| |
| |||||||
Log-Analyse und Auswertung: Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
07.04.2014, 22:25
| #1 |
 |  Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! Hallo liebes Trojaner Board =======> Zusammenfassung: Ich hatte seit einiger Zeit die Vermutung das ich ausspioniert werde. Vor gut einem Monat habe ich dann als Machtdemonstration/Mobbing die Aktion einer Fernsteuerungssoftware auf meinem Rechner beobachtet. Daraufhin hat ein guter Freund hat mir eine Multi-Boot USB Stick mit verschiedenen Live-Systemen geschickt. Sowohl AVG-Rescue CD, Bit-Defender Rescue CD, Kaspersky Rescue Disk 10 und das Avira Rescue System konnten nichts finden. Lediglich GDATA Antivirus 2014 Live CD gab mir mehrere positive Virenfunde (Siehe unten). Auf Grund dessen interessieren mich folgende Fragen: Sind weitere Viren auf meinem System? Wenn ja welche? Welche Fernsteuerungssoftware/Trojaner/Backdore-software/RootKit befindet sich auf meinem System? Wie verbeiten sich die Viren? Kann ich diese isolieren? Wurde mein System über WLAN aus der Nachbarschaft oder übers Internet ausspioniert? Falls Internet kann man Informationen über einen Server finden? Kann ich weitere Informationen sammeln? Wie die Fragen schon verdeutlichen geht es mir darum weitere Hinweise zu sammeln. Mittlerweile habe ich die WLAN/Internetaktivität des Systems dadurch unterbunden, dass kein WLAN-Router verfügbar ist und kein Lan-Kabel angeschlossen ist. Ich möchte dies beibehalten! Anti-Root-Kit Tools wie Sophos Anti-Root-Kit 1.5, Sophos Virus Removal Tool 2.4, und MBAR 1.07.0.1009 haben nichts gefunden. Ich habe weitere Scans mit ADS (Screenshot verfügbar) FRST (FRST Addition log und FRST log unten) FSS (Log verfügbar) GMER (Log unten) HiJackFree (Log verfügbar, Screenshots verfügbar) MiniToolbox (Log verfügbar) OTL (OTL log und OTL Extras log verfügbar) TDSS (log unten) aswMBR (log unten und mbr.dat verfügbar) gemacht. Schreibt mir bitte wenn ihr weitere Logs wünscht oder ich neue modifizierte Scans machen soll! Ich bin einmal täglich online um hier nachzuschauen. Vielen Dank =======> Systeminformationen: Acer Aspire V5-171-73518G50ass Win 8.1x64 mit UEFI und Secureboot Kann DataSheet posten falls gewünscht. =======> GDATA Vireninformationen (keine Log verfügbar): Nr. # Datei # STATUS # Virus # Pfad: 1.) # wmplayer.exe # Infiziert # Gen:Trojan.Heur.Fu.ku0@01zqzfi # C:/Prgram Files (X86)/Windows Media Player 2.) # MASAC3ENC.DLL # Infiziert # Gen:Variant.Graftor.6958 # C:/Windows/SysWOW64 3.) # wmplayer.exe # Infiziert # Gen:Trojan.Heur.Fu.ku0@01zqzfi # C:/Windows/WinSxS/wow64_microsoft-mediaplayer-core_31bf3856ad364e35_6.3.9600.16384_none_067ccd7c57718204 4.) # MASAC3ENC.DLL # Infiziert # Gen:Variant.Graftor.6958 # C:/Windows/WinSxS/x86_microsoft-windows-msac3enc_31bf3856ad364e35_6.3.9600.16384_none_397e9280973e0d1b =======> Ein paar Merkwürdigkeiten: Bei den Scans mit den verschiedensten Tools habe ich ein paar Merkwürdigkeiten festgestellt (Dinge die ich für merkwürdig halte). a-squared HiJackFree zeigt mir an das zwölf Versionen der svchost.exe laufen. Unter Ports bei HiJackFree sind sehr viele Prots offen (Screenshot verfügbar falls gewünscht). Insbesondere 3 Ports sind durch system ohne weitere Angaben geöffnet und 8 durch die Datei svchost.exe. Das Tool aswMBR gibt die Meldung <<Disk 0 unknown MBR code>> aus. Desweiteren melden einige Scan-Prgramme Fehler. Diese sind: FRST: cmd.exe - Anwendungsfehler; Die Anwendung konnte nicht korrekt gestartet werden (0xc0000142). GMER: C:/windows/system32/config/system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. =======> Log-Files getrennt durch ///////////////////////////////////////////////: Bemerkung: In den Log-Files habe ich den Benutzernamen für Windows durch Tandem, den Computernamen durch TandemPC und die Arbeitsgruppe durch TandemGROUP ersetzt. Inhaltsverzeichnis: 1. defogger 2. FRST 3. FRST Addition 4. GMER 5. TDSS 6. aswMBR 1. defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:48 on 06/04/2014 (Tandem)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
2. FRST: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Tandem (administrator) on TandemPC on 06-04-2014 17:51:07
Running from C:\Users\Tandem\Desktop
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) c:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\wsqmcons.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-07-18] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [LManager] - [X]
HKLM-x32\...\Run: [RadioController] - C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-11-06] (Dritek System Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73832 2013-10-26] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [458616 2014-01-29] (Microsoft Corporation)
HKLM-x32\...\Runonce: [ABF32FD5-76A3-4963-ADD0-FBD1A5D39A5F] - cmd.exe /C start /D "C:\Users\Tandem\AppData\Local\Temp" /B ABF32FD5-76A3-4963-ADD0-FBD1A5D39A5F.exe -activeimages -postboot [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1585775717-2291541166-2170777470-1001\...\Run: [Skype] - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {F58F6DE7-11EB-433B-83D8-5F969E051FED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {F58F6DE7-11EB-433B-83D8-5F969E051FED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope {F58F6DE7-11EB-433B-83D8-5F969E051FED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {F58F6DE7-11EB-433B-83D8-5F969E051FED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {FA1BEA84-B1AE-4D1F-B5B8-7DC11F25FBB8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=de&q={searchTerms}&gu=4fc1f445c76143a5a3b6d2a81485d5db&tu=10G9z00Bi1C01g0&sku=&tstsId=&ver=&&r=937
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {F58F6DE7-11EB-433B-83D8-5F969E051FED} URL =
SearchScopes: HKCU - {FA1BEA84-B1AE-4D1F-B5B8-7DC11F25FBB8} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=de&q={searchTerms}&gu=4fc1f445c76143a5a3b6d2a81485d5db&tu=10G9z00Bi1C01g0&sku=&tstsId=&ver=&&r=937
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
FireFox:
========
FF ProfilePath: C:\Users\Tandem\AppData\Roaming\Mozilla\Firefox\Profiles\deotmhau.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=de&gu=4fc1f445c76143a5a3b6d2a81485d5db&tu=10G9z00Bi1C01g0&sku=&tstsId=&ver=&
CHR RestoreOnStartup: "hxxp://search.zonealarm.com/?src=hp&tbid=goughGA&Lan=de&gu=4fc1f445c76143a5a3b6d2a81485d5db&tu=10G9z00Bi1C01g0&sku=&tstsId=&ver=&"
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: hxxp://search.zonealarm.com/search?src=sp&tbid=goughGA&Lan=de&q={searchTerms}&gu=4fc1f445c76143a5a3b6d2a81485d5db&tu=10G9z00Bi1C01g0&sku=&tstsId=&ver=&
CHR Extension: (Docs) - C:\Users\Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-23]
CHR Extension: (Google Wallet) - C:\Users\Tandem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-23]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-03-04] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-11-06] (Dritek System INC.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2445816 2013-10-26] (Check Point Software Technologies LTD)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [50704 2013-10-15] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 ASPI; C:\WINDOWS\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-04] (Microsoft Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-07-17] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2013-02-21] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489056 2013-10-08] (Kaspersky Lab ZAO)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [91352 2014-04-05] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\WINDOWS\system32\250.tmp [6144 2009-06-18] (Sophos Plc)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-11-06] (Dritek System Inc.)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-04] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [454168 2013-10-23] (Check Point Software Technologies LTD)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 Hamachi; \SystemRoot\system32\DRIVERS\Hamdrv.sys [X]
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VBoxUSB; \SystemRoot\System32\Drivers\VBoxUSB.sys [X]
S3 vpnva; \SystemRoot\system32\DRIVERS\vpnva64-6.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-06 17:51 - 2014-04-06 17:51 - 00015730 _____ () C:\Users\Tandem\Desktop\FRST.txt
2014-04-06 17:50 - 2014-04-06 17:51 - 00000000 ____D () C:\FRST
2014-04-06 16:37 - 2014-04-06 17:49 - 00000000 ____D () C:\Users\Tandem\Desktop\Log-Files
2014-04-06 16:36 - 2014-04-04 18:09 - 00982016 _____ (Farbar) C:\Users\Tandem\Desktop\MiniToolBox.exe
2014-04-06 16:36 - 2014-04-04 18:08 - 00409600 _____ (Farbar) C:\Users\Tandem\Desktop\FSS.exe
2014-04-06 16:36 - 2014-04-04 17:56 - 00602112 _____ (OldTimer Tools) C:\Users\Tandem\Desktop\OTL.exe
2014-04-06 16:35 - 2014-04-04 17:49 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tandem\Desktop\tdsskiller.exe
2014-04-06 00:21 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\250.tmp
2014-04-05 23:16 - 2014-04-05 23:16 - 00000000 ____D () C:\ProgramData\Sophos
2014-04-05 23:15 - 2014-04-05 23:15 - 00003227 _____ () C:\Users\Tandem\Desktop\Sophos Virus Removal Tool.lnk
2014-04-05 23:15 - 2014-04-05 23:15 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-04-05 23:09 - 2014-04-05 23:09 - 00000000 ____D () C:\Users\Tandem\Desktop\ADSL
2014-04-05 22:27 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\4D9C.tmp
2014-04-05 22:21 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\832F.tmp
2014-04-05 06:08 - 2014-04-05 06:08 - 00297240 _____ () C:\WINDOWS\Minidump\040514-18218-01.dmp
2014-04-05 05:58 - 2014-04-04 17:32 - 00050477 _____ () C:\Users\Tandem\Desktop\Defogger.exe
2014-04-05 05:56 - 2014-04-04 17:33 - 02157056 _____ (Farbar) C:\Users\Tandem\Desktop\FRST64.exe
2014-04-05 05:31 - 2014-04-04 17:37 - 00380416 _____ () C:\Users\Tandem\Desktop\Gmer-19357.exe
2014-04-05 05:09 - 2014-04-05 05:09 - 00021412 _____ () C:\Users\Tandem\Documents\HiJackFree.log
2014-04-05 05:02 - 2014-04-05 05:02 - 00297240 _____ () C:\WINDOWS\Minidump\040514-16500-01.dmp
2014-04-05 04:47 - 2014-04-05 04:47 - 00001043 _____ () C:\Users\Public\Desktop\a-squared HiJackFree.lnk
2014-04-05 04:47 - 2014-04-05 04:47 - 00000000 ____D () C:\Program Files (x86)\a-squared HiJackFree
2014-04-05 04:44 - 2014-04-05 04:45 - 00297240 _____ () C:\WINDOWS\Minidump\040514-17562-01.dmp
2014-04-05 04:31 - 2014-04-05 04:32 - 00297240 _____ () C:\WINDOWS\Minidump\040514-32843-01.dmp
2014-04-05 03:48 - 2014-04-06 04:13 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-04-05 03:48 - 2014-04-05 03:48 - 00059392 ____R () C:\WINDOWS\SysWOW64\streamhlp.dll
2014-04-05 03:47 - 2014-04-05 03:48 - 00000000 ____D () C:\Users\Tandem\Pavark
2014-04-05 01:01 - 2014-04-05 01:01 - 00000000 ____D () C:\rsit
2014-04-05 01:01 - 2014-04-05 01:01 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-04-05 00:02 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\BC07.tmp
2014-04-04 23:55 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\F274.tmp
2014-04-04 23:33 - 2014-04-05 21:37 - 00000000 ____D () C:\Users\Tandem\Desktop\mbar
2014-04-04 23:33 - 2014-04-05 21:37 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-04 23:33 - 2014-04-05 20:31 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 23:33 - 2014-04-05 19:48 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-04 23:33 - 2014-04-04 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 23:06 - 2014-04-05 06:25 - 00000504 _____ () C:\Users\Tandem\defogger_reenable
2014-03-19 23:39 - 2014-03-20 00:48 - 00000000 ____D () C:\.Trash-999
2014-03-13 20:54 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-03-13 20:54 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-03-13 20:54 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-03-13 20:54 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-03-13 20:54 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-03-13 20:54 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-03-13 20:54 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-03-13 20:54 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-03-13 20:54 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-03-13 20:54 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-03-13 20:54 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-03-13 20:54 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-03-13 20:54 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-03-13 20:54 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-03-13 20:54 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-03-13 20:54 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-03-13 20:54 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-03-13 20:54 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-03-13 20:54 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-03-13 20:54 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-03-13 20:54 - 2014-01-31 18:15 - 00311640 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-03-13 20:54 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-03-13 20:54 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-03-13 20:54 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-03-13 20:54 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-03-13 20:54 - 2014-01-29 11:55 - 01287064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-03-13 20:54 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-03-13 20:54 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-03-13 20:54 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-03-13 20:54 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-03-13 20:54 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-03-13 20:54 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-03-13 20:54 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2014-03-13 20:54 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-03-13 20:54 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-03-13 20:54 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2014-03-13 20:54 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-03-13 20:54 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-03-13 20:54 - 2014-01-27 20:52 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-03-13 20:54 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2014-03-13 20:54 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-03-13 20:54 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2014-03-13 20:54 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-03-13 20:54 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-03-13 20:54 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2014-03-13 20:54 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2014-03-13 20:54 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-03-13 20:54 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-03-13 20:54 - 2014-01-27 13:45 - 00386722 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-03-13 20:54 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-03-13 20:54 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-03-13 20:54 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-03-13 20:54 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2014-03-13 20:54 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-03-13 20:54 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-03-13 20:54 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-03-13 20:54 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-03-13 20:54 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-03-12 20:15 - 2014-03-12 20:15 - 00000888 _____ () C:\Users\Tandem\Desktop\TeXnicCenter.lnk
2014-03-12 20:15 - 2014-03-12 20:15 - 00000000 ____D () C:\Program Files\TeXnicCenter
2014-03-12 18:21 - 2014-03-12 18:21 - 00018372 _____ () C:\Scan-2014-03-12
2014-03-12 01:29 - 2014-03-12 01:29 - 00019027 _____ () C:\Scan-2014-03-11
2014-03-12 00:32 - 2014-03-12 00:33 - 00297296 _____ () C:\WINDOWS\Minidump\031114-34750-01.dmp
2014-03-09 18:35 - 2014-03-09 18:35 - 00000000 ____D () C:\Users\Tandem\AppData\Local\Skype
2014-03-09 17:18 - 2014-03-09 17:18 - 00018823 _____ () C:\Scan-2014-03-09
2014-03-09 17:16 - 2014-03-09 17:17 - 00297296 _____ () C:\WINDOWS\Minidump\030914-27250-01.dmp
2014-03-08 16:39 - 2014-03-08 16:39 - 00018639 _____ () C:\scan-2014-03-08
2014-03-08 15:42 - 2014-03-08 15:42 - 00301368 _____ () C:\WINDOWS\Minidump\030814-22359-01.dmp
2014-03-07 16:03 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\8CB2.tmp
2014-03-07 16:02 - 2014-03-07 16:02 - 00016536 _____ () C:\scan-2014-03-07
2014-03-07 15:57 - 2014-04-05 23:15 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-03-07 15:57 - 2009-06-18 13:54 - 00006144 ____N (Sophos Plc) C:\WINDOWS\system32\84CE.tmp
2014-03-07 15:06 - 2014-03-07 15:06 - 00297296 _____ () C:\WINDOWS\Minidump\030714-25375-01.dmp
==================== One Month Modified Files and Folders =======
2014-04-06 17:51 - 2014-04-06 17:51 - 00015730 _____ () C:\Users\Tandem\Desktop\FRST.txt
2014-04-06 17:51 - 2014-04-06 17:50 - 00000000 ____D () C:\FRST
2014-04-06 17:49 - 2014-04-06 16:37 - 00000000 ____D () C:\Users\Tandem\Desktop\Log-Files
2014-04-06 17:25 - 2013-12-22 21:03 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1585775717-2291541166-2170777470-1001
2014-04-06 17:06 - 2013-12-23 06:14 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\ClassicShell
2014-04-06 17:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-06 16:53 - 2014-01-04 00:53 - 01178506 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-06 16:37 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-06 16:37 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-04-06 16:37 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-04-06 16:33 - 2013-08-22 16:46 - 00302491 _____ () C:\WINDOWS\setupact.log
2014-04-06 16:32 - 2014-02-09 18:33 - 00000000 ___RD () C:\Users\Tandem\SkyDrive
2014-04-06 16:31 - 2014-01-04 00:31 - 00017408 _____ () C:\WINDOWS\system32\rpcnetp.exe
2014-04-06 04:13 - 2014-04-05 03:48 - 00000000 ____D () C:\Program Files (x86)\TrojanHunter 5.5
2014-04-05 23:16 - 2014-04-05 23:16 - 00000000 ____D () C:\ProgramData\Sophos
2014-04-05 23:15 - 2014-04-05 23:15 - 00003227 _____ () C:\Users\Tandem\Desktop\Sophos Virus Removal Tool.lnk
2014-04-05 23:15 - 2014-04-05 23:15 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-04-05 23:15 - 2014-03-07 15:57 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-04-05 23:09 - 2014-04-05 23:09 - 00000000 ____D () C:\Users\Tandem\Desktop\ADSL
2014-04-05 21:43 - 2014-01-04 00:32 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.dll
2014-04-05 21:43 - 2013-12-22 23:11 - 00069792 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2014-04-05 21:43 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-05 21:42 - 2014-01-04 00:31 - 00029336 _____ () C:\WINDOWS\system32\wpbbin.exe
2014-04-05 21:42 - 2014-01-04 00:31 - 00017408 _____ () C:\WINDOWS\SysWOW64\rpcnetp.exe
2014-04-05 21:42 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-04-05 21:37 - 2014-04-04 23:33 - 00000000 ____D () C:\Users\Tandem\Desktop\mbar
2014-04-05 21:37 - 2014-04-04 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-05 20:31 - 2014-04-04 23:33 - 00119000 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 20:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-05 19:52 - 2013-12-27 16:45 - 00000000 ____D () C:\Eigene Dateien
2014-04-05 19:48 - 2014-04-04 23:33 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-05 07:24 - 2014-01-04 00:37 - 00000000 ____D () C:\Users\Tandem
2014-04-05 06:25 - 2014-04-04 23:06 - 00000504 _____ () C:\Users\Tandem\defogger_reenable
2014-04-05 06:08 - 2014-04-05 06:08 - 00297240 _____ () C:\WINDOWS\Minidump\040514-18218-01.dmp
2014-04-05 06:08 - 2014-01-05 19:57 - 513883694 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-05 06:08 - 2014-01-05 19:57 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-05 06:07 - 2013-11-14 00:18 - 00007866 _____ () C:\WINDOWS\PFRO.log
2014-04-05 05:56 - 2013-12-22 19:24 - 00000000 ____D () C:\Users\Tandem\AppData\Local\VirtualStore
2014-04-05 05:09 - 2014-04-05 05:09 - 00021412 _____ () C:\Users\Tandem\Documents\HiJackFree.log
2014-04-05 05:02 - 2014-04-05 05:02 - 00297240 _____ () C:\WINDOWS\Minidump\040514-16500-01.dmp
2014-04-05 04:47 - 2014-04-05 04:47 - 00001043 _____ () C:\Users\Public\Desktop\a-squared HiJackFree.lnk
2014-04-05 04:47 - 2014-04-05 04:47 - 00000000 ____D () C:\Program Files (x86)\a-squared HiJackFree
2014-04-05 04:45 - 2014-04-05 04:44 - 00297240 _____ () C:\WINDOWS\Minidump\040514-17562-01.dmp
2014-04-05 04:32 - 2014-04-05 04:31 - 00297240 _____ () C:\WINDOWS\Minidump\040514-32843-01.dmp
2014-04-05 03:48 - 2014-04-05 03:48 - 00059392 ____R () C:\WINDOWS\SysWOW64\streamhlp.dll
2014-04-05 03:48 - 2014-04-05 03:47 - 00000000 ____D () C:\Users\Tandem\Pavark
2014-04-05 02:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-05 02:48 - 2013-11-06 16:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-05 01:51 - 2013-12-22 19:25 - 00000000 ___RD () C:\Users\Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-05 01:14 - 2013-12-23 00:07 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\DVDVideoSoft
2014-04-05 01:13 - 2013-12-23 05:38 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\Dropbox
2014-04-05 01:01 - 2014-04-05 01:01 - 00000000 ____D () C:\rsit
2014-04-05 01:01 - 2014-04-05 01:01 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-04-05 00:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-04 23:33 - 2014-04-04 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 18:09 - 2014-04-06 16:36 - 00982016 _____ (Farbar) C:\Users\Tandem\Desktop\MiniToolBox.exe
2014-04-04 18:08 - 2014-04-06 16:36 - 00409600 _____ (Farbar) C:\Users\Tandem\Desktop\FSS.exe
2014-04-04 17:56 - 2014-04-06 16:36 - 00602112 _____ (OldTimer Tools) C:\Users\Tandem\Desktop\OTL.exe
2014-04-04 17:49 - 2014-04-06 16:35 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tandem\Desktop\tdsskiller.exe
2014-04-04 17:37 - 2014-04-05 05:31 - 00380416 _____ () C:\Users\Tandem\Desktop\Gmer-19357.exe
2014-04-04 17:33 - 2014-04-05 05:56 - 02157056 _____ (Farbar) C:\Users\Tandem\Desktop\FRST64.exe
2014-04-04 17:32 - 2014-04-05 05:58 - 00050477 _____ () C:\Users\Tandem\Desktop\Defogger.exe
2014-03-29 19:33 - 2013-08-22 16:44 - 00371568 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-29 19:14 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 19:14 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-29 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-29 19:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-20 00:48 - 2014-03-19 23:39 - 00000000 ____D () C:\.Trash-999
2014-03-12 22:54 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-03-12 20:15 - 2014-03-12 20:15 - 00000888 _____ () C:\Users\Tandem\Desktop\TeXnicCenter.lnk
2014-03-12 20:15 - 2014-03-12 20:15 - 00000000 ____D () C:\Program Files\TeXnicCenter
2014-03-12 18:21 - 2014-03-12 18:21 - 00018372 _____ () C:\Scan-2014-03-12
2014-03-12 01:29 - 2014-03-12 01:29 - 00019027 _____ () C:\Scan-2014-03-11
2014-03-12 00:33 - 2014-03-12 00:32 - 00297296 _____ () C:\WINDOWS\Minidump\031114-34750-01.dmp
2014-03-12 00:33 - 2013-12-27 21:26 - 00417570 _____ () C:\WINDOWS\system32\Drivers\vsconfig.xml
2014-03-09 23:02 - 2013-12-23 02:55 - 00230352 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2014-03-09 19:08 - 2013-12-22 23:56 - 00000000 ____D () C:\Users\Tandem\AppData\Roaming\Skype
2014-03-09 18:35 - 2014-03-09 18:35 - 00000000 ____D () C:\Users\Tandem\AppData\Local\Skype
2014-03-09 17:18 - 2014-03-09 17:18 - 00018823 _____ () C:\Scan-2014-03-09
2014-03-09 17:17 - 2014-03-09 17:16 - 00297296 _____ () C:\WINDOWS\Minidump\030914-27250-01.dmp
2014-03-08 16:39 - 2014-03-08 16:39 - 00018639 _____ () C:\scan-2014-03-08
2014-03-08 15:42 - 2014-03-08 15:42 - 00301368 _____ () C:\WINDOWS\Minidump\030814-22359-01.dmp
2014-03-07 16:02 - 2014-03-07 16:02 - 00016536 _____ () C:\scan-2014-03-07
2014-03-07 15:13 - 2014-01-04 01:20 - 00000000 ___RD () C:\Users\Tandem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-07 15:08 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-03-07 15:08 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-03-07 15:08 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-03-07 15:06 - 2014-03-07 15:06 - 00297296 _____ () C:\WINDOWS\Minidump\030714-25375-01.dmp
Some content of TEMP:
====================
C:\Users\Tandem\AppData\Local\Temp\ABF32FD5-76A3-4963-ADD0-FBD1A5D39A5F.exe
C:\Users\Tandem\AppData\Local\Temp\AITLO.exe
C:\Users\Tandem\AppData\Local\Temp\avgnt.exe
C:\Users\Tandem\AppData\Local\Temp\AXCWMXFXL.exe
C:\Users\Tandem\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tandem\AppData\Local\Temp\BDBI.exe
C:\Users\Tandem\AppData\Local\Temp\D062C4F5-803E-45C6-A27F-CB8D2674CD82.exe
C:\Users\Tandem\AppData\Local\Temp\Difx64.exe
C:\Users\Tandem\AppData\Local\Temp\DNVRAXIT.exe
C:\Users\Tandem\AppData\Local\Temp\hrsbqb.exe
C:\Users\Tandem\AppData\Local\Temp\PA6Yw52.difxapi.dll
C:\Users\Tandem\AppData\Local\Temp\PEJV.exe
C:\Users\Tandem\AppData\Local\Temp\pyl1FAA.tmp.exe
C:\Users\Tandem\AppData\Local\Temp\pylD570.tmp.exe
C:\Users\Tandem\AppData\Local\Temp\qjdshp.exe
C:\Users\Tandem\AppData\Local\Temp\rmjqcx.exe
C:\Users\Tandem\AppData\Local\Temp\sgrwmv.exe
C:\Users\Tandem\AppData\Local\Temp\SHSetup.exe
C:\Users\Tandem\AppData\Local\Temp\TRIKWJIN.exe
C:\Users\Tandem\AppData\Local\Temp\TXBYZDSK.exe
C:\Users\Tandem\AppData\Local\Temp\ZUAHJJY.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-13 20:54] - [2014-01-31 18:15] - 0311640 ___AC (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
LastRegBack: 2014-04-05 22:14
==================== End Of Log ============================
3. FRST Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Tandem at 2014-04-06 17:51:32
Running from C:\Users\Tandem\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ZoneAlarm Antivirus (Disabled - Out of date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Anti-Spyware (Disabled - Out of date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
FW: ZoneAlarm Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}
==================== Installed Programs ======================
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
1400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version: - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version: - )
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
a-squared HiJackFree 3.0 (HKLM-x32\...\a-squared HiJackFree_is1) (Version: 3.0 - Emsi Software GmbH)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dritek Radio Controller (HKLM-x32\...\RadioController) (Version: 2.02.2001.0803 - Dritek System Inc.)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
ETDWare PS/2-X64 11.6.24.204_WHQL (HKLM\...\Elantech) (Version: 11.6.24.204 - ELAN Microelectronic Corp.)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
GSview 4.8 (HKLM-x32\...\GSview 4.8) (Version: - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 26.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 19.0.1326.59 (HKLM-x32\...\Opera 19.0.1326.59) (Version: 19.0.1326.59 - Opera Software ASA)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sophos Anti-Rootkit 1.5.0 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
ZoneAlarm Antivirus (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 12.0.104.000 - Check Point)
ZoneAlarm Security (x32 Version: 12.0.104.000 - Check Point Software Technologies Ltd.) Hidden
==================== Restore Points =========================
05-04-2014 19:36:55 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1475EA84-61E2-4D54-BC72-068089E4ACA9} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C24A11D-0D01-4FE8-88A6-64C3819F0F18} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F8BEF0E-60CA-4A7F-BBD5-F006DC618765} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A286346A-A40B-479D-8A71-11F22312C87A} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EBA833D7-1549-4F43-8301-3BC9DE532C29} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-02] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) =============
2013-11-06 16:34 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-15 12:23 - 2013-04-15 12:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 12:20 - 2013-04-15 12:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-21 01:02 - 2013-12-21 01:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-27 21:16 - 2013-12-09 12:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-06 16:11 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Tandem\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tandem\SkyDrive (2).old:ms-properties
AlternateDataStreams: C:\Users\Tandem\SkyDrive (3).old:ms-properties
AlternateDataStreams: C:\Users\Tandem\SkyDrive (4).old:ms-properties
AlternateDataStreams: C:\Users\Tandem\SkyDrive (5).old:ms-properties
AlternateDataStreams: C:\Users\Tandem\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\25653997.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\69547630.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\25653997.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\69547630.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Mikrofon (Realtek High Definition Audio)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Broadcom NetLink (TM)-Gigabit-Ethernet
Description: Broadcom NetLink (TM)-Gigabit-Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom Corporation
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HD WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Qualcomm Atheros AR5BWB222-Funknetzwerkadapter
Description: Qualcomm Atheros AR5BWB222-Funknetzwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/05/2014 11:14:50 PM) (Source: Application Hang) (User: )
Description: Programm ADSLocator.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 11d4
Startzeit: 01cf51135bdde567
Endzeit: 0
Anwendungspfad: C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe
Berichts-ID: 504c02fd-bd07-11e3-bee3-ca9f79df01cc
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/05/2014 11:07:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
Vollständiger Name des fehlerhaften Pakets: RootkitRevealer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RootkitRevealer.exe5
Error: (04/05/2014 09:41:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0x13d4
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
Vollständiger Name des fehlerhaften Pakets: RootkitRevealer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RootkitRevealer.exe5
Error: (04/05/2014 09:37:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0x1004
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
Vollständiger Name des fehlerhaften Pakets: RootkitRevealer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RootkitRevealer.exe5
Error: (04/05/2014 09:37:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0x11a4
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
Vollständiger Name des fehlerhaften Pakets: RootkitRevealer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RootkitRevealer.exe5
Error: (04/05/2014 08:31:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Name des fehlerhaften Moduls: RootkitRevealer.exe, Version: 1.71.0.0, Zeitstempel: 0x44e255aa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000040cd
ID des fehlerhaften Prozesses: 0x780
Startzeit der fehlerhaften Anwendung: 0xRootkitRevealer.exe0
Pfad der fehlerhaften Anwendung: RootkitRevealer.exe1
Pfad des fehlerhaften Moduls: RootkitRevealer.exe2
Berichtskennung: RootkitRevealer.exe3
Vollständiger Name des fehlerhaften Pakets: RootkitRevealer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RootkitRevealer.exe5
Error: (04/05/2014 07:41:45 PM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: f0
Startzeit: 01cf50f580abbb1e
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 78106099-bce9-11e3-bee1-bd512ba38aea
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1310
Startzeit: 01cf50f5816cdc23
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 781087a9-bce9-11e3-bee1-bd512ba38aea
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexTravel
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 610
Startzeit: 01cf50f57fef5e40
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 789f48ac-bce9-11e3-bee1-bd512ba38aea
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexFinance
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.16384 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: e8c
Startzeit: 01cf50f5819c8bc2
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 78103989-bce9-11e3-bee1-bd512ba38aea
Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports
System errors:
=============
Error: (04/06/2014 04:34:41 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/06/2014 04:33:18 PM) (Source: WPDClassInstaller) (User: )
Description: WPD Device0xe0000234
Error: (04/06/2014 00:21:07 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/06/2014 00:21:07 AM) (Source: Application Popup) (User: )
Description: \??\C:\WINDOWS\system32\250.tmp
Error: (04/05/2014 11:06:43 PM) (Source: WPDClassInstaller) (User: )
Description: WPD Device0xe0000234
Error: (04/05/2014 10:27:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/05/2014 10:27:48 PM) (Source: Application Popup) (User: )
Description: \??\C:\WINDOWS\system32\4D9C.tmp
Error: (04/05/2014 10:24:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (04/05/2014 10:24:55 PM) (Source: Application Popup) (User: )
Description: \??\C:\WINDOWS\system32\832F.tmp
Error: (04/05/2014 10:21:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Microsoft Office Sessions:
=========================
Error: (04/05/2014 11:14:50 PM) (Source: Application Hang)(User: )
Description: ADSLocator.exe1.0.0.011d401cf51135bdde5670C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe504c02fd-bd07-11e3-bee3-ca9f79df01cc
Error: (04/05/2014 11:07:27 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cdba401cf51130c5e735eC:\Users\Tandem\Desktop\RV\RootkitRevealer.exeC:\Users\Tandem\Desktop\RV\RootkitRevealer.exe4a491eee-bd06-11e3-bee3-ca9f79df01cc
Error: (04/05/2014 09:41:06 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd13d401cf5106fcb1511eC:\Users\Tandem\Desktop\Neuer Ordner\RootkitRevealer.exeC:\Users\Tandem\Desktop\Neuer Ordner\RootkitRevealer.exe3a70f153-bcfa-11e3-bee2-c01f51a7485c
Error: (04/05/2014 09:37:50 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd100401cf5106878254e4C:\Users\Tandem\Desktop\RV\RootkitRevealer.exeC:\Users\Tandem\Desktop\RV\RootkitRevealer.exec53d3059-bcf9-11e3-bee2-c01f51a7485c
Error: (04/05/2014 09:37:43 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd11a401cf510683a4279eC:\Users\Tandem\Desktop\RV\RootkitRevealer.exeC:\Users\Tandem\Desktop\RV\RootkitRevealer.exec15f01c6-bcf9-11e3-bee2-c01f51a7485c
Error: (04/05/2014 08:31:10 PM) (Source: Application Error)(User: )
Description: RootkitRevealer.exe1.71.0.044e255aaRootkitRevealer.exe1.71.0.044e255aac0000005000040cd78001cf50fd3767bf55C:\Users\Tandem\Desktop\RV\RootkitRevealer.exeC:\Users\Tandem\Desktop\RV\RootkitRevealer.exe755e3536-bcf0-11e3-bee2-c01f51a7485c
Error: (04/05/2014 07:41:45 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.16384f001cf50f580abbb1e4294967295C:\WINDOWS\system32\backgroundTaskHost.exe78106099-bce9-11e3-bee1-bd512ba38aeaMicrosoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbweApp
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.16384131001cf50f5816cdc234294967295C:\WINDOWS\system32\backgroundTaskHost.exe781087a9-bce9-11e3-bee1-bd512ba38aeaMicrosoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbweAppexTravel
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.1638461001cf50f57fef5e404294967295C:\WINDOWS\system32\backgroundTaskHost.exe789f48ac-bce9-11e3-bee1-bd512ba38aeaMicrosoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbweAppexFinance
Error: (04/05/2014 07:41:37 PM) (Source: Application Hang)(User: )
Description: backgroundTaskHost.exe6.3.9600.16384e8c01cf50f5819c8bc24294967295C:\WINDOWS\system32\backgroundTaskHost.exe78103989-bce9-11e3-bee1-bd512ba38aeaMicrosoft.BingSports_3.0.2.233_x64__8wekyb3d8bbweAppexSports
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8007.27 MB
Available physical RAM: 5927.08 MB
Total Pagefile: 16199.27 MB
Available Pagefile: 13906.24 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.35 GB) (Free:407.06 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 6B5C6AFA)
Partition: GPT Partition Type.
==================== End Of Log ============================
4. GMER: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-06 18:03:58
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002c ST500LT012-9WS142 rev.0001SDM1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Tandem\AppData\Local\Temp\kfldypoc.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[2784] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffeb4a71f6a 4 bytes [A7, B4, FE, 7F]
.text C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe[2784] C:\WINDOWS\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffeb4a71f82 4 bytes [A7, B4, FE, 7F]
.text C:\Windows\System32\igfxpers.exe[3360] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffec085169a 4 bytes [85, C0, FE, 7F]
.text C:\Windows\System32\igfxpers.exe[3360] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffec08516a2 4 bytes [85, C0, FE, 7F]
.text C:\Windows\System32\igfxpers.exe[3360] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffec085181a 4 bytes [85, C0, FE, 7F]
.text C:\Windows\System32\igfxpers.exe[3360] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffec0851832 4 bytes [85, C0, FE, 7F]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [4216:1992] fffff960008d94d0
---- Processes - GMER 2.1 ----
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.593e72e97caef5dd742b394bd296e21a (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Heuristics engine/Kaspersky Lab ZAO)(2013-12-27 19:26:53) 000000006d350000
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.bccfc1c89017f4bdc90201e956eea7c5 (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Script Heuristics Engine/Kaspersky Lab ZAO)(2013-12-27 19:26:54) 000000006d0a0000
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.1c449ad92726ed14d895f09dcd861545 (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Anti-Rootkit Engine/Kaspersky Lab ZAO)(2013-12-27 19:26:54) 000000006d030000
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.3d47406245e32365413c5b6ab2246586 (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Initial Scan Engine/Kaspersky Lab ZAO)(2013-12-27 19:26:55) 000000006cf10000
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavsys.kdl.ec4d28bde98d9e3c76bf58ef5ba0728d (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Set of system interfaces/Kaspersky Lab ZAO)(2013-12-27 19:27:09) 000000006db50000
Library C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\arkmon.kdl.b3a9361231847f8f76294be7a6a1406a (*** suspicious ***) @ C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [540] (Anti-Rootkit Monitor/Kaspersky Lab ZAO)(2013-12-27 19:27:09) 000000006cef0000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Als Archiv angehängt, da zu groß. 6. aswMBR: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-04-06 19:15:35
-----------------------------
19:15:35.557 OS Version: Windows x64 6.2.9200
19:15:35.557 Number of processors: 4 586 0x3A09
19:15:35.557 ComputerName: TandemPC UserName: Tandem
19:15:35.666 Initialze error 1
19:15:51.739 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002c
19:15:51.739 Disk 0 Vendor: ST500LT012-9WS142 0001SDM1 Size: 476940MB BusType: 11
19:15:51.833 Disk 0 MBR read successfully
19:15:51.833 Disk 0 MBR scan
19:15:51.833 Disk 0 unknown MBR code
19:15:51.849 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
19:15:51.849 Disk 0 scanning C:\WINDOWS\system32\drivers
19:15:51.849 Service scanning
19:15:52.443 Modules scanning
19:15:52.443 Disk 0 trace - called modules:
19:15:52.458 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
19:15:52.474 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe00002913060]
19:15:52.489 3 CLASSPNP.SYS[fffff80000e01abb] -> nt!IofCallDriver -> \Device\0000002c[0xffffe00000ecc060]
19:15:52.489 Scan finished successfully
19:16:16.476 Disk 0 MBR has been saved successfully to "C:\Users\Tandem\Desktop\Log-Files\MBR.dat"
19:16:16.492 The log file has been saved successfully to "C:\Users\Tandem\Desktop\Log-Files\aswMBR.txt"
|
|
08.04.2014, 06:30
| #2 | |
| /// the machine /// TB-Ausbilder    | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! hi,
__________________Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Desweiteren würde mich intressieren: Zitat:
Lade dir bitte Emsisoft MBR Master herunter und speichere es auf den Desktop.
__________________ |
|
09.04.2014, 00:21
| #3 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! Hallo schrauber
__________________Unten findest du 1. Meine Antwort zu deiner Frage. 2. MBRMastr-log 3. EMSI.zip als Anhang 4. TDSS-log aufgeteielt auf mehre Posts Danke. Gruß Tandem 1.) Meine Antwort zu deiner Frage: Ich hatte schon vor einiger Zeit auf Grund von anderen Hinweisen die Vermutung das Personen Zufriff auf meinen Rechner haben könnten. Also habe ich mehrfach Scans mit Avira und Kaspersky durchgeführt, die jedoch nie etwas gefunden haben. Vor gut einem Monat wollte ich wie gewohnt mit TexnicCenter arbeiten und mein tex-file in ein pdf-file umwandeln. Das alte pdf-file wurde aber nur geöffnet und keine neue pdf erstellt. Also habe ich TexniCenter neu installiert und direkt danch eine neue pdf erstellt. Das Umwandeln von tex-file zu pdf-file funktionierte wieder. Zur Probe habe ich den Kompeliervorgang (nicht sicher ob der Fachbegriff richtig ist) nochmal durchgeführt. Ohne das ich irgendetwas gemacht habe hatte ich das gleiche Problem wie zuvor. Das ganze wiederholte sich noch zweimal. Dann habe ich aufgegeben und TexnicCenter geschlossen. Danach wurden die Taskleiste und die Desktop-Symbole neugeladen wie bei einem Absturz und Neustart der Explorer-Shell. Danach hat ein guter Freund mir den USB-Stick geschickt und ich habe vor ca. zwei Wochen den Scan mit GDATA gemacht und die Virenfunde gehabt. Zu den anderen Hinweisen möchte ich aus verschiedenen Gründen keine weitere Auskunft geben, zu mal ich mir sicher bin dass sie dir bei der Analyse des Problems nicht helfen. Ein Hinweis aber noch. Wenn die Leute dahinter stecken die ich vermute, dann handelt es sich um studierte IT-Experten. Kurz: Bei der Aktion ging es darum meine Arbeit zu stören bzw. zu unterbinden um mich zu ärgern bzw. zu mobben. Manipulation oder Sabotage an meiner Arbeit konnte ich bisher aber nicht feststellen. 2.) Das von dir gewünschte MBRMastr-log: Code:
ATTFilter
Detected Windows version: 6.2 Build 9200
Installing direct disk access driver ...
Driver connection handle: 0x00000174
1 valid drive(s) found.
Details for Disk 0 - ST500LT012-9WS142 Rev 0001SDM1:
Device name : \\.\PhysicalDrive0
Geometry (C/H/S) : 60801/255/63
Boot loader reputation : Unknown
Cross view comparison : Passed
Partition table integrity: Passed
Boot loader hashes
SHA-1 : C5D4E2F17C54C2BC752E7A2F4CA93825A126AB74
MD5 : 2AC0B3750D124F1F8D5FB9BB25EF9036
EMSI.zip als Anhang |
|
09.04.2014, 00:26
| #4 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! 4.) Die TDSS-log aufgeteielt: TDSS-log Part 1/8: Code:
ATTFilter 17:08:48.0997 3568 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:08:48.0997 3568 UEFI system
17:08:49.0106 3568 ============================================================
17:08:49.0106 3568 Current date / time: 2014/04/06 17:08:49.0106
17:08:49.0106 3568 SystemInfo:
17:08:49.0106 3568
17:08:49.0106 3568 OS Version: 6.2.9200 ServicePack: 0.0
17:08:49.0106 3568 Product type: Workstation
17:08:49.0106 3568 ComputerName: TandemPC
17:08:49.0106 3568 UserName: Tandem
17:08:49.0106 3568 Windows directory: C:\WINDOWS
17:08:49.0106 3568 System windows directory: C:\WINDOWS
17:08:49.0106 3568 Running under WOW64
17:08:49.0106 3568 Processor architecture: Intel x64
17:08:49.0106 3568 Number of processors: 4
17:08:49.0106 3568 Page size: 0x1000
17:08:49.0106 3568 Boot type: Normal boot
17:08:49.0106 3568 ============================================================
17:08:49.0247 3568 BG loaded
17:08:49.0700 3568 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:08:49.0716 3568 ============================================================
17:08:49.0716 3568 \Device\Harddisk0\DR0:
17:08:49.0716 3568 GPT partitions:
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D05DBEA-E714-40ED-97C7-87AF77C9B171}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5FC9A5E1-9B03-4D60-8172-4566557A3998}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FEB6040A-9EEC-407D-B746-C1482D73E352}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E8682B8A-71E0-4D7A-80A8-C65A1BDF0C78}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x382B3000
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E38E0ECE-BA08-454C-952C-82FCC930ECB1}, Name: , StartLBA 0x38451800, BlocksNum 0xAF000
17:08:49.0716 3568 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {31F9332D-B641-498B-8A44-6DB4684C83CD}, Name: Basic data partition, StartLBA 0x38500800, BlocksNum 0x1E85800
17:08:49.0716 3568 MBR partitions:
17:08:49.0716 3568 ============================================================
17:08:49.0747 3568 C: <-> \Device\Harddisk0\DR0\Partition4
17:08:49.0747 3568 ============================================================
17:08:49.0747 3568 Initialize success
17:08:49.0747 3568 ============================================================
17:08:58.0275 1076 ============================================================
17:08:58.0275 1076 Scan started
17:08:58.0275 1076 Mode: Manual; SigCheck; TDLFS;
17:08:58.0275 1076 ============================================================
17:08:59.0228 1076 ================ Scan system memory ========================
17:08:59.0228 1076 System memory - ok
17:08:59.0228 1076 ================ Scan services =============================
17:08:59.0384 1076 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:08:59.0528 1076 1394ohci - ok
17:08:59.0549 1076 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:08:59.0549 1076 3ware - ok
17:08:59.0578 1076 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:08:59.0610 1076 ACPI - ok
17:08:59.0610 1076 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:08:59.0625 1076 acpiex - ok
17:08:59.0641 1076 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:08:59.0663 1076 acpipagr - ok
17:08:59.0679 1076 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:08:59.0716 1076 AcpiPmi - ok
17:08:59.0716 1076 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:08:59.0732 1076 acpitime - ok
17:08:59.0810 1076 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:08:59.0841 1076 AdobeARMservice - ok
17:08:59.0888 1076 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:08:59.0966 1076 ADP80XX - ok
17:08:59.0982 1076 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:09:00.0044 1076 AeLookupSvc - ok
17:09:00.0076 1076 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:09:00.0123 1076 AFD - ok
17:09:00.0138 1076 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:09:00.0154 1076 agp440 - ok
17:09:00.0169 1076 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:09:00.0216 1076 ahcache - ok
17:09:00.0247 1076 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
17:09:00.0325 1076 ALG - ok
17:09:00.0356 1076 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:09:00.0434 1076 AmdK8 - ok
17:09:00.0450 1076 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:09:00.0512 1076 AmdPPM - ok
17:09:00.0528 1076 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:09:00.0575 1076 amdsata - ok
17:09:00.0606 1076 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:09:00.0653 1076 amdsbs - ok
17:09:00.0669 1076 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:09:00.0700 1076 amdxata - ok
17:09:00.0762 1076 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:09:00.0809 1076 AntiVirSchedulerService - ok
17:09:00.0841 1076 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:09:00.0887 1076 AntiVirService - ok
17:09:00.0950 1076 [ DAB48CB546A895C3FC6219F298CC6DD7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:09:00.0997 1076 AntiVirWebService - ok
17:09:01.0028 1076 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:09:01.0044 1076 AppID - ok
17:09:01.0091 1076 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:09:01.0122 1076 AppIDSvc - ok
17:09:01.0153 1076 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:09:01.0200 1076 Appinfo - ok
17:09:01.0231 1076 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:09:01.0294 1076 AppReadiness - ok
17:09:01.0341 1076 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:09:01.0466 1076 AppXSvc - ok
17:09:01.0512 1076 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:09:01.0544 1076 arcsas - ok
17:09:01.0559 1076 ASPI - ok
17:09:01.0575 1076 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:09:01.0591 1076 atapi - ok
17:09:01.0622 1076 [ 1E71A166547A110CD66EA44326DB4552 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
17:09:01.0653 1076 AthBTPort - ok
17:09:01.0653 1076 Scan interrupted by user!
17:09:01.0653 1076 ================ Scan global ===============================
17:09:01.0653 1076 Scan interrupted by user!
17:09:01.0653 1076 ================ Scan MBR ==================================
17:09:01.0653 1076 Scan interrupted by user!
17:09:01.0653 1076 ================ Scan VBR ==================================
17:09:01.0653 1076 Scan interrupted by user!
17:09:01.0653 1076 ================ Scan active images ========================
17:09:01.0653 1076 Scan interrupted by user!
