91CD8C17F44 ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Services.Interface.ProtoBufService.Dto.dll
12:27:05.0298 3944  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.Services.Interface.ProtoBufService.Dto.dll - ok
12:27:05.0298 3944  [ C5A169A35C7F0D503BB68F8B4A8FFBDE ] C:\Program Files (x86)\Garmin\Core Update Service\protobuf-net.dll
12:27:05.0298 3944  C:\Program Files (x86)\Garmin\Core Update Service\protobuf-net.dll - ok
12:27:05.0298 3944  [ 58370BC7DAD40271B0A39845C26F7469 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\9a5f2133b9d4738948dfcf7ebcb82e3e\PresentationFramework.Aero.ni.dll
12:27:05.0298 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\9a5f2133b9d4738948dfcf7ebcb82e3e\PresentationFramework.Aero.ni.dll - ok
12:27:05.0314 3944  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
12:27:05.0314 3944  C:\Windows\System32\d3d9.dll - ok
12:27:05.0314 3944  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
12:27:05.0314 3944  C:\Windows\System32\d3d8thk.dll - ok
12:27:05.0314 3944  [ 62C66F1D84D4405E7ECE5011C6DC6944 ] C:\Windows\System32\atiumd6a.dll
12:27:05.0314 3944  C:\Windows\System32\atiumd6a.dll - ok
12:27:05.0314 3944  [ B2D17C246D94F3CA8097195042F2F5D5 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\a041ca8cc604314c67e218842a591568\PresentationFramework-SystemXml.ni.dll
12:27:05.0314 3944  C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\a041ca8cc604314c67e218842a591568\PresentationFramework-SystemXml.ni.dll - ok
12:27:05.0314 3944  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
12:27:05.0314 3944  C:\Windows\System32\udhisapi.dll - ok
12:27:05.0314 3944  ============================================================
12:27:05.0314 3944  Scan finished
12:27:05.0314 3944  ============================================================
12:27:05.0329 3820  Detected object count: 1
12:27:05.0329 3820  Actual detected object count: 1
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 - ok
12:27:28.0027 3820  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
12:27:41.0334 3588  Deinitialize success
 


Should I do a full scan with Avira?

 

Thanks and best regards

Slay80



#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 26 April 2014 - 06:02 AM

Hi,
 
I must give you this warning:
 
Looking through your logs, one or more of your infections has been identified as a Backdoor Trojan. These threats have backdoor functionality which allows hackers to remotely control your computer, steal critical system information, and download and execute files.
 
I highly suggest you to disconnect this PC from the Internet immediately, and if possible use a clean computer and a flash drive to transfer the programs I request for you to run. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. It would be wise to contact those same financial institutions to notify them of your situation.
 
Due to the nature of this trojan, your computer is very likely to be compromised. There is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:
 
How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall
 
We can still clean this machine, but I can't guarantee that it will be 100% secure afterwards. If you decide to continue cleaning this machine, follow on with the rest of the steps posted below. If you do not want to clean this machine, please let me know.
 
--------------
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 07:51 AM

Sorry for asking stupid questions, but what do you mean exactly by "There is no way to be sure your computer can ever again be trusted." Does this mean that I am also not save after reformating and reinstalling a new OS?
What do you recommend: Should I first try to clean it and then reformat and reinstall the OS or does it make more sense to reformat and reinstall the OS directly?

#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 26 April 2014 - 07:59 AM

Hi Slay80,

 

A full reformat and reinstall would be the only way to be completely certain that the malware is gone, and make sure there were no changes to your computer which would mean it was compromised. I would suggest cleaning it first as this means you can backup files without worrying about introducing the infection into the backup or a clean computer. If you do not want to save anything then it's fine to go ahead and reformat.