17:09:01.0653 1076 ============================================================
17:09:01.0653 1076 Scan finished
17:09:01.0653 1076 ============================================================
17:09:01.0653 4944 Detected object count: 0
17:09:01.0653 4944 Actual detected object count: 0
17:09:07.0895 0180 ============================================================
17:09:07.0895 0180 Scan started
17:09:07.0895 0180 Mode: Manual; SigCheck; TDLFS;
17:09:07.0895 0180 ============================================================
17:09:08.0629 0180 ================ Scan system memory ========================
17:09:08.0629 0180 System memory - ok
17:09:08.0645 0180 ================ Scan services =============================
17:09:08.0771 0180 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:09:08.0818 0180 1394ohci - ok
17:09:08.0834 0180 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:09:08.0865 0180 3ware - ok
17:09:08.0896 0180 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:09:08.0927 0180 ACPI - ok
17:09:08.0943 0180 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:09:08.0974 0180 acpiex - ok
17:09:09.0021 0180 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:09:09.0037 0180 acpipagr - ok
17:09:09.0052 0180 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:09:09.0084 0180 AcpiPmi - ok
17:09:09.0084 0180 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:09:09.0100 0180 acpitime - ok
17:09:09.0179 0180 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:09:09.0210 0180 AdobeARMservice - ok
17:09:09.0241 0180 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:09:09.0288 0180 ADP80XX - ok
17:09:09.0319 0180 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:09:09.0335 0180 AeLookupSvc - ok
17:09:09.0350 0180 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:09:09.0382 0180 AFD - ok
17:09:09.0429 0180 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:09:09.0460 0180 agp440 - ok
17:09:09.0460 0180 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:09:09.0491 0180 ahcache - ok
17:09:09.0522 0180 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
17:09:09.0538 0180 ALG - ok
17:09:09.0569 0180 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:09:09.0569 0180 AmdK8 - ok
17:09:09.0585 0180 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:09:09.0600 0180 AmdPPM - ok
17:09:09.0622 0180 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:09:09.0622 0180 amdsata - ok
17:09:09.0638 0180 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:09:09.0653 0180 amdsbs - ok
17:09:09.0669 0180 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:09:09.0669 0180 amdxata - ok
17:09:09.0716 0180 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:09:09.0731 0180 AntiVirSchedulerService - ok
17:09:09.0763 0180 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:09:09.0778 0180 AntiVirService - ok
17:09:09.0825 0180 [ DAB48CB546A895C3FC6219F298CC6DD7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:09:09.0856 0180 AntiVirWebService - ok
17:09:09.0888 0180 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:09:09.0903 0180 AppID - ok
17:09:09.0934 0180 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:09:09.0966 0180 AppIDSvc - ok
17:09:09.0981 0180 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:09:10.0028 0180 Appinfo - ok
17:09:10.0044 0180 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:09:10.0091 0180 AppReadiness - ok
17:09:10.0138 0180 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:09:10.0200 0180 AppXSvc - ok
17:09:10.0247 0180 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:09:10.0278 0180 arcsas - ok
17:09:10.0278 0180 ASPI - ok
17:09:10.0309 0180 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:09:10.0325 0180 atapi - ok
17:09:10.0372 0180 [ 1E71A166547A110CD66EA44326DB4552 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
17:09:10.0388 0180 AthBTPort - ok
17:09:10.0466 0180 [ C8318A083DE9D8FFCA6E70D3E183490A ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
17:09:10.0513 0180 AtherosSvc - ok
17:09:10.0591 0180 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
17:09:10.0738 0180 athr - ok
17:09:10.0800 0180 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:09:10.0847 0180 AudioEndpointBuilder - ok
17:09:10.0878 0180 [ EF276593AD1BDF5A99032F62D6272848 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:09:10.0925 0180 Audiosrv - ok
17:09:10.0956 0180 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:09:10.0988 0180 avgntflt - ok
17:09:11.0019 0180 [ C3A58DBD18786C338126D30BF8C33D72 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:09:11.0066 0180 avipbb - ok
17:09:11.0081 0180 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:09:11.0113 0180 avkmgr - ok
17:09:11.0113 0180 [ 3B220F0D170EE8EE2B365749B03D73F6 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:09:11.0160 0180 avnetflt - ok
17:09:11.0191 0180 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:09:11.0253 0180 AxInstSV - ok
17:09:11.0300 0180 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:09:11.0378 0180 b06bdrv - ok
17:09:11.0394 0180 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:09:11.0425 0180 BasicDisplay - ok
17:09:11.0441 0180 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:09:11.0488 0180 BasicRender - ok
17:09:11.0503 0180 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:09:11.0519 0180 bcmfn2 - ok
17:09:11.0581 0180 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:09:11.0628 0180 BDESVC - ok
17:09:11.0660 0180 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:09:11.0691 0180 Beep - ok
17:09:11.0722 0180 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
17:09:11.0847 0180 BFE - ok
17:09:11.0894 0180 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
17:09:11.0972 0180 BITS - ok
17:09:12.0003 0180 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:09:12.0066 0180 bowser - ok
17:09:12.0113 0180 [ 5C6ADD0111E1C6601B5911F7ACF85BB8 ] BrcmCardReader C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
17:09:12.0160 0180 BrcmCardReader ( UnsignedFile.Multi.Generic ) - warning
17:09:12.0160 0180 BrcmCardReader - detected UnsignedFile.Multi.Generic (1)
17:09:12.0191 0180 [ A6207A88B596F726DE558425F3B7E592 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:09:12.0269 0180 BrokerInfrastructure - ok
17:09:12.0316 0180 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
17:09:12.0363 0180 Browser - ok
17:09:12.0394 0180 [ 8F62F985BDD2F333A3EE34D54894363D ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
17:09:12.0441 0180 bScsiSDa - ok
17:09:12.0472 0180 [ 5ED7B1EE371751CF2ACAE89E7FC566FA ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
17:09:12.0519 0180 BTATH_A2DP - ok
17:09:12.0535 0180 [ 31BDF24D1C9213A0E891568FE643C79C ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
17:09:12.0566 0180 btath_avdt - ok
17:09:12.0582 0180 [ 4AF7C20F94DAC343C01ED671C82DCB99 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
17:09:12.0613 0180 BTATH_HCRP - ok
17:09:12.0613 0180 [ 785C38070043BEEE9E9D591DE4067244 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
17:09:12.0628 0180 BTATH_LWFLT - ok
17:09:12.0644 0180 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
17:09:12.0675 0180 BTATH_RCP - ok
17:09:12.0707 0180 [ 0D70E980F91FDBF3DB55922CECCE4616 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:09:12.0769 0180 BtFilter - ok
17:09:12.0800 0180 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:09:12.0878 0180 BthAvrcpTg - ok
17:09:12.0894 0180 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:09:12.0941 0180 BthEnum - ok
17:09:12.0957 0180 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:09:13.0019 0180 BthHFEnum - ok
17:09:13.0019 0180 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:09:13.0097 0180 bthhfhid - ok
17:09:13.0128 0180 [ FCD8BD17B7193CFFF18C332D1A381D7F ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
17:09:13.0175 0180 BthLEEnum - ok
17:09:13.0191 0180 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:09:13.0253 0180 BTHMODEM - ok
17:09:13.0285 0180 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:09:13.0332 0180 BthPan - ok
17:09:13.0394 0180 [ 10EDF9E0838BA4578FFFFF274632D454 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:09:13.0472 0180 BTHPORT - ok
17:09:13.0503 0180 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
17:09:13.0566 0180 bthserv - ok
17:09:13.0613 0180 [ 0E7FA34B975764C33B5DBC6F8C401627 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:09:13.0660 0180 BTHUSB - ok
17:09:13.0675 0180 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:09:13.0722 0180 cdfs - ok
17:09:13.0753 0180 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:09:13.0800 0180 cdrom - ok
17:09:13.0816 0180 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:09:13.0863 0180 CertPropSvc - ok
17:09:13.0878 0180 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:09:13.0925 0180 circlass - ok
17:09:13.0972 0180 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:09:14.0035 0180 CLFS - ok
17:09:14.0066 0180 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:09:14.0144 0180 CmBatt - ok
17:09:14.0176 0180 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:09:14.0238 0180 CNG - ok
17:09:14.0254 0180 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:09:14.0316 0180 CompositeBus - ok
17:09:14.0332 0180 COMSysApp - ok
17:09:14.0347 0180 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:09:14.0394 0180 condrv - ok
17:09:14.0488 0180 [ D5F868A46AED8E7CAD6C30E0599DD100 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:09:14.0535 0180 cphs - ok
17:09:14.0566 0180 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:09:14.0597 0180 CryptSvc - ok
17:09:14.0629 0180 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA64.sys
17:09:14.0644 0180 CVirtA - ok
17:09:14.0676 0180 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
17:09:14.0707 0180 dam - ok
17:09:14.0754 0180 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:09:14.0801 0180 DcomLaunch - ok
17:09:14.0847 0180 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:09:14.0894 0180 defragsvc - ok
17:09:14.0941 0180 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:09:14.0972 0180 DeviceAssociationService - ok
17:09:15.0035 0180 [ B9A27D354D7DBEBC973B2A9A13E7BED0 ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
17:09:15.0097 0180 DeviceFastLaneService - ok
17:09:15.0144 0180 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:09:15.0222 0180 DeviceInstall - ok
17:09:15.0254 0180 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:09:15.0285 0180 Dfsc - ok
17:09:15.0332 0180 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:09:15.0394 0180 Dhcp - ok
17:09:15.0426 0180 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:09:15.0457 0180 disk - ok
17:09:15.0472 0180 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:09:15.0488 0180 dmvsc - ok
17:09:15.0535 0180 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\WINDOWS\system32\DRIVERS\dne64x.sys
17:09:15.0551 0180 DNE - ok
17:09:15.0582 0180 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:09:15.0629 0180 Dnscache - ok
17:09:15.0660 0180 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:09:15.0754 0180 dot3svc - ok
17:09:15.0785 0180 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:09:15.0801 0180 dot4 - ok
17:09:15.0816 0180 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
17:09:15.0832 0180 Dot4Print - ok
17:09:15.0847 0180 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:09:15.0879 0180 dot4usb - ok
17:09:15.0894 0180 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
17:09:15.0957 0180 DPS - ok
17:09:15.0988 0180 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:09:16.0019 0180 drmkaud - ok
17:09:16.0097 0180 [ D2BCDD6BBFCD068090C109854FCEE079 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:09:16.0160 0180 DsiWMIService - ok
17:09:16.0176 0180 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:09:16.0222 0180 DsmSvc - ok
17:09:16.0285 0180 [ A3D1CB64DF885ACE126543E6D7067348 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:09:16.0410 0180 DXGKrnl - ok
17:09:16.0426 0180 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:09:16.0457 0180 Eaphost - ok
17:09:16.0551 0180 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:09:16.0754 0180 ebdrv - ok
17:09:16.0785 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
17:09:16.0801 0180 EFS - ok
17:09:16.0816 0180 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:09:16.0832 0180 EhStorClass - ok
17:09:16.0848 0180 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:09:16.0863 0180 EhStorTcgDrv - ok
17:09:16.0926 0180 [ 616E1B9130314EB0E331197940AA625B ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
17:09:16.0973 0180 ePowerSvc - ok
17:09:17.0004 0180 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:09:17.0031 0180 ErrDev - ok
17:09:17.0078 0180 [ AC20C1DAC4E6E871F2930D57EF0906B3 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
17:09:17.0124 0180 ETD - ok
17:09:17.0180 0180 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
17:09:17.0243 0180 EventSystem - ok
17:09:17.0274 0180 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:09:17.0336 0180 exfat - ok
17:09:17.0368 0180 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:09:17.0399 0180 fastfat - ok
17:09:17.0430 0180 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
17:09:17.0477 0180 Fax - ok
17:09:17.0477 0180 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:09:17.0508 0180 fdc - ok
17:09:17.0540 0180 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:09:17.0602 0180 fdPHost - ok
17:09:17.0618 0180 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:09:17.0680 0180 FDResPub - ok
17:09:17.0696 0180 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:09:17.0743 0180 fhsvc - ok
17:09:17.0774 0180 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:09:17.0805 0180 FileInfo - ok
17:09:17.0836 0180 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:09:17.0899 0180 Filetrace - ok
17:09:17.0915 0180 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:09:17.0961 0180 flpydisk - ok
17:09:17.0993 0180 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:09:18.0071 0180 FltMgr - ok
17:09:18.0149 0180 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
17:09:18.0306 0180 FontCache - ok
17:09:18.0416 0180 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:18.0463 0180 FontCache3.0.0.0 - ok
17:09:18.0690 0180 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:09:18.0721 0180 FsDepends - ok
17:09:18.0737 0180 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:09:18.0752 0180 Fs_Rec - ok
17:09:18.0799 0180 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:09:18.0846 0180 fvevol - ok
17:09:18.0877 0180 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:09:18.0924 0180 FxPPM - ok
17:09:18.0940 0180 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:09:18.0971 0180 gagp30kx - ok
17:09:18.0987 0180 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:09:19.0033 0180 gencounter - ok
17:09:19.0049 0180 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:09:19.0096 0180 GPIOClx0101 - ok
17:09:19.0158 0180 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:09:19.0252 0180 gpsvc - ok
17:09:19.0252 0180 Hamachi - ok
17:09:19.0284 0180 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:09:19.0315 0180 HDAudBus - ok
17:09:19.0330 0180 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:09:19.0377 0180 HidBatt - ok
17:09:19.0409 0180 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:09:19.0455 0180 HidBth - ok
17:09:19.0455 0180 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:09:19.0502 0180 hidi2c - ok
17:09:19.0534 0180 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:09:19.0580 0180 HidIr - ok
17:09:19.0612 0180 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:09:19.0643 0180 hidserv - ok
17:09:19.0659 0180 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:09:19.0690 0180 HidUsb - ok
17:09:19.0737 0180 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:09:19.0784 0180 hkmsvc - ok
17:09:19.0815 0180 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:09:19.0877 0180 HomeGroupListener - ok
17:09:19.0924 0180 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:09:20.0005 0180 HomeGroupProvider - ok
17:09:20.0099 0180 [ 0D0213498683414DDE29B1686A4C08D5 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:09:20.0130 0180 hpqcxs08 - ok
17:09:20.0162 0180 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:09:20.0177 0180 hpqddsvc - ok
17:09:20.0208 0180 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:09:20.0224 0180 HpSAMD - ok
17:09:20.0272 0180 [ C995EA1C6915D897E06D41AF95B9312C ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:09:20.0303 0180 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:09:20.0303 0180 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:09:20.0303 0180 HssDRV6 - ok
17:09:20.0335 0180 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:09:20.0382 0180 HTTP - ok
17:09:20.0397 0180 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:09:20.0413 0180 hwpolicy - ok
17:09:20.0428 0180 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:09:20.0428 0180 hyperkbd - ok
17:09:20.0444 0180 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:09:20.0460 0180 HyperVideo - ok
17:09:20.0475 0180 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:09:20.0522 0180 i8042prt - ok
17:09:20.0553 0180 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:09:20.0600 0180 iaLPSSi_GPIO - ok
17:09:20.0616 0180 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:09:20.0632 0180 iaLPSSi_I2C - ok
17:09:20.0694 0180 [ 6C024B3AE192D72B216166802AF345DD ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
17:09:20.0741 0180 iaStorA - ok
17:09:20.0772 0180 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:09:20.0819 0180 iaStorAV - ok
17:09:20.0835 0180 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:09:20.0897 0180 iaStorV - ok
17:09:20.0897 0180 IEEtwCollectorService - ok
17:09:21.0023 0180 [ 4F6363C26B4A3DDBC9FAFCBA68602B01 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:09:21.0258 0180 igfx - ok
17:09:21.0305 0180 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:09:21.0383 0180 IKEEXT - ok
17:09:21.0414 0180 [ 4011430BC9DA46ADFAE9915EFEC312FB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:09:21.0445 0180 intaud_WaveExtensible - ok
17:09:21.0570 0180 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:09:21.0762 0180 IntcAzAudAddService - ok
17:09:21.0793 0180 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:09:21.0856 0180 IntcDAud - ok
17:09:21.0902 0180 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:09:21.0965 0180 Intel(R) Capability Licensing Service Interface - ok
17:09:21.0996 0180 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:09:22.0027 0180 intelide - ok
17:09:22.0059 0180 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:09:22.0074 0180 intelpep - ok
17:09:22.0090 0180 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:09:22.0106 0180 intelppm - ok
17:09:22.0137 0180 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:09:22.0184 0180 IpFilterDriver - ok
17:09:22.0246 0180 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:09:22.0277 0180 iphlpsvc - ok
17:09:22.0293 0180 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:09:22.0340 0180 IPMIDRV - ok
17:09:22.0371 0180 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:09:22.0434 0180 IPNAT - ok
17:09:22.0465 0180 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:09:22.0527 0180 IRENUM - ok
17:09:22.0543 0180 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:09:22.0574 0180 isapnp - ok
17:09:22.0621 0180 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:09:22.0652 0180 iScsiPrt - ok
17:09:22.0684 0180 [ EE03564B7FAFE2E44EDA33D52E83B4A3 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:09:22.0715 0180 iwdbus - ok
17:09:22.0762 0180 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:09:22.0809 0180 jhi_service - ok
17:09:22.0856 0180 [ 45369E037410609D769852A1CE46A184 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
17:09:22.0918 0180 k57nd60a - ok
17:09:22.0918 0180 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:09:22.0934 0180 kbdclass - ok
17:09:22.0949 0180 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:09:22.0981 0180 kbdhid - ok
17:09:22.0996 0180 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:09:23.0028 0180 kdnic - ok
17:09:23.0059 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
17:09:23.0090 0180 KeyIso - ok
17:09:23.0278 0180 [ 1C6256096A341051509D36AD724830BE ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
17:09:23.0496 0180 KL1 - ok
17:09:23.0512 0180 [ F2EB9202FCCC81E0902D3C5A70037A44 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
17:09:23.0528 0180 klelam - ok
17:09:23.0543 0180 [ 36A77AFB95BDD99E7E678D4B070AA2B9 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
17:09:23.0574 0180 KLIF - ok
17:09:23.0606 0180 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:09:23.0653 0180 KSecDD - ok
17:09:23.0699 0180 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:09:23.0746 0180 KSecPkg - ok
17:09:23.0746 0180 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:09:23.0778 0180 ksthunk - ok
17:09:23.0840 0180 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:09:23.0887 0180 KtmRm - ok
17:09:23.0918 0180 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:09:23.0996 0180 LanmanServer - ok
17:09:24.0043 0180 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:09:24.0090 0180 LanmanWorkstation - ok
17:09:24.0121 0180 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:09:24.0168 0180 lfsvc - ok
17:09:24.0184 0180 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:09:24.0215 0180 lltdio - ok
17:09:24.0262 0180 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:09:24.0309 0180 lltdsvc - ok
17:09:24.0340 0180 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:09:24.0371 0180 lmhosts - ok
17:09:24.0387 0180 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:09:24.0418 0180 LMS - ok
17:09:24.0449 0180 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:09:24.0481 0180 LSI_SAS - ok
17:09:24.0496 0180 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:09:24.0512 0180 LSI_SAS2 - ok
17:09:24.0528 0180 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:09:24.0559 0180 LSI_SAS3 - ok
17:09:24.0559 0180 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:09:24.0590 0180 LSI_SSS - ok
17:09:24.0637 0180 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
17:09:24.0699 0180 LSM - ok
17:09:24.0731 0180 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:09:24.0778 0180 luafv - ok
17:09:24.0809 0180 [ CD51E1D0D638F1E07A6EDC98CD7F5DDA ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:09:24.0840 0180 mbamchameleon - ok
17:09:24.0887 0180 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:09:24.0918 0180 megasas - ok
17:09:24.0934 0180 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:09:25.0006 0180 megasr - ok
17:09:25.0026 0180 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:09:25.0047 0180 MEIx64 - ok
17:09:25.0094 0180 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4 ] MEMSWEEP2 C:\WINDOWS\system32\250.tmp
17:09:25.0125 0180 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
17:09:25.0125 0180 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
17:09:25.0156 0180 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:09:25.0203 0180 MMCSS - ok
17:09:25.0219 0180 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:09:25.0250 0180 Modem - ok
17:09:25.0297 0180 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:09:25.0344 0180 monitor - ok
17:09:25.0359 0180 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:09:25.0406 0180 mouclass - ok
17:09:25.0437 0180 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:09:25.0484 0180 mouhid - ok
17:09:25.0516 0180 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:09:25.0547 0180 mountmgr - ok
17:09:25.0562 0180 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:09:25.0609 0180 mpsdrv - ok
17:09:25.0656 0180 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:09:25.0750 0180 MpsSvc - ok
17:09:25.0766 0180 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:09:25.0844 0180 MRxDAV - ok
17:09:25.0891 0180 [ 79B6F3DF7CDFD12159871FF71464F0CE ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:09:25.0969 0180 mrxsmb - ok
17:09:26.0000 0180 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:09:26.0062 0180 mrxsmb10 - ok
17:09:26.0094 0180 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:09:26.0156 0180 mrxsmb20 - ok
17:09:26.0172 0180 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:09:26.0250 0180 MsBridge - ok
17:09:26.0281 0180 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:09:26.0312 0180 MSDTC - ok
17:09:26.0344 0180 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:09:26.0375 0180 Msfs - ok
17:09:26.0391 0180 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:09:26.0406 0180 msgpiowin32 - ok
17:09:26.0422 0180 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:09:26.0437 0180 mshidkmdf - ok
17:09:26.0453 0180 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:09:26.0484 0180 mshidumdf - ok
17:09:26.0500 0180 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:09:26.0531 0180 msisadrv - ok
17:09:26.0562 0180 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:09:26.0594 0180 MSiSCSI - ok
17:09:26.0594 0180 msiserver - ok
17:09:26.0609 0180 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:09:26.0703 0180 MSKSSRV - ok
17:09:26.0703 0180 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:09:26.0734 0180 MsLldp - ok
17:09:26.0750 0180 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:09:26.0797 0180 MSPCLOCK - ok
17:09:26.0797 0180 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:09:26.0812 0180 MSPQM - ok
17:09:26.0844 0180 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:09:26.0906 0180 MsRPC - ok
17:09:26.0922 0180 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:09:26.0953 0180 mssmbios - ok
17:09:26.0969 0180 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:09:27.0016 0180 MSTEE - ok
17:09:27.0047 0180 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:09:27.0078 0180 MTConfig - ok
17:09:27.0094 0180 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:09:27.0125 0180 Mup - ok
17:09:27.0125 0180 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:09:27.0141 0180 mvumis - ok
17:09:27.0188 0180 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:09:27.0266 0180 napagent - ok
17:09:27.0359 0180 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:09:27.0406 0180 NativeWifiP - ok
17:09:27.0484 0180 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
17:09:27.0547 0180 NAUpdate - ok
17:09:27.0578 0180 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:09:27.0625 0180 NcaSvc - ok
17:09:27.0641 0180 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:09:27.0688 0180 NcbService - ok
17:09:27.0703 0180 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:09:27.0781 0180 NcdAutoSetup - ok
17:09:27.0813 0180 [ ED39D676080A1AEA755F1DEC1A8DF1A4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:09:27.0894 0180 NDIS - ok
17:09:27.0925 0180 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:09:27.0972 0180 NdisCap - ok
17:09:27.0972 0180 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:09:28.0034 0180 NdisImPlatform - ok
17:09:28.0066 0180 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:09:28.0097 0180 NdisTapi - ok
17:09:28.0128 0180 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:09:28.0159 0180 Ndisuio - ok
17:09:28.0175 0180 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:09:28.0222 0180 NdisVirtualBus - ok
17:09:28.0253 0180 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:09:28.0300 0180 NdisWan - ok
17:09:28.0300 0180 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:09:28.0331 0180 NdisWanLegacy - ok
17:09:28.0362 0180 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:09:28.0425 0180 NDProxy - ok
17:09:28.0456 0180 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:09:28.0519 0180 Ndu - ok
17:09:28.0566 0180 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
17:09:28.0581 0180 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:09:28.0581 0180 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:09:28.0597 0180 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:09:28.0628 0180 NetBIOS - ok
17:09:28.0659 0180 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:09:28.0691 0180 NetBT - ok
17:09:28.0706 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:09:28.0722 0180 Netlogon - ok
17:09:28.0753 0180 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
17:09:28.0784 0180 Netman - ok
17:09:28.0831 0180 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:09:28.0878 0180 netprofm - ok
17:09:28.0925 0180 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:09:28.0941 0180 NetTcpPortSharing - ok
17:09:28.0988 0180 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:09:29.0019 0180 netvsc - ok
17:09:29.0040 0180 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:09:29.0071 0180 NlaSvc - ok
17:09:29.0087 0180 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:09:29.0103 0180 Npfs - ok
17:09:29.0134 0180 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:09:29.0134 0180 npsvctrig - ok
17:09:29.0150 0180 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:09:29.0196 0180 nsi - ok
17:09:29.0212 0180 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:09:29.0243 0180 nsiproxy - ok
17:09:29.0306 0180 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:09:29.0431 0180 Ntfs - ok
17:09:29.0446 0180 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:09:29.0462 0180 Null - ok
17:09:29.0478 0180 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:09:29.0493 0180 nvraid - ok
17:09:29.0509 0180 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:09:29.0509 0180 nvstor - ok
17:09:29.0525 0180 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:09:29.0543 0180 nv_agp - ok
17:09:29.0590 0180 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:09:29.0653 0180 p2pimsvc - ok
17:09:29.0700 0180 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:09:29.0747 0180 p2psvc - ok
17:09:29.0762 0180 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:09:29.0809 0180 Parport - ok
17:09:29.0840 0180 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:09:29.0872 0180 partmgr - ok
17:09:29.0903 0180 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:09:29.0950 0180 PcaSvc - ok
17:09:29.0965 0180 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
17:09:29.0981 0180 pci - ok
17:09:29.0997 0180 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:09:30.0012 0180 pciide - ok
17:09:30.0028 0180 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:09:30.0043 0180 pcmcia - ok
17:09:30.0059 0180 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:09:30.0059 0180 pcw - ok
17:09:30.0075 0180 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:09:30.0090 0180 pdc - ok
17:09:30.0122 0180 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:09:30.0153 0180 PEAUTH - ok
17:09:30.0231 0180 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:09:30.0293 0180 PerfHost - ok
17:09:30.0372 0180 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
17:09:30.0465 0180 pla - ok
17:09:30.0497 0180 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:09:30.0512 0180 PlugPlay - ok
17:09:30.0543 0180 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
17:09:30.0559 0180 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:09:30.0559 0180 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:09:30.0590 0180 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:09:30.0622 0180 PNRPAutoReg - ok
17:09:30.0637 0180 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:09:30.0684 0180 PNRPsvc - ok
17:09:30.0715 0180 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:09:30.0809 0180 PolicyAgent - ok
17:09:30.0825 0180 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
17:09:30.0872 0180 Power - ok
17:09:30.0981 0180 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:09:31.0106 0180 PrintNotify - ok
17:09:31.0122 0180 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:09:31.0153 0180 Processor - ok
17:09:31.0169 0180 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:09:31.0215 0180 ProfSvc - ok
17:09:31.0247 0180 [ 138DBAE80F390B22297ACD861BDA996E ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
17:09:31.0262 0180 Ps2Kb2Hid - ok
17:09:31.0294 0180 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:09:31.0387 0180 Psched - ok
17:09:31.0419 0180 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:09:31.0497 0180 QWAVE - ok
17:09:31.0512 0180 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:09:31.0559 0180 QWAVEdrv - ok
17:09:31.0591 0180 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:09:31.0637 0180 RasAcd - ok
17:09:31.0669 0180 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:09:31.0716 0180 RasAuto - ok
17:09:31.0747 0180 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:09:31.0825 0180 RasMan - ok
17:09:31.0841 0180 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:09:31.0887 0180 RasPppoe - ok
17:09:31.0903 0180 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:09:31.0934 0180 rdbss - ok
17:09:31.0950 0180 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:09:31.0981 0180 rdpbus - ok
17:09:31.0997 0180 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:09:32.0028 0180 RDPDR - ok
17:09:32.0070 0180 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:09:32.0117 0180 RdpVideoMiniport - ok
17:09:32.0133 0180 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:09:32.0195 0180 rdyboost - ok
17:09:32.0273 0180 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:09:32.0336 0180 ReFS - ok
17:09:32.0367 0180 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:09:32.0430 0180 RemoteAccess - ok
17:09:32.0476 0180 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:09:32.0523 0180 RemoteRegistry - ok
17:09:32.0539 0180 [ F61333867216EDE1A09A7C55FEDCB6A8 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
17:09:32.0570 0180 RfButtonDriverService - ok
17:09:32.0586 0180 [ 02307C86CB24769306B0DFA0C751952E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:09:32.0617 0180 RFCOMM - ok
17:09:32.0664 0180 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:09:32.0711 0180 RpcEptMapper - ok
17:09:32.0758 0180 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
17:09:32.0805 0180 RpcLocator - ok
17:09:32.0820 0180 [ 675C575444AAFD56B4E8A99EF8A570CD ] rpcnet C:\Windows\SysWOW64\rpcnet.exe
17:09:32.0851 0180 rpcnet - ok
17:09:32.0898 0180 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:09:32.0945 0180 RpcSs - ok
17:09:32.0961 0180 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:09:32.0992 0180 rspndr - ok
17:09:33.0023 0180 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:09:33.0070 0180 s3cap - ok
17:09:33.0102 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
17:09:33.0133 0180 SamSs - ok
17:09:33.0180 0180 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:09:33.0211 0180 sbp2port - ok
17:09:33.0242 0180 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:09:33.0289 0180 SCardSvr - ok
17:09:33.0305 0180 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:09:33.0336 0180 ScDeviceEnum - ok
17:09:33.0367 0180 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:09:33.0414 0180 scfilter - ok
17:09:33.0461 0180 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:09:33.0555 0180 Schedule - ok
17:09:33.0602 0180 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:09:33.0633 0180 SCPolicySvc - ok
17:09:33.0648 0180 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:09:33.0680 0180 sdbus - ok
17:09:33.0711 0180 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:09:33.0727 0180 sdstor - ok
17:09:33.0742 0180 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:09:33.0773 0180 secdrv - ok
17:09:33.0789 0180 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:09:33.0805 0180 seclogon - ok
17:09:33.0820 0180 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
17:09:33.0883 0180 SENS - ok
17:09:33.0914 0180 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:09:33.0945 0180 SensrSvc - ok
17:09:33.0977 0180 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:09:34.0023 0180 SerCx - ok
17:09:34.0070 0180 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:09:34.0117 0180 SerCx2 - ok
17:09:34.0133 0180 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:09:34.0148 0180 Serenum - ok
17:09:34.0164 0180 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:09:34.0211 0180 Serial - ok
17:09:34.0227 0180 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:09:34.0258 0180 sermouse - ok
17:09:34.0305 0180 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:09:34.0367 0180 SessionEnv - ok
17:09:34.0383 0180 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:09:34.0398 0180 sfloppy - ok
17:09:34.0445 0180 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:09:34.0508 0180 SharedAccess - ok
17:09:34.0539 0180 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:09:34.0617 0180 ShellHWDetection - ok
17:09:34.0633 0180 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:09:34.0633 0180 SiSRaid2 - ok
17:09:34.0649 0180 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:09:34.0680 0180 SiSRaid4 - ok
17:09:34.0727 0180 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
17:09:34.0774 0180 smphost - ok
17:09:34.0805 0180 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:09:34.0852 0180 SNMPTRAP - ok
17:09:34.0899 0180 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:09:34.0961 0180 spaceport - ok
17:09:34.0977 0180 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:09:35.0008 0180 SpbCx - ok
17:09:35.0039 0180 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:09:35.0117 0180 Spooler - ok
17:09:35.0274 0180 [ C993A0B97BECD3AAF5158E3869878465 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:09:35.0399 0180 sppsvc - ok
17:09:35.0446 0180 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:09:35.0477 0180 srv - ok
17:09:35.0508 0180 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:09:35.0586 0180 srv2 - ok
17:09:35.0602 0180 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:09:35.0649 0180 srvnet - ok
17:09:35.0680 0180 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:09:35.0727 0180 SSDPSRV - ok
17:09:35.0758 0180 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:09:35.0805 0180 SstpSvc - ok
17:09:35.0836 0180 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:09:35.0867 0180 stexstor - ok
17:09:35.0930 0180 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:09:35.0992 0180 stisvc - ok
17:09:36.0008 0180 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:09:36.0039 0180 storahci - ok
17:09:36.0055 0180 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:09:36.0086 0180 storflt - ok
17:09:36.0102 0180 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:09:36.0149 0180 stornvme - ok
17:09:36.0180 0180 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:09:36.0227 0180 StorSvc - ok
17:09:36.0242 0180 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:09:36.0289 0180 storvsc - ok
17:09:36.0336 0180 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
17:09:36.0399 0180 svsvc - ok
17:09:36.0430 0180 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:09:36.0461 0180 swenum - ok
17:09:36.0492 0180 [ 99453C649DC4B0BE6D062B701CD2917F ] swprv C:\WINDOWS\System32\swprv.dll
17:09:36.0539 0180 swprv - ok
17:09:36.0586 0180 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
17:09:36.0711 0180 SysMain - ok
17:09:36.0742 0180 [ D65B1C952AEB864C2BAC7A770B17ECCE ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:09:36.0789 0180 SystemEventsBroker - ok
17:09:36.0805 0180 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:09:36.0836 0180 TabletInputService - ok
17:09:36.0867 0180 [ 37589D9EA791EEF283A14179B2370A87 ] taphss6 C:\WINDOWS\system32\DRIVERS\taphss6.sys
17:09:36.0899 0180 taphss6 - ok
17:09:36.0930 0180 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:09:36.0977 0180 TapiSrv - ok
17:09:37.0039 0180 [ ECC68BD5347BDE9631EE68274858A41F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:09:37.0180 0180 Tcpip - ok
17:09:37.0227 0180 [ ECC68BD5347BDE9631EE68274858A41F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:09:37.0274 0180 TCPIP6 - ok
17:09:37.0305 0180 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:09:37.0336 0180 tcpipreg - ok
17:09:37.0383 0180 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:09:37.0430 0180 tdx - ok
17:09:37.0446 0180 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:09:37.0477 0180 terminpt - ok
17:09:37.0539 0180 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
17:09:37.0649 0180 TermService - ok
17:09:37.0664 0180 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
17:09:37.0742 0180 Themes - ok
17:09:37.0758 0180 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:09:37.0805 0180 THREADORDER - ok
17:09:37.0821 0180 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:09:37.0852 0180 TimeBroker - ok
17:09:37.0899 0180 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:09:37.0930 0180 TPM - ok
17:09:37.0946 0180 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:09:38.0008 0180 TrkWks - ok
17:09:38.0039 0180 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:09:38.0118 0180 TrustedInstaller - ok
17:09:38.0149 0180 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:09:38.0180 0180 TsUsbFlt - ok
17:09:38.0196 0180 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:09:38.0243 0180 TsUsbGD - ok
17:09:38.0258 0180 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:09:38.0305 0180 tunnel - ok
17:09:38.0305 0180 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:09:38.0336 0180 uagp35 - ok
17:09:38.0352 0180 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:09:38.0383 0180 UASPStor - ok
17:09:38.0414 0180 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:09:38.0477 0180 UCX01000 - ok
17:09:38.0493 0180 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:09:38.0571 0180 udfs - ok
17:09:38.0571 0180 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:09:38.0618 0180 UEFI - ok
17:09:38.0664 0180 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:09:38.0696 0180 UI0Detect - ok
17:09:38.0711 0180 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:09:38.0743 0180 uliagpkx - ok
17:09:38.0758 0180 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:09:38.0805 0180 umbus - ok
17:09:38.0821 0180 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:09:38.0852 0180 UmPass - ok
17:09:38.0914 0180 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:09:38.0961 0180 UmRdpService - ok
17:09:39.0071 0180 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:09:39.0118 0180 UNS - ok
17:09:39.0149 0180 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:09:39.0227 0180 upnphost - ok
17:09:39.0258 0180 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:09:39.0305 0180 usbccgp - ok
17:09:39.0321 0180 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:09:39.0352 0180 usbcir - ok
17:09:39.0383 0180 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:09:39.0414 0180 usbehci - ok
17:09:39.0446 0180 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:09:39.0478 0180 usbhub - ok
17:09:39.0509 0180 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:09:39.0524 0180 USBHUB3 - ok
17:09:39.0540 0180 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:09:39.0556 0180 usbohci - ok
17:09:39.0556 0180 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:09:39.0587 0180 usbprint - ok
17:09:39.0618 0180 [ F04D164C4168701A4E7835607722E5F1 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:09:39.0665 0180 usbscan - ok
17:09:39.0696 0180 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:09:39.0728 0180 USBSTOR - ok
17:09:39.0759 0180 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:09:39.0774 0180 usbuhci - ok
17:09:39.0806 0180 [ 18F744E8CCEB2670040EBAF7AD77B8C6 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:09:39.0837 0180 usbvideo - ok
17:09:39.0884 0180 [ 3B44CB989757428208CCFCC028C13110 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:09:39.0931 0180 USBXHCI - ok
17:09:39.0946 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:09:39.0962 0180 VaultSvc - ok
17:09:39.0993 0180 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
17:09:40.0024 0180 VBoxNetAdp - ok
17:09:40.0024 0180 VBoxNetFlt - ok
17:09:40.0040 0180 VBoxUSB - ok
17:09:40.0056 0180 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:09:40.0071 0180 vdrvroot - ok
17:09:40.0134 0180 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
17:09:40.0228 0180 vds - ok
17:09:40.0243 0180 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:09:40.0259 0180 VerifierExt - ok
17:09:40.0274 0180 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:09:40.0306 0180 vhdmp - ok
17:09:40.0337 0180 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
17:09:40.0337 0180 viaide - ok
17:09:40.0368 0180 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:09:40.0384 0180 vmbus - ok
17:09:40.0384 0180 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:09:40.0384 0180 VMBusHID - ok
17:09:40.0446 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:09:40.0493 0180 vmicguestinterface - ok
17:09:40.0509 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
17:09:40.0540 0180 vmicheartbeat - ok
17:09:40.0556 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:09:40.0571 0180 vmickvpexchange - ok
17:09:40.0587 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
17:09:40.0603 0180 vmicrdv - ok
17:09:40.0618 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
17:09:40.0649 0180 vmicshutdown - ok
17:09:40.0649 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
17:09:40.0681 0180 vmictimesync - ok
17:09:40.0681 0180 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
17:09:40.0712 0180 vmicvss - ok
17:09:40.0728 0180 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:09:40.0759 0180 volmgr - ok
17:09:40.0774 0180 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:09:40.0806 0180 volmgrx - ok
17:09:40.0837 0180 [ C85C075DE5B6D0FE116043054DE8EE02 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:09:40.0884 0180 volsnap - ok
17:09:40.0915 0180 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:09:40.0931 0180 vpci - ok
17:09:40.0946 0180 vpnva - ok
17:09:40.0993 0180 [ F8C69EB4CC46FD2681B65212CA20DD97 ] Vsdatant C:\WINDOWS\system32\drivers\vsdatant.sys
17:09:41.0040 0180 Vsdatant - ok
17:09:41.0071 0180 vsmon - ok
17:09:41.0118 0180 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:09:41.0165 0180 vsmraid - ok
17:09:41.0212 0180 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
17:09:41.0290 0180 VSS - ok
17:09:41.0306 0180 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:09:41.0368 0180 VSTXRAID - ok
17:09:41.0400 0180 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:09:41.0415 0180 vwifibus - ok
17:09:41.0446 0180 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:09:41.0478 0180 vwififlt - ok
17:09:41.0493 0180 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:09:41.0540 0180 vwifimp - ok
17:09:41.0587 0180 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
17:09:41.0634 0180 W32Time - ok
17:09:41.0634 0180 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:09:41.0665 0180 WacomPen - ok
17:09:41.0743 0180 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
17:09:41.0837 0180 wbengine - ok
17:09:41.0871 0180 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:09:41.0918 0180 WbioSrvc - ok
17:09:41.0934 0180 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:09:41.0949 0180 Wcmsvc - ok
17:09:41.0996 0180 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:09:42.0043 0180 wcncsvc - ok
17:09:42.0059 0180 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:09:42.0121 0180 WcsPlugInService - ok
17:09:42.0137 0180 [ 241895E8A9C158DF86E12FDD21033A32 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:09:42.0184 0180 WdBoot - ok
17:09:42.0231 0180 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:09:42.0309 0180 Wdf01000 - ok
17:09:42.0340 0180 [ C52148456E0F6EAD9E903020A79207FC ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:09:42.0371 0180 WdFilter - ok
17:09:42.0402 0180 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:09:42.0449 0180 WdiServiceHost - ok
17:09:42.0465 0180 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:09:42.0496 0180 WdiSystemHost - ok
17:09:42.0527 0180 [ 57F22324FAAF92ADF957B281E88F1743 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:09:42.0559 0180 WdNisDrv - ok
17:09:42.0590 0180 WdNisSvc - ok
17:09:42.0606 0180 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:09:42.0668 0180 WebClient - ok
17:09:42.0715 0180 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:09:42.0777 0180 Wecsvc - ok
17:09:42.0793 0180 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
17:09:42.0824 0180 WEPHOSTSVC - ok
17:09:42.0840 0180 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:09:42.0902 0180 wercplsupport - ok
17:09:42.0902 0180 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:09:42.0934 0180 WerSvc - ok
17:09:42.0965 0180 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:09:42.0981 0180 WFPLWFS - ok
17:09:42.0996 0180 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:09:43.0027 0180 WiaRpc - ok
17:09:43.0059 0180 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:09:43.0090 0180 WIMMount - ok
17:09:43.0090 0180 WinDefend - ok
17:09:43.0137 0180 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:09:43.0215 0180 WinHttpAutoProxySvc - ok
17:09:43.0263 0180 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:09:43.0309 0180 Winmgmt - ok
17:09:43.0388 0180 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:09:43.0497 0180 WinRM - ok
17:09:43.0576 0180 [ 728D3349FAB251B0265EFA55C67DCA2D ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:09:43.0669 0180 WlanSvc - ok
17:09:43.0716 0180 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:09:43.0857 0180 wlidsvc - ok
17:09:43.0904 0180 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:09:43.0935 0180 WmiAcpi - ok
17:09:43.0982 0180 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:09:44.0013 0180 wmiApSrv - ok
17:09:44.0044 0180 WMPNetworkSvc - ok
17:09:44.0122 0180 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
17:09:44.0216 0180 workfolderssvc - ok
17:09:44.0263 0180 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:09:44.0279 0180 wpcfltr - ok
17:09:44.0294 0180 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
17:09:44.0326 0180 WPCSvc - ok
17:09:44.0341 0180 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:09:44.0372 0180 WPDBusEnum - ok
17:09:44.0388 0180 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:09:44.0404 0180 WpdUpFltr - ok
17:09:44.0419 0180 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:09:44.0466 0180 ws2ifsl - ok
17:09:44.0482 0180 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:09:44.0529 0180 wscsvc - ok
17:09:44.0529 0180 WSearch - ok
17:09:44.0638 0180 [ D8E3A4701376CCFD0BE542D745FA4809 ] WSService C:\WINDOWS\System32\WSService.dll
17:09:44.0810 0180 WSService - ok
17:09:44.0888 0180 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:09:45.0040 0180 wuauserv - ok
17:09:45.0071 0180 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:09:45.0071 0180 WudfPf - ok
17:09:45.0118 0180 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
17:09:45.0149 0180 WUDFRd - ok
17:09:45.0181 0180 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:09:45.0227 0180 wudfsvc - ok
17:09:45.0227 0180 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:09:45.0259 0180 WUDFWpdFs - ok
17:09:45.0281 0180 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:09:45.0328 0180 WwanSvc - ok
17:09:45.0344 0180 [ F0814A5318A534E4742F5358DF59F3AD ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
17:09:45.0375 0180 ZAPrivacyService - ok
Geändert von Tandem (09.04.2014 um 00:51 Uhr) |
|
09.04.2014, 00:31
| #5 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 2/8: Code:
ATTFilter 17:09:45.0375 0180 ================ Scan global ===============================
17:09:45.0447 0180 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
17:09:45.0487 0180 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
17:09:45.0534 0180 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
17:09:45.0565 0180 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
17:09:45.0597 0180 [Global] - ok
17:09:45.0597 0180 ================ Scan MBR ==================================
17:09:45.0612 0180 [ 2AC0B3750D124F1F8D5FB9BB25EF9036 ] \Device\Harddisk0\DR0
17:09:45.0740 0180 \Device\Harddisk0\DR0 - ok
17:09:45.0740 0180 ================ Scan VBR ==================================
17:09:45.0771 0180 [ 58F6F415AA7132AB27319E8CCC14B98A ] \Device\Harddisk0\DR0\Partition1
17:09:45.0771 0180 \Device\Harddisk0\DR0\Partition1 - ok
17:09:45.0787 0180 [ 18AAD0907CE8C462C5A914CCB6FE4BED ] \Device\Harddisk0\DR0\Partition2
17:09:45.0787 0180 \Device\Harddisk0\DR0\Partition2 - ok
17:09:45.0802 0180 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:09:45.0802 0180 \Device\Harddisk0\DR0\Partition3 - ok
17:09:45.0818 0180 [ A79F3B0F13F1D5940F05C8710761DD97 ] \Device\Harddisk0\DR0\Partition4
17:09:45.0818 0180 \Device\Harddisk0\DR0\Partition4 - ok
17:09:45.0865 0180 [ 08D9FE6AEE866289048C2BC59BE9BC20 ] \Device\Harddisk0\DR0\Partition5
17:09:45.0865 0180 \Device\Harddisk0\DR0\Partition5 - ok
17:09:45.0880 0180 [ AAD1BDF2CF07F5F40EE9BE4B7FB64F36 ] \Device\Harddisk0\DR0\Partition6
17:09:45.0896 0180 \Device\Harddisk0\DR0\Partition6 - ok
17:09:45.0896 0180 ================ Scan active images ========================
17:09:45.0896 0180 [ FA47B0AA255B7CF4519E995C6404AE22 ] C:\Windows\System32\drivers\crashdmp.sys
17:09:45.0896 0180 C:\Windows\System32\drivers\crashdmp.sys - ok
17:09:45.0912 0180 [ 224C2CB37497472C345CB2A02DF11363 ] C:\Windows\System32\drivers\Diskdump.sys
17:09:45.0912 0180 C:\Windows\System32\drivers\Diskdump.sys - ok
17:09:45.0912 0180 [ 05C674A72412E6400D5A2684C867402D ] C:\Windows\System32\drivers\dumpfve.sys
17:09:45.0912 0180 C:\Windows\System32\drivers\dumpfve.sys - ok
17:09:45.0927 0180 [ 6C024B3AE192D72B216166802AF345DD ] C:\Windows\System32\drivers\iaStorA.sys
17:09:45.0927 0180 C:\Windows\System32\drivers\iaStorA.sys - ok
17:09:45.0927 0180 [ C6796EA22B513E3457514D92DCDB1A3D ] C:\Windows\System32\drivers\cdrom.sys
17:09:45.0927 0180 C:\Windows\System32\drivers\cdrom.sys - ok
17:09:45.0927 0180 [ 0885F0E0F03B19D685029540522BFD5C ] C:\Windows\System32\drivers\klflt.sys
17:09:45.0927 0180 C:\Windows\System32\drivers\klflt.sys - ok
17:09:45.0943 0180 [ 36A77AFB95BDD99E7E678D4B070AA2B9 ] C:\Windows\System32\drivers\klif.sys
17:09:45.0943 0180 C:\Windows\System32\drivers\klif.sys - ok
17:09:45.0943 0180 [ EF1B290FC9F0E47CC0B537292BEE5904 ] C:\Windows\System32\drivers\null.sys
17:09:45.0943 0180 C:\Windows\System32\drivers\null.sys - ok
17:09:45.0943 0180 [ EC19013E4CF87609534165DF897274D6 ] C:\Windows\System32\drivers\beep.sys
17:09:45.0943 0180 C:\Windows\System32\drivers\beep.sys - ok
17:09:45.0959 0180 [ 2748E116F8621A4DB0D39FCDD7318C01 ] C:\Windows\System32\drivers\BasicRender.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\BasicRender.sys - ok
17:09:45.0959 0180 [ A3D1CB64DF885ACE126543E6D7067348 ] C:\Windows\System32\drivers\dxgkrnl.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:09:45.0959 0180 [ 602811E8AAE68030C151345C84A0CDAF ] C:\Windows\System32\drivers\watchdog.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\watchdog.sys - ok
17:09:45.0959 0180 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] C:\Windows\System32\drivers\BasicDisplay.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\BasicDisplay.sys - ok
17:09:45.0959 0180 [ 9E167CDB2AEEF7994434543D0543AEEB ] C:\Windows\System32\drivers\dxgmms1.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:09:45.0959 0180 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] C:\Windows\System32\drivers\npfs.sys
17:09:45.0959 0180 C:\Windows\System32\drivers\npfs.sys - ok
17:09:45.0974 0180 [ D13329FBF8345B28AB30F44CC247DC08 ] C:\Windows\System32\drivers\msfs.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\msfs.sys - ok
17:09:45.0974 0180 [ 3C7361E0A5A6966DB957B94ECF924A9E ] C:\Windows\System32\drivers\tdi.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\tdi.sys - ok
17:09:45.0974 0180 [ FFF28F9F6823EB1756C60F1649560BBF ] C:\Windows\System32\drivers\tdx.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\tdx.sys - ok
17:09:45.0974 0180 [ F8C69EB4CC46FD2681B65212CA20DD97 ] C:\Windows\System32\drivers\vsdatant.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\vsdatant.sys - ok
17:09:45.0974 0180 [ 0217532E19A748F0E5D569307363D5FD ] C:\Windows\System32\drivers\netbt.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\netbt.sys - ok
17:09:45.0974 0180 [ 239268BAB58EAE9A3FF4E08334C00451 ] C:\Windows\System32\drivers\afd.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\afd.sys - ok
17:09:45.0974 0180 [ A83D67D347A684F10B7D3019C8A6380C ] C:\Windows\System32\drivers\netbios.sys
17:09:45.0974 0180 C:\Windows\System32\drivers\netbios.sys - ok
17:09:45.0990 0180 [ 8528BB05E4D4E25945F78B00B2555FB7 ] C:\Windows\System32\drivers\pacer.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\pacer.sys - ok
17:09:45.0990 0180 [ B939A2A0F9D6C6C186721E268EB6FA93 ] C:\Windows\System32\drivers\rdbss.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\rdbss.sys - ok
17:09:45.0990 0180 [ 6B26AD573CCDD5209DF4397438B76354 ] C:\Windows\System32\drivers\vwififlt.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\vwififlt.sys - ok
17:09:45.0990 0180 [ 315BA4BC19316D72B2E037534E048B93 ] C:\Windows\System32\drivers\dam.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\dam.sys - ok
17:09:45.0990 0180 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] C:\Windows\System32\drivers\dfsc.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\dfsc.sys - ok
17:09:45.0990 0180 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] C:\Windows\System32\drivers\mssmbios.sys
17:09:45.0990 0180 C:\Windows\System32\drivers\mssmbios.sys - ok
17:09:46.0005 0180 [ CBDB4F0871C88DF930FC0E8588CA67FC ] C:\Windows\System32\drivers\npsvctrig.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\npsvctrig.sys - ok
17:09:46.0005 0180 [ E490B459978CB87779E84C761D22B827 ] C:\Windows\System32\drivers\nsiproxy.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:09:46.0005 0180 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] C:\Windows\System32\drivers\avkmgr.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\avkmgr.sys - ok
17:09:46.0005 0180 [ C3A58DBD18786C338126D30BF8C33D72 ] C:\Windows\System32\drivers\avipbb.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\avipbb.sys - ok
17:09:46.0005 0180 [ 8E8E34B7BA059050EED827410D0697A2 ] C:\Windows\System32\drivers\ahcache.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\ahcache.sys - ok
17:09:46.0005 0180 [ 03AAED827C36F35D70900558B8274905 ] C:\Windows\System32\drivers\CompositeBus.sys
17:09:46.0005 0180 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:09:46.0021 0180 [ 813871C7D402A05F2E3A7075F9584A05 ] C:\Windows\System32\drivers\kdnic.sys
17:09:46.0021 0180 C:\Windows\System32\drivers\kdnic.sys - ok
17:09:46.0021 0180 [ DA34C39A18E60E7C3FA0630566408034 ] C:\Windows\System32\drivers\umbus.sys
17:09:46.0021 0180 C:\Windows\System32\drivers\umbus.sys - ok
17:09:46.0021 0180 [ D81C3AAEE50F952A20C3548809CB5CE7 ] C:\Windows\System32\ntdll.dll
17:09:46.0021 0180 C:\Windows\System32\ntdll.dll - ok
17:09:46.0021 0180 [ 89B91AEEE4C0C5D3708C0F177C97B630 ] C:\Windows\System32\smss.exe
17:09:46.0021 0180 C:\Windows\System32\smss.exe - ok
17:09:46.0021 0180 [ 4F6363C26B4A3DDBC9FAFCBA68602B01 ] C:\Windows\System32\drivers\igdkmd64.sys
17:09:46.0021 0180 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:09:46.0021 0180 [ 3B44CB989757428208CCFCC028C13110 ] C:\Windows\System32\drivers\USBXHCI.SYS
17:09:46.0021 0180 C:\Windows\System32\drivers\USBXHCI.SYS - ok
17:09:46.0037 0180 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] C:\Windows\System32\drivers\UCX01000.SYS
17:09:46.0037 0180 C:\Windows\System32\drivers\UCX01000.SYS - ok
17:09:46.0037 0180 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] C:\Windows\System32\drivers\HECIx64.sys
17:09:46.0037 0180 C:\Windows\System32\drivers\HECIx64.sys - ok
17:09:46.0037 0180 [ 32F2E6BAD9FA8E14B55E97280661801E ] C:\Windows\System32\drivers\usbport.sys
17:09:46.0037 0180 C:\Windows\System32\drivers\usbport.sys - ok
17:09:46.0037 0180 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] C:\Windows\System32\drivers\hdaudbus.sys
17:09:46.0037 0180 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:09:46.0037 0180 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] C:\Windows\System32\drivers\usbehci.sys
17:09:46.0037 0180 C:\Windows\System32\drivers\usbehci.sys - ok
17:09:46.0037 0180 [ 8F62F985BDD2F333A3EE34D54894363D ] C:\Windows\System32\drivers\bScsiSDa.sys
17:09:46.0037 0180 C:\Windows\System32\drivers\bScsiSDa.sys - ok
17:09:46.0052 0180 [ 1C4EB3ACEA98CAD8FC7CF50F629FF0C6 ] C:\Windows\System32\drivers\scsiport.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\scsiport.sys - ok
17:09:46.0052 0180 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] C:\Windows\System32\drivers\i8042prt.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\i8042prt.sys - ok
17:09:46.0052 0180 [ 138DBAE80F390B22297ACD861BDA996E ] C:\Windows\System32\drivers\aPs2Kb2Hid.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\aPs2Kb2Hid.sys - ok
17:09:46.0052 0180 [ AC20C1DAC4E6E871F2930D57EF0906B3 ] C:\Windows\System32\drivers\ETD.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\ETD.sys - ok
17:09:46.0052 0180 [ ADB26481D4D247C1D6986EC45FFDAB53 ] C:\Windows\System32\drivers\hidclass.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\hidclass.sys - ok
17:09:46.0052 0180 [ 7FFB24B4A54B1ACD46CF6899D879CC9F ] C:\Windows\System32\drivers\hidparse.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\hidparse.sys - ok
17:09:46.0052 0180 [ 99387C515F80270F097F6DD9B5315649 ] C:\Windows\System32\drivers\battc.sys
17:09:46.0052 0180 C:\Windows\System32\drivers\battc.sys - ok
17:09:46.0068 0180 [ EF6EF85DADC3184A10D8F2F7159973CB ] C:\Windows\System32\drivers\CmBatt.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\CmBatt.sys - ok
17:09:46.0068 0180 [ CEAC6D40FE887CE8406C2393CF97DE06 ] C:\Windows\System32\drivers\mouclass.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\mouclass.sys - ok
17:09:46.0068 0180 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] C:\Windows\System32\drivers\wmiacpi.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:09:46.0068 0180 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] C:\Windows\System32\drivers\intelppm.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\intelppm.sys - ok
17:09:46.0068 0180 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] C:\Windows\System32\drivers\NdisVirtualBus.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
17:09:46.0068 0180 [ EE03564B7FAFE2E44EDA33D52E83B4A3 ] C:\Windows\System32\drivers\iwdbus.sys
17:09:46.0068 0180 C:\Windows\System32\drivers\iwdbus.sys - ok
17:09:46.0084 0180 [ 65EBBB459B66C818E809DD8135DCFFA2 ] C:\Windows\System32\drivers\ks.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\ks.sys - ok
17:09:46.0084 0180 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] C:\Windows\System32\drivers\rdpbus.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\rdpbus.sys - ok
17:09:46.0084 0180 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] C:\Windows\System32\drivers\swenum.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\swenum.sys - ok
17:09:46.0084 0180 [ 882222A9961418A75A08CB68671679D5 ] C:\Windows\System32\drivers\usbd.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\usbd.sys - ok
17:09:46.0084 0180 [ DF56C2C04EFA328D7A66B69007130266 ] C:\Windows\System32\drivers\usbhub.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\usbhub.sys - ok
17:09:46.0084 0180 [ 8BE92376799B6B44D543E8D07CDCF885 ] C:\Windows\System32\drivers\kbdclass.sys
17:09:46.0084 0180 C:\Windows\System32\drivers\kbdclass.sys - ok
17:09:46.0099 0180 [ FB6E47E569D4872ABEB506BE03A45FBA ] C:\Windows\System32\drivers\kbdhid.sys
17:09:46.0099 0180 C:\Windows\System32\drivers\kbdhid.sys - ok
17:09:46.0099 0180 [ C0E33820326199CE3CFD3B9F27F81D99 ] C:\Windows\System32\drivers\USBHUB3.SYS
17:09:46.0099 0180 C:\Windows\System32\drivers\USBHUB3.SYS - ok
17:09:46.0099 0180 [ 3103BBAB41F0C75BE6FA302439C9B9D6 ] C:\Windows\System32\drivers\drmk.sys
17:09:46.0099 0180 C:\Windows\System32\drivers\drmk.sys - ok
17:09:46.0099 0180 [ 486F21443BD82029284AE82F238DA44C ] C:\Windows\System32\drivers\portcls.sys
17:09:46.0099 0180 C:\Windows\System32\drivers\portcls.sys - ok
17:09:46.0099 0180 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] C:\Windows\System32\drivers\RTKVHD64.sys
17:09:46.0099 0180 C:\Windows\System32\drivers\RTKVHD64.sys - ok
17:09:46.0099 0180 [ F5495B38BFB9149925F54F65AB40EFBF ] C:\Windows\System32\drivers\IntcDAud.sys
17:09:46.0099 0180 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:09:46.0115 0180 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] C:\Windows\System32\drivers\ksthunk.sys
17:09:46.0115 0180 C:\Windows\System32\drivers\ksthunk.sys - ok
17:09:46.0115 0180 [ 5D086AB43484A2DF5BE0AD28EC354728 ] C:\Windows\System32\wpbbin.exe
17:09:46.0115 0180 C:\Windows\System32\wpbbin.exe - ok
17:09:46.0115 0180 [ A7316E660E2DAC6D94A3B1D820C3A7F4 ] C:\Windows\SysWOW64\ntdll.dll
17:09:46.0115 0180 C:\Windows\SysWOW64\ntdll.dll - ok
17:09:46.0115 0180 [ FADE737DEAFE3BF4CFC151AD0F548A47 ] C:\Windows\System32\wow64.dll
17:09:46.0115 0180 C:\Windows\System32\wow64.dll - ok
17:09:46.0115 0180 [ 450C44450C72E3C75CEFA5E9C8371A23 ] C:\Windows\System32\wow64win.dll
17:09:46.0115 0180 C:\Windows\System32\wow64win.dll - ok
17:09:46.0115 0180 [ CFADC50692A845BAC30940E203393219 ] C:\Windows\System32\kernel32.dll
17:09:46.0115 0180 C:\Windows\System32\kernel32.dll - ok
17:09:46.0115 0180 [ CC29613C244DA266D40DBACC108FEAB5 ] C:\Windows\System32\wow64cpu.dll
17:09:46.0115 0180 C:\Windows\System32\wow64cpu.dll - ok
17:09:46.0130 0180 [ 6C8AC5035C39C818624EFA962B24AB3D ] C:\Windows\SysWOW64\kernel32.dll
17:09:46.0130 0180 C:\Windows\SysWOW64\kernel32.dll - ok
17:09:46.0130 0180 [ 1A811BAFA2114C2FC878507F9F86566C ] C:\Windows\System32\user32.dll
17:09:46.0130 0180 C:\Windows\System32\user32.dll - ok
17:09:46.0130 0180 [ 37D01B8BC15E263F4405367C9A442824 ] C:\Windows\System32\autochk.exe
17:09:46.0130 0180 C:\Windows\System32\autochk.exe - ok
17:09:46.0130 0180 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:09:46.0130 0180 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:09:46.0130 0180 [ 433ECDE01A52691FA7ACA51C10C09B70 ] C:\Windows\System32\drivers\usbccgp.sys
17:09:46.0130 0180 C:\Windows\System32\drivers\usbccgp.sys - ok
17:09:46.0130 0180 [ F31397220D9687E11EB448649AA6E038 ] C:\Windows\System32\drivers\hidusb.sys
17:09:46.0130 0180 C:\Windows\System32\drivers\hidusb.sys - ok
17:09:46.0146 0180 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] C:\Windows\System32\drivers\mouhid.sys
17:09:46.0146 0180 C:\Windows\System32\drivers\mouhid.sys - ok
17:09:46.0146 0180 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] C:\Windows\System32\drivers\fastfat.sys
17:09:46.0146 0180 C:\Windows\System32\drivers\fastfat.sys - ok
17:09:46.0146 0180 [ A4B86A08CEC7841895C817430CB76CE2 ] C:\Windows\System32\clbcatq.dll
17:09:46.0146 0180 C:\Windows\System32\clbcatq.dll - ok
17:09:46.0146 0180 [ 6F997D98C6A30D79C622811FBAB9119E ] C:\Windows\System32\ws2_32.dll
17:09:46.0146 0180 C:\Windows\System32\ws2_32.dll - ok
17:09:46.0146 0180 [ D84E30C42F76768B2040EB2A32A0F6E3 ] C:\Windows\System32\advapi32.dll
17:09:46.0146 0180 C:\Windows\System32\advapi32.dll - ok
17:09:46.0146 0180 [ F3A96882598EA84470646C6501917A98 ] C:\Windows\System32\imm32.dll
17:09:46.0146 0180 C:\Windows\System32\imm32.dll - ok
17:09:46.0146 0180 [ DB0F2D3A7561ECC396DF8878674B6DD9 ] C:\Windows\System32\ole32.dll
17:09:46.0146 0180 C:\Windows\System32\ole32.dll - ok
17:09:46.0162 0180 [ B7564AB4F8A12A16C568F256EC6C429B ] C:\Windows\System32\psapi.dll
17:09:46.0162 0180 C:\Windows\System32\psapi.dll - ok
17:09:46.0162 0180 [ DACC0040F6BB7F524BAE1D653B9FC329 ] C:\Windows\System32\Wldap32.dll
17:09:46.0162 0180 C:\Windows\System32\Wldap32.dll - ok
17:09:46.0162 0180 [ 8ACE1F60D8C4E8209F25BF945A828D96 ] C:\Windows\System32\comdlg32.dll
17:09:46.0162 0180 C:\Windows\System32\comdlg32.dll - ok
17:09:46.0162 0180 [ 447CB6699A8EAD2BC516991738A16277 ] C:\Windows\System32\imagehlp.dll
17:09:46.0162 0180 C:\Windows\System32\imagehlp.dll - ok
17:09:46.0162 0180 [ 74B258D5896FC8F8256E8D03459AC2A2 ] C:\Windows\System32\lpk.dll
17:09:46.0162 0180 C:\Windows\System32\lpk.dll - ok
17:09:46.0162 0180 [ 905A32D35E8CC1F08F040F77B03697FF ] C:\Windows\System32\shlwapi.dll
17:09:46.0162 0180 C:\Windows\System32\shlwapi.dll - ok
17:09:46.0162 0180 [ 5F9799975EAB95431BF78428B26B4FF6 ] C:\Windows\System32\shell32.dll
17:09:46.0162 0180 C:\Windows\System32\shell32.dll - ok
17:09:46.0177 0180 [ 1AEFA4B25F72772F131D760F664ED7E1 ] C:\Windows\System32\difxapi.dll
17:09:46.0177 0180 C:\Windows\System32\difxapi.dll - ok
17:09:46.0177 0180 [ 722B699957393AC38AD18C84964EFFA6 ] C:\Windows\System32\setupapi.dll
17:09:46.0177 0180 C:\Windows\System32\setupapi.dll - ok
17:09:46.0177 0180 [ C49981A2AD6B2793891075FD514F5728 ] C:\Windows\System32\gdi32.dll
17:09:46.0177 0180 C:\Windows\System32\gdi32.dll - ok
17:09:46.0177 0180 [ B65523C830308241407F6EBCC6484E70 ] C:\Windows\System32\sechost.dll
17:09:46.0177 0180 C:\Windows\System32\sechost.dll - ok
17:09:46.0177 0180 [ AD5CE3C874A6229D4B80F977FAF6EF87 ] C:\Windows\System32\GdiPlus.dll
17:09:46.0177 0180 C:\Windows\System32\GdiPlus.dll - ok
17:09:46.0177 0180 [ CFCDAAA210D62B277A2183F62FEE068F ] C:\Windows\System32\rpcrt4.dll
17:09:46.0177 0180 C:\Windows\System32\rpcrt4.dll - ok
17:09:46.0193 0180 [ 179E2B1F19FD949761EEAB36AD5DAB35 ] C:\Windows\System32\msctf.dll
17:09:46.0193 0180 C:\Windows\System32\msctf.dll - ok
17:09:46.0193 0180 [ C039246195C736A602F581D29F18A43D ] C:\Windows\System32\combase.dll
17:09:46.0193 0180 C:\Windows\System32\combase.dll - ok
17:09:46.0193 0180 [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC ] C:\Windows\System32\normaliz.dll
17:09:46.0193 0180 C:\Windows\System32\normaliz.dll - ok
17:09:46.0193 0180 [ 7CE4D5AB5626A26A6E6DFC7397179841 ] C:\Windows\System32\msvcrt.dll
17:09:46.0193 0180 C:\Windows\System32\msvcrt.dll - ok
17:09:46.0193 0180 [ 75428240F81D41B9F8F7CE5DDB07CA0F ] C:\Windows\System32\nsi.dll
17:09:46.0193 0180 C:\Windows\System32\nsi.dll - ok
17:09:46.0193 0180 [ B9FC41CEC711DC0E1BFE927EEDC49176 ] C:\Windows\System32\oleaut32.dll
17:09:46.0193 0180 C:\Windows\System32\oleaut32.dll - ok
17:09:46.0193 0180 [ 980CDCBF3EDB80CA20921F2C88260406 ] C:\Windows\System32\comctl32.dll
17:09:46.0193 0180 C:\Windows\System32\comctl32.dll - ok
17:09:46.0209 0180 [ 6EFAF0D87291F9FBD7C0ED3BD56511AA ] C:\Windows\System32\crypt32.dll
17:09:46.0209 0180 C:\Windows\System32\crypt32.dll - ok
17:09:46.0209 0180 [ 8D2DF744C20A8960C022BF71505D3B45 ] C:\Windows\System32\cfgmgr32.dll
17:09:46.0209 0180 C:\Windows\System32\cfgmgr32.dll - ok
17:09:46.0209 0180 [ D13EE1D0B33D2B19C048EFA53DD41A2B ] C:\Windows\System32\KernelBase.dll
17:09:46.0209 0180 C:\Windows\System32\KernelBase.dll - ok
17:09:46.0209 0180 [ 05579A2C16277280E0FAD02245B80C2D ] C:\Windows\System32\wintrust.dll
17:09:46.0209 0180 C:\Windows\System32\wintrust.dll - ok
17:09:46.0209 0180 [ 7DA935827BC3F48AE146BA4B2755F1AD ] C:\Windows\System32\msasn1.dll
17:09:46.0209 0180 C:\Windows\System32\msasn1.dll - ok
17:09:46.0209 0180 [ 00542019B2969529C5E9C68C83BD6F88 ] C:\Windows\SysWOW64\normaliz.dll
17:09:46.0209 0180 C:\Windows\SysWOW64\normaliz.dll - ok
17:09:46.0224 0180 [ 32F9650CD23F6F36706E9EA23ECCF484 ] C:\Windows\SysWOW64\lpk.dll
17:09:46.0224 0180 C:\Windows\SysWOW64\lpk.dll - ok
17:09:46.0224 0180 [ 1A69D165DDA78A4329B854D4FEDAD132 ] C:\Windows\System32\win32k.sys
17:09:46.0224 0180 C:\Windows\System32\win32k.sys - ok
17:09:46.0224 0180 [ B2D3F07F5E8A13AF988A8B3C0A800880 ] C:\Windows\System32\csrss.exe
17:09:46.0224 0180 C:\Windows\System32\csrss.exe - ok
17:09:46.0224 0180 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\Windows\System32\basesrv.dll
17:09:46.0224 0180 C:\Windows\System32\basesrv.dll - ok
17:09:46.0224 0180 [ 885901A37E73FA25F3F87A848BA8033F ] C:\Windows\System32\csrsrv.dll
17:09:46.0224 0180 C:\Windows\System32\csrsrv.dll - ok
17:09:46.0224 0180 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\Windows\System32\winsrv.dll
17:09:46.0224 0180 C:\Windows\System32\winsrv.dll - ok
17:09:46.0224 0180 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] C:\Windows\System32\drivers\monitor.sys
17:09:46.0224 0180 C:\Windows\System32\drivers\monitor.sys - ok
17:09:46.0240 0180 [ 8D3421127B05432B743719C239ABF80F ] C:\Windows\System32\tsddd.dll
17:09:46.0240 0180 C:\Windows\System32\tsddd.dll - ok
17:09:46.0240 0180 [ 57E1B83BB52651FF388788D8C4F12C80 ] C:\Windows\System32\KBDGR.DLL
17:09:46.0240 0180 C:\Windows\System32\KBDGR.DLL - ok
17:09:46.0240 0180 [ 8ED638461EFFCF584AF5A8C291A2F9DF ] C:\Windows\System32\profapi.dll
17:09:46.0240 0180 C:\Windows\System32\profapi.dll - ok
17:09:46.0240 0180 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\Windows\System32\sxssrv.dll
17:09:46.0240 0180 C:\Windows\System32\sxssrv.dll - ok
17:09:46.0240 0180 [ 48CFA7BE561A7BE144C29BB912055016 ] C:\Windows\System32\wininit.exe
17:09:46.0240 0180 C:\Windows\System32\wininit.exe - ok
17:09:46.0240 0180 [ 55D0BC5BA19B1BA3A82F75A33828BCC0 ] C:\Windows\System32\wininitext.dll
17:09:46.0240 0180 C:\Windows\System32\wininitext.dll - ok
17:09:46.0240 0180 [ 5EC5EC3A6118227CA3FFD1353BC61344 ] C:\Windows\System32\cdd.dll
17:09:46.0240 0180 C:\Windows\System32\cdd.dll - ok
17:09:46.0255 0180 [ 7C94FDA3809015B8F2208D2E1C221F17 ] C:\Windows\System32\winlogon.exe
17:09:46.0255 0180 C:\Windows\System32\winlogon.exe - ok
17:09:46.0255 0180 [ 1DBC3C3728F7787A36BEDF2DF7E48AB3 ] C:\Windows\System32\powrprof.dll
17:09:46.0255 0180 C:\Windows\System32\powrprof.dll - ok
17:09:46.0255 0180 [ F4DAE6CBE6EF5992934EFEE3A1AAC6D1 ] C:\Windows\System32\atmfd.dll
17:09:46.0255 0180 C:\Windows\System32\atmfd.dll - ok
17:09:46.0255 0180 [ 04F8A9CC544B08634EC932E017434457 ] C:\Windows\System32\winlogonext.dll
17:09:46.0255 0180 C:\Windows\System32\winlogonext.dll - ok
17:09:46.0255 0180 [ A7B9FCF37B64E878310EC62E6DCB9059 ] C:\Windows\System32\KBDUS.DLL
17:09:46.0255 0180 C:\Windows\System32\KBDUS.DLL - ok
17:09:46.0255 0180 [ BC18914CB16B0A7BF5D103A65359FAE4 ] C:\Windows\System32\WlS0WndH.dll
17:09:46.0255 0180 C:\Windows\System32\WlS0WndH.dll - ok
17:09:46.0271 0180 [ A41455649982EE080BE5CA8A72153808 ] C:\Windows\System32\winsta.dll
17:09:46.0271 0180 C:\Windows\System32\winsta.dll - ok
17:09:46.0271 0180 [ BCECD25BCFFE2FC4498374BF2E572DBE ] C:\Windows\System32\sxs.dll
17:09:46.0271 0180 C:\Windows\System32\sxs.dll - ok
17:09:46.0271 0180 [ B83B06508CADBC204B3DAEECC395A571 ] C:\Windows\System32\cryptbase.dll
17:09:46.0271 0180 C:\Windows\System32\cryptbase.dll - ok
17:09:46.0271 0180 [ 876A3E1A4DB8720DF66D653BDBAD3E5D ] C:\Windows\System32\bcryptprimitives.dll
17:09:46.0271 0180 C:\Windows\System32\bcryptprimitives.dll - ok
17:09:46.0271 0180 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\Windows\System32\services.exe
17:09:46.0271 0180 C:\Windows\System32\services.exe - ok
17:09:46.0271 0180 [ 652D7E7BC8D6A909480FF2BBD0E46210 ] C:\Windows\System32\sspicli.dll
17:09:46.0271 0180 C:\Windows\System32\sspicli.dll - ok
17:09:46.0271 0180 [ F6F209DDB94959BA104FC8FC87C53759 ] C:\Windows\System32\lsass.exe
17:09:46.0271 0180 C:\Windows\System32\lsass.exe - ok
17:09:46.0287 0180 [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC ] C:\Windows\System32\scext.dll
17:09:46.0287 0180 C:\Windows\System32\scext.dll - ok
17:09:46.0287 0180 [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648 ] C:\Windows\System32\dabapi.dll
17:09:46.0287 0180 C:\Windows\System32\dabapi.dll - ok
17:09:46.0287 0180 [ 61BAE7A83A8650CFC976E8242CE2E4DE ] C:\Windows\System32\EventAggregation.dll
17:09:46.0287 0180 C:\Windows\System32\EventAggregation.dll - ok
17:09:46.0287 0180 [ 13E04B8546D3F0D9533DA880A3357F12 ] C:\Windows\System32\SPInf.dll
17:09:46.0287 0180 C:\Windows\System32\SPInf.dll - ok
17:09:46.0287 0180 [ AA9973F611039A02C8D1F71A65F8C775 ] C:\Windows\System32\srvcli.dll
17:09:46.0287 0180 C:\Windows\System32\srvcli.dll - ok
17:09:46.0287 0180 [ 0D85B43A59FB7A63782F6A8969B5BB43 ] C:\Windows\System32\sspisrv.dll
17:09:46.0287 0180 C:\Windows\System32\sspisrv.dll - ok
17:09:46.0287 0180 [ E18E9C9EBCFCA456B74BB6A80B1DB226 ] C:\Windows\System32\lsasrv.dll
17:09:46.0287 0180 C:\Windows\System32\lsasrv.dll - ok
17:09:46.0302 0180 [ C0F957C92D21EE003BF57DB6B8E77FE5 ] C:\Windows\System32\samsrv.dll
17:09:46.0302 0180 C:\Windows\System32\samsrv.dll - ok
17:09:46.0302 0180 [ 187926CDEFF85D00FB055FC1CA89C3FB ] C:\Windows\System32\bcrypt.dll
17:09:46.0302 0180 C:\Windows\System32\bcrypt.dll - ok
17:09:46.0302 0180 [ BED41BC388BAF9D31152E9B0B4F88360 ] C:\Windows\System32\ncrypt.dll
17:09:46.0302 0180 C:\Windows\System32\ncrypt.dll - ok
17:09:46.0302 0180 [ 5AF14A9AEB3092F4304F5E5EC4328B67 ] C:\Windows\System32\ntasn1.dll
17:09:46.0302 0180 C:\Windows\System32\ntasn1.dll - ok
17:09:46.0302 0180 [ FF6AE8D9D0F0264656DC55C7F60C1EE5 ] C:\Windows\System32\msprivs.dll
17:09:46.0302 0180 C:\Windows\System32\msprivs.dll - ok
17:09:46.0302 0180 [ EECF7FE667129D5B52B1CCD54CB9EEF2 ] C:\Windows\System32\netjoin.dll
17:09:46.0302 0180 C:\Windows\System32\netjoin.dll - ok
17:09:46.0318 0180 [ 7D4665483FF800B8972E517748726AB6 ] C:\Windows\System32\negoexts.dll
17:09:46.0318 0180 C:\Windows\System32\negoexts.dll - ok
17:09:46.0318 0180 [ 853037685DDFA140E8386BA66A096BF8 ] C:\Windows\System32\cryptdll.dll
17:09:46.0318 0180 C:\Windows\System32\cryptdll.dll - ok
17:09:46.0318 0180 [ 4D1E2DC40048C2E07CE4B2ADEFF6A020 ] C:\Windows\System32\kerberos.dll
17:09:46.0318 0180 C:\Windows\System32\kerberos.dll - ok
17:09:46.0318 0180 [ 51DA757F8E4B7FB3DCB14184304C9328 ] C:\Windows\System32\cryptsp.dll
17:09:46.0318 0180 C:\Windows\System32\cryptsp.dll - ok
17:09:46.0318 0180 [ 896B307E803430F67EC772807F9CC023 ] C:\Windows\System32\mswsock.dll
17:09:46.0318 0180 C:\Windows\System32\mswsock.dll - ok
17:09:46.0318 0180 [ 53DC027553EB54B3F84B07122DEEE0CC ] C:\Windows\System32\msv1_0.dll
17:09:46.0318 0180 C:\Windows\System32\msv1_0.dll - ok
17:09:46.0334 0180 [ E01B8CE6646E055D2B806AE4DD5A1202 ] C:\Windows\System32\netlogon.dll
17:09:46.0334 0180 C:\Windows\System32\netlogon.dll - ok
17:09:46.0334 0180 [ 5A2020DDCCBB0ED08BAC2355A075F303 ] C:\Windows\System32\dnsapi.dll
17:09:46.0334 0180 C:\Windows\System32\dnsapi.dll - ok
17:09:46.0334 0180 [ 66385FE1DDCEA70EDFB25F57C8507D7B ] C:\Windows\System32\logoncli.dll
17:09:46.0334 0180 C:\Windows\System32\logoncli.dll - ok
17:09:46.0334 0180 [ 64E2C7176D189E4A838D04F7C724CAE7 ] C:\Windows\System32\userenv.dll
17:09:46.0334 0180 C:\Windows\System32\userenv.dll - ok
17:09:46.0334 0180 [ 40B10EAB69F4087C60DC21B5C92A4702 ] C:\Windows\System32\TSpkg.dll
17:09:46.0334 0180 C:\Windows\System32\TSpkg.dll - ok
17:09:46.0334 0180 [ C51CF4D9DA57EA894967752090F6E2CF ] C:\Windows\System32\pku2u.dll
17:09:46.0334 0180 C:\Windows\System32\pku2u.dll - ok
17:09:46.0334 0180 [ D617071B11C99CFE5C4BD0FD82C0609C ] C:\Windows\System32\livessp.dll
17:09:46.0334 0180 C:\Windows\System32\livessp.dll - ok
17:09:46.0349 0180 [ 4CB3F50D37FD6CF3282D018011FE6E87 ] C:\Windows\System32\rsaenh.dll
17:09:46.0349 0180 C:\Windows\System32\rsaenh.dll - ok
17:09:46.0349 0180 [ 45E4A2FADA3579F6DC68F2A0998C3419 ] C:\Windows\System32\wdigest.dll
17:09:46.0349 0180 C:\Windows\System32\wdigest.dll - ok
17:09:46.0349 0180 [ 9D27BB60487764A781FE453F9DED8F1F ] C:\Windows\System32\schannel.dll
17:09:46.0349 0180 C:\Windows\System32\schannel.dll - ok
17:09:46.0349 0180 [ 5EBAF77D01D75CAFEF78B47840C75569 ] C:\Windows\System32\efslsaext.dll
17:09:46.0349 0180 C:\Windows\System32\efslsaext.dll - ok
17:09:46.0349 0180 [ 700BB3365D04B1606A03FB1D6B19C138 ] C:\Windows\System32\credssp.dll
17:09:46.0349 0180 C:\Windows\System32\credssp.dll - ok
17:09:46.0349 0180 [ 995F43F02C9C99A895A72AAF8310CFE1 ] C:\Windows\System32\dpapisrv.dll
17:09:46.0349 0180 C:\Windows\System32\dpapisrv.dll - ok
17:09:46.0365 0180 [ 1F1B8D07708E40E54C55B392C78ECCE2 ] C:\Windows\System32\scecli.dll
17:09:46.0365 0180 C:\Windows\System32\scecli.dll - ok
17:09:46.0365 0180 [ 7172D44ED18787964B43146863466672 ] C:\Windows\System32\scesrv.dll
17:09:46.0365 0180 C:\Windows\System32\scesrv.dll - ok
17:09:46.0365 0180 [ 1FCCB71ADD51C919D003DD0D95FB8992 ] C:\Windows\System32\authz.dll
17:09:46.0365 0180 C:\Windows\System32\authz.dll - ok
17:09:46.0365 0180 [ 296823744D624E98A46759AD58911FC3 ] C:\Windows\System32\netutils.dll
17:09:46.0365 0180 C:\Windows\System32\netutils.dll - ok
17:09:46.0365 0180 [ E4CA434F251681590D0538BC21C32D2F ] C:\Windows\System32\svchost.exe
17:09:46.0365 0180 C:\Windows\System32\svchost.exe - ok
17:09:46.0365 0180 [ 752A457320A946E03C3AA86C3ACD735E ] C:\Windows\System32\umpnpmgr.dll
17:09:46.0365 0180 C:\Windows\System32\umpnpmgr.dll - ok
17:09:46.0365 0180 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] C:\Windows\System32\umpo.dll
17:09:46.0365 0180 C:\Windows\System32\umpo.dll - ok
17:09:46.0380 0180 [ 9FF64147DB9078337C15F41A6043C74F ] C:\Windows\System32\umpoext.dll
17:09:46.0380 0180 C:\Windows\System32\umpoext.dll - ok
17:09:46.0380 0180 [ 85936A752E6BBE740D9FCF156E1AC5E1 ] C:\Windows\System32\hid.dll
17:09:46.0380 0180 C:\Windows\System32\hid.dll - ok
17:09:46.0380 0180 [ 45F36BBDFD50134488ECA96BB9231818 ] C:\Windows\System32\pcwum.dll
17:09:46.0380 0180 C:\Windows\System32\pcwum.dll - ok
17:09:46.0380 0180 [ 2788CA31DD51CF747D9C94772CE93E02 ] C:\Windows\System32\gpapi.dll
17:09:46.0380 0180 C:\Windows\System32\gpapi.dll - ok
17:09:46.0380 0180 [ 3FD5AE42EC87C6F532A931F96BE731DD ] C:\Windows\System32\rpcss.dll
17:09:46.0380 0180 C:\Windows\System32\rpcss.dll - ok
17:09:46.0380 0180 [ D894CBD7DA753C881EE8D5E33B583225 ] C:\Windows\System32\RpcEpMap.dll
17:09:46.0380 0180 C:\Windows\System32\RpcEpMap.dll - ok
17:09:46.0380 0180 [ A6207A88B596F726DE558425F3B7E592 ] C:\Windows\System32\bisrv.dll
17:09:46.0380 0180 C:\Windows\System32\bisrv.dll - ok
17:09:46.0396 0180 [ 0D86DEB93CC1D2B32CAF658439350241 ] C:\Windows\System32\RpcRtRemote.dll
17:09:46.0396 0180 C:\Windows\System32\RpcRtRemote.dll - ok
17:09:46.0396 0180 [ 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 ] C:\Windows\System32\psmsrv.dll
17:09:46.0396 0180 C:\Windows\System32\psmsrv.dll - ok
17:09:46.0396 0180 [ B6B69FF200F68888A7FAFDF204D00C91 ] C:\Windows\System32\lsm.dll
17:09:46.0396 0180 C:\Windows\System32\lsm.dll - ok
17:09:46.0396 0180 [ 9A1175EF7B9E297FDC0ADD33783EF8FF ] C:\Windows\System32\sysntfy.dll
17:09:46.0396 0180 C:\Windows\System32\sysntfy.dll - ok
17:09:46.0396 0180 [ E55B850489F154F85110AE3B436A40D6 ] C:\Windows\System32\wmsgapi.dll
17:09:46.0396 0180 C:\Windows\System32\wmsgapi.dll - ok
17:09:46.0396 0180 [ 3260D5308DD9AE069FE4881D65389A84 ] C:\Windows\System32\FirewallAPI.dll
17:09:46.0396 0180 C:\Windows\System32\FirewallAPI.dll - ok
17:09:46.0396 0180 [ 1596DE403BD75918317F724776487262 ] C:\Windows\System32\UXInit.dll
17:09:46.0396 0180 C:\Windows\System32\UXInit.dll - ok
17:09:46.0412 0180 [ 5B19A3ED994EB972FBD99AC18D0AEA13 ] C:\Windows\System32\devobj.dll
17:09:46.0412 0180 C:\Windows\System32\devobj.dll - ok
17:09:46.0412 0180 [ 0D50F3C3D50B878CEAE21B9BE3F6A638 ] C:\Windows\System32\kernel.appcore.dll
17:09:46.0412 0180 C:\Windows\System32\kernel.appcore.dll - ok
17:09:46.0412 0180 [ D65B1C952AEB864C2BAC7A770B17ECCE ] C:\Windows\System32\SystemEventsBrokerServer.dll
17:09:46.0412 0180 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
17:09:46.0412 0180 [ CD45E3FE736150D45EFDC9145DA53757 ] C:\Windows\System32\bi.dll
17:09:46.0412 0180 C:\Windows\System32\bi.dll - ok
17:09:46.0412 0180 [ F5ED5BA1243201C5078764F916B0387E ] C:\Windows\System32\dab.dll
17:09:46.0412 0180 C:\Windows\System32\dab.dll - ok
17:09:46.0412 0180 [ 3BE05B2695179F8F3CF1136544E46A14 ] C:\Windows\System32\uxtheme.dll
17:09:46.0412 0180 C:\Windows\System32\uxtheme.dll - ok
17:09:46.0427 0180 [ 5EF604B0698F4FA962778285E8C5F1F2 ] C:\Windows\System32\drivers\luafv.sys
17:09:46.0427 0180 C:\Windows\System32\drivers\luafv.sys - ok
17:09:46.0427 0180 [ 92ABF534E992C61730C24F003BBE192A ] C:\Windows\System32\dpapi.dll
17:09:46.0427 0180 C:\Windows\System32\dpapi.dll - ok
17:09:46.0427 0180 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] C:\Windows\System32\drivers\avgntflt.sys
17:09:46.0427 0180 C:\Windows\System32\drivers\avgntflt.sys - ok
17:09:46.0427 0180 [ 3710A8A7508B36AD96A97CE79E17403E ] C:\Windows\System32\LogonUI.exe
17:09:46.0427 0180 C:\Windows\System32\LogonUI.exe - ok
17:09:46.0427 0180 [ ABDD2AAA3C3842492FF11D68421D7648 ] C:\Windows\System32\apphelp.dll
17:09:46.0427 0180 C:\Windows\System32\apphelp.dll - ok
17:09:46.0427 0180 [ B4BBC6E4998042EF21437EED52EC0273 ] C:\Windows\System32\dwm.exe
17:09:46.0427 0180 C:\Windows\System32\dwm.exe - ok
17:09:46.0443 0180 [ 9E5FB30E22B37AC7A2CDB445F6AF71A1 ] C:\Windows\System32\dwmredir.dll
17:09:46.0443 0180 C:\Windows\System32\dwmredir.dll - ok
17:09:46.0443 0180 [ 4E905C48CA38770B2C62508E32DB974B ] C:\Windows\System32\dwmcore.dll
17:09:46.0443 0180 C:\Windows\System32\dwmcore.dll - ok
17:09:46.0443 0180 [ 1A818AF9E4AFC277C19082B9B644C5E7 ] C:\Windows\System32\dcomp.dll
17:09:46.0443 0180 C:\Windows\System32\dcomp.dll - ok
17:09:46.0443 0180 [ 9FF95D589B5626852CECA2444C5C5A58 ] C:\Windows\System32\authui.dll
17:09:46.0443 0180 C:\Windows\System32\authui.dll - ok
17:09:46.0443 0180 [ 5802776C98F842CA255F04067ACBB355 ] C:\Windows\System32\WindowsCodecs.dll
17:09:46.0443 0180 C:\Windows\System32\WindowsCodecs.dll - ok
17:09:46.0443 0180 [ 2F80A4B09F735EA880F4A836232613A2 ] C:\Windows\System32\SHCore.dll
17:09:46.0443 0180 C:\Windows\System32\SHCore.dll - ok
17:09:46.0443 0180 [ 6443D4EC94E47804389F323A272B5DC2 ] C:\Windows\System32\dui70.dll
17:09:46.0443 0180 C:\Windows\System32\dui70.dll - ok
17:09:46.0459 0180 [ 534677561FABA42D0EA52E054B8334D4 ] C:\Windows\System32\dwmapi.dll
17:09:46.0459 0180 C:\Windows\System32\dwmapi.dll - ok
17:09:46.0459 0180 [ 2527134BDF1302597BC6E531B3B53D2A ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll
17:09:46.0459 0180 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll - ok
17:09:46.0459 0180 [ 37A1B06AB3493CB276195B7358A6A805 ] C:\Windows\System32\avrt.dll
17:09:46.0459 0180 C:\Windows\System32\avrt.dll - ok
17:09:46.0459 0180 [ 4C66C21B6244A09DD671485D67D13DB9 ] C:\Windows\System32\duser.dll
17:09:46.0459 0180 C:\Windows\System32\duser.dll - ok
17:09:46.0459 0180 [ 18102CA0EB09DCFE520E69152590EE93 ] C:\Windows\System32\d3d11.dll
17:09:46.0459 0180 C:\Windows\System32\d3d11.dll - ok
17:09:46.0459 0180 [ 9860C19010CFB3F70DC6EDAEB1F1A5E2 ] C:\Windows\System32\wevtsvc.dll
17:09:46.0459 0180 C:\Windows\System32\wevtsvc.dll - ok
17:09:46.0459 0180 [ 8476172591FC115D931EA8DBBB4733FF ] C:\Windows\System32\SndVolSSO.dll
17:09:46.0459 0180 C:\Windows\System32\SndVolSSO.dll - ok
17:09:46.0474 0180 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] C:\Windows\System32\themeservice.dll
17:09:46.0474 0180 C:\Windows\System32\themeservice.dll - ok
17:09:46.0474 0180 [ BFD87A50EB3C37FABF6B1BB072D850E7 ] C:\Windows\System32\MMDevAPI.dll
17:09:46.0474 0180 C:\Windows\System32\MMDevAPI.dll - ok
17:09:46.0474 0180 [ 529011B16EF71630645DCFD195294332 ] C:\Windows\System32\slc.dll
17:09:46.0474 0180 C:\Windows\System32\slc.dll - ok
17:09:46.0474 0180 [ 59575523BCA5E8555208621719A32F62 ] C:\Windows\System32\dxgi.dll
17:09:46.0474 0180 C:\Windows\System32\dxgi.dll - ok
17:09:46.0474 0180 [ 389C4E97E3A498159B625A7A13EA4560 ] C:\Windows\System32\d3d10warp.dll
17:09:46.0474 0180 C:\Windows\System32\d3d10warp.dll - ok
17:09:46.0474 0180 [ 4FC7DF34EF1D1256CDAF8EFBBD029882 ] C:\Windows\System32\igdumdim64.dll
17:09:46.0474 0180 C:\Windows\System32\igdumdim64.dll - ok
17:09:46.0490 0180 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] C:\Windows\System32\profsvc.dll
17:09:46.0490 0180 C:\Windows\System32\profsvc.dll - ok
17:09:46.0490 0180 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] C:\Windows\System32\es.dll
17:09:46.0490 0180 C:\Windows\System32\es.dll - ok
17:09:46.0490 0180 [ 835D33D2EF07743028475486D0BA5696 ] C:\Windows\System32\wevtapi.dll
17:09:46.0490 0180 C:\Windows\System32\wevtapi.dll - ok
17:09:46.0490 0180 [ C77D967840F17DED03DA4BA9D3C40FDB ] C:\Windows\System32\profsvcext.dll
17:09:46.0490 0180 C:\Windows\System32\profsvcext.dll - ok
17:09:46.0490 0180 [ A5F79CC03396AAC79F79C1368DA08A95 ] C:\Windows\System32\ntdsapi.dll
17:09:46.0490 0180 C:\Windows\System32\ntdsapi.dll - ok
17:09:46.0490 0180 [ BA25717D6694B6C472129AD93893A03D ] C:\Windows\System32\netapi32.dll
17:09:46.0490 0180 C:\Windows\System32\netapi32.dll - ok
17:09:46.0490 0180 [ D60F99ECBFCE0C01BE4C5B06E09435DB ] C:\Windows\System32\atl.dll
17:09:46.0490 0180 C:\Windows\System32\atl.dll - ok
17:09:46.0505 0180 [ 0BDE0FCF597E9B65600121EF54FF8340 ] C:\Windows\System32\gpsvc.dll
17:09:46.0505 0180 C:\Windows\System32\gpsvc.dll - ok
17:09:46.0505 0180 [ F71E12EBA575EBD58B499BC7C39D0CD0 ] C:\Windows\System32\wkscli.dll
17:09:46.0505 0180 C:\Windows\System32\wkscli.dll - ok
17:09:46.0505 0180 [ 0341F92E52A8FF814671761179C103FB ] C:\Windows\System32\dsrole.dll
17:09:46.0505 0180 C:\Windows\System32\dsrole.dll - ok
17:09:46.0505 0180 [ E5DFD54D2DAA70738F581D1AC74C09CD ] C:\Windows\System32\nlaapi.dll
17:09:46.0505 0180 C:\Windows\System32\nlaapi.dll - ok
17:09:46.0505 0180 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] C:\Windows\System32\Sens.dll
17:09:46.0505 0180 C:\Windows\System32\Sens.dll - ok
17:09:46.0505 0180 [ 5E47B467A1CD51943C370BF781E1A4F1 ] C:\Windows\System32\taskschd.dll
17:09:46.0505 0180 C:\Windows\System32\taskschd.dll - ok
17:09:46.0521 0180 [ 8721643ED5447F245762DF0A976AB87A ] C:\Windows\System32\wtsapi32.dll
17:09:46.0521 0180 C:\Windows\System32\wtsapi32.dll - ok
17:09:46.0521 0180 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] C:\Windows\System32\AudioEndpointBuilder.dll
17:09:46.0521 0180 C:\Windows\System32\AudioEndpointBuilder.dll - ok
17:09:46.0521 0180 [ 183CA7699474FDE235853967D1DA4D9B ] C:\Windows\System32\FntCache.dll
17:09:46.0521 0180 C:\Windows\System32\FntCache.dll - ok
17:09:46.0521 0180 [ FD788C2D96EA91469A3C1D13E80D7473 ] C:\Windows\System32\mmcss.dll
17:09:46.0521 0180 C:\Windows\System32\mmcss.dll - ok
17:09:46.0521 0180 [ EF276593AD1BDF5A99032F62D6272848 ] C:\Windows\System32\audiosrv.dll
17:09:46.0521 0180 C:\Windows\System32\audiosrv.dll - ok
17:09:46.0521 0180 [ C09010B3680860131631F53E8FE7BAD8 ] C:\Windows\System32\drivers\lltdio.sys
17:09:46.0521 0180 C:\Windows\System32\drivers\lltdio.sys - ok
17:09:46.0521 0180 [ CF8B989D89D6807B887690F2CF24EFD9 ] C:\Windows\System32\drivers\nwifi.sys
17:09:46.0521 0180 C:\Windows\System32\drivers\nwifi.sys - ok
17:09:46.0537 0180 [ B832B35055BA2B7B4181861FF94D8E59 ] C:\Windows\System32\drivers\ndisuio.sys
17:09:46.0537 0180 C:\Windows\System32\drivers\ndisuio.sys - ok
17:09:46.0537 0180 [ 50D1A7BF4F35D3897657EAAFA377369D ] C:\Windows\System32\samlib.dll
17:09:46.0537 0180 C:\Windows\System32\samlib.dll - ok
17:09:46.0537 0180 [ 2D05A5508F4685412F2B89E8C2189ABC ] C:\Windows\System32\drivers\rspndr.sys
17:09:46.0537 0180 C:\Windows\System32\drivers\rspndr.sys - ok
17:09:46.0537 0180 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] C:\Windows\System32\nsisvc.dll
17:09:46.0537 0180 C:\Windows\System32\nsisvc.dll - ok
17:09:46.0537 0180 [ D113FAD71A5E67AA94B32A0F8828D265 ] C:\Windows\System32\lmhsvc.dll
17:09:46.0537 0180 C:\Windows\System32\lmhsvc.dll - ok
17:09:46.0537 0180 [ 0EFE4B5884A8032617826A4D76F80969 ] C:\Windows\System32\cryptsvc.dll
17:09:46.0537 0180 C:\Windows\System32\cryptsvc.dll - ok
17:09:46.0552 0180 [ ED8901D9AF4023CAD4738D3A4DF9645B ] C:\Windows\System32\crypttpmeksvc.dll
17:09:46.0552 0180 C:\Windows\System32\crypttpmeksvc.dll - ok
17:09:46.0552 0180 [ 0D12F606DE18A5739AF27F12A32C6A6E ] C:\Windows\System32\IPHLPAPI.DLL
17:09:46.0552 0180 C:\Windows\System32\IPHLPAPI.DLL - ok
17:09:46.0552 0180 [ 6AB51A84C2400F1346CCD6B65766DDCD ] C:\Windows\System32\cryptcatsvc.dll
17:09:46.0552 0180 C:\Windows\System32\cryptcatsvc.dll - ok
17:09:46.0552 0180 [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7 ] C:\Windows\System32\vssapi.dll
17:09:46.0552 0180 C:\Windows\System32\vssapi.dll - ok
17:09:46.0552 0180 [ DB9657253BD51C172B3262B9CD5463F3 ] C:\Windows\System32\nrpsrv.dll
17:09:46.0552 0180 C:\Windows\System32\nrpsrv.dll - ok
17:09:46.0552 0180 [ 772365894F14652D376B2E5030179DC9 ] C:\Windows\System32\wcmsvc.dll
17:09:46.0552 0180 C:\Windows\System32\wcmsvc.dll - ok
17:09:46.0552 0180 [ FD9683552D97156E0C5B948BDABA2569 ] C:\Windows\System32\winnsi.dll
17:09:46.0552 0180 C:\Windows\System32\winnsi.dll - ok
17:09:46.0568 0180 [ 941EDC6791A09356EEBEC309C1633CA2 ] C:\Windows\System32\vsstrace.dll
17:09:46.0568 0180 C:\Windows\System32\vsstrace.dll - ok
17:09:46.0568 0180 [ 7913D3236FC4EE7EB28B80361B1737BD ] C:\Windows\System32\bcd.dll
17:09:46.0568 0180 C:\Windows\System32\bcd.dll - ok
17:09:46.0568 0180 [ 5BAF7714E68F93515A937A3FA8587EF9 ] C:\Windows\System32\dnsrslvr.dll
17:09:46.0568 0180 C:\Windows\System32\dnsrslvr.dll - ok
17:09:46.0568 0180 [ 91E000AE0DA97BE6280376FDD477C476 ] C:\Windows\System32\FWPUCLNT.DLL
17:09:46.0568 0180 C:\Windows\System32\FWPUCLNT.DLL - ok
17:09:46.0568 0180 [ 46E0F92B51247ECCE5A837D613517182 ] C:\Windows\System32\samcli.dll
17:09:46.0568 0180 C:\Windows\System32\samcli.dll - ok
17:09:46.0568 0180 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] C:\Windows\System32\dhcpcore.dll
17:09:46.0568 0180 C:\Windows\System32\dhcpcore.dll - ok
17:09:46.0568 0180 [ 511238503CDDDCA563BB201EED26E7A0 ] C:\Windows\System32\wcmcsp.dll
17:09:46.0568 0180 C:\Windows\System32\wcmcsp.dll - ok
17:09:46.0584 0180 [ E475BEF9B460F4F678972F88C5FF50D2 ] C:\Windows\System32\wmiclnt.dll
17:09:46.0584 0180 C:\Windows\System32\wmiclnt.dll - ok
17:09:46.0584 0180 [ 1946308C7FF73E4CD47579F34F9F6E1B ] C:\Windows\System32\dhcpcore6.dll
17:09:46.0584 0180 C:\Windows\System32\dhcpcore6.dll - ok
17:09:46.0584 0180 [ 30D839DEBD6B0E89D13B9259C39B3FFA ] C:\Windows\System32\propsys.dll
17:09:46.0584 0180 C:\Windows\System32\propsys.dll - ok
17:09:46.0584 0180 [ 8D25DE2AC85BC807DC19D4DAF6AA6D27 ] C:\Windows\System32\dnsext.dll
17:09:46.0584 0180 C:\Windows\System32\dnsext.dll - ok
17:09:46.0584 0180 [ 3378C5241A1FE2F1D34BCC3ABC99F435 ] C:\Windows\System32\dhcpcsvc.dll
17:09:46.0584 0180 C:\Windows\System32\dhcpcsvc.dll - ok
17:09:46.0584 0180 [ D4CFAC89188EC0B887CFFCA7C80E495D ] C:\Windows\System32\dhcpcsvc6.dll
17:09:46.0584 0180 C:\Windows\System32\dhcpcsvc6.dll - ok
17:09:46.0599 0180 [ 936231534F4EE96BF752F66CB863788E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
17:09:46.0599 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe - ok
17:09:46.0599 0180 [ 94443607F11CA635408A89F598C16DDD ] C:\Windows\SysWOW64\KernelBase.dll
17:09:46.0599 0180 C:\Windows\SysWOW64\KernelBase.dll - ok
17:09:46.0599 0180 [ CDA8442EB61E9CB11ECC9A7E96740942 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll
17:09:46.0599 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll - ok
17:09:46.0599 0180 [ ACBA82820AF2B51B31969A0570A993F7 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:09:46.0599 0180 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:09:46.0599 0180 [ 0F843A2DBAFA67EECBAE0703E8CBF4BC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll
17:09:46.0599 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll - ok
17:09:46.0599 0180 [ E0164E0E15A3CFFA970C35A92AB53B72 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll
17:09:46.0599 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll - ok
17:09:46.0599 0180 [ 8A606C90276DCAC67F3D45A0A235ECD6 ] C:\Windows\SysWOW64\winmm.dll
17:09:46.0599 0180 C:\Windows\SysWOW64\winmm.dll - ok
17:09:46.0615 0180 [ DB530B4C83DC2439EA2397613C841AF4 ] C:\Windows\SysWOW64\version.dll
17:09:46.0615 0180 C:\Windows\SysWOW64\version.dll - ok
17:09:46.0615 0180 [ 564B43AE09C66E6D7D442B0B5C5925CD ] C:\Windows\SysWOW64\comctl32.dll
17:09:46.0615 0180 C:\Windows\SysWOW64\comctl32.dll - ok
17:09:46.0615 0180 [ 2294AB089A055F4621FDE40DDFAD4D7E ] C:\Windows\SysWOW64\rpcrt4.dll
17:09:46.0615 0180 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:09:46.0615 0180 [ 3510BDECCBCCFC97A5238BE65CE1EC42 ] C:\Windows\SysWOW64\wsock32.dll
17:09:46.0615 0180 C:\Windows\SysWOW64\wsock32.dll - ok
17:09:46.0615 0180 [ E0C156E4380CE5C64CFBF2650895038D ] C:\Windows\SysWOW64\shell32.dll
17:09:46.0615 0180 C:\Windows\SysWOW64\shell32.dll - ok
17:09:46.0615 0180 [ 949906B18AAE3C6AF975D8E4E9AFEC24 ] C:\Windows\System32\sppc.dll
17:09:46.0615 0180 C:\Windows\System32\sppc.dll - ok
17:09:46.0630 0180 [ 3B85C2DC57230C3EA71E2AF88EEB9DEC ] C:\Windows\System32\BCP47Langs.dll
17:09:46.0630 0180 C:\Windows\System32\BCP47Langs.dll - ok
17:09:46.0630 0180 [ 00349E7C08C18FA5917750FC84998D31 ] C:\Windows\System32\igd10iumd64.dll
17:09:46.0630 0180 C:\Windows\System32\igd10iumd64.dll - ok
17:09:46.0630 0180 [ 906664AF9FCE80DD4FDA268A3506FF13 ] C:\Windows\System32\DWrite.dll
17:09:46.0630 0180 C:\Windows\System32\DWrite.dll - ok
17:09:46.0630 0180 [ E521CCD352373B1825BEA80DEC2B7D97 ] C:\Windows\System32\oleacc.dll
17:09:46.0630 0180 C:\Windows\System32\oleacc.dll - ok
17:09:46.0630 0180 [ C72456BFFE941714CF05B0AA0BEE5B45 ] C:\Windows\SysWOW64\user32.dll
17:09:46.0630 0180 C:\Windows\SysWOW64\user32.dll - ok
17:09:46.0630 0180 [ 2898E39D1E0CB9074C18988A2F8B73D3 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:09:46.0630 0180 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:09:46.0630 0180 [ 80B7844BF20D44E1789EA6F46FC9CA9B ] C:\Windows\SysWOW64\advapi32.dll
17:09:46.0630 0180 C:\Windows\SysWOW64\advapi32.dll - ok
17:09:46.0646 0180 [ DD5B2173CFD5A32C66497B5C83D2F38D ] C:\Windows\SysWOW64\ole32.dll
17:09:46.0646 0180 C:\Windows\SysWOW64\ole32.dll - ok
17:09:46.0646 0180 [ A7DD65B8EBED0EEF4D415852A7BF232C ] C:\Windows\System32\igdusc64.dll
17:09:46.0646 0180 C:\Windows\System32\igdusc64.dll - ok
17:09:46.0646 0180 [ A956CC9503FD75F2372A6B673E1C07B2 ] C:\Windows\System32\UIAnimation.dll
17:09:46.0646 0180 C:\Windows\System32\UIAnimation.dll - ok
17:09:46.0646 0180 [ CF4C3815E577C7DC32BB8DB90F0B34C1 ] C:\Windows\SysWOW64\oleaut32.dll
17:09:46.0646 0180 C:\Windows\SysWOW64\oleaut32.dll - ok
17:09:46.0646 0180 [ D381B446466B468D27BF23A7A372D205 ] C:\Windows\System32\cngcredui.dll
17:09:46.0646 0180 C:\Windows\System32\cngcredui.dll - ok
17:09:46.0646 0180 [ 813292CC10F625BDAAEA76EABDECD82F ] C:\Windows\System32\winbrand.dll
17:09:46.0646 0180 C:\Windows\System32\winbrand.dll - ok
17:09:46.0646 0180 [ 46B984CDBE0E6C3F88AB89EB46638B42 ] C:\Windows\System32\AthCredentialProvider.dll
17:09:46.0646 0180 C:\Windows\System32\AthCredentialProvider.dll - ok
17:09:46.0662 0180 [ 5433EE6EE9AD64B8D45729815221866B ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll
17:09:46.0662 0180 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll - ok
17:09:46.0662 0180 [ 31D858C6F1C453AF516343758A4B2C69 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
17:09:46.0662 0180 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll - ok
17:09:46.0662 0180 [ DD02C0806C03506E03A24C984502B92B ] C:\Windows\System32\secur32.dll
17:09:46.0662 0180 C:\Windows\System32\secur32.dll - ok
17:09:46.0662 0180 [ 1144E34385970A8777AF5A7F8905A954 ] C:\Windows\System32\credui.dll
17:09:46.0662 0180 C:\Windows\System32\credui.dll - ok
17:09:46.0662 0180 [ 6CB5CFF7F48B8E226523BF2E849AA6E5 ] C:\Windows\SysWOW64\shlwapi.dll
17:09:46.0662 0180 C:\Windows\SysWOW64\shlwapi.dll - ok
17:09:46.0662 0180 [ EF5A9D7523E4530D2030D4EA2D90FEC3 ] C:\Windows\System32\uDWM.dll
17:09:46.0662 0180 C:\Windows\System32\uDWM.dll - ok
17:09:46.0677 0180 [ 64A5D80882CF405F515A1A1D3F136B6A ] C:\Windows\SysWOW64\nsi.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\nsi.dll - ok
17:09:46.0677 0180 [ 9FAC7693213C54B25D0DC48BC20686CF ] C:\Windows\SysWOW64\crypt32.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\crypt32.dll - ok
17:09:46.0677 0180 [ 3265F568468AB87950342764F6D77E78 ] C:\Windows\SysWOW64\winnsi.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\winnsi.dll - ok
17:09:46.0677 0180 [ E46E5AC5AFF7DB8E39E2405AD6083138 ] C:\Windows\SysWOW64\gdi32.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\gdi32.dll - ok
17:09:46.0677 0180 [ A5BD16CF06D4ECB6445BFCAC9C0A366F ] C:\Windows\SysWOW64\netapi32.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\netapi32.dll - ok
17:09:46.0677 0180 [ 52EF8037A22F0EB0083AA29EAC706495 ] C:\Windows\SysWOW64\psapi.dll
17:09:46.0677 0180 C:\Windows\SysWOW64\psapi.dll - ok
17:09:46.0677 0180 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
17:09:46.0677 0180 C:\Windows\System32\msvcr100.dll - ok
17:09:46.0693 0180 [ 6EBA4AA97BA64CEB363C1C8CE12214F9 ] C:\Windows\SysWOW64\msvcrt.dll
17:09:46.0693 0180 C:\Windows\SysWOW64\msvcrt.dll - ok
17:09:46.0693 0180 [ B232087914F1D97B79B712AF4CBF4AEF ] C:\Windows\SysWOW64\winmmbase.dll
17:09:46.0693 0180 C:\Windows\SysWOW64\winmmbase.dll - ok
17:09:46.0693 0180 [ 428AF7FA03FF09CE1CD373ABFEBAD8A3 ] C:\Windows\SysWOW64\ws2_32.dll
17:09:46.0693 0180 C:\Windows\SysWOW64\ws2_32.dll - ok
17:09:46.0693 0180 [ 6A5C1EA6E0B31B168FDE21A1FDC078C2 ] C:\Windows\System32\msimg32.dll
17:09:46.0693 0180 C:\Windows\System32\msimg32.dll - ok
17:09:46.0693 0180 [ 053472337FDD116BD010C88DB0C34DF1 ] C:\Windows\System32\d2d1.dll
17:09:46.0693 0180 C:\Windows\System32\d2d1.dll - ok
17:09:46.0693 0180 [ 2A3626E0B7F5A5317902EBDAF2B4CCE0 ] C:\Windows\SysWOW64\combase.dll
17:09:46.0693 0180 C:\Windows\SysWOW64\combase.dll - ok
17:09:46.0709 0180 [ 1CF1F62F2484C996DFB99D511E18D662 ] C:\Windows\SysWOW64\sspicli.dll
17:09:46.0709 0180 C:\Windows\SysWOW64\sspicli.dll - ok
17:09:46.0709 0180 [ 7101124E9C48FDBCD7C3DA690990010B ] C:\Windows\System32\bthprops.cpl
17:09:46.0709 0180 C:\Windows\System32\bthprops.cpl - ok
17:09:46.0709 0180 [ 89C84BF2D5A2A5DD867E046488B8DDE3 ] C:\Windows\System32\BluetoothApis.dll
17:09:46.0709 0180 C:\Windows\System32\BluetoothApis.dll - ok
17:09:46.0709 0180 [ 8685F31A9319FB0FA882C736783F5F5E ] C:\Windows\SysWOW64\msasn1.dll
17:09:46.0709 0180 C:\Windows\SysWOW64\msasn1.dll - ok
17:09:46.0709 0180 [ 3503F1397CB9BEE0D9684A7CA4C1C315 ] C:\Windows\SysWOW64\sechost.dll
17:09:46.0709 0180 C:\Windows\SysWOW64\sechost.dll - ok
17:09:46.0709 0180 [ 1547E5B7D2EF477D422EBE0FE58508CC ] C:\Windows\System32\AuthExt.dll