 

Anyhow, tell me what you want to.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#11 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 26 April 2014 - 09:46 AM

Hi Toffee,

 

I just ran FRST, please find here the log:

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by SYSTEM on MININT-TCK8834 on 26-04-2014 16:39:45
Running from L:\
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
Winlogon\Notify\fiolgor-x32: C:\Users\Gerhard\AppData\Local\fiolgor.dll ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\Gerhard\...\Run: [KeePass Password Safe 2] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKU\Gerhard\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\Gerhard\...\Run: [fiolgor] => rundll32 "C:\Users\Gerhard\AppData\Local\fiolgor.dll",fiolgor <===== ATTENTION

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [431960 2014-04-01] (Garmin Ltd or its subsidiaries)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)

==================== Drivers (Whitelisted) ====================

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 52BD95CAA9CAE8977FE043E9AD6D2D0E
C:\Windows\System32\DRIVERS\avgntflt.sys 7806BFCD1D7FA5EC23F7324D4EAFD25B
C:\Windows\System32\DRIVERS\avipbb.sys C3A58DBD18786C338126D30BF8C33D72
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\DRIVERS\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 16:39 - 2014-04-26 16:39 - 00000000 ____D () C:\FRST
2014-04-26 11:27 - 2014-04-26 11:27 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-26 11:22 - 2014-04-26 11:22 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Gerhard\Desktop\tdsskiller.exe
2014-04-24 22:04 - 2014-04-24 22:04 - 00002000 _____ () C:\Users\Gerhard\Desktop\Remove Avira PC Cleaner.lnk
2014-04-24 22:04 - 2014-04-24 22:04 - 00001944 _____ () C:\Users\Gerhard\Desktop\Avira PC Cleaner.lnk
2014-04-24 21:10 - 2014-04-24 21:13 - 00001322 _____ () C:\Users\Gerhard\Desktop\attach.txt
2014-04-24 21:06 - 2014-04-24 21:06 - 00688992 ____R (Swearware) C:\Users\Gerhard\Desktop\dds.com
2014-04-24 18:18 - 2014-04-24 18:18 - 00016384 _____ () C:\Users\Gerhard\AppData\Local\fiolgor.dll
2014-04-22 10:23 - 2014-04-23 20:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-22 10:23 - 2014-04-23 20:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-22 10:23 - 2014-04-22 10:23 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-22 10:23 - 2014-04-22 10:23 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-22 10:23 - 2014-04-22 10:23 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-22 10:22 - 2014-04-22 10:22 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-22 10:21 - 2014-03-06 11:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-04-22 10:21 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-04-22 10:21 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-04-22 10:21 - 2014-03-06 10:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-22 10:21 - 2014-03-06 09:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-04-22 10:21 - 2014-03-06 09:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-04-22 10:21 - 2014-03-06 09:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-04-22 10:21 - 2014-03-06 09:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-04-22 10:21 - 2014-03-06 09:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-04-22 10:21 - 2014-03-06 09:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-04-22 10:21 - 2014-03-06 09:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-22 10:21 - 2014-03-06 09:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-04-22 10:21 - 2014-03-06 09:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-04-22 10:21 - 2014-03-06 09:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-04-22 10:21 - 2014-03-06 09:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-04-22 10:21 - 2014-03-06 09:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-04-22 10:21 - 2014-03-06 09:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-04-22 10:21 - 2014-03-06 09:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-04-22 10:21 - 2014-03-06 09:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-04-22 10:21 - 2014-03-06 09:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-22 10:21 - 2014-03-06 09:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-22 10:21 - 2014-03-06 09:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-22 10:21 - 2014-03-06 08:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-04-22 10:21 - 2014-03-06 08:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-04-22 10:21 - 2014-03-06 08:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-22 10:21 - 2014-03-06 08:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-22 10:21 - 2014-03-06 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-22 10:21 - 2014-03-06 08:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-22 10:21 - 2014-03-06 08:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-04-22 10:21 - 2014-03-06 08:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-22 10:21 - 2014-03-06 08:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-22 10:21 - 2014-03-06 08:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-22 10:21 - 2014-03-06 08:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-22 10:21 - 2014-03-06 08:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-04-22 10:21 - 2014-03-06 08:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-22 10:21 - 2014-03-06 08:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-04-22 10:21 - 2014-03-06 08:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-22 10:21 - 2014-03-06 08:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-22 10:21 - 2014-03-06 07:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-04-22 10:21 - 2014-03-06 07:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-22 10:21 - 2014-03-06 07:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-22 10:21 - 2014-03-06 07:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-22 10:21 - 2014-03-06 07:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-04-22 10:21 - 2014-03-06 06:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-04-22 10:21 - 2014-03-06 06:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-04-22 10:21 - 2014-03-06 06:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-22 10:21 - 2014-03-06 06:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-22 10:21 - 2014-03-06 06:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-21 23:22 - 2014-04-21 23:22 - 00000000 ____D () C:\Users\Gerhard\Documents\Mein Garmin