17:09:46.0709 0180 C:\Windows\System32\AuthExt.dll - ok
17:09:46.0709 0180 [ 0E9317A95DD3E678AFCD457DAAD01DA5 ] C:\Windows\SysWOW64\netutils.dll
17:09:46.0709 0180 C:\Windows\SysWOW64\netutils.dll - ok
17:09:46.0724 0180 [ A56878CE81935A6E3269C1B1669F9354 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:09:46.0724 0180 [ 522BF7088E69948A20DD5C89D359B2C4 ] C:\Windows\SysWOW64\srvcli.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\srvcli.dll - ok
17:09:46.0724 0180 [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9 ] C:\Windows\SysWOW64\wkscli.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\wkscli.dll - ok
17:09:46.0724 0180 [ 7E9AFBB34ACF6CDC4D596006CEEC74E5 ] C:\Windows\System32\BioCredProv.dll
17:09:46.0724 0180 C:\Windows\System32\BioCredProv.dll - ok
17:09:46.0724 0180 [ C70E652B7D507AAB25208E1602B29B89 ] C:\Windows\SysWOW64\cryptbase.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\cryptbase.dll - ok
17:09:46.0724 0180 [ E494AC90229C06ADB8ACC8D20A3F27CB ] C:\Windows\SysWOW64\devobj.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\devobj.dll - ok
17:09:46.0724 0180 [ 623825C1F07CC2C80C550FBD6CD3E65B ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:09:46.0724 0180 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:09:46.0740 0180 [ 8BDD004DC92D09CCD1F3922C59983019 ] C:\Windows\System32\winbio.dll
17:09:46.0740 0180 C:\Windows\System32\winbio.dll - ok
17:09:46.0740 0180 [ 9543FE667E9709640F1D9852BCF97A17 ] C:\Windows\System32\xmllite.dll
17:09:46.0740 0180 C:\Windows\System32\xmllite.dll - ok
17:09:46.0740 0180 [ F3C88687207F4F75773D288A6D4B61F7 ] C:\Windows\System32\certCredProvider.dll
17:09:46.0740 0180 C:\Windows\System32\certCredProvider.dll - ok
17:09:46.0740 0180 [ A76A00A5244DA1CE40DE8BFBAD1E2C4E ] C:\Windows\SysWOW64\samcli.dll
17:09:46.0740 0180 C:\Windows\SysWOW64\samcli.dll - ok
17:09:46.0740 0180 [ D6AE16663985EA7E81E17A1A810AC547 ] C:\Windows\SysWOW64\ntmarta.dll
17:09:46.0740 0180 C:\Windows\SysWOW64\ntmarta.dll - ok
17:09:46.0740 0180 [ EC2DB85DD72A3506D60B428A36F5E27E ] C:\Windows\System32\NetworkStatus.dll
17:09:46.0740 0180 C:\Windows\System32\NetworkStatus.dll - ok
17:09:46.0755 0180 [ 96F4101AA72C55A7554733A05A797088 ] C:\Windows\System32\wlidcredprov.dll
17:09:46.0755 0180 C:\Windows\System32\wlidcredprov.dll - ok
17:09:46.0755 0180 [ 119CE6CF93183EB144F5EA9A4A5A6AB3 ] C:\Windows\System32\rasplap.dll
17:09:46.0755 0180 C:\Windows\System32\rasplap.dll - ok
17:09:46.0755 0180 [ 4D8F3CEF04AFF366972ED6411DB2E0E0 ] C:\Windows\System32\rasapi32.dll
17:09:46.0755 0180 C:\Windows\System32\rasapi32.dll - ok
17:09:46.0755 0180 [ 950E87673E2AE1A536869BCC4E711D67 ] C:\Windows\System32\rtutils.dll
17:09:46.0755 0180 C:\Windows\System32\rtutils.dll - ok
17:09:46.0755 0180 [ 9FB85E37238FEA836E5E6779A93DA461 ] C:\Windows\System32\rasman.dll
17:09:46.0755 0180 C:\Windows\System32\rasman.dll - ok
17:09:46.0755 0180 [ 1CE1F2BBF92DF79CF8638FDA04DB4F10 ] C:\Windows\System32\shacct.dll
17:09:46.0755 0180 C:\Windows\System32\shacct.dll - ok
17:09:46.0755 0180 [ 5EC234995AFB7356A8B1A22C9244F243 ] C:\Windows\System32\wuaext.dll
17:09:46.0755 0180 C:\Windows\System32\wuaext.dll - ok
17:09:46.0771 0180 [ 2244C13A861137EE7D518607592C221D ] C:\Windows\System32\Windows.UI.Immersive.dll
17:09:46.0771 0180 C:\Windows\System32\Windows.UI.Immersive.dll - ok
17:09:46.0771 0180 [ 9D519CCC49EBEF2AB0F3282C097B141B ] C:\Windows\SysWOW64\cryptsp.dll
17:09:46.0771 0180 C:\Windows\SysWOW64\cryptsp.dll - ok
17:09:46.0771 0180 [ F22BC2C1BD805F874540B7595F0C804D ] C:\Windows\System32\IDStore.dll
17:09:46.0771 0180 C:\Windows\System32\IDStore.dll - ok
17:09:46.0771 0180 [ 68516BC692B58959933B5029747F2A2A ] C:\Windows\SysWOW64\rsaenh.dll
17:09:46.0771 0180 C:\Windows\SysWOW64\rsaenh.dll - ok
17:09:46.0771 0180 [ 04B39CF60E0E379D400750DAB02D12DB ] C:\Windows\System32\InputSwitch.dll
17:09:46.0771 0180 C:\Windows\System32\InputSwitch.dll - ok
17:09:46.0771 0180 [ B832E4D96463DBF77FC3AC35EC6390B3 ] C:\Windows\SysWOW64\bcrypt.dll
17:09:46.0771 0180 C:\Windows\SysWOW64\bcrypt.dll - ok
17:09:46.0787 0180 [ 58F28103889817C93E5B5AFABC87E709 ] C:\Windows\System32\wbiosrvc.dll
17:09:46.0787 0180 C:\Windows\System32\wbiosrvc.dll - ok
17:09:46.0787 0180 [ 88244F5A24F9CD98E74472FDFA827FA2 ] C:\Windows\SysWOW64\ncrypt.dll
17:09:46.0787 0180 C:\Windows\SysWOW64\ncrypt.dll - ok
17:09:46.0787 0180 [ 13B9417E93437480E168669EDE36298B ] C:\Windows\SysWOW64\ntasn1.dll
17:09:46.0787 0180 C:\Windows\SysWOW64\ntasn1.dll - ok
17:09:46.0787 0180 [ 1CD1B2F038D2697EA7AA7127551ED429 ] C:\Windows\System32\wlidres.dll
17:09:46.0787 0180 C:\Windows\System32\wlidres.dll - ok
17:09:46.0787 0180 [ 01D789D576998E81FC71CA12C0AF5B10 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
17:09:46.0787 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll - ok
17:09:46.0787 0180 [ BA247631B40720DAEA89BEFAA4632EB6 ] C:\Windows\System32\PhotoMetadataHandler.dll
17:09:46.0787 0180 C:\Windows\System32\PhotoMetadataHandler.dll - ok
17:09:46.0787 0180 [ DF830438D15AAC311C594E47C5AB0F20 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0407.dll
17:09:46.0787 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0407.dll - ok
17:09:46.0802 0180 [ 03CC7C6D00212DF6D6CB5C93432410ED ] C:\Windows\System32\UIAutomationCore.dll
17:09:46.0802 0180 C:\Windows\System32\UIAutomationCore.dll - ok
17:09:46.0802 0180 [ 059D36ABEC9F2D3F677B8EA9240405CD ] C:\Windows\System32\batmeter.dll
17:09:46.0802 0180 C:\Windows\System32\batmeter.dll - ok
17:09:46.0802 0180 [ 0094F3A3E290B60A3DA2B68A5A85FDD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll
17:09:46.0802 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll - ok
17:09:46.0802 0180 [ 507E28FA1BC0D00B5D33EB9D4AF44642 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32_cp.dll
17:09:46.0802 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32_cp.dll - ok
17:09:46.0802 0180 [ 728D3349FAB251B0265EFA55C67DCA2D ] C:\Windows\System32\wlansvc.dll
17:09:46.0802 0180 C:\Windows\System32\wlansvc.dll - ok
17:09:46.0802 0180 [ B6757FE520137D6FB93459D784A40DE9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll
17:09:46.0802 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll - ok
17:09:46.0818 0180 [ 83BE8D0CB7491589F35BC14E65BB41D7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0407.dll
17:09:46.0818 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0407.dll - ok
17:09:46.0818 0180 [ E6B1B10184485EDFEF126204A33D31B0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll
17:09:46.0818 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll - ok
17:09:46.0818 0180 [ AA21423B380157AFAA2F82E96D910E0F ] C:\Windows\SysWOW64\kernel.appcore.dll
17:09:46.0818 0180 C:\Windows\SysWOW64\kernel.appcore.dll - ok
17:09:46.0818 0180 [ 59C04629522B5815BF39F8A310FD2C81 ] C:\Windows\System32\onex.dll
17:09:46.0818 0180 C:\Windows\System32\onex.dll - ok
17:09:46.0818 0180 [ FE04048C1D11EEC3FA40982F78CA0178 ] C:\Windows\System32\wlanmsm.dll
17:09:46.0818 0180 C:\Windows\System32\wlanmsm.dll - ok
17:09:46.0818 0180 [ 8E54F32766CFFC9112800533D721236C ] C:\Windows\System32\wlansec.dll
17:09:46.0818 0180 C:\Windows\System32\wlansec.dll - ok
17:09:46.0834 0180 [ 2E226C2289C36E8A21854FC3A862757E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll
17:09:46.0834 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll - ok
17:09:46.0834 0180 [ F5946BC89C6D350ADADDA9676DF28CF3 ] C:\Windows\System32\eappprxy.dll
17:09:46.0834 0180 C:\Windows\System32\eappprxy.dll - ok
17:09:46.0834 0180 [ 0ED108A046CB2679B76FE9BD0C55E350 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll
17:09:46.0834 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll - ok
17:09:46.0834 0180 [ A16B51596EEBA01E6B90CD15BB17965B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll
17:09:46.0834 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll - ok
17:09:46.0834 0180 [ 3B04158DE50AB283B3A5FB5E70C48FB4 ] C:\Windows\System32\wlansvcpal.dll
17:09:46.0834 0180 C:\Windows\System32\wlansvcpal.dll - ok
17:09:46.0834 0180 [ AC867DEC5E0E12BA342BF9B00D93F2B6 ] C:\Windows\System32\Windows.Globalization.dll
17:09:46.0834 0180 C:\Windows\System32\Windows.Globalization.dll - ok
17:09:46.0834 0180 [ 938A9E66272CA6FE4AD7AD9620F5A300 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll
17:09:46.0834 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll - ok
17:09:46.0849 0180 [ D9D2CC3B8C41B59B1E964D0F89CCA330 ] C:\Windows\System32\msxml6.dll
17:09:46.0849 0180 C:\Windows\System32\msxml6.dll - ok
17:09:46.0849 0180 [ 06360BE7C8FB76B80032711FB0B4CA0B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll
17:09:46.0849 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll - ok
17:09:46.0849 0180 [ 0DF0FA32C2841537B0610B4179320A3A ] C:\Windows\System32\TetheringIeProvider.dll
17:09:46.0849 0180 C:\Windows\System32\TetheringIeProvider.dll - ok
17:09:46.0849 0180 [ 9F309FB487DBA2D53EEC8418029D1784 ] C:\Windows\System32\WiFiDisplay.dll
17:09:46.0849 0180 C:\Windows\System32\WiFiDisplay.dll - ok
17:09:46.0849 0180 [ 4607B84C62D4537B0B7D69B217B8A999 ] C:\Windows\System32\wlanapi.dll
17:09:46.0849 0180 C:\Windows\System32\wlanapi.dll - ok
17:09:46.0849 0180 [ 3095D55353A22224E7972F9B552AA69D ] C:\Windows\System32\msftedit.dll
17:09:46.0849 0180 C:\Windows\System32\msftedit.dll - ok
17:09:46.0865 0180 [ 682C1B06C4E00A9DC995E4B2FD626CB2 ] C:\Windows\System32\wlgpclnt.dll
17:09:46.0865 0180 C:\Windows\System32\wlgpclnt.dll - ok
17:09:46.0865 0180 [ 6234321BF60C3CC6D344D3F1B10F0E7C ] C:\Windows\System32\l2gpstore.dll
17:09:46.0865 0180 C:\Windows\System32\l2gpstore.dll - ok
17:09:46.0865 0180 [ 2988ACC988D3FC47447D368CB5450162 ] C:\Windows\System32\wlanhlp.dll
17:09:46.0865 0180 C:\Windows\System32\wlanhlp.dll - ok
17:09:46.0865 0180 [ 7A1BAB2BDCF59A506588DDF58ED43E21 ] C:\Windows\System32\globinputhost.dll
17:09:46.0865 0180 C:\Windows\System32\globinputhost.dll - ok
17:09:46.0865 0180 [ 4897A55EEBC1D3F6DFEB1CD94C241F48 ] C:\Windows\System32\SubscriptionMgr.dll
17:09:46.0865 0180 C:\Windows\System32\SubscriptionMgr.dll - ok
17:09:46.0865 0180 [ 775965CF80FA406DEF00A1415372E82A ] C:\Windows\System32\ninput.dll
17:09:46.0865 0180 C:\Windows\System32\ninput.dll - ok
17:09:46.0865 0180 [ 01DE604AE86054272C967B52BC670588 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll
17:09:46.0865 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll - ok
17:09:46.0880 0180 [ 9EE220DEE3DA294D3815E2D4EB56A7D9 ] C:\Windows\SysWOW64\wtsapi32.dll
17:09:46.0880 0180 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:09:46.0880 0180 [ 4730B48DAAE52EC39BBB0F623EBEF1B5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0407.dll
17:09:46.0880 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0407.dll - ok
17:09:46.0880 0180 [ DED0B4D6D79EFB57794A91AC91BA4E83 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll
17:09:46.0880 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll - ok
17:09:46.0880 0180 [ A7DDBD5DA334F3BA342EB828012FD1A5 ] C:\Windows\SysWOW64\clbcatq.dll
17:09:46.0880 0180 C:\Windows\SysWOW64\clbcatq.dll - ok
17:09:46.0880 0180 [ 1587F0517603793588035EACA5B3450F ] C:\Windows\SysWOW64\msxml4.dll
17:09:46.0880 0180 C:\Windows\SysWOW64\msxml4.dll - ok
17:09:46.0880 0180 [ 9BF990B5575B71B44A35D1B3B465D8D0 ] C:\Windows\SysWOW64\rasapi32.dll
17:09:46.0880 0180 C:\Windows\SysWOW64\rasapi32.dll - ok
17:09:46.0896 0180 [ BD91E0E0B09D89E4932DEE4FC23E2BD0 ] C:\Windows\SysWOW64\rasman.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\rasman.dll - ok
17:09:46.0896 0180 [ AAFEAB4FC9D70253F8C7E353E879E8A2 ] C:\Windows\SysWOW64\wininet.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\wininet.dll - ok
17:09:46.0896 0180 [ BD5E6C894130E7BB7ECE9A0925383068 ] C:\Windows\SysWOW64\iertutil.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\iertutil.dll - ok
17:09:46.0896 0180 [ CC877931A205C47710456FFEE0BEF29D ] C:\Windows\SysWOW64\profapi.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\profapi.dll - ok
17:09:46.0896 0180 [ B715110E1F4A0F0F3561E928A3617053 ] C:\Windows\SysWOW64\rtutils.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\rtutils.dll - ok
17:09:46.0896 0180 [ FCA4D9D06C44BA66878DD01D132CD816 ] C:\Windows\SysWOW64\SHCore.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\SHCore.dll - ok
17:09:46.0896 0180 [ E947B141DAAC7CBCD7C59FE2E63AFBBE ] C:\Windows\SysWOW64\wintrust.dll
17:09:46.0896 0180 C:\Windows\SysWOW64\wintrust.dll - ok
17:09:46.0912 0180 [ CBCA90CF2ACE96038571ED0A7BD3D756 ] C:\Windows\System32\esent.dll
17:09:46.0912 0180 C:\Windows\System32\esent.dll - ok
17:09:46.0912 0180 [ 73E50B6C22F18C6FBC4553B9ED983B9B ] C:\Windows\SysWOW64\gpapi.dll
17:09:46.0912 0180 C:\Windows\SysWOW64\gpapi.dll - ok
17:09:46.0912 0180 [ 1BA05E6A8212AFBA262635D5131D4CA9 ] C:\Windows\SysWOW64\cryptnet.dll
17:09:46.0912 0180 C:\Windows\SysWOW64\cryptnet.dll - ok
17:09:46.0912 0180 [ D4E028B34B8069DF1906EB9ADAF285FA ] C:\Windows\SysWOW64\Wldap32.dll
17:09:46.0912 0180 C:\Windows\SysWOW64\Wldap32.dll - ok
17:09:46.0912 0180 [ 5B4FF009D24F73F6FC6EB4870A789843 ] C:\Windows\SysWOW64\mswsock.dll
17:09:46.0912 0180 C:\Windows\SysWOW64\mswsock.dll - ok
17:09:46.0912 0180 [ 8EAC2D7D6EF8346A2A8654FE940413E6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll
17:09:46.0912 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll - ok
17:09:46.0927 0180 [ 31915E1705828AB5DD405D2873E7678B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\av_loc0407.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\av_loc0407.dll - ok
17:09:46.0927 0180 [ 918D53BC3E65DA1A6629EA5253062253 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll - ok
17:09:46.0927 0180 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll - ok
17:09:46.0927 0180 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll - ok
17:09:46.0927 0180 [ 3220C7768891C14C21447B8BA7619BB3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll - ok
17:09:46.0927 0180 [ DA47CA990F00EB3EDD3B53E3E7761A14 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll
17:09:46.0927 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll - ok
17:09:46.0927 0180 [ 138A81702EEC01DC703541710F801172 ] C:\Windows\SysWOW64\fltLib.dll
17:09:46.0927 0180 C:\Windows\SysWOW64\fltLib.dll - ok
17:09:46.0943 0180 [ 2A2104AF3487D47A8B577A9BE0665D33 ] C:\Windows\SysWOW64\logoncli.dll
17:09:46.0943 0180 C:\Windows\SysWOW64\logoncli.dll - ok
17:09:46.0943 0180 [ 4FC71D0DEC6421EE9620A8B02F2F7F31 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll
17:09:46.0943 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll - ok
17:09:46.0943 0180 [ 829A27486CAFCD21DC6059B0ECD5A166 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll
17:09:46.0943 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll - ok
17:09:46.0943 0180 [ 0D190D8B4B20446BE6299AC734DFADF1 ] C:\Windows\System32\shsvcs.dll
17:09:46.0943 0180 C:\Windows\System32\shsvcs.dll - ok
17:09:46.0943 0180 [ 8B623D50C30C128C027602637E6EB7F3 ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
17:09:46.0943 0180 C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
17:09:46.0943 0180 [ E572557FD4CA855642A0B26CC9F3C788 ] C:\Windows\SysWOW64\secur32.dll
17:09:46.0943 0180 C:\Windows\SysWOW64\secur32.dll - ok
17:09:46.0959 0180 [ AA2BE96A5124A8789FC9267BE5F3BAD0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll
17:09:46.0959 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll - ok
17:09:46.0959 0180 [ C386F4A32947092776A8E4EB88BFCD9E ] C:\Windows\System32\fveapi.dll
17:09:46.0959 0180 C:\Windows\System32\fveapi.dll - ok
17:09:46.0959 0180 [ 5D7148704D8715482695A534887359FA ] C:\Windows\SysWOW64\mpr.dll
17:09:46.0959 0180 C:\Windows\SysWOW64\mpr.dll - ok
17:09:46.0959 0180 [ D50705D14E8C876A47FF14B999B4A6C3 ] C:\Windows\System32\fvecerts.dll
17:09:46.0959 0180 C:\Windows\System32\fvecerts.dll - ok
17:09:46.0959 0180 [ 888A30EAB651502352C18745367FD179 ] C:\Windows\System32\schedsvc.dll
17:09:46.0959 0180 C:\Windows\System32\schedsvc.dll - ok
17:09:46.0959 0180 [ 984B3226C7A4CFC9FE91D7BACA133D8D ] C:\Windows\SysWOW64\winhttp.dll
17:09:46.0959 0180 C:\Windows\SysWOW64\winhttp.dll - ok
17:09:46.0959 0180 [ D229F8699331DE4F5E812CEC5701031D ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:09:46.0959 0180 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:09:46.0974 0180 [ 8F36F399F9EFBA4FA7B6A4E5305817EA ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:09:46.0974 0180 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:09:46.0974 0180 [ 0379D09E8D407F5BBE07C9D06DDA783D ] C:\Windows\SysWOW64\mlang.dll
17:09:46.0974 0180 C:\Windows\SysWOW64\mlang.dll - ok
17:09:46.0974 0180 [ 664A1DCFAD67C9A17B9BCA911C6457C5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl
17:09:46.0974 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl - ok
17:09:46.0974 0180 [ 04EE1AD7E9277EC632C390DFEECF4C11 ] C:\Windows\SysWOW64\inetcomm.dll
17:09:46.0974 0180 C:\Windows\SysWOW64\inetcomm.dll - ok
17:09:46.0974 0180 [ 39435F4007F1CEDEF04356892B18D174 ] C:\Windows\System32\ubpm.dll
17:09:46.0974 0180 C:\Windows\System32\ubpm.dll - ok
17:09:46.0974 0180 [ E04863DDDA4D5386895D316B9A26958F ] C:\Windows\System32\ktmw32.dll
17:09:46.0974 0180 C:\Windows\System32\ktmw32.dll - ok
17:09:46.0974 0180 [ 3775C2671260284E34100B5D4A741807 ] C:\Windows\SysWOW64\msoert2.dll
17:09:46.0974 0180 C:\Windows\SysWOW64\msoert2.dll - ok
17:09:46.0990 0180 [ 5B9290D5540BDC461500DB84FC3606F0 ] C:\Windows\System32\CSystemEventsBrokerClient.dll
17:09:46.0990 0180 C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
17:09:46.0990 0180 [ 204A549F6AA4DC2F4CAF371FAA16747A ] C:\Windows\SysWOW64\oleacc.dll
17:09:46.0990 0180 C:\Windows\SysWOW64\oleacc.dll - ok
17:09:46.0990 0180 [ 68DEABD4CB0CF3920D3B6CCAA36173BC ] C:\Windows\System32\taskcomp.dll
17:09:46.0990 0180 C:\Windows\System32\taskcomp.dll - ok
17:09:46.0990 0180 [ 1E10B23560C34A90A0FA6ECD26E8565F ] C:\Windows\System32\ProximityService.dll
17:09:46.0990 0180 C:\Windows\System32\ProximityService.dll - ok
17:09:46.0990 0180 [ 02C6DF84328E271C3F844E477CB25169 ] C:\Windows\System32\ProximityServicePal.dll
17:09:46.0990 0180 C:\Windows\System32\ProximityServicePal.dll - ok
17:09:46.0990 0180 [ 8325177BBD77C2DAD43ED031A4EAE843 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll
17:09:46.0990 0180 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll - ok
17:09:47.0005 0180 [ 02E72187BE9329E4D9255BC5AE6D8286 ] C:\Windows\System32\ProximityCommon.dll
17:09:47.0005 0180 C:\Windows\System32\ProximityCommon.dll - ok
17:09:47.0005 0180 [ 1EE65FEAA57FBC2050AE153D07C8DC3F ] C:\Windows\System32\ProximityCommonPal.dll
17:09:47.0005 0180 C:\Windows\System32\ProximityCommonPal.dll - ok
17:09:47.0005 0180 [ EF34D2A2B64E5D7330F0926E8B826464 ] C:\Windows\SysWOW64\INETRES.dll
17:09:47.0005 0180 C:\Windows\SysWOW64\INETRES.dll - ok
17:09:47.0005 0180 [ 070B4DE2729515E9F22E4AAFD7B2497C ] C:\Windows\System32\ntmarta.dll
17:09:47.0005 0180 C:\Windows\System32\ntmarta.dll - ok
17:09:47.0005 0180 [ 3502776E366C913D49C0DA928AE3E6CB ] C:\Windows\System32\drivers\http.sys
17:09:47.0005 0180 C:\Windows\System32\drivers\http.sys - ok
17:09:47.0005 0180 [ 75F06513C384B2B999FAD8375FC63766 ] C:\Windows\SysWOW64\mapi32.dll
17:09:47.0005 0180 C:\Windows\SysWOW64\mapi32.dll - ok
17:09:47.0005 0180 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] C:\Windows\System32\spoolsv.exe
17:09:47.0005 0180 C:\Windows\System32\spoolsv.exe - ok
17:09:47.0021 0180 [ EDE582496D0CADEE35EA2B1076FF19A8 ] C:\Windows\System32\taskhost.exe
17:09:47.0021 0180 C:\Windows\System32\taskhost.exe - ok
17:09:47.0021 0180 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:09:47.0021 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
17:09:47.0021 0180 [ 475D4A7E654A89B3665FCCF4D4BE75D6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll
17:09:47.0021 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll - ok
17:09:47.0021 0180 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
17:09:47.0021 0180 C:\Windows\SysWOW64\msvcp100.dll - ok
17:09:47.0021 0180 [ DFD3F397BE9B1EE411A25DE34B6D58CE ] C:\Windows\SysWOW64\userenv.dll
17:09:47.0021 0180 C:\Windows\SysWOW64\userenv.dll - ok
17:09:47.0021 0180 [ 1387364237A13E9C12C184982138C52B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl
17:09:47.0021 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl - ok
17:09:47.0037 0180 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
17:09:47.0037 0180 C:\Windows\SysWOW64\msvcr100.dll - ok
17:09:47.0037 0180 [ 0C014A85FB1CF81EE186224281CAAC6F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl
17:09:47.0037 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl - ok
17:09:47.0037 0180 [ 0FE3CC41F2DF73529A0B2B76C1D85A0E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll
17:09:47.0037 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll - ok
17:09:47.0037 0180 [ 343CB2631CEAD5A6EC56FFA69937939F ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
17:09:47.0037 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
17:09:47.0037 0180 [ 86B4B70CE0332753CE18054DF0CC0896 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll
17:09:47.0037 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll - ok
17:09:47.0037 0180 [ 098A6AC9EC3D8958F2404073E488945A ] C:\Windows\System32\netcfgx.dll
17:09:47.0037 0180 C:\Windows\System32\netcfgx.dll - ok
17:09:47.0052 0180 [ 46065A1F1CA90E084E3217C883F69D4D ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
17:09:47.0052 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
17:09:47.0052 0180 [ BA0655E1856A16A14C9BC1FB27B111B9 ] C:\Windows\System32\TpmTasks.dll
17:09:47.0052 0180 C:\Windows\System32\TpmTasks.dll - ok
17:09:47.0052 0180 [ 0E53F1FB5A603B984DC3921D2FF76662 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
17:09:47.0052 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
17:09:47.0052 0180 [ 0D0CD1020D821F4D2AC95280213D2F2E ] C:\Windows\System32\aepic.dll
17:09:47.0052 0180 C:\Windows\System32\aepic.dll - ok
17:09:47.0052 0180 [ D1A3B6C2F8F39EC7F75D03740A8112A1 ] C:\Windows\System32\tbs.dll
17:09:47.0052 0180 C:\Windows\System32\tbs.dll - ok
17:09:47.0052 0180 [ F4C464208E81373B142FB87926EE8D71 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll
17:09:47.0052 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll - ok
17:09:47.0068 0180 [ 770D71782A90BE9C48C4310C5C35E25B ] C:\Windows\System32\sfc_os.dll
17:09:47.0068 0180 C:\Windows\System32\sfc_os.dll - ok
17:09:47.0068 0180 [ 3B03178E65E6903328644E329B24D8B2 ] C:\Windows\System32\version.dll
17:09:47.0068 0180 C:\Windows\System32\version.dll - ok
17:09:47.0068 0180 [ 6468B696C65775D51A06615830E0E79D ] C:\Windows\System32\BFE.DLL
17:09:47.0068 0180 C:\Windows\System32\BFE.DLL - ok
17:09:47.0068 0180 [ CDFC746E798A7AEFED4B996F75C9F8E8 ] C:\Windows\SysWOW64\wscisvif.dll
17:09:47.0068 0180 C:\Windows\SysWOW64\wscisvif.dll - ok
17:09:47.0068 0180 [ 18490AD7AB6320CDC0C04B137B385DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
17:09:47.0068 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
17:09:47.0068 0180 [ 6B4FFFDDC618FCF64473CAA86E305697 ] C:\Windows\System32\drivers\bowser.sys
17:09:47.0068 0180 C:\Windows\System32\drivers\bowser.sys - ok
17:09:47.0068 0180 [ 1147C3047C28435826EDCE83C1CD8096 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
17:09:47.0068 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
17:09:47.0084 0180 [ B539CFD39BB40964BD36AE037AB0887D ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
17:09:47.0084 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
17:09:47.0084 0180 [ 5D4BE903C0A693DC0CD2D441DBEBAE00 ] C:\Windows\SysWOW64\wscapi.dll
17:09:47.0084 0180 C:\Windows\SysWOW64\wscapi.dll - ok
17:09:47.0084 0180 [ 2402C221CCC47599E8D39118473E1457 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll
17:09:47.0084 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll - ok
17:09:47.0084 0180 [ 6614EDFCF4AFE27E46FC0C1A5EC1269D ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
17:09:47.0084 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
17:09:47.0084 0180 [ 53F5464997776F0AD1F68798787D3537 ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
17:09:47.0084 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
17:09:47.0084 0180 [ 9F6DCD344AD9BBD91E9E0B8E84CEC15F ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
17:09:47.0084 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
17:09:47.0099 0180 [ F170510BE94CF45E3C6274578F6204B2 ] C:\Windows\System32\drivers\mpsdrv.sys
17:09:47.0099 0180 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:09:47.0099 0180 [ 79B6F3DF7CDFD12159871FF71464F0CE ] C:\Windows\System32\drivers\mrxsmb.sys
17:09:47.0099 0180 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:09:47.0099 0180 [ D186C5844393252147BE934F3871DB7A ] C:\Windows\System32\MPSSVC.dll
17:09:47.0099 0180 C:\Windows\System32\MPSSVC.dll - ok
17:09:47.0099 0180 [ AAF56E4E84D35411B4E446C445732DFE ] C:\Windows\System32\drivers\mrxsmb20.sys
17:09:47.0099 0180 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:09:47.0099 0180 [ 0FF358906F2333B26267BC0064DC02C4 ] C:\Windows\SysWOW64\urlmon.dll
17:09:47.0099 0180 C:\Windows\SysWOW64\urlmon.dll - ok
17:09:47.0099 0180 [ 9B95FCB49595A869F27034916382FE57 ] C:\Windows\System32\adhapi.dll
17:09:47.0099 0180 C:\Windows\System32\adhapi.dll - ok
17:09:47.0099 0180 [ 9DF590DEA96B6756CF8D73C2525797BE ] C:\Windows\System32\wfapigp.dll
17:09:47.0099 0180 C:\Windows\System32\wfapigp.dll - ok
17:09:47.0115 0180 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] C:\Windows\System32\wkssvc.dll
17:09:47.0115 0180 C:\Windows\System32\wkssvc.dll - ok
17:09:47.0115 0180 [ 160A1B5BA583A8B73835EA2305351663 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll
17:09:47.0115 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll - ok
17:09:47.0115 0180 [ 27CAF94BD894A03AAB29128D0B53464C ] C:\Windows\SysWOW64\comsvcs.dll
17:09:47.0115 0180 C:\Windows\SysWOW64\comsvcs.dll - ok
17:09:47.0115 0180 [ FC4A2DDDF5AE3CCBB1E309F5AB4599A4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll
17:09:47.0115 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll - ok
17:09:47.0115 0180 [ C5F8007EAF82B13F3807503B81B38CB4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll
17:09:47.0115 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll - ok
17:09:47.0115 0180 [ F2629AF810E939672173CB17ECAC1667 ] C:\Windows\System32\MrmCoreR.dll
17:09:47.0115 0180 C:\Windows\System32\MrmCoreR.dll - ok
17:09:47.0130 0180 [ 46E42A28B182E4268D9155B0484B08FF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll
17:09:47.0130 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll - ok
17:09:47.0130 0180 [ BA0A21F761CE5001DF712C51BF11F953 ] C:\Windows\System32\urlmon.dll
17:09:47.0130 0180 C:\Windows\System32\urlmon.dll - ok
17:09:47.0130 0180 [ 05A545F99EE042531CD5BCC32C3F76C1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll
17:09:47.0130 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll - ok
17:09:47.0130 0180 [ 14571C19B6B2445220F84B5DB8DD90F5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll
17:09:47.0130 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll - ok
17:09:47.0130 0180 [ 2667A32680FD766E329D15DF94CF10C3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll
17:09:47.0130 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll - ok
17:09:47.0130 0180 [ 76862AAF77C049EC20217FDC209F7F13 ] C:\Windows\System32\iertutil.dll
17:09:47.0130 0180 C:\Windows\System32\iertutil.dll - ok
17:09:47.0146 0180 [ 5C8ED5CE71D16E64DAD1D5C8182703B0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll
17:09:47.0146 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll - ok
17:09:47.0146 0180 [ 7AE5F46F78B5355D02BA90878A44771A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl
17:09:47.0146 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl - ok
17:09:47.0146 0180 [ 9FFFD87E90C8CB6BB43C1176BE461104 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll
17:09:47.0146 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll - ok
17:09:47.0146 0180 [ A29FB03E41AF1700F5A5A5D10C9E3559 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll
17:09:47.0146 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll - ok
17:09:47.0146 0180 [ DF79CE9B950C62677D232154E93A81C7 ] C:\Windows\System32\wininet.dll
17:09:47.0146 0180 C:\Windows\System32\wininet.dll - ok
17:09:47.0146 0180 [ 7668892E7ABC6FE867DCB097B36B6F3C ] C:\Windows\System32\Windows.UI.dll
17:09:47.0146 0180 C:\Windows\System32\Windows.UI.dll - ok
17:09:47.0146 0180 [ B4C2D97B1BA52926A8B6FA3E506295FD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl
17:09:47.0146 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl - ok
17:09:47.0162 0180 [ DE94F448F4A6F39E0C2E4080E853BC9C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl - ok
17:09:47.0162 0180 [ 2022F1EC840827B3F004926AAE63E09C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl - ok
17:09:47.0162 0180 [ 7F621C0A34CA6CA3832CCCD9951F789E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl - ok
17:09:47.0162 0180 [ 41BFE19EC91D344ADE47C468089DA8B5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl - ok
17:09:47.0162 0180 [ FBFA77AACE9DD4DD61EDE05B90A4F910 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl - ok
17:09:47.0162 0180 [ 6F91CBB493233FA2EC58EAAC489DB006 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl
17:09:47.0162 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl - ok
17:09:47.0177 0180 [ ADB3287AAB1C689162FB9DF52F96070F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl
17:09:47.0177 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl - ok
17:09:47.0177 0180 [ 7F33E7CE477046414D21F307E8B6B899 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl
17:09:47.0177 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl - ok
17:09:47.0177 0180 [ 58F4E62A09CD66CC3E60875C2517811D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll
17:09:47.0177 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll - ok
17:09:47.0177 0180 [ 0601A49C6C32740BB25FD2AF759F5960 ] C:\Windows\SysWOW64\setupapi.dll
17:09:47.0177 0180 C:\Windows\SysWOW64\setupapi.dll - ok
17:09:47.0177 0180 [ C1CB4AE82E173A620720996EBC3D02D6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll
17:09:47.0177 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll - ok
17:09:47.0177 0180 [ 63BD0F89217177AC2596738E3A199BA1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl
17:09:47.0177 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl - ok
17:09:47.0193 0180 [ 1C4276FAA89D41720EB2A1AB01D25CC3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl
17:09:47.0193 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl - ok
17:09:47.0193 0180 [ AFF76CD4D399D1347795D881F24A9508 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl
17:09:47.0193 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl - ok
17:09:47.0193 0180 [ 281C47DE05FC1D4F2A8908A7CAC4C24E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll
17:09:47.0193 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll - ok
17:09:47.0193 0180 [ FCC56B97754E78D2DD6008C4D4EFB3C1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll
17:09:47.0193 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll - ok
17:09:47.0193 0180 [ 3B1D694C2E3F31B74C4398585AB8BEFF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll
17:09:47.0193 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll - ok
17:09:47.0193 0180 [ B362181ED3771DC03B4141927C80F801 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:09:47.0193 0180 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
17:09:47.0209 0180 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:09:47.0209 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
17:09:47.0209 0180 [ 46C6D8A6B4DEBBB55B6DA6B92C100599 ] C:\Windows\SysWOW64\propsys.dll
17:09:47.0209 0180 C:\Windows\SysWOW64\propsys.dll - ok
17:09:47.0209 0180 [ 5AA28997F6A30EB196A5AB09F684B7BE ] C:\Windows\SysWOW64\imagehlp.dll
17:09:47.0209 0180 C:\Windows\SysWOW64\imagehlp.dll - ok
17:09:47.0209 0180 [ 63FE35B2DFC1CCD2AA33EA8BA2460BE9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
17:09:47.0209 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
17:09:47.0209 0180 [ E7721DCE7EE53A22BBF6CFCAA145FB12 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
17:09:47.0209 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
17:09:47.0209 0180 [ B792BBE05A18481016A7C39269D3E75C ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
17:09:47.0209 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
17:09:47.0224 0180 [ C8318A083DE9D8FFCA6E70D3E183490A ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
17:09:47.0224 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe - ok
17:09:47.0224 0180 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
17:09:47.0224 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
17:09:47.0224 0180 [ 9C933EE52559A41B704CBB189E7D6495 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
17:09:47.0224 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
17:09:47.0240 0180 [ EDA04929396FBE9D3C6A93E847657AD4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
17:09:47.0240 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
17:09:47.0240 0180 [ 3B220F0D170EE8EE2B365749B03D73F6 ] C:\Windows\System32\drivers\avnetflt.sys
17:09:47.0240 0180 C:\Windows\System32\drivers\avnetflt.sys - ok
17:09:47.0240 0180 [ 23C77897F8DC43B25A1DD03542E479EA ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
17:09:47.0240 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
17:09:47.0256 0180 [ 5C6ADD0111E1C6601B5911F7ACF85BB8 ] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
17:09:47.0256 0180 C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe - ok
17:09:47.0256 0180 [ D9053149D55CEB13C66A69A00A1B6D7D ] C:\Windows\System32\wbem\wbemprox.dll
17:09:47.0256 0180 C:\Windows\System32\wbem\wbemprox.dll - ok
17:09:47.0256 0180 [ 527429623E2A20C53DB246C51E6F2726 ] C:\Windows\System32\wbemcomn.dll
17:09:47.0256 0180 C:\Windows\System32\wbemcomn.dll - ok
17:09:47.0256 0180 [ D2BCDD6BBFCD068090C109854FCEE079 ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:09:47.0256 0180 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok
17:09:47.0256 0180 [ CD135EBBA99C598F30E6093824193038 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll
17:09:47.0256 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll - ok
17:09:47.0256 0180 [ 281BEE07BA97E3E98D12A822D923D0D8 ] C:\Windows\System32\dps.dll
17:09:47.0256 0180 C:\Windows\System32\dps.dll - ok
17:09:47.0271 0180 [ ECC0D0444FDDE870760083954F1CF52B ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll
17:09:47.0271 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll - ok
17:09:47.0271 0180 [ 425E22D9F5C01616AFC92987791B19E9 ] C:\Windows\SysWOW64\svchost.exe
17:09:47.0271 0180 C:\Windows\SysWOW64\svchost.exe - ok
17:09:47.0271 0180 [ 5878613C2E0EFB4F656DDADC452551B6 ] C:\Windows\SysWOW64\winsta.dll
17:09:47.0271 0180 C:\Windows\SysWOW64\winsta.dll - ok
17:09:47.0271 0180 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:09:47.0271 0180 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
17:09:47.0271 0180 [ B82255670D270B75D2D2F0F8747D1443 ] C:\Windows\System32\IKEEXT.DLL
17:09:47.0271 0180 C:\Windows\System32\IKEEXT.DLL - ok
17:09:47.0271 0180 [ 3C4002D339491AF73D663FFC7F6E5ECB ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
17:09:47.0271 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe - ok
17:09:47.0271 0180 [ 295771B092D4F7FCF2B62F80CCD14320 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:09:47.0271 0180 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:09:47.0287 0180 [ EE281DD6843F3F697C1AD7933EEB1E9B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:09:47.0287 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
17:09:47.0287 0180 [ 234F79CD1226D634BBC6B154E4CC7A44 ] C:\Windows\System32\vpnikeapi.dll
17:09:47.0287 0180 C:\Windows\System32\vpnikeapi.dll - ok
17:09:47.0287 0180 [ 2B9EED6835D269F35B310DC03D0F5768 ] C:\Windows\SysWOW64\dnsapi.dll
17:09:47.0287 0180 C:\Windows\SysWOW64\dnsapi.dll - ok
17:09:47.0287 0180 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] C:\Windows\System32\drivers\Ndu.sys
17:09:47.0287 0180 C:\Windows\System32\drivers\Ndu.sys - ok
17:09:47.0287 0180 [ B6C010F42053ED92E421EE5476E10645 ] C:\Windows\SysWOW64\rasadhlp.dll
17:09:47.0287 0180 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:09:47.0287 0180 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
17:09:47.0287 0180 C:\Windows\System32\HPZinw12.dll - ok
17:09:47.0302 0180 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] C:\Windows\System32\pcasvc.dll
17:09:47.0302 0180 C:\Windows\System32\pcasvc.dll - ok
17:09:47.0302 0180 [ BEA61BAC330230D3B1340F29A2312DD2 ] C:\Windows\System32\wsock32.dll
17:09:47.0302 0180 C:\Windows\System32\wsock32.dll - ok
17:09:47.0302 0180 [ F52DA6F31C7F197520ACC89F512CE848 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
17:09:47.0302 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
17:09:47.0302 0180 [ AF6B7381C18DBCE4FEB296FA5441AE0D ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:09:47.0302 0180 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:09:47.0302 0180 [ BA50CC0BD19004AAB88BE37338B6FA0D ] C:\Windows\System32\drivers\PEAuth.sys
17:09:47.0302 0180 C:\Windows\System32\drivers\PEAuth.sys - ok
17:09:47.0302 0180 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] C:\Windows\System32\nlasvc.dll
17:09:47.0302 0180 C:\Windows\System32\nlasvc.dll - ok
17:09:47.0302 0180 [ 2850EDC032C59C7673246BF8B1D301BC ] C:\Windows\SysWOW64\winspool.drv
17:09:47.0302 0180 C:\Windows\SysWOW64\winspool.drv - ok
17:09:47.0318 0180 [ F61333867216EDE1A09A7C55FEDCB6A8 ] C:\Windows\RfBtnSvc64.exe
17:09:47.0318 0180 C:\Windows\RfBtnSvc64.exe - ok
17:09:47.0318 0180 [ 380AA537624F698F4C51C55806D30E69 ] C:\Windows\System32\ncsi.dll
17:09:47.0318 0180 C:\Windows\System32\ncsi.dll - ok
17:09:47.0318 0180 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
17:09:47.0318 0180 C:\Windows\System32\HPZipm12.dll - ok
17:09:47.0318 0180 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] C:\Windows\System32\winhttp.dll
17:09:47.0318 0180 C:\Windows\System32\winhttp.dll - ok
17:09:47.0318 0180 [ 90B06AD0BA271ABDD56A77040B39C525 ] C:\Windows\System32\ssdpapi.dll
17:09:47.0318 0180 C:\Windows\System32\ssdpapi.dll - ok
17:09:47.0318 0180 [ 675C575444AAFD56B4E8A99EF8A570CD ] C:\Windows\SysWOW64\rpcnet.exe
17:09:47.0318 0180 C:\Windows\SysWOW64\rpcnet.exe - ok
17:09:47.0334 0180 [ 88028A645052327CE652A4CFCA16DBC9 ] C:\Windows\SysWOW64\apphelp.dll
17:09:47.0334 0180 C:\Windows\SysWOW64\apphelp.dll - ok
17:09:47.0334 0180 [ 88C01207F7772D6D16C36D63E0544DC1 ] C:\Windows\apppatch\AcGenral.dll
17:09:47.0334 0180 C:\Windows\apppatch\AcGenral.dll - ok
17:09:47.0334 0180 [ 2C95C9CB5DA80E779BF8A1C0ACD803A3 ] C:\Windows\SysWOW64\uxtheme.dll
17:09:47.0334 0180 C:\Windows\SysWOW64\uxtheme.dll - ok
17:09:47.0334 0180 [ 0D70F07EB0BCCE2B13652EFFF0DDD75F ] C:\Windows\SysWOW64\msacm32.dll
17:09:47.0334 0180 C:\Windows\SysWOW64\msacm32.dll - ok
17:09:47.0334 0180 [ 7254BFFB866CA443285A4D62294250BB ] C:\Windows\SysWOW64\dwmapi.dll
17:09:47.0334 0180 C:\Windows\SysWOW64\dwmapi.dll - ok
17:09:47.0334 0180 [ 7A554464C1B1380C5B74ADF3DED4F663 ] C:\Windows\apppatch\AcLayers.dll
17:09:47.0334 0180 C:\Windows\apppatch\AcLayers.dll - ok
17:09:47.0334 0180 [ 3AA79A83EC7D1B16D296029035A9C399 ] C:\Windows\SysWOW64\sfc.dll
17:09:47.0334 0180 C:\Windows\SysWOW64\sfc.dll - ok
17:09:47.0349 0180 [ EB5BB44DBA9F55DB59076E58F6E42C03 ] C:\Windows\SysWOW64\sfc_os.dll
17:09:47.0349 0180 C:\Windows\SysWOW64\sfc_os.dll - ok
17:09:47.0349 0180 [ 53B05C9C35E422E7473CCBBA162DE62D ] C:\Windows\SysWOW64\tapi32.dll
17:09:47.0349 0180 C:\Windows\SysWOW64\tapi32.dll - ok
17:09:47.0349 0180 [ CA72332804C787B8E767C09FFE844B38 ] C:\Windows\SysWOW64\rpcnet.dll
17:09:47.0349 0180 C:\Windows\SysWOW64\rpcnet.dll - ok
17:09:47.0349 0180 [ 9247E2FA8B8242B1620B1B6931816373 ] C:\Windows\System32\rpcnetp.exe
17:09:47.0349 0180 C:\Windows\System32\rpcnetp.exe - ok
17:09:47.0349 0180 [ 0320929A497A57A243ED157BA082896D ] C:\Windows\SysWOW64\pcacli.dll
17:09:47.0349 0180 C:\Windows\SysWOW64\pcacli.dll - ok
17:09:47.0349 0180 [ 552DF4A9DD8F4A500E3F8FC9C512D47A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
17:09:47.0349 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe - ok
17:09:47.0365 0180 [ C3C9B251ABFA347AA454B6AA17068FA1 ] C:\Windows\SysWOW64\devrtl.dll
17:09:47.0365 0180 C:\Windows\SysWOW64\devrtl.dll - ok
17:09:47.0365 0180 [ 2E5E517A5ED5CA1E99DA3AE517089935 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
17:09:47.0365 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
17:09:47.0365 0180 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
17:09:47.0365 0180 C:\Windows\SysWOW64\mfc100u.dll - ok
17:09:47.0365 0180 [ 0E28DA18EF14D77E236B4BD0E111BEC8 ] C:\Windows\SysWOW64\activeds.dll
17:09:47.0365 0180 C:\Windows\SysWOW64\activeds.dll - ok
17:09:47.0365 0180 [ 3D7B4D033FE80A86B1FC530A03A53754 ] C:\Windows\SysWOW64\msimg32.dll
17:09:47.0365 0180 C:\Windows\SysWOW64\msimg32.dll - ok
17:09:47.0365 0180 [ 25E3826F8A5CB3E8E95926AD271ED365 ] C:\Windows\SysWOW64\adsldpc.dll
17:09:47.0365 0180 C:\Windows\SysWOW64\adsldpc.dll - ok
17:09:47.0381 0180 [ 8245D8290D263BB655E15C5FEFE8B8A8 ] C:\Windows\SysWOW64\browcli.dll
17:09:47.0381 0180 C:\Windows\SysWOW64\browcli.dll - ok
17:09:47.0381 0180 [ ECA6624EFEBBE2C0C320AC942620C404 ] C:\Windows\SysWOW64\mfc100deu.dll
17:09:47.0381 0180 C:\Windows\SysWOW64\mfc100deu.dll - ok
17:09:47.0381 0180 [ E5624A279E2E98EAFCB6BCA7DB4DB2CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll
17:09:47.0381 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll - ok
17:09:47.0381 0180 [ FCA25104E526B1783F0366FF3B4E4445 ] C:\Windows\SysWOW64\FirewallAPI.dll
17:09:47.0381 0180 C:\Windows\SysWOW64\FirewallAPI.dll - ok
17:09:47.0381 0180 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:09:47.0381 0180 C:\Windows\System32\drivers\secdrv.sys - ok
17:09:47.0381 0180 [ 4A3B02AC2E1635C0A4603B32D447FBB2 ] C:\Windows\SysWOW64\rpcnetp.dll
17:09:47.0381 0180 C:\Windows\SysWOW64\rpcnetp.dll - ok
17:09:47.0381 0180 [ 77195C32175FC63D6054EBA5A066D727 ] C:\Windows\System32\drivers\srvnet.sys
17:09:47.0381 0180 C:\Windows\System32\drivers\srvnet.sys - ok
17:09:47.0396 0180 [ F0814A5318A534E4742F5358DF59F3AD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
17:09:47.0396 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe - ok
17:09:47.0396 0180 [ 33A7D83EEB15431773A6E186CFAABA21 ] C:\Windows\System32\drivers\tcpipreg.sys
17:09:47.0396 0180 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:09:47.0396 0180 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] C:\Windows\System32\sysmain.dll
17:09:47.0396 0180 C:\Windows\System32\sysmain.dll - ok
17:09:47.0396 0180 [ 84F20198CAE435DE32ABDB4511550BD7 ] C:\Windows\SysWOW64\mscoree.dll
17:09:47.0396 0180 C:\Windows\SysWOW64\mscoree.dll - ok
17:09:47.0396 0180 [ 9DB490F3E823C5C3C070644B96CB9D59 ] C:\Windows\System32\wbem\WMIsvc.dll
17:09:47.0396 0180 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:09:47.0396 0180 [ D638904FE86A5FE542A1BA13A9D68E5C ] C:\Windows\System32\wiaservc.dll
17:09:47.0396 0180 C:\Windows\System32\wiaservc.dll - ok
17:09:47.0396 0180 [ C97E14BB6A196B0554D6EB67D8818175 ] C:\Windows\System32\trkwks.dll
17:09:47.0396 0180 C:\Windows\System32\trkwks.dll - ok
17:09:47.0412 0180 [ E1D793FCCD26B862839217612830ECFC ] C:\Windows\System32\wbem\wbemcore.dll
17:09:47.0412 0180 C:\Windows\System32\wbem\wbemcore.dll - ok
17:09:47.0412 0180 [ 6E49FFDFBAC4AC6CB45238C67E3E15F2 ] C:\Windows\System32\wiatrace.dll
17:09:47.0412 0180 C:\Windows\System32\wiatrace.dll - ok
17:09:47.0412 0180 [ 415EE38FA22E6489ED95D0C0F1560BD8 ] C:\Windows\System32\deviceassociation.dll
17:09:47.0412 0180 C:\Windows\System32\deviceassociation.dll - ok
17:09:47.0412 0180 [ 536175601D6FDA57917D18D21476915A ] C:\Windows\System32\wsdchngr.dll
17:09:47.0412 0180 C:\Windows\System32\wsdchngr.dll - ok
17:09:47.0412 0180 [ B801371569B9E310BBD068E21D486F1A ] C:\Windows\System32\fundisc.dll
17:09:47.0412 0180 C:\Windows\System32\fundisc.dll - ok
17:09:47.0412 0180 [ 16BF6ADAED1427A7AF08125DD14BA52C ] C:\Windows\System32\fdPnp.dll
17:09:47.0412 0180 C:\Windows\System32\fdPnp.dll - ok
17:09:47.0427 0180 [ 2C6B75D50B9917766FE7BA0C11A1FA23 ] C:\Windows\System32\wbem\esscli.dll
17:09:47.0427 0180 C:\Windows\System32\wbem\esscli.dll - ok
17:09:47.0427 0180 [ EAA293B3C52C76449ABA8419C8AEC839 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:09:47.0427 0180 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:09:47.0427 0180 [ C510810D292782189F8BE12A1B0E366E ] C:\Windows\System32\wbem\fastprox.dll
17:09:47.0427 0180 C:\Windows\System32\wbem\fastprox.dll - ok
17:09:47.0427 0180 [ 36BC2FF91264BB032FEB927B03DE4C29 ] C:\Windows\System32\wbem\wbemsvc.dll
17:09:47.0427 0180 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:09:47.0427 0180 [ 5FB52C4367FCABB27373F701C714192C ] C:\Windows\System32\wbem\wmiutils.dll
17:09:47.0427 0180 C:\Windows\System32\wbem\wmiutils.dll - ok
17:09:47.0427 0180 [ 4845FC917AB257CAE4F16A80ADC15412 ] C:\Windows\System32\wbem\repdrvfs.dll
17:09:47.0427 0180 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:09:47.0427 0180 [ 572EA523849EC996B61065E8E6BF9D37 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:09:47.0427 0180 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:09:47.0443 0180 [ A58E3C42883F36D743F9BE9B21BFC990 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
17:09:47.0443 0180 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll - ok
17:09:47.0443 0180 [ 824BC775A6B475D872431F6B36DD8BA3 ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:09:47.0443 0180 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:09:47.0443 0180 [ A19F9B39E739E89698E662896F4A76B5 ] C:\Windows\System32\ncobjapi.dll
17:09:47.0443 0180 C:\Windows\System32\ncobjapi.dll - ok
17:09:47.0443 0180 [ B2CF1AF98C13B3C19FDD7EF1EF56C05F ] C:\Windows\System32\wbem\wbemess.dll
17:09:47.0443 0180 C:\Windows\System32\wbem\wbemess.dll - ok
17:09:47.0443 0180 [ ABC05B8D756A6981DBCD2B6C1D62E159 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
17:09:47.0443 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll - ok
17:09:47.0443 0180 [ ACA8E5A15FE7E513E95FF2E9AE54ED0E ] C:\Windows\System32\wbem\unsecapp.exe
17:09:47.0443 0180 C:\Windows\System32\wbem\unsecapp.exe - ok
17:09:47.0459 0180 [ B2EC086D45532BCFBB3042C78C27A904 ] C:\Windows\System32\dsparse.dll
17:09:47.0459 0180 C:\Windows\System32\dsparse.dll - ok
17:09:47.0459 0180 [ A5B39B59E91EAC9585DB3F7ABDC67109 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
17:09:47.0459 0180 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
17:09:47.0459 0180 [ 9D2136DDE6753B36A0771FF34337B5D1 ] C:\Windows\SysWOW64\riched20.dll
17:09:47.0459 0180 C:\Windows\SysWOW64\riched20.dll - ok
17:09:47.0459 0180 [ A2D053D11E3756DB3C5642AACA84E69B ] C:\Windows\SysWOW64\usp10.dll
17:09:47.0459 0180 C:\Windows\SysWOW64\usp10.dll - ok
17:09:47.0459 0180 [ 2FE534AC99FE081D9A6950C0C8032751 ] C:\Windows\SysWOW64\msls31.dll
17:09:47.0459 0180 C:\Windows\SysWOW64\msls31.dll - ok
17:09:47.0459 0180 [ CE6D08350D0A1278E9A97D94023D1800 ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:09:47.0459 0180 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:09:47.0474 0180 [ BFC0069A46E1D1F38AFB253F76964471 ] C:\Windows\System32\wbem\wmiprov.dll
17:09:47.0474 0180 C:\Windows\System32\wbem\wmiprov.dll - ok
17:09:47.0474 0180 [ EF54D5BEF570516BFA9C0DB9BE99D7F0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
17:09:47.0474 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll - ok
17:09:47.0474 0180 [ 43B223C4799777C4DA008469DD913813 ] C:\Windows\System32\wbem\NCProv.dll
17:09:47.0474 0180 C:\Windows\System32\wbem\NCProv.dll - ok
17:09:47.0474 0180 [ 3BD314F6EA1B7C7CF0BEE5A65E1D548E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll
17:09:47.0474 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll - ok
17:09:47.0474 0180 [ 99DB2F9BFAE614880930B2BBDD78E3A6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:09:47.0474 0180 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:09:47.0474 0180 [ AA7F6E73297740FA1CFA4E28950AE0A4 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
17:09:47.0474 0180 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
17:09:47.0490 0180 [ A12CBF5ECE1227B034670A31DAD0BF3A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\865b858298279774d2a3c6cecac95124\System.Configuration.Install.ni.dll
17:09:47.0490 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\865b858298279774d2a3c6cecac95124\System.Configuration.Install.ni.dll - ok
17:09:47.0490 0180 [ B83132A1645106F5BC363EEE24E8C558 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3430f069c93f4233f0dbb775cb73b49b\System.Core.ni.dll
17:09:47.0490 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3430f069c93f4233f0dbb775cb73b49b\System.Core.ni.dll - ok
17:09:47.0490 0180 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] C:\Windows\System32\iphlpsvc.dll
17:09:47.0490 0180 C:\Windows\System32\iphlpsvc.dll - ok
17:09:47.0490 0180 [ 33F5EE33BAAD7DEF96DA4270D0F4B308 ] C:\Windows\System32\wbem\cimwin32.dll
17:09:47.0490 0180 C:\Windows\System32\wbem\cimwin32.dll - ok
17:09:47.0490 0180 [ C1AE59C0B0817236EC083A91C396005A ] C:\Windows\System32\drivers\srv2.sys
17:09:47.0490 0180 C:\Windows\System32\drivers\srv2.sys - ok
17:09:47.0490 0180 [ 42582B288CB1B9F9C996A49804E08B75 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
17:09:47.0490 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll - ok
17:09:47.0506 0180 [ DA691E383B0F28C640BE68F0B914F1A1 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:09:47.0506 0180 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:09:47.0506 0180 [ C32ADB033616D0409641BCD4439033F8 ] C:\Windows\System32\framedynos.dll
17:09:47.0506 0180 C:\Windows\System32\framedynos.dll - ok
17:09:47.0506 0180 [ 5834A2432192ED502999CE24A5442CB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll
17:09:47.0506 0180 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll - ok
17:09:47.0506 0180 [ 70DAA70A39D15868A0DDEDC46B7A823F ] C:\Windows\System32\httpprxm.dll
17:09:47.0506 0180 C:\Windows\System32\httpprxm.dll - ok
17:09:47.0506 0180 [ 1B8B4F73EE08B5A6EC5A70C96DA90667 ] C:\Windows\System32\adhsvc.dll
17:09:47.0506 0180 C:\Windows\System32\adhsvc.dll - ok
17:09:47.0506 0180 [ 582ED9A6D0B34F2F55607562FDA263E9 ] C:\Windows\System32\sqmapi.dll
17:09:47.0506 0180 C:\Windows\System32\sqmapi.dll - ok
17:09:47.0506 0180 [ 2B78788A1485F9B99A578A299DF42C02 ] C:\Windows\System32\drivers\srv.sys
17:09:47.0506 0180 C:\Windows\System32\drivers\srv.sys - ok
17:09:47.0521 0180 [ 5CEC21295040B8FA8F26CB07D650954D ] C:\Windows\System32\netprofm.dll
17:09:47.0521 0180 C:\Windows\System32\netprofm.dll - ok
17:09:47.0521 0180 [ 1E5C8EF393A0A07A1A397DEAF8FA17CC ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
17:09:47.0521 0180 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll - ok
17:09:47.0521 0180 [ 6E98157791491AEBF64B1392293E48A7 ] C:\Windows\System32\nci.dll
17:09:47.0521 0180 C:\Windows\System32\nci.dll - ok
17:09:47.0521 0180 [ 27B58E16CF895AC1F1A97C04814C2239 ] C:\Windows\System32\srvsvc.dll
17:09:47.0521 0180 C:\Windows\System32\srvsvc.dll - ok
17:09:47.0521 0180 [ A1BECE49EF88F58F6DC881AF251B822E ] C:\Windows\System32\dskquota.dll
17:09:47.0521 0180 C:\Windows\System32\dskquota.dll - ok
17:09:47.0521 0180 [ E372BBF897005442ECEB7843CEB394D2 ] C:\Windows\System32\rasadhlp.dll
17:09:47.0521 0180 C:\Windows\System32\rasadhlp.dll - ok
17:09:47.0521 0180 [ 5FE61B0E223FAC7316526A7B588E9F2D ] C:\Windows\System32\wdscore.dll
17:09:47.0537 0180 C:\Windows\System32\wdscore.dll - ok
17:09:47.0537 0180 [ 056A7F991CCBDACB5A132419FA244C3E ] C:\Windows\System32\mi.dll
17:09:47.0537 0180 C:\Windows\System32\mi.dll - ok
17:09:47.0537 0180 [ 830445350C7CDEC426FA5E1F9E1B0DAD ] C:\Windows\System32\sscore.dll
17:09:47.0537 0180 C:\Windows\System32\sscore.dll - ok
17:09:47.0537 0180 [ 3A8A50121A2600AEC63E4713AF6F25E7 ] C:\Windows\System32\sscoreext.dll
17:09:47.0537 0180 C:\Windows\System32\sscoreext.dll - ok
17:09:47.0537 0180 [ FD03915B5FD90025020971982CB32E18 ] C:\Windows\SysWOW64\httpapi.dll
17:09:47.0537 0180 C:\Windows\SysWOW64\httpapi.dll - ok
17:09:47.0537 0180 [ E8E50E7703204AE06C6B5FEFE2F701E7 ] C:\Windows\System32\miutils.dll
17:09:47.0537 0180 C:\Windows\System32\miutils.dll - ok
17:09:47.0537 0180 [ A7578E2FB09DD9D9CEE6791151C11334 ] C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\system.resources.dll
17:09:47.0537 0180 C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\system.resources.dll - ok
17:09:47.0553 0180 [ 38DF4E3D3559F58793E70ED8093A6F2B ] C:\Windows\System32\wmidcom.dll
17:09:47.0553 0180 C:\Windows\System32\wmidcom.dll - ok
17:09:47.0553 0180 [ 66F78ECB93F16BBDA095D9EA71CD712B ] C:\Windows\System32\resutils.dll
17:09:47.0553 0180 C:\Windows\System32\resutils.dll - ok
17:09:47.0553 0180 [ 0F9594CB8B35FAF12825285415414F85 ] C:\Windows\System32\clusapi.dll
17:09:47.0553 0180 C:\Windows\System32\clusapi.dll - ok
17:09:47.0553 0180 [ E90A3C2460984362BE38F572842C890A ] C:\Windows\System32\activeds.dll
17:09:47.0553 0180 C:\Windows\System32\activeds.dll - ok
17:09:47.0553 0180 [ E7CD6B5449030F4F9B29C742664B63B3 ] C:\Windows\System32\adsldpc.dll
17:09:47.0553 0180 C:\Windows\System32\adsldpc.dll - ok
17:09:47.0553 0180 [ 0488E461EEE18F5CFCE7C1774BBFCBB3 ] C:\Windows\System32\adsldp.dll
17:09:47.0553 0180 C:\Windows\System32\adsldp.dll - ok
17:09:47.0553 0180 [ AB8DC63BB90A2A3DE13B38D8B64B4DC6 ] C:\Windows\System32\cscapi.dll
17:09:47.0553 0180 C:\Windows\System32\cscapi.dll - ok
17:09:47.0568 0180 [ D5BE751B837C8B8CB58426EC9B2A29E9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
17:09:47.0568 0180 [ 6A6B49FD47A6BA4949A1E03CA4486439 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll - ok
17:09:47.0568 0180 [ 8682F5AEFD0326B2A772E90EF1EFBE17 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll - ok
17:09:47.0568 0180 [ F2D9F23FFB2B0B2B8FF5126689615B3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll - ok
17:09:47.0568 0180 [ 582632E34C9FF3C658ED56E5FC8D7EC6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll - ok
17:09:47.0568 0180 [ BE04DE758070B1CBA8B741436C955797 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
17:09:47.0568 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
17:09:47.0584 0180 [ C8D87F1FE1D83C638D52F24B88E9D06F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
17:09:47.0584 0180 [ B30F23026AA2F12A690153FFB6983993 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
17:09:47.0584 0180 [ F74F82B5F0484193910C8CD242C8D1F2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
17:09:47.0584 0180 [ 70D6DEAB3C7E1942D7A6E67708222044 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
17:09:47.0584 0180 [ A93DAE6938F2C49E257B1A7F79D587A6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
17:09:47.0584 0180 [ 39050A12A2EFBEC944C3585374898E54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
17:09:47.0584 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
17:09:47.0600 0180 [ 1202407DB7F776121B1EBF7225EBF669 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
17:09:47.0600 0180 [ B532B0128D21706EEDB62EE332151D54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
17:09:47.0600 0180 [ 87FB156EF28F7D2B53B659572AFB2C94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
17:09:47.0600 0180 [ F78A75C0A42CD959A729A79CE708E520 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
17:09:47.0600 0180 [ 940D56DE91885C8AA34BA4788579820C ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
17:09:47.0600 0180 [ E3294F8C1461DDFB23E75F5E6D678DD5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
17:09:47.0600 0180 [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
17:09:47.0600 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
17:09:47.0615 0180 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
17:09:47.0615 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
17:09:47.0615 0180 [ F4C3899CD75D19BCA12E3D3B878CDEC6 ] C:\Windows\SysWOW64\vdmdbg.dll
17:09:47.0615 0180 C:\Windows\SysWOW64\vdmdbg.dll - ok
17:09:47.0615 0180 [ 9A521D6FAB1402D71BD900E9054EF7DE ] C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll
17:09:47.0615 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll - ok
17:09:47.0615 0180 [ F89000BD2BF367B9A6423CEB1553E9AF ] C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll
17:09:47.0615 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll - ok
17:09:47.0615 0180 [ D5094999316AE489620B3CB70C1AD5C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll
17:09:47.0615 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll - ok
17:09:47.0615 0180 [ 42CC7633E6C898923AE57CEBCE6DB2B2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll
17:09:47.0615 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll - ok
17:09:47.0631 0180 [ 9A86820CEDF2C6D2EBF2E6E66E89EA1A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll - ok
17:09:47.0631 0180 [ ABF612BB29A6293A574710716246F58E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
17:09:47.0631 0180 [ 930B10F03BEF0733B42EA20DC1592C65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll - ok
17:09:47.0631 0180 [ 84F9EDB011F256CE3CA21E06876A7D7A ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
17:09:47.0631 0180 [ 217B846C2B74637EA326C7A07DD30177 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
17:09:47.0631 0180 [ C2ABD6107231B010A1E489622E06575B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
17:09:47.0631 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
17:09:47.0646 0180 [ AC8E4357A79199AF587514E4805DEEC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
17:09:47.0646 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
17:09:47.0646 0180 [ D8976CD6D0653CB6BBC000950590FBBD ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
17:09:47.0646 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
17:09:47.0646 0180 [ B5A72BA66AD8D4317EBEA61C1C5AE0CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
17:09:47.0646 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
17:09:47.0646 0180 [ 42EE1AA800FFDD2484B2097535672142 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
17:09:47.0646 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
17:09:47.0646 0180 [ 4E8433BA8F7622808E66F17CDAAEE156 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
17:09:47.0646 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
17:09:47.0646 0180 [ 8DB30DA1FA8620A5C4AF53DEB85194D8 ] C:\Windows\SysWOW64\NapiNSP.dll
17:09:47.0646 0180 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:09:47.0646 0180 [ 4947B4C100BE88C83F027D1C8DBC4B84 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:09:47.0646 0180 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:09:47.0662 0180 [ 64ADDC6760CDED7EA432D7398318D919 ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll
17:09:47.0662 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok
17:09:47.0662 0180 [ F604350906CE4E3F67D81384566DE3E4 ] C:\Windows\SysWOW64\nlaapi.dll
17:09:47.0662 0180 C:\Windows\SysWOW64\nlaapi.dll - ok
Geändert von Tandem (09.04.2014 um 00:52 Uhr) |
|
09.04.2014, 00:35
| #6 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 3/8: Code:
ATTFilter 17:09:47.0662 0180 [ C2411C9B1775B72440B4695A272871D8 ] C:\Windows\SysWOW64\OpenWith.exe
17:09:47.0662 0180 C:\Windows\SysWOW64\OpenWith.exe - ok
17:09:47.0662 0180 [ 5D9B166EFBA673C8221C5C97CCFB5BFE ] C:\Windows\System32\wcmapi.dll
17:09:47.0662 0180 C:\Windows\System32\wcmapi.dll - ok
17:09:47.0662 0180 [ 0D0213498683414DDE29B1686A4C08D5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:09:47.0662 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
17:09:47.0662 0180 [ 8700883867FBD565BF6C2DAE8B2D7810 ] C:\Windows\SysWOW64\winrnr.dll
17:09:47.0662 0180 C:\Windows\SysWOW64\winrnr.dll - ok
17:09:47.0678 0180 [ A7B4B1F48DF2AF71A59836ABC24F12F4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl
17:09:47.0678 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl - ok
17:09:47.0678 0180 [ AC25073CEBD9D5CE2F61D6AF93BC9585 ] C:\Windows\SysWOW64\shfolder.dll
17:09:47.0678 0180 C:\Windows\SysWOW64\shfolder.dll - ok
17:09:47.0678 0180 [ 93A9382276582DE4D6D34BC52D130692 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl
17:09:47.0678 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl - ok
17:09:47.0678 0180 [ D349F1E9D0388A78B6AE769F1450BA3E ] C:\Windows\SysWOW64\wshbth.dll
17:09:47.0678 0180 C:\Windows\SysWOW64\wshbth.dll - ok
17:09:47.0678 0180 [ FCBDF1F1F22CB474ED9DC8C1DC8CD61C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll
17:09:47.0678 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll - ok
17:09:47.0678 0180 [ C995EA1C6915D897E06D41AF95B9312C ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:09:47.0678 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
17:09:47.0693 0180 [ D27491CFCE452C154CECFA155AD0EBC8 ] C:\Windows\System32\wpdbusenum.dll
17:09:47.0693 0180 C:\Windows\System32\wpdbusenum.dll - ok
17:09:47.0693 0180 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] C:\Windows\System32\hidserv.dll
17:09:47.0693 0180 C:\Windows\System32\hidserv.dll - ok
17:09:47.0693 0180 [ C16097D77A232A288D65F299E2E01105 ] C:\Windows\System32\IPSECSVC.DLL
17:09:47.0693 0180 C:\Windows\System32\IPSECSVC.DLL - ok
17:09:47.0693 0180 [ F0F0A372C2EF6358399C4936F91B6131 ] C:\Windows\System32\netprofmsvc.dll
17:09:47.0693 0180 C:\Windows\System32\netprofmsvc.dll - ok
17:09:47.0693 0180 [ F0DF4F8D9F1F8FA36BA30ACAC213D03D ] C:\Windows\System32\PortableDeviceApi.dll
17:09:47.0693 0180 C:\Windows\System32\PortableDeviceApi.dll - ok
17:09:47.0693 0180 [ 4A1780F986DC1EAE2FADF3219F211C8D ] C:\Windows\SysWOW64\sxs.dll
17:09:47.0693 0180 C:\Windows\SysWOW64\sxs.dll - ok
17:09:47.0693 0180 [ 7E790DE2487CEDB349D1750B9E47F090 ] C:\Windows\System32\appinfo.dll
17:09:47.0693 0180 C:\Windows\System32\appinfo.dll - ok
17:09:47.0709 0180 [ 40C67D1A4891120874767F6E6604D6C5 ] C:\Windows\System32\wdi.dll
17:09:47.0709 0180 C:\Windows\System32\wdi.dll - ok
17:09:47.0709 0180 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] C:\Windows\System32\aelupsvc.dll
17:09:47.0709 0180 C:\Windows\System32\aelupsvc.dll - ok
17:09:47.0709 0180 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] C:\Windows\System32\DeviceSetupManager.dll
17:09:47.0709 0180 C:\Windows\System32\DeviceSetupManager.dll - ok
17:09:47.0709 0180 [ EE7C82B0D69F038245CECBCE9EC45A9A ] C:\Windows\SysWOW64\dllhost.exe
17:09:47.0709 0180 C:\Windows\SysWOW64\dllhost.exe - ok
17:09:47.0709 0180 [ 52A1F7EED5C036A76ED4938A7A39F61E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl
17:09:47.0709 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl - ok
17:09:47.0709 0180 [ 03694A8350222AC9F0E8693986E92BE2 ] C:\Windows\System32\diagperf.dll
17:09:47.0709 0180 C:\Windows\System32\diagperf.dll - ok
17:09:47.0709 0180 [ 72C7BC98E2393F1DDD41459C659CC6E2 ] C:\Windows\System32\newdev.dll
17:09:47.0709 0180 C:\Windows\System32\newdev.dll - ok
17:09:47.0725 0180 [ 397006C14C023F8E494093E0EAFADC2A ] C:\Windows\System32\perftrack.dll
17:09:47.0725 0180 C:\Windows\System32\perftrack.dll - ok
17:09:47.0725 0180 [ F13A820F50114A9F364D6CA2A89ECB2E ] C:\Windows\System32\FwRemoteSvr.dll
17:09:47.0725 0180 C:\Windows\System32\FwRemoteSvr.dll - ok
17:09:47.0725 0180 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] C:\Windows\System32\das.dll
17:09:47.0725 0180 C:\Windows\System32\das.dll - ok
17:09:47.0725 0180 [ E9286577AD0D3BE9158DCE178A879123 ] C:\Windows\System32\devrtl.dll
17:09:47.0725 0180 C:\Windows\System32\devrtl.dll - ok
17:09:47.0725 0180 [ 59A343C3BD792AF308400B2EE5E1A924 ] C:\Windows\System32\wer.dll
17:09:47.0725 0180 C:\Windows\System32\wer.dll - ok
17:09:47.0725 0180 [ 45566BEAE514B157C3AC821EBE6A8784 ] C:\Windows\System32\winspool.drv
17:09:47.0725 0180 C:\Windows\System32\winspool.drv - ok
17:09:47.0740 0180 [ B4FC38795A0AFC18539E220F56348764 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:09:47.0740 0180 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:09:47.0740 0180 [ D528D6A92D187777691993DD757AF19A ] C:\Windows\System32\browser.dll
17:09:47.0740 0180 C:\Windows\System32\browser.dll - ok
17:09:47.0740 0180 [ 28C35503056748FA88499DAECF3D5557 ] C:\Windows\System32\npmproxy.dll
17:09:47.0740 0180 C:\Windows\System32\npmproxy.dll - ok
17:09:47.0740 0180 [ 7D02D20A9BB6867C09459F116FEAC15D ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\uds.dll.7d02d20a9bb6867c09459f116feac15d
17:09:47.0740 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\uds.dll.7d02d20a9bb6867c09459f116feac15d - ok
17:09:47.0740 0180 [ 415C3B227A91A9693AD5A51F07DBBA9C ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.415c3b227a91a9693ad5a51f07dbba9c
17:09:47.0740 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.415c3b227a91a9693ad5a51f07dbba9c - ok
17:09:47.0740 0180 [ E58B2EA7B004184E229854A3D1C00CBB ] C:\Windows\System32\localspl.dll
17:09:47.0740 0180 C:\Windows\System32\localspl.dll - ok
17:09:47.0756 0180 [ 361ACBB95E4CD361DBC67699794434A5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.361acbb95e4cd361dbc67699794434a5
17:09:47.0756 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.361acbb95e4cd361dbc67699794434a5 - ok
17:09:47.0756 0180 [ 205B59C8B291A707B24C97B123834E70 ] C:\Windows\System32\pnpts.dll
17:09:47.0756 0180 C:\Windows\System32\pnpts.dll - ok
17:09:47.0756 0180 [ 024A5FF9EB31F7D1E98E1167D28C6781 ] C:\Windows\System32\spoolss.dll
17:09:47.0756 0180 C:\Windows\System32\spoolss.dll - ok
17:09:47.0756 0180 [ 3958E82529DA716D1D2F0C44E6F14187 ] C:\Windows\System32\pcadm.dll
17:09:47.0756 0180 C:\Windows\System32\pcadm.dll - ok
17:09:47.0756 0180 [ E0BC37F2051E1CB6B768A53D9514E3FA ] C:\Windows\System32\pcacli.dll
17:09:47.0756 0180 C:\Windows\System32\pcacli.dll - ok
17:09:47.0756 0180 [ E41C0291E2F2FDFBF2875E4473F81031 ] C:\Windows\System32\mpr.dll
17:09:47.0756 0180 C:\Windows\System32\mpr.dll - ok
17:09:47.0756 0180 [ 4F1E771801EED912FB37CEB838F8F153 ] C:\Windows\System32\PrintIsolationProxy.dll
17:09:47.0756 0180 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:09:47.0771 0180 [ 647B3E3A60DED8DAECF4F798A058EADB ] C:\Windows\System32\srumsvc.dll
17:09:47.0771 0180 C:\Windows\System32\srumsvc.dll - ok
17:09:47.0771 0180 [ 448D8F8B51F785EAB56947D94EBDFC66 ] C:\Windows\System32\hnetcfg.dll
17:09:47.0771 0180 C:\Windows\System32\hnetcfg.dll - ok
17:09:47.0771 0180 [ C835670705596AE67EE7E0AE92A12071 ] C:\Windows\System32\HPZLLLHN.DLL
17:09:47.0771 0180 C:\Windows\System32\HPZLLLHN.DLL - ok
17:09:47.0771 0180 [ 64362206C83D3C300E37267118D5936B ] C:\Windows\System32\FXSMON.dll
17:09:47.0771 0180 C:\Windows\System32\FXSMON.dll - ok
17:09:47.0771 0180 [ 6AF7948D08E59B5690D3559AEB8E0F93 ] C:\Windows\System32\wdiasqmmodule.dll
17:09:47.0771 0180 C:\Windows\System32\wdiasqmmodule.dll - ok
17:09:47.0771 0180 [ 9F671913B8C75A72188A4B1CCFA592A3 ] C:\Windows\System32\DevPropMgr.dll
17:09:47.0771 0180 C:\Windows\System32\DevPropMgr.dll - ok
17:09:47.0771 0180 [ 8449B6B3E281AF44BEA98D318D7481A5 ] C:\Windows\System32\nduprov.dll
17:09:47.0771 0180 C:\Windows\System32\nduprov.dll - ok
17:09:47.0787 0180 [ 8F5E6EC1728272080B24A92F23DE78FA ] C:\Windows\System32\DeviceDriverRetrievalClient.dll
17:09:47.0787 0180 C:\Windows\System32\DeviceDriverRetrievalClient.dll - ok
17:09:47.0787 0180 [ C89B88BCA6D6B72A470D8BF5730254C6 ] C:\Windows\System32\pdfcmon.dll
17:09:47.0787 0180 C:\Windows\System32\pdfcmon.dll - ok
17:09:47.0787 0180 [ BEA157D1857FA63205558750720D9071 ] C:\Windows\System32\appsruprov.dll
17:09:47.0787 0180 C:\Windows\System32\appsruprov.dll - ok
17:09:47.0787 0180 [ D3F794546CE8666B663A0A906CA97DCA ] C:\Windows\System32\wpnsruprov.dll
17:09:47.0787 0180 C:\Windows\System32\wpnsruprov.dll - ok
17:09:47.0787 0180 [ DA7967BD9CD17F436E6059C3A7A1BF7C ] C:\Windows\System32\DeviceMetadataRetrievalClient.dll
17:09:47.0787 0180 C:\Windows\System32\DeviceMetadataRetrievalClient.dll - ok
17:09:47.0787 0180 [ 62D2F0DEED2F7A6B2A7F84977DF9A23A ] C:\Windows\System32\cabinet.dll
17:09:47.0787 0180 C:\Windows\System32\cabinet.dll - ok
17:09:47.0803 0180 [ 3B17ED08AD8C86A1C6407CEE7CCF446B ] C:\Windows\System32\snmpapi.dll
17:09:47.0803 0180 C:\Windows\System32\snmpapi.dll - ok
17:09:47.0803 0180 [ 70179FFB5487A8A2BB4A1AB1B22219E6 ] C:\Windows\System32\tcpmon.dll
17:09:47.0803 0180 C:\Windows\System32\tcpmon.dll - ok
17:09:47.0803 0180 [ 91F658373C97A1A2633690730B05C081 ] C:\Windows\System32\wsnmp32.dll
17:09:47.0803 0180 C:\Windows\System32\wsnmp32.dll - ok
17:09:47.0803 0180 [ 593E72E97CAEF5DD742B394BD296E21A ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.593e72e97caef5dd742b394bd296e21a
17:09:47.0803 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.593e72e97caef5dd742b394bd296e21a - ok
17:09:47.0803 0180 [ F06F60158842691FA4B5DE0E08F55B29 ] C:\Windows\System32\ncuprov.dll
17:09:47.0803 0180 C:\Windows\System32\ncuprov.dll - ok
17:09:47.0803 0180 [ F12B563360D2BA8AD323A74986AF8A5B ] C:\Windows\System32\wwapi.dll
17:09:47.0803 0180 C:\Windows\System32\wwapi.dll - ok
17:09:47.0818 0180 [ E32D2083EB6EC8EBD56D1A509268492B ] C:\Windows\System32\energyprov.dll
17:09:47.0818 0180 C:\Windows\System32\energyprov.dll - ok
17:09:47.0818 0180 [ 90AC8D4574103FCF8942C526998F46BF ] C:\Windows\System32\srumapi.dll
17:09:47.0818 0180 C:\Windows\System32\srumapi.dll - ok
17:09:47.0818 0180 [ 9BE4639FD1A3F8A9FECFE958D7B04F9A ] C:\Windows\System32\usbmon.dll
17:09:47.0818 0180 C:\Windows\System32\usbmon.dll - ok
17:09:47.0818 0180 [ 48B5A62750FC3E3E8733106FB7E2DF0F ] C:\Windows\System32\WSDMon.dll
17:09:47.0818 0180 C:\Windows\System32\WSDMon.dll - ok
17:09:47.0818 0180 [ 1507FB3F5A2CE45C0796ED34A905A106 ] C:\Windows\System32\drvinst.exe
17:09:47.0818 0180 C:\Windows\System32\drvinst.exe - ok
17:09:47.0818 0180 [ BCCFC1C89017F4BDC90201E956EEA7C5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.bccfc1c89017f4bdc90201e956eea7c5
17:09:47.0818 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.bccfc1c89017f4bdc90201e956eea7c5 - ok
17:09:47.0818 0180 [ 1C449AD92726ED14D895F09DCD861545 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.1c449ad92726ed14d895f09dcd861545
17:09:47.0818 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.1c449ad92726ed14d895f09dcd861545 - ok
17:09:47.0834 0180 [ EF4C4EA376D172D966AB31388B3B63B6 ] C:\Windows\System32\drvstore.dll
17:09:47.0834 0180 C:\Windows\System32\drvstore.dll - ok
17:09:47.0834 0180 [ 8E2B57DA0ED837DB04030157A6C112CE ] C:\Windows\System32\WSDApi.dll
17:09:47.0834 0180 C:\Windows\System32\WSDApi.dll - ok
17:09:47.0834 0180 [ 3D47406245E32365413C5B6AB2246586 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.3d47406245e32365413c5b6ab2246586
17:09:47.0834 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.3d47406245e32365413c5b6ab2246586 - ok
17:09:47.0834 0180 [ CB79FA82A5D7CEAAA804EF15E87CC6D2 ] C:\Windows\System32\webservices.dll
17:09:47.0834 0180 C:\Windows\System32\webservices.dll - ok
17:09:47.0834 0180 [ 07106140D0596D785328DEFE0297166A ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:09:47.0834 0180 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:09:47.0834 0180 [ C4C552E0D1DFDCFEC0B755C05EFFEAC8 ] C:\Windows\System32\wpd_ci.dll
17:09:47.0834 0180 C:\Windows\System32\wpd_ci.dll - ok
17:09:47.0850 0180 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
17:09:47.0850 0180 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
17:09:47.0850 0180 [ EB1910FCBC61A478E07FCB59487B56AD ] C:\Windows\System32\win32spl.dll
17:09:47.0850 0180 C:\Windows\System32\win32spl.dll - ok
17:09:47.0850 0180 [ BE0FC6BFE7181F8621B2BD572658A83E ] C:\Windows\System32\inetpp.dll
17:09:47.0850 0180 C:\Windows\System32\inetpp.dll - ok
17:09:47.0850 0180 [ AF033A6377288725830CF3CCD3C12773 ] C:\Windows\System32\bidispl.dll
17:09:47.0850 0180 C:\Windows\System32\bidispl.dll - ok
17:09:47.0850 0180 [ 1AC77AE146B738962CBA86459E67F66D ] C:\Windows\System32\spfileq.dll
17:09:47.0850 0180 C:\Windows\System32\spfileq.dll - ok
17:09:47.0850 0180 [ 1B76D48A97E3E61661846A5BF64E2008 ] C:\Windows\System32\FXSRESM.dll
17:09:47.0850 0180 C:\Windows\System32\FXSRESM.dll - ok
17:09:47.0850 0180 [ 739F79546EC16695E613F63864132000 ] C:\Windows\System32\WUDFCoinstaller.dll
17:09:47.0850 0180 C:\Windows\System32\WUDFCoinstaller.dll - ok
17:09:47.0865 0180 [ 2FEAE33E9B2B56104596E1BA444405A9 ] C:\Windows\System32\drivers\WUDFPf.sys
17:09:47.0865 0180 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:09:47.0865 0180 [ 4D92CCDBF7BAE2228B1974849D8FDF13 ] C:\Windows\System32\WUDFPlatform.dll
17:09:47.0865 0180 C:\Windows\System32\WUDFPlatform.dll - ok
17:09:47.0865 0180 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] C:\Windows\System32\WUDFSvc.dll
17:09:47.0865 0180 C:\Windows\System32\WUDFSvc.dll - ok
17:09:47.0865 0180 [ B7229CC04482CEB6C08DA97A42338F6C ] C:\Windows\System32\DDORes.dll
17:09:47.0865 0180 C:\Windows\System32\DDORes.dll - ok
17:09:47.0865 0180 [ D0BB041536BB107963F55D6852298DAA ] C:\Program Files\Windows Portable Devices\sqmapi.dll
17:09:47.0865 0180 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
17:09:47.0865 0180 [ AC7C39F7A866BF81103042244CE85827 ] C:\Windows\System32\msxml3.dll
17:09:47.0865 0180 C:\Windows\System32\msxml3.dll - ok
17:09:47.0881 0180 [ EC4D28BDE98D9E3C76BF58EF5BA0728D ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavsys.kdl.ec4d28bde98d9e3c76bf58ef5ba0728d
17:09:47.0881 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavsys.kdl.ec4d28bde98d9e3c76bf58ef5ba0728d - ok
17:09:47.0881 0180 [ B3A9361231847F8F76294BE7A6A1406A ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\arkmon.kdl.b3a9361231847f8f76294be7a6a1406a
17:09:47.0881 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\arkmon.kdl.b3a9361231847f8f76294be7a6a1406a - ok
17:09:47.0881 0180 [ 8491F03503076D67196436D29D153A2C ] C:\Windows\SysWOW64\msi.dll
17:09:47.0881 0180 C:\Windows\SysWOW64\msi.dll - ok
17:09:47.0881 0180 [ 95FAA456CC603F32CAA0114DECCBB88B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_subscription.dll
17:09:47.0881 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_subscription.dll - ok
17:09:47.0881 0180 [ 50627C2C387E880B079E3D019535F1BF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\queue.dll
17:09:47.0881 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\queue.dll - ok
17:09:47.0881 0180 [ DF0B8EC405E6F1BC83FD4669A4225FA5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\bases_csd\sys_critical_obj.dll
17:09:47.0881 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\bases_csd\sys_critical_obj.dll - ok
17:09:47.0896 0180 [ 664F77FDC250E6F5A9710BFEF1F98D59 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\processmonitor.dll
17:09:47.0896 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\processmonitor.dll - ok
17:09:47.0896 0180 [ A95194BB6577E3D0E9CB2D877D22BB56 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ekasyswatch.dll
17:09:47.0896 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ekasyswatch.dll - ok
17:09:47.0896 0180 [ C483206790CB66B3FCA659DFA98D39B5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavasyswatch.dll.c483206790cb66b3fca659dfa98d39b5
17:09:47.0896 0180 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavasyswatch.dll.c483206790cb66b3fca659dfa98d39b5 - ok
17:09:47.0896 0180 [ 47B71910C8135D075253818E584FD8DB ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\swpragueplugin.dll
17:09:47.0896 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\swpragueplugin.dll - ok
17:09:47.0896 0180 [ 15225081966C785A9192782401643FD4 ] C:\Windows\System32\qmgr.dll
17:09:47.0896 0180 C:\Windows\System32\qmgr.dll - ok
17:09:47.0896 0180 [ CBD8F6EAC15E1EF69917B3961315C4D4 ] C:\Windows\System32\bitsperf.dll
17:09:47.0896 0180 C:\Windows\System32\bitsperf.dll - ok
17:09:47.0896 0180 [ 25F83CCBFA07077EFB4EEFCFF3CC3E7A ] C:\Windows\System32\bitsigd.dll
17:09:47.0896 0180 C:\Windows\System32\bitsigd.dll - ok
17:09:47.0912 0180 [ 16A19EB29CDE3883DF43DC83D14F1817 ] C:\Windows\System32\upnp.dll
17:09:47.0912 0180 C:\Windows\System32\upnp.dll - ok
17:09:47.0912 0180 [ 4269D44BB47A6DA5D80B11F4C8536458 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:09:47.0912 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - ok
17:09:47.0912 0180 [ BB9ED3EDD8E85008215A7250D325A72E ] C:\Windows\System32\ssdpsrv.dll
17:09:47.0912 0180 C:\Windows\System32\ssdpsrv.dll - ok
17:09:47.0912 0180 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] C:\Program Files (x86)\Nero\Update\NASvc.exe
17:09:47.0912 0180 C:\Program Files (x86)\Nero\Update\NASvc.exe - ok
17:09:47.0912 0180 [ 947E09E9669A264420A13C24C669E7C0 ] C:\Windows\SysWOW64\xmllite.dll
17:09:47.0912 0180 C:\Windows\SysWOW64\xmllite.dll - ok
17:09:47.0912 0180 [ 1AAC18818613890FBBA093892E926CD8 ] C:\Windows\SysWOW64\cryptdll.dll
17:09:47.0912 0180 C:\Windows\SysWOW64\cryptdll.dll - ok
17:09:47.0928 0180 [ 319A44F3656F89E045BCFAFD544810F5 ] C:\Windows\System32\qmgrprxy.dll
17:09:47.0928 0180 C:\Windows\System32\qmgrprxy.dll - ok
17:09:47.0928 0180 [ FEF48CEA8EEB03CE5588BF7DE1859EF1 ] C:\Windows\SysWOW64\qmgrprxy.dll
17:09:47.0928 0180 C:\Windows\SysWOW64\qmgrprxy.dll - ok
17:09:47.0928 0180 [ 57D5FB1012DDAFD5F190B604B149446D ] C:\Windows\SysWOW64\RstrtMgr.dll
17:09:47.0928 0180 C:\Windows\SysWOW64\RstrtMgr.dll - ok
17:09:47.0928 0180 [ 18A42CDF285C0720E01099D4678F8391 ] C:\Windows\SysWOW64\msiltcfg.dll
17:09:47.0928 0180 C:\Windows\SysWOW64\msiltcfg.dll - ok
17:09:47.0928 0180 [ 39F03455A7C449FFFB2BC4BBDE480EB5 ] C:\Program Files (x86)\Nero\Update\NASvcPS.dll
17:09:47.0928 0180 C:\Program Files (x86)\Nero\Update\NASvcPS.dll - ok
17:09:47.0928 0180 [ C993A0B97BECD3AAF5158E3869878465 ] C:\Windows\System32\sppsvc.exe
17:09:47.0928 0180 C:\Windows\System32\sppsvc.exe - ok
17:09:47.0928 0180 [ 4CEC4C390F0B53AC8AEA2407D88A0ABF ] C:\Windows\SysWOW64\webio.dll
17:09:47.0928 0180 C:\Windows\SysWOW64\webio.dll - ok
17:09:47.0943 0180 [ 325D9D1D5D819BD6474BC3E674650138 ] C:\Windows\System32\cryptxml.dll
17:09:47.0943 0180 C:\Windows\System32\cryptxml.dll - ok
17:09:47.0943 0180 [ 5CFA46C4ACB2FD70572017052378DAE5 ] C:\Windows\System32\wscsvc.dll
17:09:47.0943 0180 C:\Windows\System32\wscsvc.dll - ok
17:09:47.0943 0180 [ C7DFBE21051D5E44B479CBF74B968335 ] C:\Windows\System32\dbghelp.dll
17:09:47.0943 0180 C:\Windows\System32\dbghelp.dll - ok
17:09:47.0943 0180 [ 79227C1E2225DE455F365B607A6D46FB ] C:\Windows\System32\SearchIndexer.exe
17:09:47.0943 0180 C:\Windows\System32\SearchIndexer.exe - ok
17:09:47.0943 0180 [ 8CC7ED11965BDF475585156059392CD1 ] C:\Windows\System32\wuapi.dll
17:09:47.0943 0180 C:\Windows\System32\wuapi.dll - ok
17:09:47.0943 0180 [ 36215D975F1DCB76752F4C32B1D31C4A ] C:\Windows\System32\wups.dll
17:09:47.0943 0180 C:\Windows\System32\wups.dll - ok
17:09:47.0959 0180 [ 616DF4ADC4E04753BB4951D3464B8157 ] C:\Windows\System32\tquery.dll
17:09:47.0959 0180 C:\Windows\System32\tquery.dll - ok
17:09:47.0959 0180 [ 96BD578CA0CDCEC566A3259D73C4330C ] C:\Windows\System32\mssrch.dll
17:09:47.0959 0180 C:\Windows\System32\mssrch.dll - ok
17:09:47.0959 0180 [ 951AECDFBE4925B59769D49873DD8051 ] C:\Windows\System32\msidle.dll
17:09:47.0959 0180 C:\Windows\System32\msidle.dll - ok
17:09:47.0959 0180 [ C8CEE20876BCA18363FD73842FAB610B ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
17:09:47.0959 0180 C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
17:09:47.0959 0180 [ 4BDA81E32B28ECEF27305A9580D3CBEB ] C:\Windows\System32\sppwinob.dll
17:09:47.0959 0180 C:\Windows\System32\sppwinob.dll - ok
17:09:47.0959 0180 [ 0C1DB99164874B08B687891B1A2A4D68 ] C:\Windows\System32\sppobjs.dll
17:09:47.0959 0180 C:\Windows\System32\sppobjs.dll - ok
17:09:47.0959 0180 [ DBE2E6388379D5CC78099650541E9566 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:09:47.0959 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - ok
17:09:47.0975 0180 [ 64EE4663A3876638471F03586474DC13 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
17:09:47.0975 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll - ok
17:09:47.0975 0180 [ E2430ECA924632371CC085AA4F086E65 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Common.dll
17:09:47.0975 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Common.dll - ok
17:09:47.0975 0180 [ D0C751D4D43B16327566FE17F39F461D ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WsmanClient.dll
17:09:47.0975 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WsmanClient.dll - ok
17:09:47.0990 0180 [ 7B07B798B13DB6C65DFD16FC765F7139 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\GmsCommon.dll
17:09:47.0990 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\GmsCommon.dll - ok
17:09:47.0990 0180 [ 2120A35C9222C972AE75950A234CCB50 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Configurator.dll
17:09:47.0990 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Configurator.dll - ok
17:09:48.0006 0180 [ 4D3D037C655D35AE8FF6F8A30B11CF90 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\EventManager.dll
17:09:48.0006 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\EventManager.dll - ok
17:09:48.0006 0180 [ 04B16F85684A1D3F74E4A07653F6BF14 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusEventHandler.dll
17:09:48.0006 0180 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusEventHandler.dll - ok
17:09:48.0006 0180 [ 688FF87A0A328A880FBE32ABB1EE16BF ] C:\Windows\SysWOW64\dpapi.dll
17:09:48.0006 0180 C:\Windows\SysWOW64\dpapi.dll - ok
17:09:48.0022 0180 [ B9C17E91C1FE19463FB90008FB2CE1FC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
17:09:48.0022 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe - ok
17:09:48.0022 0180 [ E45CC81B9DFA24B1A0A8ECAAD33E8030 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
17:09:48.0022 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
17:09:48.0022 0180 [ 61DD8DB0E175F31EE83CA5C5A556E508 ] C:\Windows\SysWOW64\GdiPlus.dll
17:09:48.0022 0180 C:\Windows\SysWOW64\GdiPlus.dll - ok
17:09:48.0037 0180 [ 66F9DC09831B0B00272794E3C7E40755 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
17:09:48.0037 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
17:09:48.0037 0180 [ 66DD03D42EB4C1EBDAB89B48A9DA8760 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
17:09:48.0037 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
17:09:48.0037 0180 [ 01987F34FAF1A32EB7B13BF1BBAEF522 ] C:\Windows\SysWOW64\wscproxystub.dll
17:09:48.0037 0180 C:\Windows\SysWOW64\wscproxystub.dll - ok
17:09:48.0053 0180 [ FBEB9658133497F8D1F70480FED7DB67 ] C:\Windows\System32\wbem\WMIADAP.exe
17:09:48.0053 0180 C:\Windows\System32\wbem\WMIADAP.exe - ok
17:09:48.0053 0180 [ E4B40D5609F2E5513E616F5BF9D32689 ] C:\Windows\System32\loadperf.dll
17:09:48.0053 0180 C:\Windows\System32\loadperf.dll - ok
17:09:48.0053 0180 [ 37EBBED0584F9F62B4DE958C4890356C ] C:\Windows\System32\wbem\WmiApRes.dll
17:09:48.0053 0180 C:\Windows\System32\wbem\WmiApRes.dll - ok
17:09:48.0068 0180 [ D6021013D7C4E248AEB8BED12D3DCC88 ] C:\Windows\System32\SearchProtocolHost.exe
17:09:48.0068 0180 C:\Windows\System32\SearchProtocolHost.exe - ok
17:09:48.0068 0180 [ 1968E2E5143D2EB964F836BA19A51104 ] C:\Windows\System32\actxprxy.dll
17:09:48.0068 0180 C:\Windows\System32\actxprxy.dll - ok
17:09:48.0068 0180 [ 1FC8997292BE3362A5B40EBBBD137982 ] C:\Windows\System32\radardt.dll
17:09:48.0068 0180 C:\Windows\System32\radardt.dll - ok
17:09:48.0068 0180 [ 9FBB2F038A2DDCE696BDEE7080241C0C ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
17:09:48.0068 0180 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
17:09:48.0068 0180 [ 2EAF0A1F9E4DF34862CC5A2B5437E450 ] C:\Windows\System32\SettingSyncCore.dll
17:09:48.0068 0180 C:\Windows\System32\SettingSyncCore.dll - ok
17:09:48.0068 0180 [ 0934499394EB3D8027B8AB78C07D56CB ] C:\Windows\System32\dllhost.exe
17:09:48.0068 0180 C:\Windows\System32\dllhost.exe - ok
17:09:48.0068 0180 [ 418CE7366D46EB9F008DD8CEDE9A2CEC ] C:\Windows\System32\CredentialMigrationHandler.dll
17:09:48.0068 0180 C:\Windows\System32\CredentialMigrationHandler.dll - ok
17:09:48.0084 0180 [ 8744BDDA941E77B6402C91D220EFD4F9 ] C:\Windows\System32\AppxAllUserStore.dll
17:09:48.0084 0180 C:\Windows\System32\AppxAllUserStore.dll - ok
17:09:48.0084 0180 [ 40BD4960734B0FA0872AF71B1E4314CE ] C:\Windows\System32\taskhostex.exe
17:09:48.0084 0180 C:\Windows\System32\taskhostex.exe - ok
17:09:48.0084 0180 [ 0DA4B7E7EFB6CC0546FA407DFE8C531D ] C:\Windows\System32\AtBroker.exe
17:09:48.0084 0180 C:\Windows\System32\AtBroker.exe - ok
17:09:48.0084 0180 [ 08C191B2917862BE90C33E31CB6B6D79 ] C:\Windows\System32\userinit.exe
17:09:48.0084 0180 C:\Windows\System32\userinit.exe - ok
17:09:48.0084 0180 [ D8EB154CC954E526970E7C56B724E659 ] C:\Windows\System32\userinitext.dll
17:09:48.0084 0180 C:\Windows\System32\userinitext.dll - ok
17:09:48.0084 0180 [ 5E536FD2C9EBFB9388DD76BCC56C7232 ] C:\Windows\System32\MsCtfMonitor.dll
17:09:48.0084 0180 C:\Windows\System32\MsCtfMonitor.dll - ok
17:09:48.0100 0180 [ 9729D3F9896B6F309DC50CE3769AC9C1 ] C:\Windows\System32\msutb.dll
17:09:48.0100 0180 C:\Windows\System32\msutb.dll - ok
17:09:48.0100 0180 [ 91F27BC87BEB6DFDC709FF484F64F1D4 ] C:\Windows\System32\PlaySndSrv.dll
17:09:48.0100 0180 C:\Windows\System32\PlaySndSrv.dll - ok
17:09:48.0100 0180 [ 63DC38C3E4564B2405D562855643ABA2 ] C:\Windows\explorer.exe
17:09:48.0100 0180 C:\Windows\explorer.exe - ok
17:09:48.0100 0180 [ 6AA868B3C2A014AE76ECF53B667BF086 ] C:\Windows\System32\winmm.dll
17:09:48.0100 0180 C:\Windows\System32\winmm.dll - ok
17:09:48.0100 0180 [ F12D8EB9E944BEB0FB4C5E4F1336401B ] C:\Windows\System32\winmmbase.dll
17:09:48.0100 0180 C:\Windows\System32\winmmbase.dll - ok
17:09:48.0100 0180 [ 40932AF9B3D04E307F019784243A18F3 ] C:\Windows\System32\twinapi.dll
17:09:48.0100 0180 C:\Windows\System32\twinapi.dll - ok
17:09:48.0100 0180 [ 17C9CEA667906DA7CAA1175DE437F4FC ] C:\Windows\System32\runonce.exe
17:09:48.0100 0180 C:\Windows\System32\runonce.exe - ok
17:09:48.0115 0180 [ 8BE1C89BD0C6F659C3AE3A2C8D0955C4 ] C:\Windows\SysWOW64\runonce.exe
17:09:48.0115 0180 C:\Windows\SysWOW64\runonce.exe - ok
17:09:48.0115 0180 [ A49453C2A68A410B0A9801954B99AA16 ] C:\Windows\SysWOW64\imm32.dll
17:09:48.0115 0180 C:\Windows\SysWOW64\imm32.dll - ok
17:09:48.0115 0180 [ 88F8095C355E6BA4ACCBF2F3E07552E7 ] C:\Windows\SysWOW64\msctf.dll
17:09:48.0115 0180 C:\Windows\SysWOW64\msctf.dll - ok
17:09:48.0115 0180 [ 5BD47B7C7DF76203FD639F2568A8C7B7 ] C:\Windows\System32\twinui.dll
17:09:48.0115 0180 C:\Windows\System32\twinui.dll - ok
17:09:48.0115 0180 [ 4878EB5F04D9DD02E76190D2105EC0F9 ] C:\Windows\System32\twinapi.appcore.dll
17:09:48.0115 0180 C:\Windows\System32\twinapi.appcore.dll - ok
17:09:48.0115 0180 [ 053778EEC0CB0966814909980FD45960 ] C:\Windows\System32\StartMenuHelper64.dll
17:09:48.0115 0180 C:\Windows\System32\StartMenuHelper64.dll - ok
17:09:48.0131 0180 [ CF879A95A0D4B7BACCA5CF68579ACCEB ] C:\Windows\System32\ExplorerFrame.dll
17:09:48.0131 0180 C:\Windows\System32\ExplorerFrame.dll - ok
17:09:48.0131 0180 [ 16C803EEE5BE1304748BD2F88AEF8C64 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:09:48.0131 0180 C:\Program Files\Classic Shell\ClassicStartMenu.exe - ok
17:09:48.0131 0180 [ 74541452095D89F4A9F5426AC53CB416 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
17:09:48.0131 0180 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
17:09:48.0131 0180 [ 9262533ED09398B1C5FB4961669D9C81 ] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
17:09:48.0131 0180 C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll - ok
17:09:48.0131 0180 [ 63CB763FE4CEADFFF5F047332814E8F9 ] C:\Windows\System32\wldp.dll
17:09:48.0131 0180 C:\Windows\System32\wldp.dll - ok
17:09:48.0131 0180 [ D8E54AB89C84C0AD065EE0BDEBD50A99 ] C:\Windows\System32\twinui.appcore.dll
17:09:48.0131 0180 C:\Windows\System32\twinui.appcore.dll - ok
17:09:48.0131 0180 [ 56FCA8AA450BD181A0BA94F25E244C46 ] C:\Windows\System32\wpncore.dll
17:09:48.0131 0180 C:\Windows\System32\wpncore.dll - ok
17:09:48.0147 0180 [ C399CCD155AB26F2CC8A9045FC569BBC ] C:\Windows\System32\WinTypes.dll
17:09:48.0147 0180 C:\Windows\System32\WinTypes.dll - ok
17:09:48.0147 0180 [ 3BDB77EBDBC4AA34E75DB4A5CF7B477F ] C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll
17:09:48.0147 0180 C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll - ok
17:09:48.0147 0180 [ 6360EB7FE61FC6D1369C2E34D37AF9E9 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
17:09:48.0147 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe - ok
17:09:48.0147 0180 [ BBE61A1D2E6DCA92F8BACBE924DC55A0 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll
17:09:48.0147 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll - ok
17:09:48.0147 0180 [ DD73856179DEC505253F1DAFF8ABB647 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\wllog.dll
17:09:48.0147 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\wllog.dll - ok
17:09:48.0147 0180 [ CF9076FE886AABE8C5ED6FBFCDF70DA1 ] C:\Windows\System32\wlidprov.dll
17:09:48.0147 0180 C:\Windows\System32\wlidprov.dll - ok
17:09:48.0162 0180 [ F78580C6B84E2129867B5C94077EB4D4 ] C:\Windows\System32\thumbcache.dll
17:09:48.0162 0180 C:\Windows\System32\thumbcache.dll - ok
17:09:48.0162 0180 [ 813B52550153A284ED6583A5EAAC44AF ] C:\Windows\System32\Windows.Networking.Connectivity.dll
17:09:48.0162 0180 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
17:09:48.0162 0180 [ D4E3BC36A7A0D7A445DCF7342DCB3566 ] C:\Windows\System32\ELSCore.dll
17:09:48.0162 0180 C:\Windows\System32\ELSCore.dll - ok
17:09:48.0162 0180 [ E8511D133B449BEE41CABFCA6EB35526 ] C:\Windows\System32\BrokerLib.dll
17:09:48.0162 0180 C:\Windows\System32\BrokerLib.dll - ok
17:09:48.0162 0180 [ 4CB85D450E4816BEDBBDB8ABD697F597 ] C:\Windows\System32\elslad.dll
17:09:48.0162 0180 C:\Windows\System32\elslad.dll - ok
17:09:48.0162 0180 [ 121BCF3FB6C1F8AA214EB83C76B944FB ] C:\Windows\System32\elsTrans.dll
17:09:48.0162 0180 C:\Windows\System32\elsTrans.dll - ok
17:09:48.0162 0180 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] C:\Windows\System32\ncbservice.dll
17:09:48.0162 0180 C:\Windows\System32\ncbservice.dll - ok
17:09:48.0178 0180 [ 347A3E49CE18402305B8119A6EC7CFEB ] C:\Windows\System32\TimeBrokerServer.dll
17:09:48.0178 0180 C:\Windows\System32\TimeBrokerServer.dll - ok
17:09:48.0178 0180 [ 5577CAB1056C24B8E1A887A6402A1110 ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
17:09:48.0178 0180 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
17:09:48.0178 0180 [ 570444FD34EE07261E22536122ECD720 ] C:\Windows\System32\Windows.UI.Search.dll
17:09:48.0178 0180 C:\Windows\System32\Windows.UI.Search.dll - ok
17:09:48.0178 0180 [ 99D8A8A6713314B0D1EB22C9C441361A ] C:\Windows\System32\wincorlib.dll
17:09:48.0178 0180 C:\Windows\System32\wincorlib.dll - ok
17:09:48.0178 0180 [ 294AAE73D0D7BDAACC5224BC7334077B ] C:\Windows\System32\WSClient.dll
17:09:48.0178 0180 C:\Windows\System32\WSClient.dll - ok
17:09:48.0178 0180 [ E3E168E733B0E8383BA5635542FDB96F ] C:\Windows\System32\WSShared.dll
17:09:48.0178 0180 C:\Windows\System32\WSShared.dll - ok
17:09:48.0193 0180 [ 839CF25B9B8614CE7319BC5CF1F5C01F ] C:\Windows\System32\WSSync.dll
17:09:48.0193 0180 C:\Windows\System32\WSSync.dll - ok
17:09:48.0193 0180 [ 013BB1B12833CD646175312307768F93 ] C:\Windows\System32\Windows.UI.Xaml.dll
17:09:48.0193 0180 C:\Windows\System32\Windows.UI.Xaml.dll - ok
17:09:48.0193 0180 [ EB34CE5EFA1591915F973EB30C77A1D8 ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
17:09:48.0193 0180 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
17:09:48.0193 0180 [ A9154084EBC2A190943548AE4275A0E9 ] C:\Windows\System32\SearchFolder.dll
17:09:48.0193 0180 C:\Windows\System32\SearchFolder.dll - ok
17:09:48.0193 0180 [ 6CA842F30CB19D0789F1B599B7A62B76 ] C:\Windows\System32\StructuredQuery.dll
17:09:48.0193 0180 C:\Windows\System32\StructuredQuery.dll - ok
17:09:48.0193 0180 [ CFEB08503784A596CE9E28D2E9FDDEF7 ] C:\Windows\System32\SettingSyncPolicy.dll
17:09:48.0193 0180 C:\Windows\System32\SettingSyncPolicy.dll - ok
17:09:48.0193 0180 [ E617B946FE0BCBE709F60BE611724618 ] C:\Windows\System32\stobject.dll
17:09:48.0193 0180 C:\Windows\System32\stobject.dll - ok
17:09:48.0209 0180 [ 5A9895295C7C6174C73496BD06B2E288 ] C:\Windows\System32\SkyDrive.exe
17:09:48.0209 0180 C:\Windows\System32\SkyDrive.exe - ok
17:09:48.0209 0180 [ 2B96525A8E9A3FDD6516A0FFB6E7C0AF ] C:\Windows\System32\prnfldr.dll
17:09:48.0209 0180 C:\Windows\System32\prnfldr.dll - ok
17:09:48.0209 0180 [ 9C5ADB26632D46919ABB231CF7DE98B9 ] C:\Windows\System32\ieframe.dll
17:09:48.0209 0180 C:\Windows\System32\ieframe.dll - ok
17:09:48.0209 0180 [ 5C6F6CC5C1395A8B5864713CD3F7F329 ] C:\Windows\System32\SkyDriveTelemetry.dll
17:09:48.0209 0180 C:\Windows\System32\SkyDriveTelemetry.dll - ok
17:09:48.0209 0180 [ 5D2A65C08953962327A21A51B5FC2089 ] C:\Windows\SysWOW64\actxprxy.dll
17:09:48.0209 0180 C:\Windows\SysWOW64\actxprxy.dll - ok
17:09:48.0209 0180 [ F67102E9791A5B80070B30ADF1159A3C ] C:\Windows\System32\SyncEngine.dll
17:09:48.0209 0180 C:\Windows\System32\SyncEngine.dll - ok
17:09:48.0225 0180 [ EF9A6365F4E2A331E79CA1DBBA9D0141 ] C:\Windows\System32\VAN.dll
17:09:48.0225 0180 C:\Windows\System32\VAN.dll - ok
17:09:48.0225 0180 [ BBB9A31169B4969169ADE608231E2985 ] C:\Windows\System32\winbici.dll
17:09:48.0225 0180 C:\Windows\System32\winbici.dll - ok
17:09:48.0225 0180 [ DB5F0DFF669AB88296134F82258AEFB8 ] C:\Windows\System32\AudioSes.dll
17:09:48.0225 0180 C:\Windows\System32\AudioSes.dll - ok
17:09:48.0225 0180 [ FA5BCD67BC10E0828D2A0A0FF52E62DE ] C:\Windows\System32\fontext.dll
17:09:48.0225 0180 C:\Windows\System32\fontext.dll - ok
17:09:48.0225 0180 [ EB248189E980B367D09C36A1C2A6FC3D ] C:\Windows\System32\linkinfo.dll
17:09:48.0225 0180 C:\Windows\System32\linkinfo.dll - ok
17:09:48.0225 0180 [ 1E93DEF34A2368E7355467B34DE7A965 ] C:\Windows\System32\DeviceCenter.dll
17:09:48.0225 0180 C:\Windows\System32\DeviceCenter.dll - ok
17:09:48.0225 0180 [ E6B65614304E4695C87FC4BD8894F3B3 ] C:\Windows\System32\networkexplorer.dll
17:09:48.0225 0180 C:\Windows\System32\networkexplorer.dll - ok
17:09:48.0240 0180 [ AC00CE3402B7EB0D0B9C581E30F7E167 ] C:\Windows\System32\hccutils.dll
17:09:48.0240 0180 C:\Windows\System32\hccutils.dll - ok
17:09:48.0240 0180 [ 95CDE3D2ACB58BE981AEC25D986016F1 ] C:\Windows\System32\igfxcpl.cpl
17:09:48.0240 0180 C:\Windows\System32\igfxcpl.cpl - ok
17:09:48.0240 0180 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] C:\Windows\System32\wlidsvc.dll
17:09:48.0240 0180 C:\Windows\System32\wlidsvc.dll - ok
17:09:48.0240 0180 [ 144E692C7C8718A0A013C8A47417BA01 ] C:\Windows\System32\igfxsrvc.exe
17:09:48.0240 0180 C:\Windows\System32\igfxsrvc.exe - ok
17:09:48.0240 0180 [ D1852D42D01C19066C6C75289D4A5C6F ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
17:09:48.0240 0180 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
17:09:48.0240 0180 [ 0B4EB4F2304D3BED88359F971482C6D5 ] C:\Windows\System32\igfxsrvc.dll
17:09:48.0240 0180 C:\Windows\System32\igfxsrvc.dll - ok
17:09:48.0256 0180 [ 0671CBE2B5CE6B2ECE03332CE6C09DC9 ] C:\Windows\System32\igfxdev.dll
17:09:48.0256 0180 C:\Windows\System32\igfxdev.dll - ok
17:09:48.0256 0180 [ 41BD327A7518C4102969FCEE8F3D5030 ] C:\Windows\System32\SkyDriveShell.dll
17:09:48.0256 0180 C:\Windows\System32\SkyDriveShell.dll - ok
17:09:48.0256 0180 [ 7B7B7DC98921D6EA5DBF132A72C4E395 ] C:\Windows\System32\opengl32.dll
17:09:48.0256 0180 C:\Windows\System32\opengl32.dll - ok
17:09:48.0256 0180 [ 1300F74B95965CD749A2F3E66FBC4EBB ] C:\Windows\System32\mssprxy.dll
17:09:48.0256 0180 C:\Windows\System32\mssprxy.dll - ok
17:09:48.0256 0180 [ 854DA94B8CB68D74CB7480B2F426CA2A ] C:\Windows\System32\ddraw.dll
17:09:48.0256 0180 C:\Windows\System32\ddraw.dll - ok
17:09:48.0256 0180 [ D9D960D70B1866A513BCBBA2FBEE6144 ] C:\Windows\System32\dssenh.dll
17:09:48.0256 0180 C:\Windows\System32\dssenh.dll - ok
17:09:48.0256 0180 [ 9415D8364F64C603853D4CA27CECB3BA ] C:\Windows\System32\DXP.dll
17:09:48.0256 0180 C:\Windows\System32\DXP.dll - ok
17:09:48.0272 0180 [ D85D513A0C4DADD8E61EB4D9101F562C ] C:\Windows\System32\glu32.dll
17:09:48.0272 0180 C:\Windows\System32\glu32.dll - ok
17:09:48.0272 0180 [ 17F26A480391D5AB4935AE77D4F6F18A ] C:\Windows\System32\shdocvw.dll
17:09:48.0272 0180 C:\Windows\System32\shdocvw.dll - ok
17:09:48.0272 0180 [ 9590CA2728AACAD7ECE35008D789C3B6 ] C:\Windows\System32\Syncreg.dll
17:09:48.0272 0180 C:\Windows\System32\Syncreg.dll - ok
17:09:48.0272 0180 [ B4E9D29333302BAF9E809EC150355D47 ] C:\Windows\System32\dciman32.dll
17:09:48.0272 0180 C:\Windows\System32\dciman32.dll - ok
17:09:48.0272 0180 [ C8E8B16FC3FB5A7E888F8D63823086E0 ] C:\Windows\System32\igfxrdeu.lrc
17:09:48.0272 0180 C:\Windows\System32\igfxrdeu.lrc - ok
17:09:48.0272 0180 [ BB4B52A3C9B231CE21DFECD1FCB93870 ] C:\Windows\System32\igfxress.dll
17:09:48.0272 0180 C:\Windows\System32\igfxress.dll - ok
17:09:48.0287 0180 [ FD18FDF7A70803A42ECEA1D7C9709E7C ] C:\Windows\System32\mssvp.dll
17:09:48.0287 0180 C:\Windows\System32\mssvp.dll - ok
17:09:48.0287 0180 [ 49F60588AB685D85DD93A9B500C19356 ] C:\Windows\System32\wscui.cpl
17:09:48.0287 0180 C:\Windows\System32\wscui.cpl - ok
17:09:48.0287 0180 [ 4A895F718857F9A7F6198951F3B106CB ] C:\Windows\System32\mapi32.dll
17:09:48.0287 0180 C:\Windows\System32\mapi32.dll - ok
17:09:48.0287 0180 [ F4DD265D2D7F23C903FCF502B7A1C508 ] C:\Windows\System32\wscapi.dll
17:09:48.0287 0180 C:\Windows\System32\wscapi.dll - ok
17:09:48.0287 0180 [ 35CD038DD39A8F6995527C10C2DE8017 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\bici.dll
17:09:48.0287 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\bici.dll - ok
17:09:48.0287 0180 [ 13FD5C8E6451BAB58ADD147356ACA41F ] C:\Windows\System32\threadpoolwinrt.dll
17:09:48.0287 0180 C:\Windows\System32\threadpoolwinrt.dll - ok
17:09:48.0287 0180 [ BC786FF9CF7253BDD416E18420519B09 ] C:\Windows\System32\biwinrt.dll
17:09:48.0287 0180 C:\Windows\System32\biwinrt.dll - ok
17:09:48.0303 0180 [ AF78C9165878C2A0CCD4728334148C50 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll
17:09:48.0303 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll - ok
17:09:48.0303 0180 [ 716228882A7BE5133B97D70CDDB69E6B ] C:\Windows\System32\Windows.ApplicationModel.dll
17:09:48.0303 0180 C:\Windows\System32\Windows.ApplicationModel.dll - ok
17:09:48.0303 0180 [ 2F65C548322123B479616DFA8238770A ] C:\Windows\System32\RuntimeBroker.exe
17:09:48.0303 0180 C:\Windows\System32\RuntimeBroker.exe - ok
17:09:48.0303 0180 [ FCEA631F1D30CADF368F93ACC1B839C5 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
17:09:48.0303 0180 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
17:09:48.0303 0180 [ EBDB50C7BD8023CE98380A4648857F4B ] C:\Windows\System32\msauserext.dll
17:09:48.0303 0180 C:\Windows\System32\msauserext.dll - ok
17:09:48.0303 0180 [ 99D2F96C49336EFA01A4F14EC72AA7B6 ] C:\Windows\System32\AuthBroker.dll
17:09:48.0303 0180 C:\Windows\System32\AuthBroker.dll - ok
17:09:48.0318 0180 [ C72641B570E9C1AD19D8BD9576EFBF6C ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\errorreporting.dll
17:09:48.0318 0180 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\errorreporting.dll - ok
17:09:48.0318 0180 [ 9079D01C4785CB8D69DC162ADFCE6172 ] C:\Windows\System32\AltTab.dll
17:09:48.0318 0180 C:\Windows\System32\AltTab.dll - ok
17:09:48.0318 0180 [ 776F9D8FA4186E2976DBC89D99CB59A6 ] C:\Windows\System32\WPDShServiceObj.dll
17:09:48.0318 0180 C:\Windows\System32\WPDShServiceObj.dll - ok
17:09:48.0318 0180 [ DE320127B1ED10BF465AF9FB7EBD4557 ] C:\Windows\System32\PortableDeviceTypes.dll
17:09:48.0318 0180 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:09:48.0318 0180 [ 226572AB3AF54C551072D623FE29255A ] C:\Windows\System32\SettingMonitor.dll
17:09:48.0318 0180 C:\Windows\System32\SettingMonitor.dll - ok
17:09:48.0318 0180 [ 622BA2CC9CB692623E4015DE54060DE4 ] C:\Windows\System32\AepRoam.dll
17:09:48.0318 0180 C:\Windows\System32\AepRoam.dll - ok
17:09:48.0318 0180 [ 991FB4D35BCA212FF14314D9AB34833E ] C:\Windows\System32\PackageStateRoaming.dll
17:09:48.0318 0180 C:\Windows\System32\PackageStateRoaming.dll - ok
17:09:48.0334 0180 [ FF61A6193677644D25C9CE1361676AFB ] C:\Windows\System32\pnidui.dll
17:09:48.0334 0180 C:\Windows\System32\pnidui.dll - ok
17:09:48.0334 0180 [ B9B896F671BB26960E3F6BF1BA525F68 ] C:\Windows\System32\srchadmin.dll
17:09:48.0334 0180 C:\Windows\System32\srchadmin.dll - ok
17:09:48.0334 0180 [ 8A0B04A69BFFDA2E7DA712EC2CCB19E9 ] C:\Windows\System32\SyncCenter.dll
17:09:48.0334 0180 C:\Windows\System32\SyncCenter.dll - ok
17:09:48.0334 0180 [ F310AB7C5A54C42C38C4DA974BDB4271 ] C:\Windows\System32\ActionCenter.dll
17:09:48.0334 0180 C:\Windows\System32\ActionCenter.dll - ok
17:09:48.0334 0180 [ 0515B5D282D87678EE47D23AF95A948A ] C:\Windows\System32\imapi2.dll
17:09:48.0334 0180 C:\Windows\System32\imapi2.dll - ok
17:09:48.0334 0180 [ 7C514A95C3EAB34547DDBEA9AB09FC19 ] C:\Windows\System32\hgcpl.dll
17:09:48.0334 0180 C:\Windows\System32\hgcpl.dll - ok
17:09:48.0350 0180 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] C:\Windows\System32\provsvc.dll
17:09:48.0350 0180 C:\Windows\System32\provsvc.dll - ok
17:09:48.0350 0180 [ F611E6125B86F2CFB6D2C6A4F98E487A ] C:\Windows\System32\ntshrui.dll
17:09:48.0350 0180 C:\Windows\System32\ntshrui.dll - ok
17:09:48.0350 0180 [ 51E0339BAA4C418D894B0BF888A344A6 ] C:\Windows\System32\EhStorShell.dll
17:09:48.0350 0180 C:\Windows\System32\EhStorShell.dll - ok
17:09:48.0350 0180 [ 97F304F26F9A6DA61D9D5BAD6667D097 ] C:\Program Files\Classic Shell\ClassicExplorer64.dll
17:09:48.0350 0180 C:\Program Files\Classic Shell\ClassicExplorer64.dll - ok
17:09:48.0350 0180 [ 781C4A0B5114611E2594B9678B438040 ] C:\Windows\System32\DsmUserTask.exe
17:09:48.0350 0180 C:\Windows\System32\DsmUserTask.exe - ok
17:09:48.0350 0180 [ 5430FA34D2FDA83ED1DBC43A8D516E31 ] C:\Windows\System32\xwizards.dll
17:09:48.0350 0180 C:\Windows\System32\xwizards.dll - ok
17:09:48.0350 0180 [ D882A7154D6256FC2B01DAC29BA61CAE ] C:\Windows\System32\xwtpw32.dll
17:09:48.0350 0180 C:\Windows\System32\xwtpw32.dll - ok
17:09:48.0365 0180 [ A28E6194079CA6DD070872B27AB7A94D ] C:\Windows\System32\Dsui.dll
17:09:48.0365 0180 C:\Windows\System32\Dsui.dll - ok
17:09:48.0365 0180 [ 43531A5993380CC5113242C29D265FD9 ] C:\Windows\System32\drivers\EhStorClass.sys
17:09:48.0365 0180 C:\Windows\System32\drivers\EhStorClass.sys - ok
17:09:48.0365 0180 [ 4C4B246743F477AAEAC778D8CBDAB7A7 ] C:\Windows\System32\DeviceSetupManagerAPI.dll
17:09:48.0365 0180 C:\Windows\System32\DeviceSetupManagerAPI.dll - ok
17:09:48.0365 0180 [ CC1F7CD41484539BA295CCD2335364F5 ] C:\Windows\System32\wbem\mofd.dll
17:09:48.0365 0180 C:\Windows\System32\wbem\mofd.dll - ok
17:09:48.0365 0180 [ 8F15F54BBA6EDE7C120C17C97FBE9523 ] C:\Windows\System32\IconCodecService.dll
17:09:48.0365 0180 C:\Windows\System32\IconCodecService.dll - ok
17:09:48.0365 0180 [ 858CE77F3476265F64250BD2F7927C6D ] C:\Windows\System32\gameux.dll
17:09:48.0365 0180 C:\Windows\System32\gameux.dll - ok
17:09:48.0381 0180 [ 475FB7084CC6D2D11A2B6E56CF91C57B ] C:\Windows\System32\msiltcfg.dll
17:09:48.0381 0180 C:\Windows\System32\msiltcfg.dll - ok
17:09:48.0381 0180 [ 3E9F09C81250B892623CCB5E5FC4EB33 ] C:\Windows\System32\msi.dll