2014-04-21 23:22 - 2014-04-21 23:22 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\GARMIN_Corp
2014-04-21 23:16 - 2014-04-21 23:18 - 55880808 _____ () C:\Users\Gerhard\Downloads\BaseCamp_425.exe
2014-04-21 22:38 - 2014-04-21 22:38 - 00529063 _____ () C:\Users\Gerhard\Downloads\mtblegend.exe
2014-04-21 21:49 - 2014-04-21 22:15 - 57051280 _____ (Igor Pavlov) C:\Users\Gerhard\Downloads\MapSource_6163.exe
2014-04-21 21:43 - 2014-04-21 22:24 - 951656559 _____ () C:\Users\Gerhard\Downloads\mtbalps.exe
2014-04-21 21:34 - 2014-04-21 22:57 - 1324280302 _____ () C:\Users\Gerhard\Downloads\mtbgermany.exe
2014-04-20 14:30 - 2014-04-21 23:23 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Garmin
2014-04-20 14:28 - 2014-04-24 23:33 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Garmin
2014-04-20 14:28 - 2014-04-23 21:03 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-20 14:28 - 2014-04-21 23:27 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-04-20 14:28 - 2014-04-21 23:21 - 00000000 ____D () C:\Program Files\DIFX
2014-04-20 14:28 - 2014-04-20 14:28 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-04-20 14:28 - 2014-04-20 14:28 - 00001895 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-20 14:27 - 2014-04-20 14:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-20 14:24 - 2014-04-20 14:25 - 30751816 _____ (Garmin Ltd or its subsidiaries) C:\Users\Gerhard\Downloads\GarminExpressInstaller.exe
2014-04-20 13:54 - 2014-04-20 13:54 - 02545000 _____ (Dominik Reichl ) C:\Users\Gerhard\Downloads\KeePass-2.26-Setup.exe
2014-04-13 16:22 - 2014-04-13 16:22 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\vlc
2014-04-13 13:07 - 2014-04-17 11:05 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\KeePass
2014-04-13 11:54 - 2014-04-13 11:54 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-04-12 12:23 - 2014-04-26 11:30 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\KeePass
2014-04-12 12:22 - 2014-04-12 12:22 - 00040492 _____ () C:\Users\Gerhard\Downloads\KeePass-2.25-German.zip
2014-04-12 12:16 - 2014-04-20 13:56 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-04-12 12:15 - 2014-03-16 20:38 - 00450709 _____ () C:\Windows\System32\Drivers\etc\hosts.20140412-131539.backup
2014-04-12 12:13 - 2014-04-12 12:13 - 02537151 _____ (Dominik Reichl ) C:\Users\Gerhard\Downloads\KeePass-2.25-Setup.exe
2014-04-09 20:39 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-04-09 20:39 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2014-04-09 20:39 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2014-04-09 20:39 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2014-04-09 20:39 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2014-04-09 20:39 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 20:39 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 20:39 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 20:39 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 20:39 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 20:39 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 20:39 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys
2014-04-09 20:39 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2014-04-09 20:39 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\Diskdump.sys
2014-04-09 20:39 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\iologmsg.dll
2014-04-09 20:39 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 20:39 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2014-04-04 16:52 - 2014-04-04 16:52 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\Langenscheidt
2014-04-04 16:52 - 2014-04-04 16:52 - 00000000 ____D () C:\ProgramData\Langenscheidt
2014-04-01 18:38 - 2014-04-01 18:38 - 00002839 _____ () C:\Users\Nadine\AppData\Local\recently-used.xbel
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-26 16:39 - 2014-04-26 16:39 - 00000000 ____D () C:\FRST
2014-04-26 12:20 - 2014-03-16 20:02 - 01823839 _____ () C:\Windows\WindowsUpdate.log
2014-04-26 12:09 - 2014-03-18 20:31 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 11:36 - 2009-07-14 05:45 - 00014928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 11:36 - 2009-07-14 05:45 - 00014928 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 11:35 - 2009-07-14 18:58 - 00742718 _____ () C:\Windows\System32\perfh007.dat
2014-04-26 11:35 - 2009-07-14 18:58 - 00162786 _____ () C:\Windows\System32\perfc007.dat
2014-04-26 11:35 - 2009-07-14 06:13 - 00006224 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-26 11:30 - 2014-04-12 12:23 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\KeePass
2014-04-26 11:30 - 2014-03-16 23:19 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 11:28 - 2014-03-16 23:19 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-26 11:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-26 11:28 - 2009-07-14 05:51 - 00029120 _____ () C:\Windows\setupact.log
2014-04-26 11:27 - 2014-04-26 11:27 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-04-26 11:22 - 2014-04-26 11:22 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Gerhard\Desktop\tdsskiller.exe
2014-04-26 11:19 - 2014-03-16 20:47 - 00123884 _____ () C:\Windows\PFRO.log
2014-04-24 23:33 - 2014-04-20 14:28 - 00000000 ____D () C:\Users\Gerhard\AppData\Roaming\Garmin
2014-04-24 22:04 - 2014-04-24 22:04 - 00002000 _____ () C:\Users\Gerhard\Desktop\Remove Avira PC Cleaner.lnk