17:09:48.0381 0180 C:\Windows\System32\msi.dll - ok
17:09:48.0381 0180 [ 15476D6A3B1A88B401D25A1298432571 ] C:\Windows\System32\twext.dll
17:09:48.0381 0180 C:\Windows\System32\twext.dll - ok
17:09:48.0381 0180 [ 6B1032278F24EBC331059A9506FED227 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
17:09:48.0381 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll - ok
17:09:48.0381 0180 [ 1E36C5366CC5CF5597FA4C97FF781DD3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
17:09:48.0381 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll - ok
17:09:48.0381 0180 [ 8841E682C886F47759BFA6AA4D92EF79 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
17:09:48.0381 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll - ok
17:09:48.0381 0180 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
17:09:48.0381 0180 C:\Windows\System32\msvcp100.dll - ok
17:09:48.0398 0180 [ A1AD4C9F3DF06F7F4517DDB6D69F2C5C ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
17:09:48.0398 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll - ok
17:09:48.0398 0180 [ 696CBA0FABB700F652F2FF0B70B323B0 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
17:09:48.0398 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll - ok
17:09:48.0398 0180 [ F4D618F9681297E299423A56754504B2 ] C:\PROGRA~1\Eraser\ERASER~3.DLL
17:09:48.0398 0180 C:\PROGRA~1\Eraser\ERASER~3.DLL - ok
17:09:48.0398 0180 [ 04B470896143EA0BCCB210467DC69498 ] C:\Windows\System32\apprepapi.dll
17:09:48.0398 0180 C:\Windows\System32\apprepapi.dll - ok
17:09:48.0398 0180 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
17:09:48.0398 0180 C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
17:09:48.0398 0180 [ 4585BC6152F3F255EF1E10A663D0FB0D ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll
17:09:48.0398 0180 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll - ok
17:09:48.0398 0180 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
17:09:48.0414 0180 C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
17:09:48.0414 0180 [ 8B4FF31A06DA3BFB82D37D77040B2019 ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll
17:09:48.0414 0180 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll - ok
17:09:48.0414 0180 [ A112E0E48F3AB7545D7F797AFD484B96 ] C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL
17:09:48.0414 0180 C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL - ok
17:09:48.0414 0180 [ 1F238657C40F6641818CFAD1E5B359B0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll
17:09:48.0414 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll - ok
17:09:48.0414 0180 [ 7B1E7019C586B08E21B6C4D4EF682DFD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll
17:09:48.0414 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll - ok
17:09:48.0414 0180 [ C95ED96994E9ED3FC1B5ECD62BD5CB6D ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
17:09:48.0414 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe - ok
17:09:48.0414 0180 [ 9B7AADF9D19D62FC2283D636FCE8A804 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
17:09:48.0414 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll - ok
17:09:48.0429 0180 [ 87A23F1E69467D0068855DC5823DE8C9 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
17:09:48.0429 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll - ok
17:09:48.0429 0180 [ 4BADC3411348BA8AC7EE6EFCA08ACB3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
17:09:48.0429 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
17:09:48.0429 0180 [ 84F4B86745A38E6BE841D4E5E7CAA6B8 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
17:09:48.0429 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll - ok
17:09:48.0429 0180 [ 9A581E482BC9679FC6B288BAB19E924F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\Audio.dll
17:09:48.0429 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\Audio.dll - ok
17:09:48.0429 0180 [ 0CDC22C2846A918369DABBBB15F4F68F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\RfcommLib.dll
17:09:48.0429 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\RfcommLib.dll - ok
17:09:48.0429 0180 [ 5F540AD6674AEFD64C1051648FF87DE3 ] C:\Windows\System32\dsound.dll
17:09:48.0429 0180 C:\Windows\System32\dsound.dll - ok
17:09:48.0445 0180 [ 1A90D513878C70295EAA2A15B111E5F8 ] C:\Windows\System32\synceng.dll
17:09:48.0445 0180 C:\Windows\System32\synceng.dll - ok
17:09:48.0445 0180 [ A6DB9DCC34A9EFF0EAECF1978B84C5A2 ] C:\Windows\System32\syncui.dll
17:09:48.0445 0180 C:\Windows\System32\syncui.dll - ok
17:09:48.0445 0180 [ 85ED13922DF97474AF9979CA456C6748 ] C:\Windows\System32\mfc100u.dll
17:09:48.0445 0180 C:\Windows\System32\mfc100u.dll - ok
17:09:48.0445 0180 [ 0961B0C35311F6C22B0A7E97875F51F3 ] C:\Windows\System32\UIRibbon.dll
17:09:48.0445 0180 C:\Windows\System32\UIRibbon.dll - ok
17:09:48.0445 0180 [ 53A3DE22A97A40469FC6AEB54A151A61 ] C:\Windows\System32\atl100.dll
17:09:48.0445 0180 C:\Windows\System32\atl100.dll - ok
17:09:48.0445 0180 [ 004337A5B8B2AA9769B02DBC489FFE9F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\L2capLib.dll
17:09:48.0445 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\L2capLib.dll - ok
17:09:48.0461 0180 [ D10C0CFDDC42E43618953C5786B43B9E ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\SesMgr.dll
17:09:48.0461 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\SesMgr.dll - ok
17:09:48.0461 0180 [ 9D3E70686F38D26F9111920F0A4F2202 ] C:\Windows\System32\mfc100deu.dll
17:09:48.0461 0180 C:\Windows\System32\mfc100deu.dll - ok
17:09:48.0461 0180 [ DEE3ED699BFBAD5A483B11428BF64E3A ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
17:09:48.0461 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll - ok
17:09:48.0461 0180 [ 3B72AC53144763B44D46591ED1BE0133 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
17:09:48.0461 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll - ok
17:09:48.0461 0180 [ 8BBD9FC2A16E33F6CCF4949BDF23CAE2 ] C:\Windows\System32\UIRibbonRes.dll
17:09:48.0461 0180 C:\Windows\System32\UIRibbonRes.dll - ok
17:09:48.0461 0180 [ 53FB52AC29DF3DF005273AC179141E62 ] C:\Windows\System32\drprov.dll
17:09:48.0461 0180 C:\Windows\System32\drprov.dll - ok
17:09:48.0476 0180 [ 4292F8C1722134F6F6AC6A6D048772BC ] C:\Windows\System32\davclnt.dll
17:09:48.0476 0180 C:\Windows\System32\davclnt.dll - ok
17:09:48.0476 0180 [ 8F37ADC302D59D09E0A9D29B9A78D3A6 ] C:\Windows\System32\davhlpr.dll
17:09:48.0476 0180 C:\Windows\System32\davhlpr.dll - ok
17:09:48.0476 0180 [ EDC796C4C9588D28CCB6031E365C4F32 ] C:\Windows\System32\ntlanman.dll
17:09:48.0476 0180 C:\Windows\System32\ntlanman.dll - ok
17:09:48.0476 0180 [ 08232556286653EA2E8FD96AFAB11023 ] C:\Windows\System32\dlnashext.dll
17:09:48.0476 0180 C:\Windows\System32\dlnashext.dll - ok
17:09:48.0476 0180 [ 9AD59BAA2F5F0E6E66D4360F670B6962 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
17:09:48.0476 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll - ok
17:09:48.0476 0180 [ C5D7AD1C21BB5D5139AAB1F392CCA2DE ] C:\Windows\System32\PlayToDevice.dll
17:09:48.0476 0180 C:\Windows\System32\PlayToDevice.dll - ok
17:09:48.0476 0180 [ 67DE24BDAA277DAAF66D06680D89737F ] C:\Windows\System32\DevDispItemProvider.dll
17:09:48.0476 0180 C:\Windows\System32\DevDispItemProvider.dll - ok
17:09:48.0492 0180 [ A8CD8DEB81EC555DE587DD98E7E42ED2 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
17:09:48.0492 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll - ok
17:09:48.0492 0180 [ B6705563C5B8889ADAFF4BFCD8FAFACC ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
17:09:48.0492 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll - ok
17:09:48.0492 0180 [ 1FAFEAF919B3D971D115BD6E1F45E8D4 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.dll
17:09:48.0492 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.dll - ok
17:09:48.0492 0180 [ C0ED72B5A88E455E6727513541A86E03 ] C:\Windows\System32\wpdshext.dll
17:09:48.0492 0180 C:\Windows\System32\wpdshext.dll - ok
17:09:48.0492 0180 [ 90B2434F51E68255C3AF40A8B6E2F274 ] C:\Windows\System32\EhStorAPI.dll
17:09:48.0492 0180 C:\Windows\System32\EhStorAPI.dll - ok
17:09:48.0492 0180 [ 6CDCE931A517A22BA6C2064BD7EEA725 ] C:\Program Files\Elantech\ETDCtrl.exe
17:09:48.0492 0180 C:\Program Files\Elantech\ETDCtrl.exe - ok
17:09:48.0508 0180 [ 9B870FE04BDF7DDF7DD736DE738038FB ] C:\Windows\System32\riched20.dll
17:09:48.0508 0180 C:\Windows\System32\riched20.dll - ok
17:09:48.0508 0180 [ 1DD757BFB4DB59B5E48E204F636F6777 ] C:\Windows\System32\msls31.dll
17:09:48.0508 0180 C:\Windows\System32\msls31.dll - ok
17:09:48.0508 0180 [ B88E2CFB8D10FB189762D0AC99382AC5 ] C:\Windows\System32\usp10.dll
17:09:48.0508 0180 C:\Windows\System32\usp10.dll - ok
17:09:48.0508 0180 [ BA31CB3666759D8878BF74FAC99E3069 ] C:\Program Files\Elantech\ETDFavorite.dll
17:09:48.0508 0180 C:\Program Files\Elantech\ETDFavorite.dll - ok
17:09:48.0508 0180 [ 28EFCAFAF85C9450DFECEE7520D3F9A4 ] C:\Program Files\Elantech\ETDApix.dll
17:09:48.0508 0180 C:\Program Files\Elantech\ETDApix.dll - ok
17:09:48.0508 0180 [ 9AC6179CB25B4A02A88954267E3F715E ] C:\Program Files\Elantech\ETDCmds.dll
17:09:48.0508 0180 C:\Program Files\Elantech\ETDCmds.dll - ok
17:09:48.0508 0180 [ 834A309C2FDF52FC09353F348CFE1235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:09:48.0508 0180 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
17:09:48.0523 0180 [ 17804FCA602C24F7EF30791D4AF90885 ] C:\Windows\System32\oledlg.dll
17:09:48.0523 0180 C:\Windows\System32\oledlg.dll - ok
17:09:48.0523 0180 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
17:09:48.0523 0180 C:\Windows\System32\RtkCfg64.dll - ok
17:09:48.0523 0180 [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
17:09:48.0523 0180 C:\Windows\System32\RtkAPO64.dll - ok
17:09:48.0523 0180 [ 3BADC3E73CB058338765BEA4FE73AFBE ] C:\Windows\System32\AudioEng.dll
17:09:48.0523 0180 C:\Windows\System32\AudioEng.dll - ok
17:09:48.0523 0180 [ 2FA26C993349B4D2016CBE21A49E5432 ] C:\Windows\System32\igfxtray.exe
17:09:48.0523 0180 C:\Windows\System32\igfxtray.exe - ok
17:09:48.0523 0180 [ 47189B3FB35A23FD5A491A79EDBEDA0D ] C:\Windows\System32\igfxpers.exe
17:09:48.0523 0180 C:\Windows\System32\igfxpers.exe - ok
17:09:48.0539 0180 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
17:09:48.0539 0180 C:\Windows\System32\IccLibDll_x64.dll - ok
17:09:48.0539 0180 [ 0F77770991308CA1F58F18EED7EBE7B7 ] C:\Program Files\Eraser\Eraser.exe
17:09:48.0539 0180 C:\Program Files\Eraser\Eraser.exe - ok
17:09:48.0539 0180 [ 2A857CCAFE18B1D396484AC9CC0B9B80 ] C:\Windows\System32\mscoree.dll
17:09:48.0539 0180 C:\Windows\System32\mscoree.dll - ok
17:09:48.0539 0180 [ CC6AE7509ED274E0D904B60537BADDD4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:09:48.0539 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:09:48.0539 0180 [ 064ABA6D38A58D02DC6431B08CBA7233 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
17:09:48.0539 0180 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
17:09:48.0539 0180 [ D2D08C4A5EAFE12CEF7D48BC5A3CCED5 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll
17:09:48.0539 0180 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll - ok
17:09:48.0539 0180 [ CE6ECD42B9A6492B3BD069582C34ECBF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\c53e9fbf5110d2850666b09ae1e3f3d8\mscorlib.ni.dll
17:09:48.0539 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\c53e9fbf5110d2850666b09ae1e3f3d8\mscorlib.ni.dll - ok
17:09:48.0554 0180 [ 58B1FF38A8AC01FEB285F5C5692E8479 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
17:09:48.0554 0180 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
17:09:48.0554 0180 [ 63A2D767B9261B4F33F97BF88F2FB197 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
17:09:48.0554 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
17:09:48.0554 0180 [ 7C2E3117F0BF7B6F010B8C071253404C ] C:\Windows\System32\cryptnet.dll
17:09:48.0554 0180 C:\Windows\System32\cryptnet.dll - ok
17:09:48.0554 0180 [ 211BD0E2292CB18DD11515BE39CE5518 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
17:09:48.0554 0180 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
17:09:48.0554 0180 [ FF7CB5344094510654C240486B4B1B3F ] C:\Program Files (x86)\RadioController\RfBtnHelper.exe
17:09:48.0554 0180 C:\Program Files (x86)\RadioController\RfBtnHelper.exe - ok
17:09:48.0554 0180 [ 0BE6C341E0DD754C4D5031D391F97C86 ] C:\Windows\System32\shfolder.dll
17:09:48.0554 0180 C:\Windows\System32\shfolder.dll - ok
17:09:48.0570 0180 [ E034B873FFB81EE0D0B2AE53BC4F3BE1 ] C:\Windows\System32\sfc.dll
17:09:48.0570 0180 C:\Windows\System32\sfc.dll - ok
17:09:48.0570 0180 [ 038980C1F9FC6153856CAB3CFA337312 ] C:\Program Files (x86)\RadioController\HIDRead.dll
17:09:48.0570 0180 C:\Program Files (x86)\RadioController\HIDRead.dll - ok
17:09:48.0570 0180 [ 241B07FF7F5943B9C1BF3235F49AC1E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:09:48.0570 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
17:09:48.0570 0180 [ BA642B414EDE8FE72D04FDD9BEB00D2F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\d146a72e9a4854762694e5f34b453782\System.ni.dll
17:09:48.0570 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\d146a72e9a4854762694e5f34b453782\System.ni.dll - ok
17:09:48.0570 0180 [ BC5B4692016B0C9C1E755AB8C8F9021E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
17:09:48.0570 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
17:09:48.0570 0180 [ 5E2428A834E4749981F206BC673C30A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
17:09:48.0570 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
17:09:48.0586 0180 [ FB35BA3010711105C6A7C9DD3BC9F76B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
17:09:48.0586 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
17:09:48.0586 0180 [ EEB13C6AAFB04F3C9512A22792AB9276 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\3d2003c352e64394e7582dbfec4439a2\System.Drawing.ni.dll
17:09:48.0586 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\3d2003c352e64394e7582dbfec4439a2\System.Drawing.ni.dll - ok
17:09:48.0586 0180 [ 236F60F2879B439BBFEF4401EC0161A6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e1884cd8e67259367836a8ed13d5422b\System.Windows.Forms.ni.dll
17:09:48.0586 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e1884cd8e67259367836a8ed13d5422b\System.Windows.Forms.ni.dll - ok
17:09:48.0586 0180 [ 75AA0D543EE4D4A3E5C000FCE97C95B5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
17:09:48.0586 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
17:09:48.0586 0180 [ 31F48225EBCB7ACB5D3DC1C0113677F0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
17:09:48.0586 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
17:09:48.0586 0180 [ 07AB567D0CE7F5BC08CDB5BFB86CE5F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
17:09:48.0586 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
17:09:48.0601 0180 [ 0ABC50FDB2E1A5ECA26AEFE942CF273B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll
17:09:48.0601 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll - ok
17:09:48.0601 0180 [ 58FE3DB8D7653404E4B8DF496042F594 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll
17:09:48.0601 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
17:09:48.0601 0180 [ 1D5744CDB2FF4C8F8ECDF321FFE986CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
17:09:48.0601 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
17:09:48.0617 0180 [ 217B3D0C387328A6DA5C7782BDD2909E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
17:09:48.0617 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
17:09:48.0620 0180 [ 6A776B4D1B0A88BF9717E3F8EC312786 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
17:09:48.0620 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
17:09:48.0620 0180 [ C4811C73C651A1312C56E5B851DFA2A4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
17:09:48.0620 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
17:09:48.0635 0180 [ A2CB5EFE22B024E8D6F029314D5855C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
17:09:48.0635 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
17:09:48.0635 0180 [ E30A686A17B95F11DF396025DA10E82B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
17:09:48.0635 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
17:09:48.0635 0180 [ 65060E078CC53E5C8F572F62E8F1D586 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
17:09:48.0635 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
17:09:48.0651 0180 [ 1D76889EDA45FD47840C2E89C486A59A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
17:09:48.0651 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
17:09:48.0651 0180 [ AC79B42FD1685CE7B82C8F604D8E2316 ] C:\Program Files (x86)\Avira\AntiVir Desktop\setup.dll
17:09:48.0651 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\setup.dll - ok
17:09:48.0651 0180 [ C5C4281E3EAD9D9EBFBB51DAF0C1B3DC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\41717a8316cab3030cd4cb818c967826\Microsoft.VisualBasic.ni.dll
17:09:48.0651 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\41717a8316cab3030cd4cb818c967826\Microsoft.VisualBasic.ni.dll - ok
17:09:48.0667 0180 [ A9F809FC8885EADADC5347762B1E8661 ] C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe
17:09:48.0667 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe - ok
17:09:48.0667 0180 [ 626A9EC445D06FBC1502BF53A1E3356B ] C:\Windows\System32\conhost.exe
17:09:48.0667 0180 C:\Windows\System32\conhost.exe - ok
17:09:48.0667 0180 [ A1FF7DFBFBE164CF92603C651D304DD2 ] C:\Windows\System32\drivers\condrv.sys
17:09:48.0667 0180 C:\Windows\System32\drivers\condrv.sys - ok
17:09:48.0682 0180 [ 030FA289AC1A0E702FAF4F8F8C894E12 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
17:09:48.0682 0180 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
17:09:48.0682 0180 [ 9A47EEA8F8A12323DFA8D6F553EAA3D4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\11c338e2262ed0c7ac21d1312cff0336\System.Core.ni.dll
17:09:48.0682 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\11c338e2262ed0c7ac21d1312cff0336\System.Core.ni.dll - ok
17:09:48.0682 0180 [ A0E857847B2794E071AEBDD2BD6E1393 ] C:\Windows\SysWOW64\msvcr120_clr0400.dll
17:09:48.0682 0180 C:\Windows\SysWOW64\msvcr120_clr0400.dll - ok
17:09:48.0698 0180 [ 76085F350AAC7EEA7D91471F58A9E344 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
17:09:48.0698 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe - ok
17:09:48.0698 0180 [ C2D379711654A6105C3B2EC8A65D01AD ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll
17:09:48.0698 0180 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll - ok
17:09:48.0698 0180 [ 129434BBFD99D2577DBE983A7855667E ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
17:09:48.0698 0180 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
17:09:48.0698 0180 [ DD605AC201BFB637F2693C41BA060863 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll
17:09:48.0698 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll - ok
17:09:48.0698 0180 [ 5F72045F49779698473D8B09EEE87392 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll
17:09:48.0698 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll - ok
17:09:48.0698 0180 [ 1C5F1C105B93F9F9C61B51A621F38F9A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll
17:09:48.0698 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll - ok
17:09:48.0714 0180 [ B877EB2A5AFBCE49729864802FA8E1FB ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll - ok
17:09:48.0714 0180 [ C7B722D1F9E27ABC90FFFC5233FEAD71 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll - ok
17:09:48.0714 0180 [ 6C57B45573C2574A37EAE98FB0DB6F63 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll - ok
17:09:48.0714 0180 [ 3380B126CFA2168428B4582D7913210B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll - ok
17:09:48.0714 0180 [ 1427EDF83D4C1CA61F69F52C93BB8CCF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll - ok
17:09:48.0714 0180 [ 062AD458C3C3634FBF77BED9DD451025 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll - ok
17:09:48.0714 0180 [ 54DAE21EC19E3C57CF0A779CC87405B1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll
17:09:48.0714 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll - ok
17:09:48.0729 0180 [ 4606186A96BC7E01C7A41BADF1CF94B0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
17:09:48.0729 0180 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
17:09:48.0729 0180 [ 7A01639BEB97920CC83E54D87C4B3671 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll
17:09:48.0729 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll - ok
17:09:48.0729 0180 [ 540BEB6D71DFABB559453F2B8F3B703D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll
17:09:48.0729 0180 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll - ok
17:09:48.0729 0180 [ 77883251DAE149652C5A4DB9494F9D2D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd
17:09:48.0729 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd - ok
17:09:48.0729 0180 [ EF8E5E4FD6C023B1E6F26E947EDD1DD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll
17:09:48.0729 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll - ok
17:09:48.0729 0180 [ A973AAC70312A0ABA7801BA4E38B96D7 ] C:\Windows\SysWOW64\comdlg32.dll
17:09:48.0729 0180 C:\Windows\SysWOW64\comdlg32.dll - ok
17:09:48.0745 0180 [ 5D0C6B8B8D8CF9724D0E4989B3E405C8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\a5cac84e015e8ab2067edc7f48375cee\System.Xml.ni.dll
17:09:48.0745 0180 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\a5cac84e015e8ab2067edc7f48375cee\System.Xml.ni.dll - ok
17:09:48.0745 0180 [ A55C6E555323380412C3FBE01C6A6600 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd
17:09:48.0745 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd - ok
17:09:48.0745 0180 [ 349BA6B6467EA9DF7241D94BE91441EC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd
17:09:48.0745 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd - ok
17:09:48.0745 0180 [ 9BC83DA13F394889F69C7BF5009BB1B3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd
17:09:48.0745 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd - ok
17:09:48.0745 0180 [ B1C3019A361D7AA2BFCF1148C48DA6D9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd
17:09:48.0745 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd - ok
17:09:48.0760 0180 [ C04E80E96EA075FA1540DC3849CBA384 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll
17:09:48.0760 0180 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll - ok
17:09:48.0760 0180 [ 6F4DB1382B26FB8291A38922A0B09284 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd
17:09:48.0760 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd - ok
17:09:48.0760 0180 [ D7E062826D2DEBEF4ECBE9A2873B4350 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll
17:09:48.0760 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll - ok
17:09:48.0760 0180 [ 1BD0A85A14A1D8615D165AF090F6577F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
17:09:48.0760 0180 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll - ok
17:09:48.0760 0180 [ DA80B547B3532947F326695C57168AB1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll
17:09:48.0760 0180 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll - ok
17:09:48.0760 0180 [ 1F947FF630A7336AB0E39DB409E2C406 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
17:09:48.0760 0180 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll - ok
17:09:48.0776 0180 [ 01F54CD1CAA39FCAFC977E7262926FE1 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:09:48.0776 0180 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:09:48.0776 0180 [ B3319F02D96299F3B63A7B998B1F3174 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
17:09:48.0776 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
17:09:48.0776 0180 [ 2504C76C1388412D130681265450091B ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
17:09:48.0776 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll - ok
17:09:48.0776 0180 [ A7BA0CC4704B92194DFB6785E4A0381C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll
17:09:48.0776 0180 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll - ok
17:09:48.0776 0180 [ D658AB1B55127D18DCFBCAC8CAAEA522 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
17:09:48.0776 0180 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
17:09:48.0776 0180 [ 5276DD7EFE195F80B8AFF3DF581AA06C ] C:\Windows\System32\diskcopy.dll
17:09:48.0776 0180 C:\Windows\System32\diskcopy.dll - ok
17:09:48.0776 0180 [ DC225130BCAE999B1A660EEBF3D2E813 ] C:\Windows\System32\MSWB7.dll
17:09:48.0776 0180 C:\Windows\System32\MSWB7.dll - ok
17:09:48.0792 0180 [ 5DCC1BAB9A9DB133274082488F7A0F53 ] C:\Windows\System32\WorkFoldersShell.dll
17:09:48.0792 0180 C:\Windows\System32\WorkFoldersShell.dll - ok
17:09:48.0792 0180 [ 99B83EA684557E797865E46BEE840E95 ] C:\Windows\System32\igfxpph.dll
17:09:48.0792 0180 C:\Windows\System32\igfxpph.dll - ok
17:09:48.0792 0180 [ 0CB8C7B3207CFC6EADA732C1A42729A5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
17:09:48.0792 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
17:09:48.0792 0180 [ F85ED0C9047F49CFF3967915D318FDE6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
17:09:48.0792 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
17:09:48.0792 0180 [ D4607C4D0E171359F65633D19623DE52 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
17:09:48.0792 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
17:09:48.0792 0180 [ 45DAC1E7A89EE4AF1487DC62116295C3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
17:09:48.0792 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
17:09:48.0807 0180 [ 499BA0D7D07635F452F57B733B8D44A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
17:09:48.0807 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
17:09:48.0807 0180 [ 32D05BF51477ADFA8E458477D60295B9 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
17:09:48.0807 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
17:09:48.0807 0180 [ 09F66A1325A6680D6BF51DC12ACB4665 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
17:09:48.0807 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
17:09:48.0807 0180 [ F9D0ADF9DA9EF0866C08112FAE0165BE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
17:09:48.0807 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
17:09:48.0807 0180 [ 0D239F4AC6ADAE0413BBB25687CDD363 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
17:09:48.0807 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
17:09:48.0807 0180 [ 7AF6C9494E5B0D1C13A075F657B5FC65 ] C:\Windows\System32\fmifs.dll
17:09:48.0807 0180 C:\Windows\System32\fmifs.dll - ok
17:09:48.0823 0180 [ 084FFAFC9796DD43BD8FD854673E3132 ] C:\Windows\System32\ulib.dll
17:09:48.0823 0180 C:\Windows\System32\ulib.dll - ok
17:09:48.0823 0180 [ B2EC96B18F09B4CEE9C54A9A12A4AF9D ] C:\Windows\System32\ifsutil.dll
17:09:48.0823 0180 C:\Windows\System32\ifsutil.dll - ok
17:09:48.0823 0180 [ 50E77CABE8AB9AFE562D6BE47C15FB6A ] C:\Windows\System32\fsutilext.dll
17:09:48.0823 0180 C:\Windows\System32\fsutilext.dll - ok
17:09:48.0823 0180 [ D2518EA916E06F281376A8BDEF732022 ] C:\Windows\System32\untfs.dll
17:09:48.0823 0180 C:\Windows\System32\untfs.dll - ok
17:09:48.0823 0180 [ AC02E9BF8FF14AFB0899D93F7B23E7E2 ] C:\Windows\System32\uexfat.dll
17:09:48.0823 0180 C:\Windows\System32\uexfat.dll - ok
17:09:48.0823 0180 [ D23E1668D5602E7C236559F0D04F5C21 ] C:\Windows\System32\ufat.dll
17:09:48.0823 0180 C:\Windows\System32\ufat.dll - ok
17:09:48.0823 0180 [ D33DB105C4DB1CFA352A61FC7F424554 ] C:\Windows\System32\uudf.dll
17:09:48.0823 0180 C:\Windows\System32\uudf.dll - ok
17:09:48.0839 0180 [ 2A04A0CED0055AC64B424A70BF1C9A67 ] C:\Windows\System32\uReFS.dll
17:09:48.0839 0180 C:\Windows\System32\uReFS.dll - ok
17:09:48.0839 0180 [ 09FFF8FEE891ED820DD95428E091EA94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
17:09:48.0839 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
17:09:48.0839 0180 [ D7E16AB9AAB8BFA219D84C79536319E2 ] C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
17:09:48.0839 0180 C:\Program Files\Acer\Acer Power Management\ePowerTray.exe - ok
17:09:48.0839 0180 [ D032F5E38912BAE509E10D56D62ABB9D ] C:\Program Files\Acer\Acer Power Management\CommonControl.dll
17:09:48.0839 0180 C:\Program Files\Acer\Acer Power Management\CommonControl.dll - ok
17:09:48.0839 0180 [ 297CF1664E92209ABCD9E59F18E09364 ] C:\Program Files\Acer\Acer Power Management\PowerSettingControl.dll
17:09:48.0839 0180 C:\Program Files\Acer\Acer Power Management\PowerSettingControl.dll - ok
17:09:48.0839 0180 [ 95266E4709CEE77B9ABE98289B61ECB2 ] C:\Windows\System32\dxva2.dll
17:09:48.0839 0180 C:\Windows\System32\dxva2.dll - ok
17:09:48.0854 0180 [ 616E1B9130314EB0E331197940AA625B ] C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
17:09:48.0854 0180 C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe - ok
17:09:48.0854 0180 [ D5FC69F365E98BB4A83D05A851F312F1 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
17:09:48.0854 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll - ok
17:09:48.0854 0180 [ 7E1ED9DCFB39E36E1192574A75CD9224 ] C:\Windows\System32\igfxext.exe
17:09:48.0854 0180 C:\Windows\System32\igfxext.exe - ok
17:09:48.0854 0180 [ D583667F17279CFCB6F250863EF9E98E ] C:\Windows\System32\igfxexps.dll
17:09:48.0854 0180 C:\Windows\System32\igfxexps.dll - ok
17:09:48.0854 0180 [ A8A9B9D954E11689E77FAC0E3B9CAAC8 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
17:09:48.0854 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll - ok
17:09:48.0854 0180 [ 6F8759ABA553FA2C94C416BF3FF6F3BD ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
17:09:48.0854 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll - ok
17:09:48.0854 0180 [ FAE5437BD06B53CF6F9969B81BA019C1 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
17:09:48.0854 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll - ok
17:09:48.0870 0180 [ CCC3A7FE00CDF71EC53573FA9D46C654 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll - ok
17:09:48.0870 0180 [ 9DD1E9B81DC62558B8F87CFD12507D0F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll - ok
17:09:48.0870 0180 [ 354EE0F5D8D315E78436ABE973EC79B3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll - ok
17:09:48.0870 0180 [ 25759EC676EF1C3D6DAAAE696105D3FF ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll - ok
17:09:48.0870 0180 [ C77D045E300AE723A7E4D24406961EEA ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll - ok
17:09:48.0870 0180 [ 11AA794DEA8445F93DF4F403992BD509 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
17:09:48.0870 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll - ok
17:09:48.0885 0180 [ 49B870A4F18A7F8D4E919BEDA5C16482 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
17:09:48.0885 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll - ok
17:09:48.0885 0180 [ 19261F74D64BA3DB9EF9ED20C2D277E3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
17:09:48.0885 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll - ok
17:09:48.0885 0180 [ B7241CFCD5BA32923E12CF4E89B62574 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtCommonRes.dll
17:09:48.0885 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtCommonRes.dll - ok
17:09:48.0885 0180 [ 8176D1F65BF6B2A08C183B26F32F511A ] C:\Windows\SysWOW64\asycfilt.dll
17:09:48.0885 0180 C:\Windows\SysWOW64\asycfilt.dll - ok
Geändert von Tandem (09.04.2014 um 00:52 Uhr) |
|
09.04.2014, 00:38
| #7 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 4/8: Code:
ATTFilter 17:09:48.0885 0180 [ AB33393038DBA7F7E4257F0F85335D2F ] C:\Windows\System32\StorageContextHandler.dll
17:09:48.0885 0180 C:\Windows\System32\StorageContextHandler.dll - ok
17:09:48.0901 0180 [ 7426903310160A47A1052F1E194CC356 ] C:\Windows\System32\hotplug.dll
17:09:48.0901 0180 C:\Windows\System32\hotplug.dll - ok
17:09:48.0902 0180 [ 6E0BDFBEEED65B017F2E4C2C910B0520 ] C:\Windows\System32\rundll32.exe
17:09:48.0902 0180 C:\Windows\System32\rundll32.exe - ok
17:09:48.0902 0180 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] C:\Windows\System32\wuaueng.dll
17:09:48.0902 0180 C:\Windows\System32\wuaueng.dll - ok
17:09:48.0902 0180 [ 3FA61E33B20FD9D94DB7BDA9F324FBAB ] C:\Windows\System32\mspatcha.dll
17:09:48.0902 0180 C:\Windows\System32\mspatcha.dll - ok
17:09:48.0902 0180 [ EC2092F3B60F4206E84F87B6B15E0DE0 ] C:\Windows\System32\wups2.dll
17:09:48.0902 0180 C:\Windows\System32\wups2.dll - ok
17:09:48.0902 0180 [ CDADEFB3F75E59BF311686E66510385E ] C:\Windows\System32\TaskSchdPS.dll
17:09:48.0902 0180 C:\Windows\System32\TaskSchdPS.dll - ok
17:09:48.0902 0180 [ 35EF036F6EE1FAFD6CF49EBE9F2471C4 ] C:\Windows\System32\browcli.dll
17:09:48.0902 0180 C:\Windows\System32\browcli.dll - ok
17:09:48.0918 0180 [ D3DDD474C0128EBEC4B4A48896A1D2DC ] C:\Windows\System32\schedcli.dll
17:09:48.0918 0180 C:\Windows\System32\schedcli.dll - ok
17:09:48.0918 0180 [ E864425BF77080E8D780A3AEB3AF7E13 ] C:\Windows\System32\wmi.dll
17:09:48.0918 0180 C:\Windows\System32\wmi.dll - ok
17:09:48.0918 0180 [ 7F6FBED1A3E479017F6D3B35521281B1 ] C:\Windows\WinStore\WinStoreUI.dll
17:09:48.0918 0180 C:\Windows\WinStore\WinStoreUI.dll - ok
17:09:48.0918 0180 [ 83481CF1FAD89FAA7E3CDF6AF10C11D1 ] C:\Windows\System32\wpnapps.dll
17:09:48.0918 0180 C:\Windows\System32\wpnapps.dll - ok
17:09:48.0918 0180 [ 1305B94364F8F8F80DCD0E22E64E267A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
17:09:48.0918 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe - ok
17:09:48.0918 0180 [ 4831AA1A6A112ACCEE240C9D5FA2108B ] C:\Windows\SysWOW64\ieframe.dll
17:09:48.0918 0180 C:\Windows\SysWOW64\ieframe.dll - ok
17:09:48.0918 0180 [ 70462E0A4E293FC80620AB945D8A59BB ] C:\Windows\SysWOW64\mshtml.dll
17:09:48.0918 0180 C:\Windows\SysWOW64\mshtml.dll - ok
17:09:48.0933 0180 [ B91BD9AB96E803F80C8F7C0F4CA0FD3A ] C:\Program Files\Internet Explorer\sqmapi.dll
17:09:48.0933 0180 C:\Program Files\Internet Explorer\sqmapi.dll - ok
17:09:48.0933 0180 [ 47DF8A0C94A86E465BC8DDA41F08F067 ] C:\Windows\SysWOW64\adsldp.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\adsldp.dll - ok
17:09:48.0933 0180 [ 2C4965FA375C7C2C1FBD18EFD75F61CF ] C:\Windows\SysWOW64\cscapi.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\cscapi.dll - ok
17:09:48.0933 0180 [ AC6A5EF688C0856598C7B36C27CECF5B ] C:\Windows\SysWOW64\dxdiagn.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\dxdiagn.dll - ok
17:09:48.0933 0180 [ A4A91575D08F9835F6A5E94AF218B8FF ] C:\Windows\SysWOW64\d3d11.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\d3d11.dll - ok
17:09:48.0933 0180 [ 00AF22B51F217DC4C536F6039577B28C ] C:\Windows\SysWOW64\dxgi.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\dxgi.dll - ok
17:09:48.0933 0180 [ 73752F6A4E766AAE97C03C85DD322308 ] C:\Windows\SysWOW64\powrprof.dll
17:09:48.0933 0180 C:\Windows\SysWOW64\powrprof.dll - ok
17:09:48.0949 0180 [ 20CF6C36949E73BE4462F09E1CAA1951 ] C:\Windows\SysWOW64\wbemcomn.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:09:48.0949 0180 [ 787648B9C1E7503D097D49EE46D9621F ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:09:48.0949 0180 [ 8DE93017BA7F77E95DF57E753269623D ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:09:48.0949 0180 [ 998AA337D8CA0E8832B3BB4AF8BBC7A0 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:09:48.0949 0180 [ C7AE6A1EAE773F8CEC7F1180CAAB2072 ] C:\Windows\SysWOW64\dsound.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\dsound.dll - ok
17:09:48.0949 0180 [ 5849B1F0C63A25A3B7824C3ECE01CCC0 ] C:\Windows\SysWOW64\winbrand.dll
17:09:48.0949 0180 C:\Windows\SysWOW64\winbrand.dll - ok
17:09:48.0964 0180 [ 065C787060A095DD0DF8358BC7EF4070 ] C:\Windows\System32\perfos.dll
17:09:48.0964 0180 C:\Windows\System32\perfos.dll - ok
17:09:48.0964 0180 [ 1134E2BB2A41BC92819E1299AB82C088 ] C:\Windows\System32\wscinterop.dll
17:09:48.0964 0180 C:\Windows\System32\wscinterop.dll - ok
17:09:48.0964 0180 [ E21BE87CF4E8C3F4E237E609E8BB4257 ] C:\Windows\System32\werconcpl.dll
17:09:48.0964 0180 C:\Windows\System32\werconcpl.dll - ok
17:09:48.0964 0180 [ AA1315B87D9B2E39584165318A59F15D ] C:\Windows\System32\wercplsupport.dll
17:09:48.0964 0180 C:\Windows\System32\wercplsupport.dll - ok
17:09:48.0964 0180 [ D88390FF8C23957633033ECFC941D04A ] C:\Windows\System32\hcproviders.dll
17:09:48.0964 0180 C:\Windows\System32\hcproviders.dll - ok
17:09:48.0964 0180 [ FB7784A74CAA1DECE064954E73408F59 ] C:\Program Files\Internet Explorer\ieproxy.dll
17:09:48.0964 0180 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:09:48.0964 0180 [ EA1FF003AB7D3C8719D0A9E72C7F9F78 ] C:\Windows\System32\sendmail.dll
17:09:48.0964 0180 C:\Windows\System32\sendmail.dll - ok
17:09:48.0980 0180 [ 38045B7034108BA0000863A4EAC6A148 ] C:\Windows\System32\mydocs.dll
17:09:48.0980 0180 C:\Windows\System32\mydocs.dll - ok
17:09:48.0980 0180 [ 66E4F0A46F74345B0CD240C5B5AC06C0 ] C:\Windows\System32\zipfldr.dll
17:09:48.0980 0180 C:\Windows\System32\zipfldr.dll - ok
17:09:48.0980 0180 [ 024DAF3261166AD4090EED9579135802 ] C:\Windows\System32\chartv.dll
17:09:48.0980 0180 C:\Windows\System32\chartv.dll - ok
17:09:48.0980 0180 [ F1DCAF42618FE7515A9C4963CAD2A315 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
17:09:48.0980 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll - ok
17:09:48.0980 0180 [ 48D8A05AEBE8EC9F6BE38A770B9DFB0C ] C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
17:09:48.0980 0180 C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll - ok
17:09:48.0980 0180 [ 24DA05ADE2A978E199875DA0D859E7EB ] C:\Windows\System32\notepad.exe
17:09:48.0980 0180 C:\Windows\System32\notepad.exe - ok
17:09:48.0996 0180 [ A7069E793D4434CC7F4E5D0AFF493939 ] C:\Windows\System32\mlang.dll
17:09:48.0996 0180 C:\Windows\System32\mlang.dll - ok
17:09:48.0996 0180 [ 6DB5321D65FC1A5436A6F9AB9469AAF9 ] C:\Windows\System32\RacEngn.dll
17:09:48.0996 0180 C:\Windows\System32\RacEngn.dll - ok
17:09:48.0996 0180 [ 116EABEA69D40607116D3717D12248EC ] C:\Windows\System32\slwga.dll
17:09:48.0996 0180 C:\Windows\System32\slwga.dll - ok
17:09:48.0996 0180 [ EFB3CABED5D5C8CCD207ACC4B8E0A972 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
17:09:48.0996 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll - ok
17:09:48.0996 0180 [ 00BA48056AA18E55DE80FFE3902B32F5 ] C:\Program Files (x86)\Notepad++\NppShell_05.dll
17:09:48.0996 0180 C:\Program Files (x86)\Notepad++\NppShell_05.dll - ok
17:09:48.0996 0180 [ 178A34E5554DCE485E1262DDF027960C ] E:\Anti-Rootkit\tdsskiller.exe
17:09:48.0996 0180 E:\Anti-Rootkit\tdsskiller.exe - ok
17:09:49.0011 0180 [ CCF8BED843882F5C01FC93F6FEC5A8A7 ] C:\Windows\System32\consent.exe
17:09:49.0011 0180 C:\Windows\System32\consent.exe - ok
17:09:49.0011 0180 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\96240953.sys
17:09:49.0011 0180 C:\Windows\System32\drivers\96240953.sys - ok
17:09:49.0011 0180 [ 8387AF7783F772EC1D208409080CB5B8 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:09:49.0011 0180 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:09:49.0011 0180 [ CFE23A35E84A2CCA5DE8DF34DC238782 ] C:\Windows\SysWOW64\duser.dll
17:09:49.0011 0180 C:\Windows\SysWOW64\duser.dll - ok
17:09:49.0011 0180 [ FB34E929D9C8082D30EF87F6661C3A31 ] C:\Windows\SysWOW64\dui70.dll
17:09:49.0011 0180 C:\Windows\SysWOW64\dui70.dll - ok
17:09:49.0011 0180 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\20929863.sys
17:09:49.0011 0180 C:\Windows\System32\drivers\20929863.sys - ok
17:09:49.0011 0180 [ 23F5BD1BC5EE059986990029D03E66AA ] E:\Shredder-Tools\eraserportable_5.8.8_english.paf.exe
17:09:49.0011 0180 E:\Shredder-Tools\eraserportable_5.8.8_english.paf.exe - ok
17:09:49.0027 0180 [ 00A0194C20EE912257DF53BFE258EE4A ] C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\System.dll
17:09:49.0027 0180 C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\System.dll - ok
17:09:49.0027 0180 [ 0DC0CC7A6D9DB685BF05A7E5F3EA4781 ] C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\InstallOptions.dll
17:09:49.0027 0180 C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\InstallOptions.dll - ok
17:09:49.0027 0180 [ 5416E1FBDC29105FB87AA36905141DA8 ] C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
17:09:49.0027 0180 C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll - ok
17:09:49.0027 0180 [ 0A271DC253F4406E68C1216529CF143E ] C:\Windows\SysWOW64\thumbcache.dll
17:09:49.0027 0180 C:\Windows\SysWOW64\thumbcache.dll - ok
17:09:49.0027 0180 [ FF572D6FC50A7DA50B25FE9B122C045F ] C:\Windows\SysWOW64\networkexplorer.dll
17:09:49.0027 0180 C:\Windows\SysWOW64\networkexplorer.dll - ok
17:09:49.0027 0180 [ 1121EC6CAF4615C186BBF2200449327D ] C:\Program Files\Classic Shell\ClassicExplorer32.dll
17:09:49.0027 0180 C:\Program Files\Classic Shell\ClassicExplorer32.dll - ok
17:09:49.0043 0180 [ 3895ABD01CD6079FB7BAEED17D3D6089 ] C:\Windows\SysWOW64\mssprxy.dll
17:09:49.0043 0180 C:\Windows\SysWOW64\mssprxy.dll - ok
17:09:49.0043 0180 [ 42B1A6E8BA857C9D6238FD9C6B5FF960 ] C:\Program Files\Windows Defender\MpOAV.dll
17:09:49.0043 0180 C:\Program Files\Windows Defender\MpOAV.dll - ok
17:09:49.0043 0180 [ 1C3588802EE33660E620A046A505A337 ] C:\Program Files\Windows Defender\MpClient.dll
17:09:49.0043 0180 C:\Program Files\Windows Defender\MpClient.dll - ok
17:09:49.0043 0180 [ 6B6EEA141785ADDC561C51638783A382 ] C:\Users\Tandem\AppData\Local\Temp\Temp1_bubble2_setup.zip\bubble2_setup.exe
17:09:49.0043 0180 C:\Users\Tandem\AppData\Local\Temp\Temp1_bubble2_setup.zip\bubble2_setup.exe - ok
17:09:49.0043 0180 [ A2C4D52C66B4B399FACADB8CC8386745 ] C:\Users\Tandem\AppData\Local\Temp\is-61PG5.tmp\bubble2_setup.tmp
17:09:49.0043 0180 C:\Users\Tandem\AppData\Local\Temp\is-61PG5.tmp\bubble2_setup.tmp - ok
17:09:49.0043 0180 [ A2C4D52C66B4B399FACADB8CC8386745 ] C:\Users\Tandem\AppData\Local\Temp\is-MS8SL.tmp\bubble2_setup.tmp
17:09:49.0043 0180 C:\Users\Tandem\AppData\Local\Temp\is-MS8SL.tmp\bubble2_setup.tmp - ok
17:09:49.0058 0180 [ 0B93A4DE6B58AD04BF91B76316339817 ] C:\Windows\System32\wermgr.exe
17:09:49.0058 0180 C:\Windows\System32\wermgr.exe - ok
17:09:49.0058 0180 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] C:\Windows\System32\wersvc.dll
17:09:49.0058 0180 C:\Windows\System32\wersvc.dll - ok
17:09:49.0058 0180 [ C83AFB0B285F293EDECF5EBDEC074A94 ] C:\Windows\System32\WerFault.exe
17:09:49.0058 0180 C:\Windows\System32\WerFault.exe - ok
17:09:49.0058 0180 [ B5D2EBAD81739185A91D210F5F01824B ] C:\Windows\System32\Faultrep.dll
17:09:49.0058 0180 C:\Windows\System32\Faultrep.dll - ok
17:09:49.0058 0180 [ E81AC183EE021B3EC81B4005F4CE2D7D ] C:\Windows\SysWOW64\linkinfo.dll
17:09:49.0058 0180 C:\Windows\SysWOW64\linkinfo.dll - ok
17:09:49.0058 0180 [ 1AEA7E273E344C30C9883254DE75B180 ] C:\Windows\SysWOW64\ntshrui.dll
17:09:49.0058 0180 C:\Windows\SysWOW64\ntshrui.dll - ok
17:09:49.0058 0180 [ 9EAFB53FA36FFD02C7238B59CF3637BC ] C:\Program Files (x86)\Bubble Freespace Shredder 2\bubble2.exe
17:09:49.0058 0180 C:\Program Files (x86)\Bubble Freespace Shredder 2\bubble2.exe - ok
17:09:49.0074 0180 [ E96078C68F2AA832279FBD99AF2FD355 ] C:\Windows\System32\aeinv.dll
17:09:49.0074 0180 C:\Windows\System32\aeinv.dll - ok
17:09:49.0074 0180 [ 3ED8FA77F41F3AEAE2F0DCC0DB0596FF ] C:\Windows\System32\backgroundTaskHost.exe
17:09:49.0074 0180 C:\Windows\System32\backgroundTaskHost.exe - ok
17:09:49.0074 0180 [ 6C1DAB32294536B0EF4F7715C97C58A4 ] C:\Windows\System32\clrhost.dll
17:09:49.0074 0180 C:\Windows\System32\clrhost.dll - ok
17:09:49.0074 0180 [ 8BEF7E7E6477489F85F467DC8AAEFC05 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
17:09:49.0074 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
17:09:49.0074 0180 [ D69139606B4DCF4399DCD6DC6B19B52D ] C:\Windows\System32\msvcr120_clr0400.dll
17:09:49.0074 0180 C:\Windows\System32\msvcr120_clr0400.dll - ok
17:09:49.0074 0180 [ 98B0FCF48B4B910E3160728FC48D3E15 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll
17:09:49.0074 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll - ok
17:09:49.0089 0180 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:09:49.0089 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:09:49.0089 0180 [ 5DD8A92CEC2F59D8A31328EA22D18FEB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\8848363a64856b740e9ebd321b6a98ca\Windows.ApplicationModel.ni.dll
17:09:49.0089 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\8848363a64856b740e9ebd321b6a98ca\Windows.ApplicationModel.ni.dll - ok
17:09:49.0089 0180 [ 4CF55EB6423F9D38CFDD798542A01BCC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtbff93e24#\b734d1d452ecc29bf9a02758520173b7\System.Runtime.InteropServices.WindowsRuntime.ni.dll
17:09:49.0089 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtbff93e24#\b734d1d452ecc29bf9a02758520173b7\System.Runtime.InteropServices.WindowsRuntime.ni.dll - ok
17:09:49.0089 0180 [ B2EBC679512A580B74F095E18738D907 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
17:09:49.0089 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
17:09:49.0089 0180 [ 5E87819201BB1DC463A127C3ED449BB9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\29e4b2d8f87a111865c3302f567b4a82\Windows.Storage.ni.dll
17:09:49.0089 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\29e4b2d8f87a111865c3302f567b4a82\Windows.Storage.ni.dll - ok
17:09:49.0089 0180 [ DFB65B7E92A4946F319234549520749F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Diagd2d95910#\b2aefd08555f18ece557006afd577bf8\System.Diagnostics.Tracing.ni.dll
17:09:49.0089 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Diagd2d95910#\b2aefd08555f18ece557006afd577bf8\System.Diagnostics.Tracing.ni.dll - ok
17:09:49.0105 0180 [ F242938F69AA25B8ECD0D9E342799802 ] C:\Windows\System32\SettingSyncHost.exe
17:09:49.0105 0180 C:\Windows\System32\SettingSyncHost.exe - ok
17:09:49.0105 0180 [ C005747F5005AE7E80C087B821A5AED4 ] C:\Windows\System32\SettingSync.dll
17:09:49.0105 0180 C:\Windows\System32\SettingSync.dll - ok
17:09:49.0105 0180 [ 09C693F051507A134D180556A011A6C5 ] C:\Windows\System32\WinSync.dll
17:09:49.0105 0180 C:\Windows\System32\WinSync.dll - ok
17:09:49.0105 0180 [ A030B48F73CB01B89AD5CF725240401A ] C:\Windows\System32\OnDemandConnRouteHelper.dll
17:09:49.0105 0180 C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
17:09:49.0105 0180 [ BC78AE41C08746A043F5522D33497540 ] C:\Windows\System32\RoamingSecurity.dll
17:09:49.0105 0180 C:\Windows\System32\RoamingSecurity.dll - ok
17:09:49.0105 0180 [ 176CA3DE403C16AC50E9491319300F5B ] C:\Windows\System32\ConnectedAccountState.dll
17:09:49.0105 0180 C:\Windows\System32\ConnectedAccountState.dll - ok
17:09:49.0105 0180 [ 3ACBA856C37015F6F234279D5A4FD738 ] C:\Windows\System32\mskeyprotcli.dll
17:09:49.0105 0180 C:\Windows\System32\mskeyprotcli.dll - ok
17:09:49.0121 0180 [ CC9B5E86ACAE6E2006BCC2EB8EB18DD6 ] C:\Windows\System32\wlidcli.dll
17:09:49.0121 0180 C:\Windows\System32\wlidcli.dll - ok
17:09:49.0121 0180 [ 3EE048B4DBFFA5FDEB059BABCFDF9B69 ] C:\Windows\System32\wpninprc.dll
17:09:49.0121 0180 C:\Windows\System32\wpninprc.dll - ok
17:09:49.0121 0180 [ DEABE46484AADD7509B1D0CC308DCF77 ] C:\Windows\System32\acproxy.dll
17:09:49.0121 0180 C:\Windows\System32\acproxy.dll - ok
17:09:49.0121 0180 [ CA56145B0F1FA54FA21C2E0A7AC9C119 ] C:\Windows\System32\msched.dll
17:09:49.0121 0180 C:\Windows\System32\msched.dll - ok
17:09:49.0121 0180 [ 10782DE46A3A1903C8C2F6BDD4DFF851 ] C:\Windows\System32\lpremove.exe
17:09:49.0121 0180 C:\Windows\System32\lpremove.exe - ok
17:09:49.0121 0180 [ CB3A035BB1FD3A1E9AEE79BAE6499B99 ] C:\Windows\System32\aitagent.exe
17:09:49.0121 0180 C:\Windows\System32\aitagent.exe - ok
17:09:49.0136 0180 [ 3B0FECC41EE6B03057A0F9E26EAB5ADC ] C:\Windows\System32\fhtask.dll
17:09:49.0136 0180 C:\Windows\System32\fhtask.dll - ok
17:09:49.0136 0180 [ FF9754312611FB59DEB8CB2A9C96C10A ] C:\Windows\System32\aepdu.dll
17:09:49.0136 0180 C:\Windows\System32\aepdu.dll - ok
17:09:49.0136 0180 [ 3113EB7A0E4401F19F9B50A85E936562 ] C:\Windows\System32\fhsvcctl.dll
17:09:49.0136 0180 C:\Windows\System32\fhsvcctl.dll - ok
17:09:49.0136 0180 [ C1AF7D3C273AE7E72C69BE0E856FBCA3 ] C:\Windows\System32\kernelceip.dll
17:09:49.0136 0180 C:\Windows\System32\kernelceip.dll - ok
17:09:49.0136 0180 [ 75863FF57B3C0DF89439879969B05CEC ] C:\Windows\System32\Startupscan.dll
17:09:49.0136 0180 C:\Windows\System32\Startupscan.dll - ok
17:09:49.0136 0180 [ 9928E5C494BD933CDE560F5766D3BFB2 ] C:\Windows\System32\sdiagschd.dll
17:09:49.0136 0180 C:\Windows\System32\sdiagschd.dll - ok
17:09:49.0136 0180 [ 50DA2DFB41F5882861B6883F880792D9 ] C:\Windows\System32\SensApi.dll
17:09:49.0136 0180 C:\Windows\System32\SensApi.dll - ok
17:09:49.0152 0180 [ B4B04488BEE8B6D97DEF1D275825863C ] C:\Windows\System32\sdiageng.dll
17:09:49.0152 0180 C:\Windows\System32\sdiageng.dll - ok
17:09:49.0152 0180 [ D8E3A4701376CCFD0BE542D745FA4809 ] C:\Windows\System32\WSService.dll
17:09:49.0152 0180 C:\Windows\System32\WSService.dll - ok
17:09:49.0152 0180 [ 2A050C7DD55FAA6FBF1FA8AFD5812857 ] C:\Windows\System32\MemoryDiagnostic.dll
17:09:49.0152 0180 C:\Windows\System32\MemoryDiagnostic.dll - ok
17:09:49.0152 0180 [ 1630521CA49271034F998B332F7F3469 ] C:\Windows\System32\AppXDeploymentClient.dll
17:09:49.0152 0180 C:\Windows\System32\AppXDeploymentClient.dll - ok
17:09:49.0152 0180 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] C:\Windows\System32\AppXDeploymentServer.dll
17:09:49.0152 0180 C:\Windows\System32\AppXDeploymentServer.dll - ok
17:09:49.0152 0180 [ 4D35041E7A50BB259B36C4D5D4A77662 ] C:\Windows\System32\tdh.dll
17:09:49.0152 0180 C:\Windows\System32\tdh.dll - ok
17:09:49.0168 0180 [ D48920217A98322B9B62923B0D808674 ] C:\Windows\System32\pstask.dll
17:09:49.0168 0180 C:\Windows\System32\pstask.dll - ok
17:09:49.0168 0180 [ DACBAF039738C747754A5D5D94510FA8 ] C:\Windows\System32\regidle.dll
17:09:49.0168 0180 C:\Windows\System32\regidle.dll - ok
17:09:49.0168 0180 [ 8C2403F0371152D70741865688B57C8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll
17:09:49.0168 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll - ok
17:09:49.0168 0180 [ 23E0008E024F955428D71CEDD5CCF87F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll
17:09:49.0168 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll - ok
17:09:49.0168 0180 [ 2F2FC5E089D9A91E675817DFB0F78ADB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll
17:09:49.0168 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll - ok
17:09:49.0168 0180 [ B117A26FB2562FE1942E6F62369803E3 ] C:\Windows\System32\sdiagnhost.exe
17:09:49.0168 0180 C:\Windows\System32\sdiagnhost.exe - ok
17:09:49.0183 0180 [ 09D35AEF39E3A2F679AC4DC8D56FFAAD ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
17:09:49.0183 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe - ok
17:09:49.0183 0180 [ 350C510CA8D8C425944EEEB3D346E64B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
17:09:49.0183 0180 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe - ok
17:09:49.0183 0180 [ 5BE15CBF926B0C70B0F424774A2B75E6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wad78daf4#\1ab4f2e5e42ff1ef86cd2601e445bd92\Microsoft.Windows.Diagnosis.SDHost.ni.dll
17:09:49.0183 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wad78daf4#\1ab4f2e5e42ff1ef86cd2601e445bd92\Microsoft.Windows.Diagnosis.SDHost.ni.dll - ok
17:09:49.0183 0180 [ 524DAC623B9825226160C1C910624C6B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wed3937f9#\da5afc1a2df149f8a28255bd032d3e3b\Microsoft.Windows.Diagnosis.SDCommon.ni.dll
17:09:49.0183 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wed3937f9#\da5afc1a2df149f8a28255bd032d3e3b\Microsoft.Windows.Diagnosis.SDCommon.ni.dll - ok
17:09:49.0183 0180 [ D4E522C78B262827479FF27EF4B9A903 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll
17:09:49.0183 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll - ok
17:09:49.0183 0180 [ 0D9E2DB8997E3815D798A69E677084D4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\2b7245f16e86a452e31fd78ecfa3302d\System.Management.Automation.ni.dll
17:09:49.0183 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\2b7245f16e86a452e31fd78ecfa3302d\System.Management.Automation.ni.dll - ok
17:09:49.0199 0180 [ 628DB15D8B4E4003324247478D5C3C3F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W0bb5dac4#\4e3912ec5842a3bab3f900db42e7295b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
17:09:49.0199 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W0bb5dac4#\4e3912ec5842a3bab3f900db42e7295b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll - ok
17:09:49.0199 0180 [ 601B9078F5345109A93AE0220EEBDE52 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W69ef49d2#\e00474f5df5a870e900f41a35fae6f44\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
17:09:49.0199 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W69ef49d2#\e00474f5df5a870e900f41a35fae6f44\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll - ok
17:09:49.0199 0180 [ B3D867F60CD1AB4D2355C32CFA568238 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wd518ee0d#\dd8e0e020198d436215ee319ce9fc365\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
17:09:49.0199 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wd518ee0d#\dd8e0e020198d436215ee319ce9fc365\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll - ok
17:09:49.0214 0180 [ 5B2B58E244A3D27145376CBB55EB8CEA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W708fc392#\57794383b573a38e8e5a67716e41cd71\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
17:09:49.0214 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W708fc392#\57794383b573a38e8e5a67716e41cd71\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - ok
17:09:49.0214 0180 [ E4498C3F60AD89BD5FC56244B4C6D9FC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\65ff83eb4f3c2cfbadf5db3a59a54f0b\System.Numerics.ni.dll
17:09:49.0214 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\65ff83eb4f3c2cfbadf5db3a59a54f0b\System.Numerics.ni.dll - ok
17:09:49.0214 0180 [ D66BCEA2916397F62F6EA2BA5191BA28 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll
17:09:49.0214 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll - ok
17:09:49.0230 0180 [ 3AE2E792BFCAB232CEF1AE15A8BE7519 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\42b800618837afb753d0029531ec2e9b\System.DirectoryServices.ni.dll
17:09:49.0230 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\42b800618837afb753d0029531ec2e9b\System.DirectoryServices.ni.dll - ok
17:09:49.0230 0180 [ 3A6A4FAC0BBECA8BBF0B440044B3954D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\207d88c7e31401aa445a1e38cb37fbbc\System.Management.ni.dll
17:09:49.0230 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\207d88c7e31401aa445a1e38cb37fbbc\System.Management.ni.dll - ok
17:09:49.0230 0180 [ 0F8CBD63779CEB55A2E53B6BD36A0ACE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\2a098d07b439d3cf612210725d8799e3\Microsoft.Management.Infrastructure.ni.dll
17:09:49.0230 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\2a098d07b439d3cf612210725d8799e3\Microsoft.Management.Infrastructure.ni.dll - ok
17:09:49.0230 0180 [ B837EA3A3EF1F949A421C724B82BFEBC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P1706cafe#\b621e59155acf4e16aad065809d19b94\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
17:09:49.0230 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P1706cafe#\b621e59155acf4e16aad065809d19b94\Microsoft.PowerShell.Commands.Diagnostics.ni.dll - ok
17:09:49.0230 0180 [ E188528B2F50A1846DE08A3C5923F52B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\2b2701d52f2e3e722f65db71fe04756b\System.Configuration.Install.ni.dll
17:09:49.0230 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\2b2701d52f2e3e722f65db71fe04756b\System.Configuration.Install.ni.dll - ok
17:09:49.0246 0180 [ 473A57E8FD8D080C213EA2E2E6DB6C36 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll
17:09:49.0246 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll - ok
17:09:49.0246 0180 [ 7206E0063F3F083A934E8808506F125C ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
17:09:49.0246 0180 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
17:09:49.0246 0180 [ 26147D8DCD73A1CEE7B138BC349C8E85 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\4f19a4dae094c763eb40206492320bb1\Microsoft.PowerShell.Commands.Utility.ni.dll
17:09:49.0246 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\4f19a4dae094c763eb40206492320bb1\Microsoft.PowerShell.Commands.Utility.ni.dll - ok
17:09:49.0246 0180 [ 039EAEA186DC87B56FCD01DD74C369B8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\07d823a5fdff2a106df723bbb8690022\Microsoft.PowerShell.ConsoleHost.ni.dll
17:09:49.0246 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\07d823a5fdff2a106df723bbb8690022\Microsoft.PowerShell.ConsoleHost.ni.dll - ok
17:09:49.0246 0180 [ CDF1448E6A1A1019EC02886C2E865CCB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\3b3281b8a00357ba15e0e4d9a2e1bfe7\Microsoft.PowerShell.Commands.Management.ni.dll
17:09:49.0246 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\3b3281b8a00357ba15e0e4d9a2e1bfe7\Microsoft.PowerShell.Commands.Management.ni.dll - ok
17:09:49.0246 0180 [ 82A6EFE0D5B34EC17483A510F3C76BD5 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\e7ff59e02f34e32d9478fc718037fc31\Microsoft.PowerShell.Security.ni.dll
17:09:49.0246 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\e7ff59e02f34e32d9478fc718037fc31\Microsoft.PowerShell.Security.ni.dll - ok
17:09:49.0261 0180 [ 11C2539DB7BA15CD0A79D6930D52E05A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.We0722664#\baf832f0caf00321592224b7fc42a558\Microsoft.WSMan.Management.ni.dll
17:09:49.0261 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.We0722664#\baf832f0caf00321592224b7fc42a558\Microsoft.WSMan.Management.ni.dll - ok
17:09:49.0261 0180 [ DF14559B0F039E3BF23A4B9334132401 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll
17:09:49.0261 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll - ok
17:09:49.0261 0180 [ E3C595CD9FA0F068619C49699AC2703F ] C:\Windows\System32\msisip.dll
17:09:49.0261 0180 C:\Windows\System32\msisip.dll - ok
17:09:49.0261 0180 [ 2B659DAB8F020252FF862AA2692B33CA ] C:\Windows\System32\wshext.dll
17:09:49.0261 0180 C:\Windows\System32\wshext.dll - ok
17:09:49.0261 0180 [ 8E6F37F12FE854CAA670C0BB3ADC9139 ] C:\Windows\System32\AppxSip.dll
17:09:49.0261 0180 C:\Windows\System32\AppxSip.dll - ok
17:09:49.0261 0180 [ BD11C5DBF7D84E4AE8703EF3B3AE794B ] C:\Windows\System32\OpcServices.dll
17:09:49.0261 0180 C:\Windows\System32\OpcServices.dll - ok
17:09:49.0261 0180 [ 0AF6E16842DAC19C22B9AF18584E0D33 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
17:09:49.0261 0180 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
17:09:49.0277 0180 [ 4345CA227F267909A57F368538EC4143 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\8319a0e63cbe4df581ca36dc75f039ab\System.Data.ni.dll
17:09:49.0277 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\8319a0e63cbe4df581ca36dc75f039ab\System.Data.ni.dll - ok
17:09:49.0277 0180 [ C5F6F6FF49A2A50EC9624B064B467176 ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
17:09:49.0277 0180 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:09:49.0277 0180 [ D7109186046CC1AFF17BDBD192E00308 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
17:09:49.0277 0180 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
17:09:49.0277 0180 [ 4CD5B246B2DB81DC403B7C9041456B0E ] C:\Windows\System32\NapiNSP.dll
17:09:49.0277 0180 C:\Windows\System32\NapiNSP.dll - ok
17:09:49.0277 0180 [ F916298AF3C6AC9887427E545C7E3A69 ] C:\Windows\System32\pnrpnsp.dll
17:09:49.0277 0180 C:\Windows\System32\pnrpnsp.dll - ok
17:09:49.0277 0180 [ 218F874A78CB670172280A39A58B8F8A ] C:\Windows\System32\winrnr.dll
17:09:49.0277 0180 C:\Windows\System32\winrnr.dll - ok
17:09:49.0293 0180 [ B78C9FB3D92F4502079BB1F07470BE60 ] C:\Windows\System32\wshbth.dll
17:09:49.0293 0180 C:\Windows\System32\wshbth.dll - ok
17:09:49.0293 0180 [ 610C3BA3E10CD2A7DB741FBE061ED093 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll
17:09:49.0293 0180 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll - ok
17:09:49.0293 0180 [ 7599E582CA3A6AAA95A18FFE1172D339 ] C:\Windows\System32\w32time.dll
17:09:49.0293 0180 C:\Windows\System32\w32time.dll - ok
17:09:49.0293 0180 [ 0A6341CF701E43B1AD3CC168D45161C6 ] C:\Windows\System32\w32tm.exe
17:09:49.0293 0180 C:\Windows\System32\w32tm.exe - ok
17:09:49.0293 0180 [ AC13A4FE5396E05B46C7E270BC5CC22C ] C:\Windows\System32\PING.EXE
17:09:49.0293 0180 C:\Windows\System32\PING.EXE - ok
17:09:49.0293 0180 [ 41E3F3C1E24549BBB94C53692333D3BE ] C:\Windows\System32\scrrun.dll
17:09:49.0293 0180 C:\Windows\System32\scrrun.dll - ok
17:09:49.0308 0180 [ B517410F157693043DACA21B19B258A6 ] C:\Windows\System32\tapisrv.dll
17:09:49.0308 0180 C:\Windows\System32\tapisrv.dll - ok
17:09:49.0308 0180 [ 33C2DB0C149036EC1BD5E9EF7E4844D0 ] C:\Windows\System32\unimdm.tsp
17:09:49.0308 0180 C:\Windows\System32\unimdm.tsp - ok
17:09:49.0308 0180 [ 4F0834059B081FB95E925DBACD6932A8 ] C:\Windows\System32\uniplat.dll
17:09:49.0308 0180 C:\Windows\System32\uniplat.dll - ok
17:09:49.0308 0180 [ A2F7284F25ACFFAF8630E074376ECCEC ] C:\Windows\System32\hidphone.tsp
17:09:49.0308 0180 C:\Windows\System32\hidphone.tsp - ok
17:09:49.0308 0180 [ 3E6D37564557486CEF1A82B8BD16090F ] C:\Windows\System32\kmddsp.tsp
17:09:49.0308 0180 C:\Windows\System32\kmddsp.tsp - ok
17:09:49.0308 0180 [ 2EC3B52F3359E87461F88C3D485B85C2 ] C:\Windows\System32\WWanAPI.dll
17:09:49.0308 0180 C:\Windows\System32\WWanAPI.dll - ok
17:09:49.0308 0180 [ 35F57F3C64A0E744F097159936DE3942 ] C:\Windows\System32\advpack.dll
17:09:49.0308 0180 C:\Windows\System32\advpack.dll - ok
17:09:49.0324 0180 [ 2517EF43B94CA4A2A46E4557E44B1B35 ] C:\Windows\System32\appwiz.cpl
17:09:49.0324 0180 C:\Windows\System32\appwiz.cpl - ok
17:09:49.0324 0180 [ F790470535B709B42B51CC105F27DE17 ] C:\Windows\System32\osbaseln.dll
17:09:49.0324 0180 C:\Windows\System32\osbaseln.dll - ok
17:09:49.0324 0180 [ BCFEFCF80E09551315F2C517B5FE928B ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe
17:09:49.0324 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe - ok
17:09:49.0324 0180 [ EC2A81A5B4BB45DF0149EE63C0B5AD1C ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar1.dll
17:09:49.0324 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar1.dll - ok
17:09:49.0324 0180 [ 084A01045441FC7C0EA2B4825E84AAD8 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar2.dll
17:09:49.0324 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar2.dll - ok
17:09:49.0324 0180 [ CD8BEDD91DDAE53D27D9784246F81D48 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar5.dll
17:09:49.0324 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar5.dll - ok
17:09:49.0339 0180 [ 8FE3ADBB0BA2C6818D90FA12B976A8D5 ] C:\Windows\SysWOW64\oledlg.dll
17:09:49.0339 0180 C:\Windows\SysWOW64\oledlg.dll - ok
17:09:49.0339 0180 [ 34EF16B553D52E4C7DBC5F5E78675A0B ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar3.dll
17:09:49.0339 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar3.dll - ok
17:09:49.0339 0180 [ AEE70B180FCA9D378A300F82E9D6313F ] C:\Users\Tandem\AppData\Local\Temp\skxvcd.exe
17:09:49.0339 0180 C:\Users\Tandem\AppData\Local\Temp\skxvcd.exe - ok
17:09:49.0339 0180 [ D6CE5C3190CB672A92AE328789BB0F69 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar4.dll
17:09:49.0339 0180 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar4.dll - ok
17:09:49.0339 0180 [ C3135D2F6EC4463F0D335D6785EFEBE9 ] C:\Windows\System32\wsqmcons.exe
17:09:49.0339 0180 C:\Windows\System32\wsqmcons.exe - ok
17:09:49.0339 0180 [ 0F0BEECEB4ABAFA775279E2949E949E6 ] C:\Windows\System32\sppcext.dll
17:09:49.0339 0180 C:\Windows\System32\sppcext.dll - ok
17:09:49.0355 0180 [ D2B109C5B869A81AD074CBE38C0ED658 ] C:\Windows\System32\WinSCard.dll
17:09:49.0355 0180 C:\Windows\System32\WinSCard.dll - ok
17:09:49.0355 0180 [ 6E639FDBA5E9FA5974EF24412FEA30BF ] C:\Windows\System32\sc.exe
17:09:49.0355 0180 C:\Windows\System32\sc.exe - ok
17:09:49.0355 0180 [ 82841B061B403F291CF8CA9EE73913C5 ] C:\Windows\System32\winshfhc.dll
17:09:49.0355 0180 C:\Windows\System32\winshfhc.dll - ok
17:09:49.0355 0180 [ EE738FE9BCDD605821002CEC8C7206DB ] C:\Users\Tandem\Desktop\RV\RootkitRevealer.exe
17:09:49.0355 0180 C:\Users\Tandem\Desktop\RV\RootkitRevealer.exe - ok
17:09:49.0355 0180 [ 249DE8C6F690646CC8EC53D49ABC6BE9 ] C:\Windows\SysWOW64\WerFault.exe
17:09:49.0355 0180 C:\Windows\SysWOW64\WerFault.exe - ok
17:09:49.0355 0180 [ 7610BDF5018996927AA2E993CB6F2822 ] C:\Windows\SysWOW64\wer.dll
17:09:49.0355 0180 C:\Windows\SysWOW64\wer.dll - ok
17:09:49.0355 0180 [ 17500825FE6C7094ACC6E7DC6B578399 ] C:\Windows\SysWOW64\Faultrep.dll
17:09:49.0355 0180 C:\Windows\SysWOW64\Faultrep.dll - ok
17:09:49.0371 0180 [ FCD51A3EB7E47FBCE17382A95FD3AB35 ] C:\Windows\SysWOW64\dbgeng.dll
17:09:49.0371 0180 C:\Windows\SysWOW64\dbgeng.dll - ok
17:09:49.0371 0180 [ F5033F3C6F8E706D78ACB9351EBF7B3E ] C:\Windows\SysWOW64\dbghelp.dll
17:09:49.0371 0180 C:\Windows\SysWOW64\dbghelp.dll - ok
17:09:49.0371 0180 [ 9CB652EAE0AB5EB27DD0B589D4A0D345 ] C:\Windows\SysWOW64\SensApi.dll
17:09:49.0371 0180 C:\Windows\SysWOW64\SensApi.dll - ok
17:09:49.0371 0180 [ 3CD918A30800F17C3E380424DB16FCE0 ] C:\Windows\SysWOW64\werui.dll
17:09:49.0371 0180 C:\Windows\SysWOW64\werui.dll - ok
17:09:49.0371 0180 [ DE6BA34150AA58950EEC63D75C78A45A ] C:\Windows\System32\fthsvc.dll
17:09:49.0371 0180 C:\Windows\System32\fthsvc.dll - ok
17:09:49.0371 0180 [ 26801DC9D8AAEF91D0E937076723533A ] C:\Program Files (x86)\Opera\launcher.exe
17:09:49.0371 0180 C:\Program Files (x86)\Opera\launcher.exe - ok
17:09:49.0386 0180 [ 0FDA366EF6BCE1E66328331AB8C025DE ] C:\Program Files (x86)\Opera\19.0.1326.59\launcher_lib.dll
17:09:49.0386 0180 C:\Program Files (x86)\Opera\19.0.1326.59\launcher_lib.dll - ok
17:09:49.0386 0180 [ A878C3A1B4DE9C64060B4856355E70F2 ] C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
17:09:49.0386 0180 C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe - ok
17:09:49.0386 0180 [ 602CEC60E4F41C2FD196869E5FE1E9E0 ] C:\Windows\SysWOW64\cryptui.dll
17:09:49.0386 0180 C:\Windows\SysWOW64\cryptui.dll - ok
17:09:49.0386 0180 [ 3E12640379E473D6327D162EA8C008DE ] C:\Program Files (x86)\Opera\19.0.1326.59\opera_crashreporter.exe
17:09:49.0386 0180 C:\Program Files (x86)\Opera\19.0.1326.59\opera_crashreporter.exe - ok
17:09:49.0386 0180 [ 1864717B38CFE13E6BF51D2AC059D6C5 ] C:\Program Files (x86)\Opera\19.0.1326.59\icudt.dll
17:09:49.0386 0180 C:\Program Files (x86)\Opera\19.0.1326.59\icudt.dll - ok
17:09:49.0386 0180 [ 99BF1154DCA837428A94CD1BE96A8C14 ] C:\Windows\SysWOW64\KBDGR.DLL
17:09:49.0386 0180 C:\Windows\SysWOW64\KBDGR.DLL - ok
17:09:49.0386 0180 [ E0A9E2538A01364FBA8D180FD476FCC0 ] C:\Windows\SysWOW64\AudioSes.dll
17:09:49.0386 0180 C:\Windows\SysWOW64\AudioSes.dll - ok
17:09:49.0402 0180 [ 5CCF34813D589FB8D682201BBC8F7181 ] C:\Windows\SysWOW64\MMDevAPI.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:09:49.0402 0180 [ D85F310B0871AF13961D1C9A9695D756 ] C:\Windows\SysWOW64\d3d9.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\d3d9.dll - ok
17:09:49.0402 0180 [ C765377BF03FD492F7F34BDD73513A47 ] C:\Windows\SysWOW64\dxva2.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\dxva2.dll - ok
17:09:49.0402 0180 [ 10ECF3FF5523363FB5E4A28EEDD46808 ] C:\Windows\SysWOW64\mf.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\mf.dll - ok
17:09:49.0402 0180 [ 474B4EC7DEDCF2D046EDB6E262BF34BE ] C:\Windows\SysWOW64\mfplat.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\mfplat.dll - ok
17:09:49.0402 0180 [ D1A0832EE341870C1A26BB7F97F878BC ] C:\Windows\SysWOW64\RTWorkQ.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\RTWorkQ.dll - ok
17:09:49.0402 0180 [ 54BB3FBA7AAED0FCB23D404DD67D4F1F ] C:\Windows\SysWOW64\avrt.dll
17:09:49.0402 0180 C:\Windows\SysWOW64\avrt.dll - ok
17:09:49.0418 0180 [ 9EA661DB9B393F46046D6181A3DDC4AD ] C:\Windows\SysWOW64\msmpeg2vdec.dll
17:09:49.0418 0180 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
17:09:49.0418 0180 [ EA3694CCEDC76161B80259F808890DA8 ] C:\Windows\SysWOW64\igdumdim32.dll
17:09:49.0418 0180 C:\Windows\SysWOW64\igdumdim32.dll - ok
17:09:49.0418 0180 [ AF44007FF0E9171C2FD66FD19DA05485 ] C:\Program Files (x86)\Opera\19.0.1326.59\opera_autoupdate.exe
17:09:49.0418 0180 C:\Program Files (x86)\Opera\19.0.1326.59\opera_autoupdate.exe - ok
17:09:49.0418 0180 [ 1DC846C435B3E36C2ADA7F6FF2DCFFF9 ] C:\Windows\SysWOW64\igdusc32.dll
17:09:49.0418 0180 C:\Windows\SysWOW64\igdusc32.dll - ok
17:09:49.0418 0180 [ 77CA588F46D2D9031ECF8BB45A2F31E0 ] C:\Program Files (x86)\Opera\19.0.1326.59\ffmpegsumo.dll
17:09:49.0418 0180 C:\Program Files (x86)\Opera\19.0.1326.59\ffmpegsumo.dll - ok
17:09:49.0418 0180 [ 008E331CCE44450185DA94FB273E4576 ] C:\Program Files (x86)\Opera\19.0.1326.59\d3dcompiler_46.dll
17:09:49.0418 0180 C:\Program Files (x86)\Opera\19.0.1326.59\d3dcompiler_46.dll - ok
17:09:49.0433 0180 [ 8DB526FBAE35EAFBB25BA8BF5F491027 ] C:\Windows\SysWOW64\credui.dll
17:09:49.0433 0180 C:\Windows\SysWOW64\credui.dll - ok
17:09:49.0433 0180 [ 5FC8D252C1FE351253AF89F1F0F6BEBB ] C:\Program Files (x86)\Opera\19.0.1326.59\libGLESv2.dll
17:09:49.0433 0180 C:\Program Files (x86)\Opera\19.0.1326.59\libGLESv2.dll - ok
17:09:49.0433 0180 [ 8E99C1C78747B8ADFDAB606492B7F1AE ] C:\Program Files (x86)\Opera\19.0.1326.59\libEGL.dll
17:09:49.0433 0180 C:\Program Files (x86)\Opera\19.0.1326.59\libEGL.dll - ok
17:09:49.0433 0180 [ 04767A913945012ADD32E2FCF4B0BE4B ] C:\Windows\SysWOW64\mscms.dll
17:09:49.0433 0180 C:\Windows\SysWOW64\mscms.dll - ok
17:09:49.0433 0180 [ 0C178B11066443E12D8A6B508477BC1A ] C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
17:09:49.0433 0180 C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll - ok
17:09:49.0433 0180 [ F9B22D89F4E96512867114CF821A7D5E ] C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
17:09:49.0433 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe - ok
17:09:49.0449 0180 [ BB4950D08BA324908A3EB1560C8199D4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll - ok
17:09:49.0449 0180 [ B1E9FAAC3B2CFB4DBF70C0FC00BEC4CC ] C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll - ok
17:09:49.0449 0180 [ 28F9CFBF3CD196114404C5684E701C3A ] C:\Program Files (x86)\Avira\AntiVir Desktop\updguirc.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\updguirc.dll - ok
17:09:49.0449 0180 [ DE29479601E85DBCBE5CD04847AB805E ] C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe - ok
17:09:49.0449 0180 [ 27DA2A3CAE27AAC116567171AFE83AD8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll - ok
17:09:49.0449 0180 [ 4608A9F5FEC89626A6502ECBD40328AB ] C:\Program Files (x86)\Avira\AntiVir Desktop\avmres.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\avmres.dll - ok
17:09:49.0449 0180 [ 58C44A6A7342CEFEF98288C900B2EA64 ] C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll
17:09:49.0449 0180 C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll - ok
17:09:49.0464 0180 [ E64EBF5A8A0011E03663AD80C79FFA4D ] D:\antirootkit\adsl.exe
17:09:49.0464 0180 D:\antirootkit\adsl.exe - ok
17:09:49.0464 0180 [ 2BB04B67B907B341648376161070AF69 ] C:\Windows\SysWOW64\riched32.dll
17:09:49.0464 0180 C:\Windows\SysWOW64\riched32.dll - ok
17:09:49.0464 0180 [ BBFD73042D7CB18120EEE089A9F761EE ] C:\Windows\SysWOW64\UIAutomationCore.dll
17:09:49.0464 0180 C:\Windows\SysWOW64\UIAutomationCore.dll - ok
17:09:49.0464 0180 [ 513D77A8EE3FF8067CC3A65DAE1A3F5A ] C:\Windows\SysWOW64\msimtf.dll
17:09:49.0464 0180 C:\Windows\SysWOW64\msimtf.dll - ok
17:09:49.0464 0180 [ C9C0B562C7AA50A672766AAC8112DF05 ] C:\Windows\SysWOW64\d2d1.dll
17:09:49.0464 0180 C:\Windows\SysWOW64\d2d1.dll - ok
17:09:49.0464 0180 [ 2ABD44418721B2502A3FF1928DB07F0B ] C:\Windows\SysWOW64\DWrite.dll
17:09:49.0464 0180 C:\Windows\SysWOW64\DWrite.dll - ok
17:09:49.0480 0180 [ 2754B116D797255B6A2F2F5DB1760238 ] C:\Windows\SysWOW64\d3d10warp.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\d3d10warp.dll - ok
17:09:49.0480 0180 [ 3B122124BACF3F17A3336BD08E9D4D95 ] C:\Windows\SysWOW64\drprov.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\drprov.dll - ok
17:09:49.0480 0180 [ 8E5EA625360077325445907D972C268E ] C:\Windows\SysWOW64\davclnt.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\davclnt.dll - ok
17:09:49.0480 0180 [ 1CF62E2D53F326C40BDC1FEE3DF11BCB ] C:\Windows\SysWOW64\ntlanman.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\ntlanman.dll - ok
17:09:49.0480 0180 [ 0CAC22201AF1F9A54CFCA93059C06A39 ] C:\Windows\SysWOW64\davhlpr.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\davhlpr.dll - ok
17:09:49.0480 0180 [ 01D719A5AD74FB7EAAA29924049C73BA ] C:\Windows\SysWOW64\dlnashext.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\dlnashext.dll - ok
17:09:49.0480 0180 [ 7D7D1177BD573F2FBE13369162D88E02 ] C:\Windows\SysWOW64\PlayToDevice.dll
17:09:49.0480 0180 C:\Windows\SysWOW64\PlayToDevice.dll - ok
17:09:49.0496 0180 [ 8136DE913C41E8485E623154E9EF6B68 ] C:\Windows\SysWOW64\DevDispItemProvider.dll
17:09:49.0496 0180 C:\Windows\SysWOW64\DevDispItemProvider.dll - ok
17:09:49.0496 0180 [ A9B6B177C78F8EEF66893C9512DF9F7C ] C:\Windows\SysWOW64\wpdshext.dll
17:09:49.0496 0180 C:\Windows\SysWOW64\wpdshext.dll - ok
17:09:49.0496 0180 [ F655C3C8BA344799015B6E2015AD4022 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
17:09:49.0496 0180 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
17:09:49.0496 0180 [ 45D4D304E4D8B5D2352A26E1D1180A37 ] C:\Windows\SysWOW64\audiodev.dll
17:09:49.0496 0180 C:\Windows\SysWOW64\audiodev.dll - ok
17:09:49.0496 0180 [ 050FE6423C35792DB6FBA2CF035430B7 ] C:\Windows\SysWOW64\WMVCORE.DLL
17:09:49.0496 0180 C:\Windows\SysWOW64\WMVCORE.DLL - ok
17:09:49.0496 0180 [ 9E201E7A15BBE6260DE904968D973165 ] C:\Windows\SysWOW64\WMASF.DLL
17:09:49.0496 0180 C:\Windows\SysWOW64\WMASF.DLL - ok
17:09:49.0511 0180 [ 0AFFC88BE88EEB6A5F5A62B270E5F23B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\8167be7add46f0aee1818bd88b6b1341\Platform.ni.dll
17:09:49.0511 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\8167be7add46f0aee1818bd88b6b1341\Platform.ni.dll - ok
17:09:49.0511 0180 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:09:49.0511 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:09:49.0511 0180 [ 00000000000000000000000000000000 ] D:\antirootkit\sophos_virus_removal_tool.exe
17:09:49.0511 0180 D:\antirootkit\sophos_virus_removal_tool.exe - ok
17:09:49.0511 0180 [ 5AC254691AE3C8FDA64E80993AD888DD ] C:\Windows\System32\imageres.dll
17:09:49.0511 0180 C:\Windows\System32\imageres.dll - ok
17:09:49.0511 0180 [ E1D499C501DC2E1F8B451F1A43BFABED ] C:\Windows\SysWOW64\msiexec.exe
17:09:49.0511 0180 C:\Windows\SysWOW64\msiexec.exe - ok
17:09:49.0511 0180 [ D1B5D53F75C783D50CF57F5C0D8C8482 ] C:\Windows\SysWOW64\msisip.dll
17:09:49.0511 0180 C:\Windows\SysWOW64\msisip.dll - ok
17:09:49.0511 0180 [ 50DAB9E7E976BD7FF5F25B83440606AA ] C:\Windows\System32\msiexec.exe
17:09:49.0511 0180 C:\Windows\System32\msiexec.exe - ok
17:09:49.0527 0180 [ 4E472630DF3339388821D9AFB259F819 ] C:\Windows\apppatch\apppatch64\AcLayers.dll
17:09:49.0527 0180 C:\Windows\apppatch\apppatch64\AcLayers.dll - ok
17:09:49.0527 0180 [ 7E95B054F077791B565048541C49A0BD ] C:\Windows\SysWOW64\msihnd.dll
17:09:49.0527 0180 C:\Windows\SysWOW64\msihnd.dll - ok
17:09:49.0527 0180 [ EC0EFB91D81A9CE418254726D02ACA86 ] C:\Windows\System32\spp.dll
17:09:49.0527 0180 C:\Windows\System32\spp.dll - ok
17:09:49.0527 0180 [ 4FBA2FC8A08A94941213D79D74F26C0E ] C:\Windows\System32\srclient.dll
17:09:49.0527 0180 C:\Windows\System32\srclient.dll - ok
17:09:49.0527 0180 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] C:\Windows\System32\VSSVC.exe
17:09:49.0527 0180 C:\Windows\System32\VSSVC.exe - ok
17:09:49.0527 0180 [ E6C850668968BEBEDFCB6F3538791E5E ] C:\Windows\System32\virtdisk.dll
17:09:49.0527 0180 C:\Windows\System32\virtdisk.dll - ok
17:09:49.0527 0180 [ 57540FE9167823B79A6B9582732ABE50 ] C:\Windows\System32\fltLib.dll
17:09:49.0527 0180 C:\Windows\System32\fltLib.dll - ok
17:09:49.0543 0180 [ 2BAC6D8D45F2E56FEEBD8D703129E583 ] C:\Windows\System32\vss_ps.dll
17:09:49.0543 0180 C:\Windows\System32\vss_ps.dll - ok
17:09:49.0543 0180 [ 001D7515D08480C85AC172334590B9B2 ] C:\Windows\System32\catsrvut.dll
17:09:49.0543 0180 C:\Windows\System32\catsrvut.dll - ok
17:09:49.0543 0180 [ 79F10EB3518F1C85B0944B6C0BC60E68 ] C:\Windows\System32\mfcsubs.dll
17:09:49.0543 0180 C:\Windows\System32\mfcsubs.dll - ok
17:09:49.0543 0180 [ 99453C649DC4B0BE6D062B701CD2917F ] C:\Windows\System32\swprv.dll
17:09:49.0543 0180 C:\Windows\System32\swprv.dll - ok
17:09:49.0543 0180 [ 5B9273124588AB0F2E40AAEC9D3C62EC ] C:\Windows\System32\RstrtMgr.dll
17:09:49.0543 0180 C:\Windows\System32\RstrtMgr.dll - ok
17:09:49.0543 0180 [ CC61E1FE853E93ECEFF1C1190C411CF2 ] C:\Windows\Installer\MSI4C11.tmp
17:09:49.0543 0180 C:\Windows\Installer\MSI4C11.tmp - ok
17:09:49.0558 0180 [ 9337B4D6C70A18D801A2B970281079B5 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe - ok
17:09:49.0558 0180 [ 6E764105D8B082BF8115FD09883549F1 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ResEnu.dll
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ResEnu.dll - ok
17:09:49.0558 0180 [ F35245309CAD66CC9441E07DDA428981 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\control.dll
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\control.dll - ok
17:09:49.0558 0180 [ DE6C4A4DDD24997ACB49A9675763B6E9 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SUL.dll
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SUL.dll - ok
17:09:49.0558 0180 [ 1AB3BCAA310B3B87812260F2D49692AE ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libcurl.dll
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libcurl.dll - ok
17:09:49.0558 0180 [ 6C62E92F8FD06488EC5F4FB414B1AC3E ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libeay32.dll
17:09:49.0558 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libeay32.dll - ok
17:09:49.0574 0180 [ BE60A936B9639AB14D9EC033DC371E2A ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ssleay32.dll
17:09:49.0574 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ssleay32.dll - ok
17:09:49.0574 0180 [ 9DDCECE8A8D1BF1E47C02F7BD92CF2FE ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
17:09:49.0574 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe - ok
17:09:49.0574 0180 [ 93DA95F022F0C6D501FFBD65D5D2C569 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\savi.dll
17:09:49.0574 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\savi.dll - ok
17:09:49.0574 0180 [ 9D231213273155133CDCA2F822F264EC ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\osdp.dll
17:09:49.0574 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\osdp.dll - ok
17:09:49.0574 0180 [ 2766BC1EB2FAB6DD517C8E20D9877D5A ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\veex.dll
17:09:49.0574 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\veex.dll - ok
17:09:49.0574 0180 [ D51874F106BE779DDDB377C73F0EFFE7 ] C:\Windows\SysWOW64\AppXDeploymentClient.dll
17:09:49.0574 0180 C:\Windows\SysWOW64\AppXDeploymentClient.dll - ok
17:09:49.0589 0180 [ 56E55B07E8C728C8B157D026583AEE29 ] C:\Windows\SysWOW64\Windows.ApplicationModel.dll
17:09:49.0589 0180 C:\Windows\SysWOW64\Windows.ApplicationModel.dll - ok
17:09:49.0589 0180 [ F592098A86D10FF4277F5D0EF6C90AD2 ] C:\Windows\SysWOW64\WinTypes.dll
17:09:49.0589 0180 C:\Windows\SysWOW64\WinTypes.dll - ok
17:09:49.0589 0180 [ FBC450EE38D38DE3220C98C6346EAD67 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\native.exe
17:09:49.0589 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\native.exe - ok
17:09:49.0589 0180 [ FEFEA4BD922EE55522D0A060D95C0896 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\rkdisk.dll
17:09:49.0589 0180 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\rkdisk.dll - ok
17:09:49.0589 0180 [ CC993BF7D8DE91303A124BE0CD88E03C ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\4e428c3a040941835c34c33609515ccd\Platform.ni.dll
17:09:49.0589 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\4e428c3a040941835c34c33609515ccd\Platform.ni.dll - ok
17:09:49.0589 0180 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:09:49.0589 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:09:49.0605 0180 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:09:49.0605 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:09:49.0605 0180 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:09:49.0605 0180 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:09:49.0605 0180 [ C0912DE9D1E8E983DFC912C1501BE245 ] C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe
17:09:49.0605 0180 C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe - ok
17:09:49.0605 0180 [ 703C8071DDD983D477E125B427113AC1 ] C:\Windows\SysWOW64\StructuredQuery.dll
17:09:49.0605 0180 C:\Windows\SysWOW64\StructuredQuery.dll - ok
17:09:49.0605 0180 [ D5B5184F8C258D2C3AC70E3799C7A4BF ] C:\Windows\SysWOW64\SearchFolder.dll
17:09:49.0605 0180 C:\Windows\SysWOW64\SearchFolder.dll - ok
17:09:49.0605 0180 [ CCDA8E6A2AC68FD417A8BB8D88CBFDAC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
17:09:49.0605 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
17:09:49.0605 0180 [ BEDDE513A3DB1E1714DDE235CEB09B37 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
17:09:49.0605 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
17:09:49.0621 0180 [ AA3FD4237EE3C7C57D5DBC0EA38E2962 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AGM.dll
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AGM.dll - ok
17:09:49.0621 0180 [ F2C994E692EEAA2EAA49FECCB656F0E1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\CoolType.dll
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\CoolType.dll - ok
17:09:49.0621 0180 [ 57ED2EDE89BD9D8FE1475DDDC701AAF0 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIB.dll
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIB.dll - ok
17:09:49.0621 0180 [ 8D7360835BBF21D8FD2AEEF7E046871C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ACE.dll
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ACE.dll - ok
17:09:49.0621 0180 [ 5ABB70C804FC082189D2C57616746723 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll - ok
17:09:49.0621 0180 [ 245C90656B40C81CB63A6F3A35847E45 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api
17:09:49.0621 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api - ok
17:09:49.0636 0180 [ D6907AA012124BC6101C84C36BF82193 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api
17:09:49.0636 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api - ok
17:09:49.0636 0180 [ 33720DFF4FF9F76F20E2055D0D6D17C3 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
17:09:49.0636 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll - ok
17:09:49.0636 0180 [ CA35AD2AF2B975E04CFC65957B203533 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AXE8SharedExpat.dll
17:09:49.0636 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AXE8SharedExpat.dll - ok
17:09:49.0636 0180 [ 46D3CD622B193D93A9EBD5FF5EAA9F4D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api
17:09:49.0636 0180 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api - ok
17:09:49.0636 0180 [ AEE70B180FCA9D378A300F82E9D6313F ] C:\Users\Tandem\AppData\Local\Temp\ccxmtz.exe
17:09:49.0636 0180 C:\Users\Tandem\AppData\Local\Temp\ccxmtz.exe - ok
17:09:49.0636 0180 [ CD95892713570725F4CBBA99F07CDDF2 ] C:\Windows\System32\dasHost.exe
17:09:49.0636 0180 C:\Windows\System32\dasHost.exe - ok
17:09:49.0652 0180 [ 3E7D36310137C20691C3E60D765EFF54 ] C:\Windows\System32\DafPrintProvider.dll
17:09:49.0652 0180 C:\Windows\System32\DafPrintProvider.dll - ok
17:09:49.0652 0180 [ BE3EC5AE153FFF43AFD5AF383A2DACDA ] C:\Windows\System32\VaultRoaming.dll
17:09:49.0652 0180 C:\Windows\System32\VaultRoaming.dll - ok
17:09:49.0652 0180 [ 16ECD0142EE5B2D2298E3511131B3452 ] C:\Windows\System32\vaultcli.dll
17:09:49.0652 0180 C:\Windows\System32\vaultcli.dll - ok
17:09:49.0652 0180 [ 81DAC9F3309A51C041545AF760CFDF06 ] C:\Windows\System32\vaultsvc.dll
17:09:49.0652 0180 C:\Windows\System32\vaultsvc.dll - ok
17:09:49.0652 0180 [ D38DF5EE43AD7E8CB65A224FC112862A ] C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll
17:09:49.0652 0180 C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll - ok
17:09:49.0652 0180 [ BC5B189CD3A850F9309A68585CBAAABC ] C:\Windows\System32\fhcfg.dll
17:09:49.0652 0180 C:\Windows\System32\fhcfg.dll - ok
17:09:49.0652 0180 [ B0613DA5277250312241139DFFCD505D ] C:\Windows\System32\efsutil.dll
17:09:49.0652 0180 C:\Windows\System32\efsutil.dll - ok
17:09:49.0668 0180 [ 8D045B6AE7957B4801ED8B818966FEE6 ] C:\Windows\System32\InputMethod\SHARED\JpnKorRoaming.dll
17:09:49.0668 0180 C:\Windows\System32\InputMethod\SHARED\JpnKorRoaming.dll - ok
17:09:49.0668 0180 [ 809B24DDE4D7C13B348BFC9CC79A89E7 ] C:\Windows\System32\InputMethod\SHARED\IHDS.DLL
17:09:49.0668 0180 C:\Windows\System32\InputMethod\SHARED\IHDS.DLL - ok
17:09:49.0668 0180 [ 0216CAEAE677B3D4DB403040F8D52896 ] C:\Windows\System32\SystemSettingsDatabase.dll
17:09:49.0668 0180 C:\Windows\System32\SystemSettingsDatabase.dll - ok
17:09:49.0668 0180 [ A4F1FAB606C7C131615C1314E175688E ] C:\Windows\System32\SettingsHandlers.dll
17:09:49.0668 0180 C:\Windows\System32\SettingsHandlers.dll - ok
17:09:49.0668 0180 [ 3BE091E3FB06CC58BB5EA2DF28F04AB4 ] C:\Windows\System32\Winlangdb.dll
17:09:49.0668 0180 C:\Windows\System32\Winlangdb.dll - ok
17:09:49.0668 0180 [ 5DC76D5D6D5FD4830793B3928AAAA4DE ] C:\Windows\System32\input.dll
17:09:49.0668 0180 C:\Windows\System32\input.dll - ok
17:09:49.0683 0180 [ 886E5C5E7EE54F99F3482B3D935439A2 ] C:\Windows\System32\InputMethod\CHS\ChsRoaming.DLL
17:09:49.0683 0180 C:\Windows\System32\InputMethod\CHS\ChsRoaming.DLL - ok
17:09:49.0683 0180 [ 14B4AB502E572B142C4917A949B29706 ] C:\Windows\System32\themeui.dll
17:09:49.0683 0180 C:\Windows\System32\themeui.dll - ok
17:09:49.0683 0180 [ 5764E8261620179F4B9472D2E589E5D9 ] C:\Windows\System32\TimeBrokerClient.dll
17:09:49.0683 0180 C:\Windows\System32\TimeBrokerClient.dll - ok
17:09:49.0683 0180 [ 3599089381EFAAE7D93FC63EB27D04D1 ] C:\Windows\System32\pots.dll
17:09:49.0683 0180 C:\Windows\System32\pots.dll - ok
17:09:49.0683 0180 [ DAFF353325552D3A3A0384C7DF3F3357 ] C:\Windows\System32\powercpl.dll
17:09:49.0683 0180 C:\Windows\System32\powercpl.dll - ok
17:09:49.0683 0180 [ 4F32FE0318A902949E461F699030DA45 ] C:\Windows\System32\DAFWSD.dll
17:09:49.0683 0180 C:\Windows\System32\DAFWSD.dll - ok
17:09:49.0683 0180 [ F0BCFBBE7328DB539E9719E18C82004F ] C:\Windows\System32\powercfg.cpl
17:09:49.0683 0180 C:\Windows\System32\powercfg.cpl - ok
17:09:49.0699 0180 [ 6A993F9B16B993AE0E9D838EFA3A1C72 ] C:\Program Files\Windows Defender\MpCmdRun.exe
17:09:49.0699 0180 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
17:09:49.0699 0180 [ 9F6BF0058505A898B20F3B85D3E22F50 ] C:\Windows\System32\comsvcs.dll
17:09:49.0699 0180 C:\Windows\System32\comsvcs.dll - ok
17:09:49.0699 0180 [ 571885DB166B9AE744C25643F7A30509 ] C:\Windows\SysWOW64\appwiz.cpl
17:09:49.0699 0180 C:\Windows\SysWOW64\appwiz.cpl - ok
17:09:49.0699 0180 [ 17A3F23A0C4E6A0B9FF8F095C2BE0B42 ] C:\Windows\SysWOW64\osbaseln.dll
17:09:49.0699 0180 C:\Windows\SysWOW64\osbaseln.dll - ok
17:09:49.0699 0180 [ 860CA19B8523FDC97330381A472C8C8A ] C:\Program Files (x86)\Bubble Freespace Shredder 2\unins000.exe
17:09:49.0699 0180 C:\Program Files (x86)\Bubble Freespace Shredder 2\unins000.exe - ok
17:09:49.0699 0180 [ 860CA19B8523FDC97330381A472C8C8A ] C:\Users\Tandem\AppData\Local\Temp\_iu14D2N.tmp
17:09:49.0699 0180 C:\Users\Tandem\AppData\Local\Temp\_iu14D2N.tmp - ok
17:09:49.0714 0180 [ 5DCA9670170F065D6ACF587DA3FECE27 ] C:\Windows\SysWOW64\twinapi.dll
17:09:49.0714 0180 C:\Windows\SysWOW64\twinapi.dll - ok
17:09:49.0714 0180 [ 963CB4CDD293FAB48907B8A9211262E5 ] C:\Windows\SysWOW64\BCP47Langs.dll
17:09:49.0714 0180 C:\Windows\SysWOW64\BCP47Langs.dll - ok
17:09:49.0714 0180 [ F33323D3A93DA545CD63010FED334DE2 ] C:\Program Files (x86)\TrojanHunter 5.5\unins000.exe
17:09:49.0714 0180 C:\Program Files (x86)\TrojanHunter 5.5\unins000.exe - ok
17:09:49.0714 0180 [ 5DF2358DC115DAA1B439CE73B0B08FFB ] C:\Program Files (x86)\a-squared HiJackFree\a2hijackfree.exe
17:09:49.0714 0180 C:\Program Files (x86)\a-squared HiJackFree\a2hijackfree.exe - ok
17:09:49.0714 0180 [ 0FC9B04C7F729498B41A19FA55C33573 ] C:\Windows\SysWOW64\olepro32.dll
17:09:49.0714 0180 C:\Windows\SysWOW64\olepro32.dll - ok
17:09:49.0714 0180 [ 7D30E75C5C0FEAA40B79775C92C6AF23 ] C:\Windows\SysWOW64\MrmCoreR.dll
17:09:49.0714 0180 C:\Windows\SysWOW64\MrmCoreR.dll - ok
17:09:49.0714 0180 [ 13756A1B9D37398A99DAC0B7D3032CC6 ] C:\Windows\System32\LaunchTM.exe
17:09:49.0714 0180 C:\Windows\System32\LaunchTM.exe - ok
17:09:49.0730 0180 [ 2750EEB7440726085036BC746A095540 ] C:\Windows\System32\Taskmgr.exe
17:09:49.0730 0180 C:\Windows\System32\Taskmgr.exe - ok
17:09:49.0730 0180 [ 9524A1CEBC1CE82D59BCB6519E2FDBEF ] C:\Windows\System32\acppage.dll
17:09:49.0730 0180 C:\Windows\System32\acppage.dll - ok
17:09:49.0730 0180 [ 78A3191A74F110D6F08C6E7BFD27DD7D ] C:\Windows\System32\cryptext.dll
17:09:49.0730 0180 C:\Windows\System32\cryptext.dll - ok
17:09:49.0730 0180 [ 74C6B3109A607B89B1A3171A3D54C8D8 ] C:\Windows\System32\cryptui.dll
17:09:49.0730 0180 C:\Windows\System32\cryptui.dll - ok
17:09:49.0730 0180 [ 152ABECE6894153FA41157050BD1D99F ] C:\Windows\System32\rshx32.dll
17:09:49.0730 0180 C:\Windows\System32\rshx32.dll - ok
17:09:49.0730 0180 [ 52B153957363F4955096D64E691B1E95 ] C:\Windows\System32\aclui.dll
17:09:49.0730 0180 C:\Windows\System32\aclui.dll - ok
17:09:49.0746 0180 [ B9025D470B0D563853F57DE399DE31D4 ] C:\Windows\System32\docprop.dll
17:09:49.0746 0180 C:\Windows\System32\docprop.dll - ok
17:09:49.0746 0180 [ D7D364B8E764DB424B60F53E6FE078E1 ] C:\Windows\SysWOW64\samlib.dll
17:09:49.0746 0180 C:\Windows\SysWOW64\samlib.dll - ok
17:09:49.0746 0180 [ 206CA40E986033D62490D299F8E560E1 ] C:\Windows\System32\RADCUI.dll
17:09:49.0746 0180 C:\Windows\System32\RADCUI.dll - ok
17:09:49.0746 0180 [ 1503510900836FA6A0E4FE9662FE0768 ] C:\Windows\System32\TSWorkspace.dll
17:09:49.0746 0180 C:\Windows\System32\TSWorkspace.dll - ok
17:09:49.0746 0180 [ 92D0AB294435F653A5F1A4A14847A02E ] C:\Windows\System32\ActionCenterCPL.dll
17:09:49.0746 0180 C:\Windows\System32\ActionCenterCPL.dll - ok
17:09:49.0746 0180 [ CEB55F50B21F9F70BF379A779D6A9624 ] C:\Windows\System32\msconfig.exe
17:09:49.0746 0180 C:\Windows\System32\msconfig.exe - ok
17:09:49.0761 0180 [ C5B9D305CAD14D55BB4DA5071889EE49 ] C:\Windows\System32\mfc42u.dll
17:09:49.0761 0180 C:\Windows\System32\mfc42u.dll - ok
17:09:49.0761 0180 [ F7546CC82AE959BF322A49A7C11C1D5A ] C:\Windows\System32\odbc32.dll
17:09:49.0761 0180 C:\Windows\System32\odbc32.dll - ok
17:09:49.0761 0180 [ 5F40AAC4D3ABED2F258B3E6202EB351C ] C:\Windows\System32\SensorsCpl.dll
17:09:49.0761 0180 C:\Windows\System32\SensorsCpl.dll - ok
17:09:49.0761 0180 [ 946A73246A504476F4E429246F97BC28 ] C:\Windows\System32\netcenter.dll
17:09:49.0761 0180 C:\Windows\System32\netcenter.dll - ok
17:09:49.0761 0180 [ B7AD851A21FEBA3BA214972627614207 ] C:\Windows\System32\netman.dll
17:09:49.0761 0180 C:\Windows\System32\netman.dll - ok
17:09:49.0761 0180 [ BCE87B456D851A0C9E726331A040CE3F ] C:\Windows\System32\netshell.dll
17:09:49.0761 0180 C:\Windows\System32\netshell.dll - ok
17:09:49.0761 0180 [ 3F37066D0C5E41F0CEFDDAC8AC59163D ] C:\Windows\System32\rasdlg.dll
17:09:49.0761 0180 C:\Windows\System32\rasdlg.dll - ok
17:09:49.0777 0180 [ 95ED0EB4E1D30448AF1C55BB2B4F014C ] C:\Windows\System32\mprapi.dll
17:09:49.0777 0180 C:\Windows\System32\mprapi.dll - ok
17:09:49.0777 0180 [ A881FF42F3688C4E1F754F600B778AB8 ] C:\Windows\System32\connect.dll
17:09:49.0777 0180 C:\Windows\System32\connect.dll - ok
17:09:49.0777 0180 [ 465E8A5B79FF5134CECE8E43031ADBE1 ] C:\Windows\System32\dtsh.dll
17:09:49.0777 0180 C:\Windows\System32\dtsh.dll - ok
17:09:49.0777 0180 [ BF8DE533F533A07C22507C47F1B5AD0C ] C:\Windows\System32\wmp.dll
17:09:49.0777 0180 C:\Windows\System32\wmp.dll - ok
17:09:49.0777 0180 [ 7E8B2C23D6FF7C4AFE30F3EB6C606884 ] C:\Windows\System32\wmploc.DLL
17:09:49.0777 0180 C:\Windows\System32\wmploc.DLL - ok
17:09:49.0777 0180 [ C675604E14D05669880F70C2ABD65451 ] C:\Windows\System32\Vault.dll
17:09:49.0777 0180 C:\Windows\System32\Vault.dll - ok
17:09:49.0777 0180 [ EBD64C8DE8822479ECC2347EE1A68D8A ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe
17:09:49.0777 0180 C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok
17:09:49.0793 0180 [ 5221CDE3D000D49110C6A6442752A087 ] C:\Windows\System32\pidgenx.dll
17:09:49.0793 0180 C:\Windows\System32\pidgenx.dll - ok
17:09:49.0793 0180 [ DE34B169A4997EA1118BB9674B26397D ] C:\Windows\System32\winsku.dll
17:09:49.0793 0180 C:\Windows\System32\winsku.dll - ok
17:09:49.0793 0180 [ C7BC30CB3900935DC213C9B63DB36741 ] C:\Windows\System32\DismApi.dll
17:09:49.0793 0180 C:\Windows\System32\DismApi.dll - ok
17:09:49.0793 0180 [ 83296DE8CFFEADA636DCC1AB2E3BF643 ] C:\Windows\System32\inetcpl.cpl
17:09:49.0793 0180 C:\Windows\System32\inetcpl.cpl - ok
17:09:49.0793 0180 [ 439A00B0F73BD7B6C1C08F4A760BEC07 ] C:\Windows\System32\IEAdvpack.dll
17:09:49.0793 0180 C:\Windows\System32\IEAdvpack.dll - ok
17:09:49.0793 0180 [ 4E0709D9BB951AD1C22E4FF519B90839 ] C:\Windows\System32\mshtml.dll
17:09:49.0793 0180 C:\Windows\System32\mshtml.dll - ok
17:09:49.0808 0180 [ 19DF5724A1B05D493C9175890C0A2E46 ] C:\Windows\System32\DiagCpl.dll
17:09:49.0808 0180 C:\Windows\System32\DiagCpl.dll - ok
17:09:49.0808 0180 [ 4050668775C05D8D3E2B9BA8A489C9FD ] C:\Windows\System32\sdiagprv.dll
17:09:49.0808 0180 C:\Windows\System32\sdiagprv.dll - ok
17:09:49.0808 0180 [ 5E4E99CAC7103A3FCD2A048033BA6687 ] C:\Windows\System32\mblctr.exe
17:09:49.0808 0180 C:\Windows\System32\mblctr.exe - ok
17:09:49.0808 0180 [ 31FC5EBF5C8CE2237CADCFAD3AED7D4F ] C:\Windows\System32\mobsync.exe
17:09:49.0808 0180 C:\Windows\System32\mobsync.exe - ok
17:09:49.0808 0180 [ 27E9C23E43FE41702B0C244B9CA3F318 ] C:\Windows\System32\SyncInfrastructure.dll
17:09:49.0808 0180 C:\Windows\System32\SyncInfrastructure.dll - ok
17:09:49.0808 0180 [ 5C0C8BC61FD4931359DF11A8FCD24A45 ] C:\Windows\System32\mmc.exe
17:09:49.0808 0180 C:\Windows\System32\mmc.exe - ok
17:09:49.0808 0180 [ 62EB6BCCD4C8D1E942F579200AEB89AB ] C:\Windows\System32\mmcbase.dll
17:09:49.0808 0180 C:\Windows\System32\mmcbase.dll - ok
17:09:49.0824 0180 [ 4D24EDBCD7901AAE0525ABE26F43011E ] C:\Windows\System32\mmcndmgr.dll
17:09:49.0824 0180 C:\Windows\System32\mmcndmgr.dll - ok
17:09:49.0824 0180 [ 5D6801D34E4FB3144915108F758FDCC6 ] C:\Windows\System32\devmgr.dll
17:09:49.0824 0180 C:\Windows\System32\devmgr.dll - ok
17:09:49.0824 0180 [ C9854541C1DF8CFB1F7C5B4D90C9F5C5 ] C:\Windows\System32\dmocx.dll
17:09:49.0824 0180 C:\Windows\System32\dmocx.dll - ok
17:09:49.0824 0180 [ BA9ADE2B12F322224145350A88A23765 ] C:\Windows\System32\wlaninst.dll
17:09:49.0824 0180 C:\Windows\System32\wlaninst.dll - ok
17:09:49.0824 0180 [ 400657F9C16EE39A2A1F08AF7631192F ] C:\Windows\System32\wwaninst.dll
17:09:49.0824 0180 C:\Windows\System32\wwaninst.dll - ok
17:09:49.0824 0180 [ 45369E037410609D769852A1CE46A184 ] C:\Windows\System32\drivers\k57nd60a.sys
17:09:49.0824 0180 C:\Windows\System32\drivers\k57nd60a.sys - ok
17:09:49.0824 0180 [ 7EF478B7043A28AEC57F8FC6F11965C3 ] C:\Windows\System32\HelpPaneProxy.dll
17:09:49.0824 0180 C:\Windows\System32\HelpPaneProxy.dll - ok
17:09:49.0839 0180 [ EA3DDF258F653D8BCF35EEFDC83ECA5E ] C:\Windows\HelpPane.exe
17:09:49.0839 0180 C:\Windows\HelpPane.exe - ok
17:09:49.0839 0180 [ 0D2E1E435D503AAF74F2189212062DA3 ] C:\Windows\System32\apds.dll
17:09:49.0839 0180 C:\Windows\System32\apds.dll - ok
17:09:49.0839 0180 [ CF1C73DE1FADE3D3C44FCAF254F57DB2 ] C:\Windows\System32\jscript9.dll
17:09:49.0839 0180 C:\Windows\System32\jscript9.dll - ok
17:09:49.0839 0180 [ E4ACA305526214C454CCD83BBAF70F65 ] C:\Windows\System32\msimtf.dll
17:09:49.0839 0180 C:\Windows\System32\msimtf.dll - ok
17:09:49.0839 0180 [ D66289A41D9931DE7CDF470949C9BC24 ] C:\Windows\System32\imgutil.dll
17:09:49.0839 0180 C:\Windows\System32\imgutil.dll - ok
17:09:49.0839 0180 [ 689ABA32B7C61B9B3E0153E83F638C57 ] C:\Windows\System32\NaturalLanguage6.dll
17:09:49.0839 0180 C:\Windows\System32\NaturalLanguage6.dll - ok
17:09:49.0855 0180 [ 7570D0E275461E2B9E214895181BD8FE ] C:\Windows\System32\NlsData0007.dll
17:09:49.0855 0180 C:\Windows\System32\NlsData0007.dll - ok
17:09:49.0855 0180 [ CB2C30C436DC94F4A840AE8297E4601D ] C:\Windows\System32\NlsLexicons0007.dll
17:09:49.0855 0180 C:\Windows\System32\NlsLexicons0007.dll - ok
17:09:49.0855 0180 [ 40FF06267FECECF63FC982F641F3C155 ] C:\Windows\System32\msdt.exe
17:09:49.0855 0180 C:\Windows\System32\msdt.exe - ok
17:09:49.0855 0180 [ 91ADC5BD3E8C381021AC64A80AF25FE0 ] C:\Windows\System32\telephon.cpl
17:09:49.0855 0180 C:\Windows\System32\telephon.cpl - ok
17:09:49.0855 0180 [ 865E69EEE936C3FE9BF9668EDCBAFC8C ] C:\Windows\System32\tapi32.dll
17:09:49.0855 0180 C:\Windows\System32\tapi32.dll - ok
17:09:49.0855 0180 [ FF6F494B1DA4713DEA014DB84E254149 ] C:\Windows\System32\tapiui.dll
17:09:49.0855 0180 C:\Windows\System32\tapiui.dll - ok
17:09:49.0855 0180 [ CE525E3905C6AFD43E091A7295CF961E ] C:\Windows\System32\modemui.dll
17:09:49.0855 0180 C:\Windows\System32\modemui.dll - ok
17:09:49.0871 0180 [ 16CA67ACCB49AF11025AD44E07D8E724 ] C:\Windows\System32\systemcpl.dll
17:09:49.0871 0180 C:\Windows\System32\systemcpl.dll - ok
17:09:49.0871 0180 [ 03F03B8E77492EB7324F2FA979FC7E64 ] C:\Windows\System32\WinSATAPI.dll
17:09:49.0871 0180 C:\Windows\System32\WinSATAPI.dll - ok
17:09:49.0871 0180 [ A7BA28F69515DB31E8F673CDEB40EA75 ] C:\Windows\System32\SystemPropertiesRemote.exe
17:09:49.0871 0180 C:\Windows\System32\SystemPropertiesRemote.exe - ok
17:09:49.0871 0180 [ 488E39030B5492A0D13D9423F118E73F ] C:\Windows\System32\sysdm.cpl
17:09:49.0871 0180 C:\Windows\System32\sysdm.cpl - ok
17:09:49.0871 0180 [ 809E7AF3579E8A8D8744F4D74B63445D ] C:\Windows\System32\netid.dll
17:09:49.0871 0180 C:\Windows\System32\netid.dll - ok
17:09:49.0871 0180 [ 3DE4734EAB9E26CF70289EDE6C2C2613 ] C:\Windows\System32\srrstr.dll
17:09:49.0871 0180 C:\Windows\System32\srrstr.dll - ok
17:09:49.0886 0180 [ B598A73FB254C78DC267DCFC808DD9DD ] C:\Windows\System32\remotepg.dll
17:09:49.0886 0180 C:\Windows\System32\remotepg.dll - ok
17:09:49.0886 0180 [ C74B41A57513EC2FD6E57F493529F809 ] C:\Windows\System32\regapi.dll
17:09:49.0886 0180 C:\Windows\System32\regapi.dll - ok
17:09:49.0886 0180 [ 409B48BC4D05F5B4E3B17C9F417100DF ] C:\Windows\System32\racpldlg.dll
17:09:49.0886 0180 C:\Windows\System32\racpldlg.dll - ok
17:09:49.0886 0180 [ 15EB9FEE8DDBD7747539E05A50DBBCCD ] C:\Windows\System32\SystemPropertiesProtection.exe
17:09:49.0886 0180 C:\Windows\System32\SystemPropertiesProtection.exe - ok
17:09:49.0886 0180 [ 1BB7AC28F35687DABF3A099A8EED33B7 ] C:\Windows\System32\SystemPropertiesAdvanced.exe
17:09:49.0886 0180 C:\Windows\System32\SystemPropertiesAdvanced.exe - ok
17:09:49.0886 0180 [ 410263744BBC5538EAB0B3A065F97F3A ] C:\Windows\System32\changepk.exe
17:09:49.0886 0180 C:\Windows\System32\changepk.exe - ok
17:09:49.0886 0180 [ 7029F8CB6D1EF7B0D56FAB0146E42516 ] C:\Windows\System32\fhcpl.dll
17:09:49.0886 0180 C:\Windows\System32\fhcpl.dll - ok
17:09:49.0902 0180 [ 60FD6797BD2425FE012DA02A4778F96C ] C:\Windows\System32\shgina.dll
17:09:49.0902 0180 C:\Windows\System32\shgina.dll - ok
17:09:49.0902 0180 [ 858776908AF838E3790F3261B799CDA6 ] C:\Windows\System32\drivers\rdpvideominiport.sys
17:09:49.0902 0180 C:\Windows\System32\drivers\rdpvideominiport.sys - ok
17:09:49.0902 0180 [ 0F351EC71CE415D7EE85FFB8DF473F2C ] C:\Windows\System32\workerdd.dll
17:09:49.0902 0180 C:\Windows\System32\workerdd.dll - ok
17:09:49.0902 0180 [ A016186F9DF5E273BA9235BECEA0C6C2 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
17:09:49.0902 0180 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe - ok
17:09:49.0902 0180 [ 2FB757B35C94B1C1C65BA35E4E7EC0F2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
17:09:49.0902 0180 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
17:09:49.0902 0180 [ BE8F5E1C39C6DF42AE69D613EAEF9936 ] C:\Program Files\Elantech\ETDTouch.exe
17:09:49.0902 0180 C:\Program Files\Elantech\ETDTouch.exe - ok
17:09:49.0918 0180 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
17:09:49.0918 0180 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
17:09:49.0918 0180 [ CD78DF1E4D1B5A9E2D3A120C8EBC4555 ] C:\Windows\System32\NcaApi.dll
17:09:49.0918 0180 C:\Windows\System32\NcaApi.dll - ok
17:09:49.0918 0180 [ 302337967FBA91C40745B96A42A39CC5 ] C:\Program Files (x86)\Launch Manager\LMutilps32.exe
17:09:49.0918 0180 C:\Program Files (x86)\Launch Manager\LMutilps32.exe - ok
17:09:49.0918 0180 [ 91647EAD53B68EFFDF17EC2FC9DF4018 ] C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
17:09:49.0918 0180 C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe - ok
17:09:49.0918 0180 [ BABD61928A74CD342EF02465DA63F186 ] C:\Windows\System32\sdclt.exe
17:09:49.0918 0180 C:\Windows\System32\sdclt.exe - ok
17:09:49.0918 0180 [ DD51E2B5AFEE55BB8429900FDFD0E263 ] C:\Windows\System32\ReAgent.dll
17:09:49.0918 0180 C:\Windows\System32\ReAgent.dll - ok
17:09:49.0918 0180 [ 0C1DD5D08EFBC9308BD8CA08E7CBA48D ] C:\Windows\System32\Windows.Media.Streaming.dll
17:09:49.0918 0180 C:\Windows\System32\Windows.Media.Streaming.dll - ok
17:09:49.0933 0180 [ B6906CDDA78F6CBFF4F2A0E214A29FEB ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
17:09:49.0933 0180 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
17:09:49.0933 0180 [ 14D3EDC750DAA89D322743781755314C ] C:\Windows\System32\d3d9.dll
17:09:49.0933 0180 C:\Windows\System32\d3d9.dll - ok
17:09:49.0933 0180 [ E567EA6FD3253C9080BED35B7D561381 ] C:\Program Files\Windows Photo Viewer\PhotoBase.dll
17:09:49.0933 0180 C:\Program Files\Windows Photo Viewer\PhotoBase.dll - ok
17:09:49.0933 0180 [ DED67B9BCFE9CE5F12E17C0842E6A809 ] C:\Windows\System32\mspaint.exe
17:09:49.0933 0180 C:\Windows\System32\mspaint.exe - ok
17:09:49.0933 0180 [ 8A8BB2BC560720C8FD0700C78D0FB0BB ] C:\Windows\System32\sti.dll
17:09:49.0933 0180 C:\Windows\System32\sti.dll - ok
17:09:49.0933 0180 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Tandem\Desktop\tdsskiller.exe
17:09:49.0933 0180 C:\Users\Tandem\Desktop\tdsskiller.exe - ok
17:09:49.0949 0180 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\40523956.sys
17:09:49.0949 0180 C:\Windows\System32\drivers\40523956.sys - ok
Geändert von Tandem (09.04.2014 um 00:52 Uhr) |
|
09.04.2014, 00:41
| #8 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 5/8: Code:
ATTFilter 17:09:49.0949 0180 ============================================================
17:09:49.0949 0180 Scan finished
17:09:49.0949 0180 ============================================================
17:09:49.0949 3584 Detected object count: 5
17:09:49.0949 3584 Actual detected object count: 5
17:10:05.0487 3584 BrcmCardReader ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:05.0487 3584 BrcmCardReader ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:05.0487 3584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:05.0487 3584 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:05.0487 3584 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:05.0487 3584 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:05.0487 3584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:05.0487 3584 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:05.0503 3584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:05.0503 3584 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:33.0438 2760 ============================================================