2014-04-24 22:04 - 2014-04-24 22:04 - 00001944 _____ () C:\Users\Gerhard\Desktop\Avira PC Cleaner.lnk
2014-04-24 21:13 - 2014-04-24 21:10 - 00001322 _____ () C:\Users\Gerhard\Desktop\attach.txt
2014-04-24 21:06 - 2014-04-24 21:06 - 00688992 ____R (Swearware) C:\Users\Gerhard\Desktop\dds.com
2014-04-24 20:35 - 2014-03-16 20:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-24 18:18 - 2014-04-24 18:18 - 00016384 _____ () C:\Users\Gerhard\AppData\Local\fiolgor.dll
2014-04-23 21:03 - 2014-04-20 14:28 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-23 20:53 - 2014-04-22 10:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-23 20:53 - 2014-04-22 10:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-22 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-22 10:23 - 2014-04-22 10:23 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-04-22 10:23 - 2014-04-22 10:23 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-04-22 10:23 - 2014-04-22 10:23 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-04-22 10:23 - 2014-03-16 22:54 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-04-22 10:23 - 2014-03-16 22:54 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-04-22 10:22 - 2014-04-22 10:22 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-04-21 23:27 - 2014-04-20 14:28 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-04-21 23:23 - 2014-04-20 14:30 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Garmin
2014-04-21 23:22 - 2014-04-21 23:22 - 00000000 ____D () C:\Users\Gerhard\Documents\Mein Garmin
2014-04-21 23:22 - 2014-04-21 23:22 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\GARMIN_Corp
2014-04-21 23:21 - 2014-04-20 14:28 - 00000000 ____D () C:\Program Files\DIFX
2014-04-21 23:18 - 2014-04-21 23:16 - 55880808 _____ () C:\Users\Gerhard\Downloads\BaseCamp_425.exe
2014-04-21 22:57 - 2014-04-21 21:34 - 1324280302 _____ () C:\Users\Gerhard\Downloads\mtbgermany.exe
2014-04-21 22:38 - 2014-04-21 22:38 - 00529063 _____ () C:\Users\Gerhard\Downloads\mtblegend.exe
2014-04-21 22:24 - 2014-04-21 21:43 - 951656559 _____ () C:\Users\Gerhard\Downloads\mtbalps.exe
2014-04-21 22:15 - 2014-04-21 21:49 - 57051280 _____ (Igor Pavlov) C:\Users\Gerhard\Downloads\MapSource_6163.exe
2014-04-20 14:28 - 2014-04-20 14:28 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-04-20 14:28 - 2014-04-20 14:28 - 00001895 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-20 14:27 - 2014-04-20 14:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-20 14:25 - 2014-04-20 14:24 - 30751816 _____ (Garmin Ltd or its subsidiaries) C:\Users\Gerhard\Downloads\GarminExpressInstaller.exe
2014-04-20 13:56 - 2014-04-12 12:16 - 00000000 ____D () C:\Program Files (x86)\KeePass Password Safe 2
2014-04-20 13:54 - 2014-04-20 13:54 - 02545000 _____ (Dominik Reichl ) C:\Users\Gerhard\Downloads\KeePass-2.26-Setup.exe
2014-04-20 13:52 - 2014-03-18 20:30 - 00000000 ____D () C:\Users\Gerhard\AppData\Local\Adobe
2014-04-20 13:50 - 2014-03-18 20:31 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 13:50 - 2014-03-18 20:31 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 13:50 - 2014-03-18 20:31 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-17 11:05 - 2014-04-13 13:07 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\KeePass
2014-04-13 16:22 - 2014-04-13 16:22 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\vlc
2014-04-13 11:54 - 2014-04-13 11:54 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-04-12 14:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-04-12 12:22 - 2014-04-12 12:22 - 00040492 _____ () C:\Users\Gerhard\Downloads\KeePass-2.25-German.zip
2014-04-12 12:13 - 2014-04-12 12:13 - 02537151 _____ (Dominik Reichl ) C:\Users\Gerhard\Downloads\KeePass-2.25-Setup.exe
2014-04-09 20:46 - 2014-03-16 23:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 20:45 - 2014-03-16 22:08 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-09 20:44 - 2014-03-16 22:08 - 90655440 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-04-04 16:52 - 2014-04-04 16:52 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\Langenscheidt
2014-04-04 16:52 - 2014-04-04 16:52 - 00000000 ____D () C:\ProgramData\Langenscheidt
2014-04-01 19:14 - 2014-03-23 11:48 - 00000000 ____D () C:\Users\Nadine\.gimp-2.8
2014-04-01 18:38 - 2014-04-01 18:38 - 00002839 _____ () C:\Users\Nadine\AppData\Local\recently-used.xbel
2014-04-01 18:25 - 2014-03-16 23:19 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 18:25 - 2014-03-16 23:19 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 22:50 - 2014-03-25 19:46 - 00000000 ____D () C:\Users\Nadine\AppData\Roaming\Skype
2014-03-31 07:16 - 2014-03-16 23:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 12:47 - 2014-03-29 12:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Gerhard\AppData\Local\Temp\676701.exe
C:\Users\Gerhard\AppData\Local\Temp\682457.exe
C:\Users\Gerhard\AppData\Local\Temp\avgnt.exe
C:\Users\Gerhard\AppData\Local\Temp\D9687C7B-ADD2-4A01-A8C3-26B5DE703B9F.exe
C:\Users\Gerhard\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Gerhard\AppData\Local\Temp\ose00000.exe
C:\Users\Gerhard\AppData\Local\Temp\UpdateFlashPlayer_8281ff81.exe
C:\Users\Gerhard\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Nadine\AppData\Local\Temp\avgnt.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-04-09 20:43:54
Restore point made on: 2014-04-13 11:53:51
Restore point made on: 2014-04-14 17:45:49
Restore point made on: 2014-04-14 17:48:33
Restore point made on: 2014-04-20 14:27:49
Restore point made on: 2014-04-21 21:22:14
Restore point made on: 2014-04-21 21:24:43
Restore point made on: 2014-04-22 10:19:25
Restore point made on: 2014-04-22 22:33:00
Restore point made on: 2014-04-24 18:21:11
Restore point made on: 2014-04-24 18:24:36
Restore point made on: 2014-04-24 18:26:39
Restore point made on: 2014-04-24 18:33:36
Restore point made on: 2014-04-24 18:34:10
Restore point made on: 2014-04-24 20:54:26
Restore point made on: 2014-04-24 23:00:44

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {default}
resumeobject            {07c49f87-ad3d-11e3-a427-e69f17c2dbb3}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 15

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {07c49f87-ad3d-11e3-a427-e69f17c2dbb3}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[C:]\Recovery\07c49f89-ad3d-11e3-a427-e69f17c2dbb3\Winre.wim,{07c49f8a-ad3d-11e3-a427-e69f17c2dbb3}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\07c49f89-ad3d-11e3-a427-e69f17c2dbb3\Winre.wim,{07c49f8a-ad3d-11e3-a427-e69f17c2dbb3}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {07c49f87-ad3d-11e3-a427-e69f17c2dbb3}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows-Speicherdiagnose
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {07c49f8a-ad3d-11e3-a427-e69f17c2dbb3}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\07c49f89-ad3d-11e3-a427-e69f17c2dbb3\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 4094.3 MB
Available physical RAM: 3515.18 MB
Total Pagefile: 4092.45 MB
Available Pagefile: 3498.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:297.85 GB) (Free:249.92 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Swap) (Fixed) (Total:50.78 GB) (Free:50.66 GB) NTFS
Drive e: () (Fixed) (Total:298.32 GB) (Free:298.19 GB) NTFS
Drive f: (Daten) (Fixed) (Total:545.39 GB) (Free:426.91 GB) NTFS
Drive l: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 00011D17)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: DBE50493)
Partition 1: (Not Active) - (Size=51 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=545 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 992 MB) (Disk ID: 6E652072)
No partition Table on disk 6.


LastRegBack: 2014-04-20 14:59

==================== End Of Log ============================

 

There was no Addition.txt created.

 

I used the secure mode.

 

What should I do next?

 

Thanks and best regards

Slay80


Edited by Slay80, 26 April 2014 - 09:48 AM.


#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 26 April 2014 - 01:40 PM

Hi Slay80,

 

Running a fix Using Farbar's Recvovery Scan Tool in the Recovery Environment:

  • From your clean computer, press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter.
  • Please copy and paste the contents of the below code box into the open notepad and save it on the flashdrive as fixlist.txt
Winlogon\Notify\fiolgor-x32: C:\Users\Gerhard\AppData\Local\fiolgor.dll ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\Gerhard\...\Run: [fiolgor] => rundll32 "C:\Users\Gerhard\AppData\Local\fiolgor.dll",fiolgor <===== ATTENTION
C:\Users\Gerhard\AppData\Local\fiolgor.dll
C:\Users\Gerhard\AppData\Local\Temp\676701.exe
C:\Users\Gerhard\AppData\Local\Temp\682457.exe
  • Insert the USB device into your infected computer
  • Follow the process below to enter the System Recovery Options using one of the three options listed, then running Farbar's Recover Scan Tool.

 

On a clean machine, please download Farbar Recovery Scan Tool and save it to the USB (feel free to use the frst download from my last instructions, if you still have it on the USB).
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html


To enter System Recovery Options by using Windows installation disc:

  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

 

==========

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt


Select Command Prompt

==========

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • It will make a log (Fixlog.txt) on the flash drive. Please copy and paste it to your reply.

--------------

To recap, in your next reply I would like to see the following:

  • Fixlog.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#13 Slay80

Slay80
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 27 April 2014 - 11:17 AM

Hi Toffee,

 

Please find below Fixlog.txt:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-04-2014 03
Ran by SYSTEM at 2014-04-27 18:15:08 Run:1
Running from L:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
Winlogon\Notify\fiolgor-x32: C:\Users\Gerhard\AppData\Local\fiolgor.dll ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\Gerhard\...\Run: [fiolgor] => rundll32 "C:\Users\Gerhard\AppData\Local\fiolgor.dll",fiolgor <===== ATTENTION
C:\Users\Gerhard\AppData\Local\fiolgor.dll
C:\Users\Gerhard\AppData\Local\Temp\676701.exe
C:\Users\Gerhard\AppData\Local\Temp\682457.exe
*****************

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\fiolgor => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => Key deleted successfully.
HKU\Gerhard\Software\Microsoft\Windows\CurrentVersion\Run\\fiolgor => Value deleted successfully.
C:\Users\Gerhard\AppData\Local\fiolgor.dll => Moved successfully.
C:\Users\Gerhard\AppData\Local\Temp\676701.exe => Moved successfully.
C:\Users\Gerhard\AppData\Local\Temp\682457.exe => Moved successfully.

==== End of Fixlog ====

 

Is my computer now clean so that I can start a backup of my files before formatting and reinstallung a new OS? What is the next step?

 

Thanks and best regards

Slay80


Edited by Slay80, 27 April 2014 - 11:22 AM.


#14 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 27 April 2014 - 12:55 PM

Hi Slay80,

 

Yes, that should have gotten rid of the Avira alert. Feel free to start creating a backup of files. Tell me when you are all set and have reinstalled, and I will close this topic.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:08:48 PM

Posted 02 May 2014 - 10:57 AM

Hi Slay80,

 

How are you getting on with the reinstall?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users