17:10:33.0438 2760 Scan started
17:10:33.0438 2760 Mode: Manual; SigCheck; TDLFS;
17:10:33.0438 2760 ============================================================
17:10:34.0782 2760 ================ Scan system memory ========================
17:10:34.0782 2760 System memory - ok
17:10:34.0797 2760 ================ Scan services =============================
17:10:34.0938 2760 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:10:34.0969 2760 1394ohci - ok
17:10:35.0000 2760 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:10:35.0016 2760 3ware - ok
17:10:35.0063 2760 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:10:35.0094 2760 ACPI - ok
17:10:35.0110 2760 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:10:35.0125 2760 acpiex - ok
17:10:35.0141 2760 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:10:35.0141 2760 acpipagr - ok
17:10:35.0159 2760 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:10:35.0159 2760 AcpiPmi - ok
17:10:35.0175 2760 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:10:35.0175 2760 acpitime - ok
17:10:35.0253 2760 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:35.0269 2760 AdobeARMservice - ok
17:10:35.0316 2760 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:10:35.0378 2760 ADP80XX - ok
17:10:35.0409 2760 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:10:35.0441 2760 AeLookupSvc - ok
17:10:35.0456 2760 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:10:35.0472 2760 AFD - ok
17:10:35.0487 2760 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:10:35.0503 2760 agp440 - ok
17:10:35.0519 2760 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:10:35.0534 2760 ahcache - ok
17:10:35.0566 2760 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
17:10:35.0566 2760 ALG - ok
17:10:35.0581 2760 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:10:35.0597 2760 AmdK8 - ok
17:10:35.0612 2760 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:10:35.0628 2760 AmdPPM - ok
17:10:35.0628 2760 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:10:35.0644 2760 amdsata - ok
17:10:35.0659 2760 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:10:35.0659 2760 amdsbs - ok
17:10:35.0675 2760 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:10:35.0691 2760 amdxata - ok
17:10:35.0728 2760 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:10:35.0743 2760 AntiVirSchedulerService - ok
17:10:35.0759 2760 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:10:35.0790 2760 AntiVirService - ok
17:10:35.0837 2760 [ DAB48CB546A895C3FC6219F298CC6DD7 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:10:35.0868 2760 AntiVirWebService - ok
17:10:35.0915 2760 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:10:35.0931 2760 AppID - ok
17:10:35.0962 2760 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:10:35.0978 2760 AppIDSvc - ok
17:10:36.0009 2760 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:10:36.0025 2760 Appinfo - ok
17:10:36.0040 2760 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:10:36.0087 2760 AppReadiness - ok
17:10:36.0134 2760 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:10:36.0212 2760 AppXSvc - ok
17:10:36.0250 2760 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:10:36.0297 2760 arcsas - ok
17:10:36.0297 2760 ASPI - ok
17:10:36.0328 2760 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:10:36.0359 2760 atapi - ok
17:10:36.0390 2760 [ 1E71A166547A110CD66EA44326DB4552 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
17:10:36.0422 2760 AthBTPort - ok
17:10:36.0500 2760 [ C8318A083DE9D8FFCA6E70D3E183490A ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
17:10:36.0531 2760 AtherosSvc - ok
17:10:36.0640 2760 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
17:10:36.0687 2760 athr - ok
17:10:36.0756 2760 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:10:36.0787 2760 AudioEndpointBuilder - ok
17:10:36.0834 2760 [ EF276593AD1BDF5A99032F62D6272848 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:10:36.0866 2760 Audiosrv - ok
17:10:36.0897 2760 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:10:36.0928 2760 avgntflt - ok
17:10:36.0928 2760 [ C3A58DBD18786C338126D30BF8C33D72 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:10:36.0959 2760 avipbb - ok
17:10:36.0975 2760 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:10:36.0991 2760 avkmgr - ok
17:10:37.0022 2760 [ 3B220F0D170EE8EE2B365749B03D73F6 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:10:37.0069 2760 avnetflt - ok
17:10:37.0100 2760 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:10:37.0147 2760 AxInstSV - ok
17:10:37.0194 2760 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:10:37.0241 2760 b06bdrv - ok
17:10:37.0256 2760 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:10:37.0256 2760 BasicDisplay - ok
17:10:37.0256 2760 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:10:37.0272 2760 BasicRender - ok
17:10:37.0303 2760 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:10:37.0319 2760 bcmfn2 - ok
17:10:37.0334 2760 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:10:37.0350 2760 BDESVC - ok
17:10:37.0377 2760 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:10:37.0408 2760 Beep - ok
17:10:37.0440 2760 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
17:10:37.0487 2760 BFE - ok
17:10:37.0580 2760 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
17:10:37.0627 2760 BITS - ok
17:10:37.0643 2760 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:10:37.0674 2760 bowser - ok
17:10:37.0721 2760 [ 5C6ADD0111E1C6601B5911F7ACF85BB8 ] BrcmCardReader C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
17:10:37.0737 2760 BrcmCardReader ( UnsignedFile.Multi.Generic ) - warning
17:10:37.0737 2760 BrcmCardReader - detected UnsignedFile.Multi.Generic (1)
17:10:37.0768 2760 [ A6207A88B596F726DE558425F3B7E592 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:10:37.0799 2760 BrokerInfrastructure - ok
17:10:37.0846 2760 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
17:10:37.0877 2760 Browser - ok
17:10:37.0909 2760 [ 8F62F985BDD2F333A3EE34D54894363D ] bScsiSDa C:\WINDOWS\System32\drivers\bScsiSDa.sys
17:10:37.0940 2760 bScsiSDa - ok
17:10:37.0987 2760 [ 5ED7B1EE371751CF2ACAE89E7FC566FA ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
17:10:38.0018 2760 BTATH_A2DP - ok
17:10:38.0034 2760 [ 31BDF24D1C9213A0E891568FE643C79C ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
17:10:38.0049 2760 btath_avdt - ok
17:10:38.0065 2760 [ 4AF7C20F94DAC343C01ED671C82DCB99 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
17:10:38.0096 2760 BTATH_HCRP - ok
17:10:38.0112 2760 [ 785C38070043BEEE9E9D591DE4067244 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
17:10:38.0127 2760 BTATH_LWFLT - ok
17:10:38.0143 2760 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
17:10:38.0159 2760 BTATH_RCP - ok
17:10:38.0190 2760 [ 0D70E980F91FDBF3DB55922CECCE4616 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:10:38.0205 2760 BtFilter - ok
17:10:38.0237 2760 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:10:38.0252 2760 BthAvrcpTg - ok
17:10:38.0268 2760 [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
17:10:38.0284 2760 BthEnum - ok
17:10:38.0299 2760 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:10:38.0330 2760 BthHFEnum - ok
17:10:38.0330 2760 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:10:38.0362 2760 bthhfhid - ok
17:10:38.0393 2760 [ FCD8BD17B7193CFFF18C332D1A381D7F ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
17:10:38.0409 2760 BthLEEnum - ok
17:10:38.0424 2760 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:10:38.0440 2760 BTHMODEM - ok
17:10:38.0455 2760 [ 3AFE71D80EDF5D4DE0C5731352905669 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
17:10:38.0471 2760 BthPan - ok
17:10:38.0502 2760 [ 10EDF9E0838BA4578FFFFF274632D454 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:10:38.0518 2760 BTHPORT - ok
17:10:38.0534 2760 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
17:10:38.0549 2760 bthserv - ok
17:10:38.0580 2760 [ 0E7FA34B975764C33B5DBC6F8C401627 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:10:38.0580 2760 BTHUSB - ok
17:10:38.0612 2760 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:10:38.0627 2760 cdfs - ok
17:10:38.0627 2760 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:10:38.0643 2760 cdrom - ok
17:10:38.0659 2760 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:10:38.0677 2760 CertPropSvc - ok
17:10:38.0693 2760 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:10:38.0693 2760 circlass - ok
17:10:38.0724 2760 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:10:38.0739 2760 CLFS - ok
17:10:38.0755 2760 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:10:38.0771 2760 CmBatt - ok
17:10:38.0802 2760 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:10:38.0849 2760 CNG - ok
17:10:38.0880 2760 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:10:38.0880 2760 CompositeBus - ok
17:10:38.0880 2760 COMSysApp - ok
17:10:38.0896 2760 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:10:38.0911 2760 condrv - ok
17:10:38.0990 2760 [ D5F868A46AED8E7CAD6C30E0599DD100 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:10:39.0036 2760 cphs - ok
17:10:39.0083 2760 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:10:39.0114 2760 CryptSvc - ok
17:10:39.0146 2760 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\WINDOWS\system32\DRIVERS\CVirtA64.sys
17:10:39.0161 2760 CVirtA - ok
17:10:39.0193 2760 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
17:10:39.0208 2760 dam - ok
17:10:39.0271 2760 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:10:39.0302 2760 DcomLaunch - ok
17:10:39.0333 2760 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:10:39.0365 2760 defragsvc - ok
17:10:39.0396 2760 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:10:39.0427 2760 DeviceAssociationService - ok
17:10:39.0490 2760 [ B9A27D354D7DBEBC973B2A9A13E7BED0 ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
17:10:39.0521 2760 DeviceFastLaneService - ok
17:10:39.0552 2760 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:10:39.0583 2760 DeviceInstall - ok
17:10:39.0615 2760 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:10:39.0646 2760 Dfsc - ok
17:10:39.0693 2760 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:10:39.0724 2760 Dhcp - ok
17:10:39.0755 2760 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:10:39.0786 2760 disk - ok
17:10:39.0802 2760 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:10:39.0818 2760 dmvsc - ok
17:10:39.0849 2760 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\WINDOWS\system32\DRIVERS\dne64x.sys
17:10:39.0880 2760 DNE - ok
17:10:39.0896 2760 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:10:39.0911 2760 Dnscache - ok
17:10:39.0927 2760 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:10:39.0958 2760 dot3svc - ok
17:10:39.0990 2760 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
17:10:40.0021 2760 dot4 - ok
17:10:40.0021 2760 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
17:10:40.0052 2760 Dot4Print - ok
17:10:40.0068 2760 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
17:10:40.0083 2760 dot4usb - ok
17:10:40.0115 2760 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
17:10:40.0161 2760 DPS - ok
17:10:40.0193 2760 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:10:40.0224 2760 drmkaud - ok
17:10:40.0302 2760 [ D2BCDD6BBFCD068090C109854FCEE079 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:10:40.0333 2760 DsiWMIService - ok
17:10:40.0365 2760 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:10:40.0396 2760 DsmSvc - ok
17:10:40.0458 2760 [ A3D1CB64DF885ACE126543E6D7067348 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:10:40.0521 2760 DXGKrnl - ok
17:10:40.0536 2760 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:10:40.0568 2760 Eaphost - ok
17:10:40.0661 2760 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:10:40.0735 2760 ebdrv - ok
17:10:40.0751 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
17:10:40.0766 2760 EFS - ok
17:10:40.0782 2760 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:10:40.0782 2760 EhStorClass - ok
17:10:40.0797 2760 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:10:40.0813 2760 EhStorTcgDrv - ok
17:10:40.0876 2760 [ 616E1B9130314EB0E331197940AA625B ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
17:10:40.0907 2760 ePowerSvc - ok
17:10:40.0922 2760 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:10:40.0954 2760 ErrDev - ok
17:10:40.0985 2760 [ AC20C1DAC4E6E871F2930D57EF0906B3 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
17:10:41.0032 2760 ETD - ok
17:10:41.0082 2760 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
17:10:41.0113 2760 EventSystem - ok
17:10:41.0144 2760 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:10:41.0176 2760 exfat - ok
17:10:41.0191 2760 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:10:41.0222 2760 fastfat - ok
17:10:41.0254 2760 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
17:10:41.0285 2760 Fax - ok
17:10:41.0301 2760 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:10:41.0332 2760 fdc - ok
17:10:41.0332 2760 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:10:41.0363 2760 fdPHost - ok
17:10:41.0394 2760 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:10:41.0410 2760 FDResPub - ok
17:10:41.0441 2760 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:10:41.0472 2760 fhsvc - ok
17:10:41.0488 2760 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:10:41.0519 2760 FileInfo - ok
17:10:41.0535 2760 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:10:41.0566 2760 Filetrace - ok
17:10:41.0582 2760 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:10:41.0613 2760 flpydisk - ok
17:10:41.0629 2760 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:10:41.0691 2760 FltMgr - ok
17:10:41.0722 2760 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
17:10:41.0754 2760 FontCache - ok
17:10:41.0847 2760 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:41.0879 2760 FontCache3.0.0.0 - ok
17:10:41.0894 2760 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:10:41.0926 2760 FsDepends - ok
17:10:41.0941 2760 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:10:41.0972 2760 Fs_Rec - ok
17:10:42.0035 2760 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:10:42.0082 2760 fvevol - ok
17:10:42.0113 2760 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:10:42.0129 2760 FxPPM - ok
17:10:42.0144 2760 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:10:42.0160 2760 gagp30kx - ok
17:10:42.0176 2760 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:10:42.0191 2760 gencounter - ok
17:10:42.0191 2760 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:10:42.0217 2760 GPIOClx0101 - ok
17:10:42.0248 2760 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:10:42.0295 2760 gpsvc - ok
17:10:42.0295 2760 Hamachi - ok
17:10:42.0310 2760 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:10:42.0326 2760 HDAudBus - ok
17:10:42.0342 2760 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:10:42.0373 2760 HidBatt - ok
17:10:42.0389 2760 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:10:42.0420 2760 HidBth - ok
17:10:42.0467 2760 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:10:42.0498 2760 hidi2c - ok
17:10:42.0526 2760 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:10:42.0557 2760 HidIr - ok
17:10:42.0557 2760 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:10:42.0589 2760 hidserv - ok
17:10:42.0589 2760 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:10:42.0604 2760 HidUsb - ok
17:10:42.0651 2760 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:10:42.0667 2760 hkmsvc - ok
17:10:42.0698 2760 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:10:42.0745 2760 HomeGroupListener - ok
17:10:42.0776 2760 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:10:42.0807 2760 HomeGroupProvider - ok
17:10:42.0901 2760 [ 0D0213498683414DDE29B1686A4C08D5 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:10:42.0932 2760 hpqcxs08 - ok
17:10:42.0948 2760 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:10:42.0979 2760 hpqddsvc - ok
17:10:43.0011 2760 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:10:43.0042 2760 HpSAMD - ok
17:10:43.0073 2760 [ C995EA1C6915D897E06D41AF95B9312C ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:10:43.0089 2760 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:10:43.0089 2760 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:10:43.0104 2760 HssDRV6 - ok
17:10:43.0120 2760 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:10:43.0214 2760 HTTP - ok
17:10:43.0229 2760 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:10:43.0261 2760 hwpolicy - ok
17:10:43.0276 2760 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:10:43.0292 2760 hyperkbd - ok
17:10:43.0307 2760 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:10:43.0323 2760 HyperVideo - ok
17:10:43.0354 2760 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:10:43.0370 2760 i8042prt - ok
17:10:43.0401 2760 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:10:43.0417 2760 iaLPSSi_GPIO - ok
17:10:43.0432 2760 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:10:43.0448 2760 iaLPSSi_I2C - ok
17:10:43.0495 2760 [ 6C024B3AE192D72B216166802AF345DD ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
17:10:43.0526 2760 iaStorA - ok
17:10:43.0573 2760 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:10:43.0636 2760 iaStorAV - ok
17:10:43.0682 2760 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:10:43.0714 2760 iaStorV - ok
17:10:43.0729 2760 IEEtwCollectorService - ok
17:10:43.0839 2760 [ 4F6363C26B4A3DDBC9FAFCBA68602B01 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:10:43.0901 2760 igfx - ok
17:10:43.0948 2760 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:10:43.0995 2760 IKEEXT - ok
17:10:44.0011 2760 [ 4011430BC9DA46ADFAE9915EFEC312FB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:10:44.0026 2760 intaud_WaveExtensible - ok
17:10:44.0151 2760 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:10:44.0214 2760 IntcAzAudAddService - ok
17:10:44.0245 2760 [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:10:44.0277 2760 IntcDAud - ok
17:10:44.0323 2760 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:10:44.0355 2760 Intel(R) Capability Licensing Service Interface - ok
17:10:44.0386 2760 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:10:44.0417 2760 intelide - ok
17:10:44.0448 2760 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:10:44.0480 2760 intelpep - ok
17:10:44.0495 2760 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:10:44.0511 2760 intelppm - ok
17:10:44.0542 2760 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:10:44.0589 2760 IpFilterDriver - ok
17:10:44.0652 2760 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:10:44.0698 2760 iphlpsvc - ok
17:10:44.0714 2760 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:10:44.0745 2760 IPMIDRV - ok
17:10:44.0777 2760 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:10:44.0808 2760 IPNAT - ok
17:10:44.0839 2760 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:10:44.0870 2760 IRENUM - ok
17:10:44.0886 2760 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:10:44.0902 2760 isapnp - ok
17:10:44.0917 2760 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:10:44.0964 2760 iScsiPrt - ok
17:10:44.0980 2760 [ EE03564B7FAFE2E44EDA33D52E83B4A3 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:10:44.0995 2760 iwdbus - ok
17:10:45.0074 2760 [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:10:45.0120 2760 jhi_service - ok
17:10:45.0167 2760 [ 45369E037410609D769852A1CE46A184 ] k57nd60a C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
17:10:45.0230 2760 k57nd60a - ok
17:10:45.0247 2760 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:10:45.0262 2760 kbdclass - ok
17:10:45.0262 2760 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:10:45.0293 2760 kbdhid - ok
17:10:45.0293 2760 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:10:45.0309 2760 kdnic - ok
17:10:45.0325 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
17:10:45.0340 2760 KeyIso - ok
17:10:45.0513 2760 [ 1C6256096A341051509D36AD724830BE ] KL1 C:\WINDOWS\system32\DRIVERS\kl1.sys
17:10:45.0594 2760 KL1 - ok
17:10:45.0626 2760 [ F2EB9202FCCC81E0902D3C5A70037A44 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
17:10:45.0657 2760 klelam - ok
17:10:45.0673 2760 [ 36A77AFB95BDD99E7E678D4B070AA2B9 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
17:10:45.0704 2760 KLIF - ok
17:10:45.0735 2760 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:10:45.0751 2760 KSecDD - ok
17:10:45.0782 2760 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:10:45.0798 2760 KSecPkg - ok
17:10:45.0813 2760 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:10:45.0829 2760 ksthunk - ok
17:10:45.0860 2760 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:10:45.0891 2760 KtmRm - ok
17:10:45.0923 2760 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:10:45.0938 2760 LanmanServer - ok
17:10:45.0969 2760 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:10:46.0016 2760 LanmanWorkstation - ok
17:10:46.0048 2760 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:10:46.0079 2760 lfsvc - ok
17:10:46.0094 2760 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:10:46.0110 2760 lltdio - ok
17:10:46.0126 2760 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:10:46.0141 2760 lltdsvc - ok
17:10:46.0173 2760 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:10:46.0219 2760 lmhosts - ok
17:10:46.0251 2760 [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:10:46.0282 2760 LMS - ok
17:10:46.0329 2760 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:10:46.0360 2760 LSI_SAS - ok
17:10:46.0360 2760 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:10:46.0391 2760 LSI_SAS2 - ok
17:10:46.0407 2760 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:10:46.0423 2760 LSI_SAS3 - ok
17:10:46.0438 2760 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:10:46.0454 2760 LSI_SSS - ok
17:10:46.0485 2760 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
17:10:46.0516 2760 LSM - ok
17:10:46.0535 2760 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:10:46.0551 2760 luafv - ok
17:10:46.0566 2760 [ CD51E1D0D638F1E07A6EDC98CD7F5DDA ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
17:10:46.0582 2760 mbamchameleon - ok
17:10:46.0597 2760 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:10:46.0597 2760 megasas - ok
17:10:46.0629 2760 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:10:46.0644 2760 megasr - ok
17:10:46.0676 2760 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:10:46.0676 2760 MEIx64 - ok
17:10:46.0707 2760 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4 ] MEMSWEEP2 C:\WINDOWS\system32\250.tmp
17:10:46.0707 2760 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - warning
17:10:46.0707 2760 MEMSWEEP2 - detected UnsignedFile.Multi.Generic (1)
17:10:46.0738 2760 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:10:46.0738 2760 MMCSS - ok
17:10:46.0754 2760 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:10:46.0769 2760 Modem - ok
17:10:46.0801 2760 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:10:46.0801 2760 monitor - ok
17:10:46.0816 2760 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:10:46.0816 2760 mouclass - ok
17:10:46.0847 2760 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:10:46.0847 2760 mouhid - ok
17:10:46.0863 2760 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:10:46.0910 2760 mountmgr - ok
17:10:46.0926 2760 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:10:46.0972 2760 mpsdrv - ok
17:10:47.0019 2760 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:10:47.0066 2760 MpsSvc - ok
17:10:47.0082 2760 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:10:47.0113 2760 MRxDAV - ok
17:10:47.0129 2760 [ 79B6F3DF7CDFD12159871FF71464F0CE ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:10:47.0144 2760 mrxsmb - ok
17:10:47.0144 2760 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:10:47.0160 2760 mrxsmb10 - ok
17:10:47.0191 2760 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:10:47.0222 2760 mrxsmb20 - ok
17:10:47.0238 2760 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:10:47.0269 2760 MsBridge - ok
17:10:47.0316 2760 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:10:47.0347 2760 MSDTC - ok
17:10:47.0363 2760 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:10:47.0379 2760 Msfs - ok
17:10:47.0394 2760 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:10:47.0410 2760 msgpiowin32 - ok
17:10:47.0426 2760 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:10:47.0441 2760 mshidkmdf - ok
17:10:47.0457 2760 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:10:47.0472 2760 mshidumdf - ok
17:10:47.0488 2760 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:10:47.0504 2760 msisadrv - ok
17:10:47.0535 2760 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:10:47.0566 2760 MSiSCSI - ok
17:10:47.0566 2760 msiserver - ok
17:10:47.0582 2760 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:10:47.0597 2760 MSKSSRV - ok
17:10:47.0613 2760 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:10:47.0629 2760 MsLldp - ok
17:10:47.0644 2760 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:10:47.0660 2760 MSPCLOCK - ok
17:10:47.0660 2760 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:10:47.0676 2760 MSPQM - ok
17:10:47.0707 2760 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:10:47.0738 2760 MsRPC - ok
17:10:47.0754 2760 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:10:47.0754 2760 mssmbios - ok
17:10:47.0769 2760 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:10:47.0785 2760 MSTEE - ok
17:10:47.0801 2760 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:10:47.0816 2760 MTConfig - ok
17:10:47.0832 2760 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:10:47.0848 2760 Mup - ok
17:10:47.0863 2760 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:10:47.0895 2760 mvumis - ok
17:10:47.0926 2760 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:10:47.0941 2760 napagent - ok
17:10:47.0988 2760 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:10:48.0020 2760 NativeWifiP - ok
17:10:48.0098 2760 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate c:\Program Files (x86)\Nero\Update\NASvc.exe
17:10:48.0145 2760 NAUpdate - ok
17:10:48.0176 2760 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:10:48.0207 2760 NcaSvc - ok
17:10:48.0223 2760 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:10:48.0238 2760 NcbService - ok
17:10:48.0254 2760 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:10:48.0285 2760 NcdAutoSetup - ok
17:10:48.0332 2760 [ ED39D676080A1AEA755F1DEC1A8DF1A4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:10:48.0379 2760 NDIS - ok
17:10:48.0410 2760 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:10:48.0441 2760 NdisCap - ok
17:10:48.0457 2760 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:10:48.0488 2760 NdisImPlatform - ok
17:10:48.0520 2760 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:10:48.0551 2760 NdisTapi - ok
17:10:48.0566 2760 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:10:48.0582 2760 Ndisuio - ok
17:10:48.0598 2760 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:10:48.0629 2760 NdisVirtualBus - ok
17:10:48.0645 2760 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:10:48.0660 2760 NdisWan - ok
17:10:48.0676 2760 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:10:48.0676 2760 NdisWanLegacy - ok
17:10:48.0691 2760 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:10:48.0707 2760 NDProxy - ok
17:10:48.0723 2760 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:10:48.0738 2760 Ndu - ok
17:10:48.0770 2760 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
17:10:48.0785 2760 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:10:48.0785 2760 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:10:48.0801 2760 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:10:48.0832 2760 NetBIOS - ok
17:10:48.0848 2760 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:10:48.0895 2760 NetBT - ok
17:10:48.0895 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:10:48.0926 2760 Netlogon - ok
17:10:48.0971 2760 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
17:10:49.0002 2760 Netman - ok
17:10:49.0049 2760 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:10:49.0080 2760 netprofm - ok
17:10:49.0127 2760 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:49.0174 2760 NetTcpPortSharing - ok
17:10:49.0205 2760 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
17:10:49.0236 2760 netvsc - ok
17:10:49.0252 2760 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:10:49.0299 2760 NlaSvc - ok
17:10:49.0315 2760 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:10:49.0330 2760 Npfs - ok
17:10:49.0346 2760 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:10:49.0361 2760 npsvctrig - ok
17:10:49.0361 2760 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:10:49.0377 2760 nsi - ok
17:10:49.0377 2760 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:10:49.0393 2760 nsiproxy - ok
17:10:49.0440 2760 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:10:49.0487 2760 Ntfs - ok
17:10:49.0502 2760 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
17:10:49.0518 2760 Null - ok
17:10:49.0533 2760 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:10:49.0549 2760 nvraid - ok
17:10:49.0565 2760 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:10:49.0596 2760 nvstor - ok
17:10:49.0612 2760 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:10:49.0627 2760 nv_agp - ok
17:10:49.0690 2760 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:10:49.0721 2760 p2pimsvc - ok
17:10:49.0752 2760 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:10:49.0783 2760 p2psvc - ok
17:10:49.0783 2760 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:10:49.0799 2760 Parport - ok
17:10:49.0815 2760 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:10:49.0830 2760 partmgr - ok
17:10:49.0846 2760 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:10:49.0846 2760 PcaSvc - ok
17:10:49.0877 2760 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
17:10:49.0877 2760 pci - ok
17:10:49.0893 2760 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:10:49.0909 2760 pciide - ok
17:10:49.0924 2760 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:10:49.0924 2760 pcmcia - ok
17:10:49.0956 2760 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:10:49.0956 2760 pcw - ok
17:10:49.0971 2760 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:10:49.0987 2760 pdc - ok
17:10:50.0018 2760 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:10:50.0065 2760 PEAUTH - ok
17:10:50.0128 2760 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:10:50.0159 2760 PerfHost - ok
17:10:50.0222 2760 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
17:10:50.0284 2760 pla - ok
17:10:50.0315 2760 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:10:50.0331 2760 PlugPlay - ok
17:10:50.0362 2760 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
17:10:50.0378 2760 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:10:50.0378 2760 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:10:50.0378 2760 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:10:50.0393 2760 PNRPAutoReg - ok
17:10:50.0409 2760 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:10:50.0440 2760 PNRPsvc - ok
17:10:50.0472 2760 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:10:50.0487 2760 PolicyAgent - ok
17:10:50.0487 2760 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
17:10:50.0503 2760 Power - ok
17:10:50.0597 2760 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:10:50.0644 2760 PrintNotify - ok
17:10:50.0659 2760 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:10:50.0659 2760 Processor - ok
17:10:50.0690 2760 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:10:50.0722 2760 ProfSvc - ok
17:10:50.0753 2760 [ 138DBAE80F390B22297ACD861BDA996E ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
17:10:50.0769 2760 Ps2Kb2Hid - ok
17:10:50.0815 2760 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:10:50.0847 2760 Psched - ok
17:10:50.0878 2760 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:10:50.0909 2760 QWAVE - ok
17:10:50.0925 2760 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:10:50.0956 2760 QWAVEdrv - ok
17:10:50.0972 2760 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:10:50.0987 2760 RasAcd - ok
17:10:51.0019 2760 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:10:51.0050 2760 RasAuto - ok
17:10:51.0081 2760 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:10:51.0112 2760 RasMan - ok
17:10:51.0112 2760 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:10:51.0128 2760 RasPppoe - ok
17:10:51.0144 2760 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:10:51.0159 2760 rdbss - ok
17:10:51.0184 2760 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:10:51.0185 2760 rdpbus - ok
17:10:51.0200 2760 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:10:51.0231 2760 RDPDR - ok
17:10:51.0263 2760 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:10:51.0294 2760 RdpVideoMiniport - ok
17:10:51.0325 2760 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:10:51.0372 2760 rdyboost - ok
17:10:51.0419 2760 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:10:51.0450 2760 ReFS - ok
17:10:51.0481 2760 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:10:51.0513 2760 RemoteAccess - ok
17:10:51.0560 2760 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:10:51.0606 2760 RemoteRegistry - ok
17:10:51.0638 2760 [ F61333867216EDE1A09A7C55FEDCB6A8 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
17:10:51.0669 2760 RfButtonDriverService - ok
17:10:51.0700 2760 [ 02307C86CB24769306B0DFA0C751952E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
17:10:51.0731 2760 RFCOMM - ok
17:10:51.0763 2760 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:10:51.0794 2760 RpcEptMapper - ok
17:10:51.0825 2760 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
17:10:51.0841 2760 RpcLocator - ok
17:10:51.0872 2760 [ 675C575444AAFD56B4E8A99EF8A570CD ] rpcnet C:\Windows\SysWOW64\rpcnet.exe
17:10:51.0888 2760 rpcnet - ok
17:10:51.0919 2760 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:10:51.0982 2760 RpcSs - ok
17:10:52.0013 2760 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:10:52.0028 2760 rspndr - ok
17:10:52.0044 2760 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:10:52.0060 2760 s3cap - ok
17:10:52.0091 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
17:10:52.0107 2760 SamSs - ok
17:10:52.0138 2760 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:10:52.0153 2760 sbp2port - ok
17:10:52.0185 2760 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:10:52.0216 2760 SCardSvr - ok
17:10:52.0232 2760 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:10:52.0247 2760 ScDeviceEnum - ok
17:10:52.0278 2760 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:10:52.0294 2760 scfilter - ok
17:10:52.0325 2760 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:10:52.0372 2760 Schedule - ok
17:10:52.0403 2760 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:10:52.0435 2760 SCPolicySvc - ok
17:10:52.0466 2760 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:10:52.0497 2760 sdbus - ok
17:10:52.0528 2760 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:10:52.0560 2760 sdstor - ok
17:10:52.0591 2760 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:10:52.0622 2760 secdrv - ok
17:10:52.0653 2760 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:10:52.0669 2760 seclogon - ok
17:10:52.0685 2760 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
17:10:52.0732 2760 SENS - ok
17:10:52.0732 2760 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:10:52.0747 2760 SensrSvc - ok
17:10:52.0778 2760 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:10:52.0794 2760 SerCx - ok
17:10:52.0825 2760 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:10:52.0841 2760 SerCx2 - ok
17:10:52.0857 2760 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:10:52.0888 2760 Serenum - ok
17:10:52.0903 2760 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:10:52.0919 2760 Serial - ok
17:10:52.0950 2760 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:10:52.0966 2760 sermouse - ok
17:10:52.0997 2760 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:10:53.0028 2760 SessionEnv - ok
17:10:53.0044 2760 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:10:53.0060 2760 sfloppy - ok
17:10:53.0091 2760 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:10:53.0122 2760 SharedAccess - ok
17:10:53.0154 2760 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:10:53.0169 2760 ShellHWDetection - ok
17:10:53.0201 2760 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:10:53.0201 2760 SiSRaid2 - ok
17:10:53.0216 2760 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:10:53.0232 2760 SiSRaid4 - ok
17:10:53.0263 2760 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
17:10:53.0263 2760 smphost - ok
17:10:53.0310 2760 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:10:53.0310 2760 SNMPTRAP - ok
17:10:53.0357 2760 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:10:53.0373 2760 spaceport - ok
17:10:53.0404 2760 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:10:53.0404 2760 SpbCx - ok
17:10:53.0435 2760 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:10:53.0482 2760 Spooler - ok
17:10:53.0639 2760 [ C993A0B97BECD3AAF5158E3869878465 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:10:53.0764 2760 sppsvc - ok
17:10:53.0796 2760 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:10:53.0811 2760 srv - ok
17:10:53.0827 2760 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:10:53.0842 2760 srv2 - ok
17:10:53.0859 2760 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:10:53.0870 2760 srvnet - ok
17:10:53.0886 2760 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:10:53.0901 2760 SSDPSRV - ok
17:10:53.0933 2760 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:10:53.0948 2760 SstpSvc - ok
17:10:53.0979 2760 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:10:54.0011 2760 stexstor - ok
17:10:54.0042 2760 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:10:54.0089 2760 stisvc - ok
17:10:54.0120 2760 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:10:54.0136 2760 storahci - ok
17:10:54.0151 2760 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:10:54.0167 2760 storflt - ok
17:10:54.0167 2760 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:10:54.0198 2760 stornvme - ok
17:10:54.0214 2760 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:10:54.0246 2760 StorSvc - ok
17:10:54.0261 2760 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:10:54.0277 2760 storvsc - ok
17:10:54.0308 2760 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
17:10:54.0339 2760 svsvc - ok
17:10:54.0355 2760 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:10:54.0386 2760 swenum - ok
17:10:54.0417 2760 [ 99453C649DC4B0BE6D062B701CD2917F ] swprv C:\WINDOWS\System32\swprv.dll
17:10:54.0464 2760 swprv - ok
17:10:54.0480 2760 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
17:10:54.0496 2760 SysMain - ok
17:10:54.0527 2760 [ D65B1C952AEB864C2BAC7A770B17ECCE ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:10:54.0558 2760 SystemEventsBroker - ok
17:10:54.0605 2760 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:10:54.0636 2760 TabletInputService - ok
17:10:54.0652 2760 [ 37589D9EA791EEF283A14179B2370A87 ] taphss6 C:\WINDOWS\system32\DRIVERS\taphss6.sys
17:10:54.0683 2760 taphss6 - ok
17:10:54.0714 2760 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:10:54.0761 2760 TapiSrv - ok
17:10:54.0824 2760 [ ECC68BD5347BDE9631EE68274858A41F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:10:54.0902 2760 Tcpip - ok
17:10:54.0933 2760 [ ECC68BD5347BDE9631EE68274858A41F ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:10:54.0996 2760 TCPIP6 - ok
17:10:55.0027 2760 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:10:55.0058 2760 tcpipreg - ok
17:10:55.0089 2760 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:10:55.0121 2760 tdx - ok
17:10:55.0152 2760 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:10:55.0183 2760 terminpt - ok
17:10:55.0230 2760 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
17:10:55.0277 2760 TermService - ok
17:10:55.0293 2760 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
17:10:55.0324 2760 Themes - ok
17:10:55.0355 2760 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:10:55.0386 2760 THREADORDER - ok
17:10:55.0402 2760 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:10:55.0449 2760 TimeBroker - ok
17:10:55.0464 2760 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:10:55.0496 2760 TPM - ok
17:10:55.0511 2760 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:10:55.0527 2760 TrkWks - ok
17:10:55.0605 2760 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:10:55.0636 2760 TrustedInstaller - ok
17:10:55.0652 2760 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:10:55.0667 2760 TsUsbFlt - ok
17:10:55.0699 2760 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:10:55.0714 2760 TsUsbGD - ok
17:10:55.0730 2760 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:10:55.0761 2760 tunnel - ok
17:10:55.0761 2760 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:10:55.0793 2760 uagp35 - ok
17:10:55.0808 2760 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:10:55.0824 2760 UASPStor - ok
17:10:55.0871 2760 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:10:55.0918 2760 UCX01000 - ok
17:10:55.0933 2760 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:10:55.0996 2760 udfs - ok
17:10:55.0996 2760 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:10:56.0027 2760 UEFI - ok
17:10:56.0058 2760 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:10:56.0089 2760 UI0Detect - ok
17:10:56.0089 2760 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:10:56.0105 2760 uliagpkx - ok
17:10:56.0121 2760 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:10:56.0136 2760 umbus - ok
17:10:56.0152 2760 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:10:56.0152 2760 UmPass - ok
17:10:56.0199 2760 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:10:56.0230 2760 UmRdpService - ok
17:10:56.0317 2760 [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:10:56.0364 2760 UNS - ok
17:10:56.0379 2760 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:10:56.0410 2760 upnphost - ok
17:10:56.0442 2760 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:10:56.0457 2760 usbccgp - ok
17:10:56.0489 2760 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:10:56.0504 2760 usbcir - ok
17:10:56.0535 2760 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:10:56.0567 2760 usbehci - ok
17:10:56.0614 2760 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:10:56.0645 2760 usbhub - ok
17:10:56.0660 2760 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:10:56.0707 2760 USBHUB3 - ok
17:10:56.0723 2760 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:10:56.0739 2760 usbohci - ok
17:10:56.0770 2760 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:10:56.0801 2760 usbprint - ok
17:10:56.0832 2760 [ F04D164C4168701A4E7835607722E5F1 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:10:56.0864 2760 usbscan - ok
17:10:56.0895 2760 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:10:56.0926 2760 USBSTOR - ok
17:10:56.0942 2760 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:10:56.0973 2760 usbuhci - ok
17:10:56.0989 2760 [ 18F744E8CCEB2670040EBAF7AD77B8C6 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:10:57.0004 2760 usbvideo - ok
17:10:57.0035 2760 [ 3B44CB989757428208CCFCC028C13110 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:10:57.0051 2760 USBXHCI - ok
17:10:57.0067 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:10:57.0082 2760 VaultSvc - ok
17:10:57.0114 2760 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
17:10:57.0114 2760 VBoxNetAdp - ok
17:10:57.0114 2760 VBoxNetFlt - ok
17:10:57.0114 2760 VBoxUSB - ok
17:10:57.0129 2760 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:10:57.0145 2760 vdrvroot - ok
17:10:57.0192 2760 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
17:10:57.0223 2760 vds - ok
17:10:57.0248 2760 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:10:57.0248 2760 VerifierExt - ok
17:10:57.0277 2760 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:10:57.0292 2760 vhdmp - ok
17:10:57.0324 2760 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
17:10:57.0339 2760 viaide - ok
17:10:57.0355 2760 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:10:57.0371 2760 vmbus - ok
17:10:57.0371 2760 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:10:57.0386 2760 VMBusHID - ok
17:10:57.0423 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:10:57.0454 2760 vmicguestinterface - ok
17:10:57.0486 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
17:10:57.0532 2760 vmicheartbeat - ok
17:10:57.0579 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:10:57.0595 2760 vmickvpexchange - ok
17:10:57.0611 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
17:10:57.0626 2760 vmicrdv - ok
17:10:57.0626 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
17:10:57.0642 2760 vmicshutdown - ok
17:10:57.0642 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
17:10:57.0657 2760 vmictimesync - ok
17:10:57.0673 2760 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
17:10:57.0673 2760 vmicvss - ok
17:10:57.0704 2760 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:10:57.0704 2760 volmgr - ok
17:10:57.0720 2760 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:10:57.0751 2760 volmgrx - ok
17:10:57.0782 2760 [ C85C075DE5B6D0FE116043054DE8EE02 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:10:57.0782 2760 volsnap - ok
17:10:57.0814 2760 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:10:57.0845 2760 vpci - ok
17:10:57.0861 2760 vpnva - ok
17:10:57.0892 2760 [ F8C69EB4CC46FD2681B65212CA20DD97 ] Vsdatant C:\WINDOWS\system32\drivers\vsdatant.sys
17:10:57.0924 2760 Vsdatant - ok
17:10:57.0940 2760 vsmon - ok
17:10:57.0986 2760 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:10:58.0018 2760 vsmraid - ok
17:10:58.0065 2760 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
17:10:58.0096 2760 VSS - ok
17:10:58.0127 2760 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:10:58.0127 2760 VSTXRAID - ok
17:10:58.0158 2760 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:10:58.0174 2760 vwifibus - ok
17:10:58.0190 2760 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:10:58.0221 2760 vwififlt - ok
17:10:58.0242 2760 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:10:58.0257 2760 vwifimp - ok
17:10:58.0289 2760 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
17:10:58.0320 2760 W32Time - ok
17:10:58.0336 2760 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:10:58.0351 2760 WacomPen - ok
17:10:58.0414 2760 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
17:10:58.0476 2760 wbengine - ok
17:10:58.0523 2760 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:10:58.0554 2760 WbioSrvc - ok
17:10:58.0570 2760 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:10:58.0601 2760 Wcmsvc - ok
17:10:58.0617 2760 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:10:58.0632 2760 wcncsvc - ok
17:10:58.0648 2760 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:10:58.0664 2760 WcsPlugInService - ok
17:10:58.0695 2760 [ 241895E8A9C158DF86E12FDD21033A32 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:10:58.0711 2760 WdBoot - ok
17:10:58.0757 2760 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:10:58.0820 2760 Wdf01000 - ok
17:10:58.0851 2760 [ C52148456E0F6EAD9E903020A79207FC ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:10:58.0867 2760 WdFilter - ok
17:10:58.0882 2760 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:10:58.0898 2760 WdiServiceHost - ok
17:10:58.0898 2760 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:10:58.0914 2760 WdiSystemHost - ok
17:10:58.0945 2760 [ 57F22324FAAF92ADF957B281E88F1743 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:10:58.0961 2760 WdNisDrv - ok
17:10:58.0992 2760 WdNisSvc - ok
17:10:59.0008 2760 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:10:59.0039 2760 WebClient - ok
17:10:59.0054 2760 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:10:59.0086 2760 Wecsvc - ok
17:10:59.0101 2760 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
17:10:59.0132 2760 WEPHOSTSVC - ok
17:10:59.0153 2760 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:10:59.0184 2760 wercplsupport - ok
17:10:59.0184 2760 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:10:59.0216 2760 WerSvc - ok
17:10:59.0247 2760 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:10:59.0263 2760 WFPLWFS - ok
17:10:59.0263 2760 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:10:59.0278 2760 WiaRpc - ok
17:10:59.0309 2760 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:10:59.0325 2760 WIMMount - ok
17:10:59.0325 2760 WinDefend - ok
17:10:59.0372 2760 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:10:59.0419 2760 WinHttpAutoProxySvc - ok
17:10:59.0450 2760 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:10:59.0481 2760 Winmgmt - ok
17:10:59.0559 2760 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:10:59.0606 2760 WinRM - ok
17:10:59.0644 2760 [ 728D3349FAB251B0265EFA55C67DCA2D ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:10:59.0691 2760 WlanSvc - ok
17:10:59.0753 2760 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:10:59.0800 2760 wlidsvc - ok
17:10:59.0831 2760 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:10:59.0847 2760 WmiAcpi - ok
17:10:59.0894 2760 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:10:59.0926 2760 wmiApSrv - ok
17:10:59.0942 2760 WMPNetworkSvc - ok
17:11:00.0020 2760 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
17:11:00.0067 2760 workfolderssvc - ok
17:11:00.0098 2760 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:11:00.0114 2760 wpcfltr - ok
17:11:00.0129 2760 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
17:11:00.0161 2760 WPCSvc - ok
17:11:00.0192 2760 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:11:00.0223 2760 WPDBusEnum - ok
17:11:00.0254 2760 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:11:00.0286 2760 WpdUpFltr - ok
17:11:00.0317 2760 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:11:00.0348 2760 ws2ifsl - ok
17:11:00.0364 2760 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:11:00.0395 2760 wscsvc - ok
17:11:00.0395 2760 WSearch - ok
17:11:00.0489 2760 [ D8E3A4701376CCFD0BE542D745FA4809 ] WSService C:\WINDOWS\System32\WSService.dll
17:11:00.0551 2760 WSService - ok
17:11:00.0614 2760 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:11:00.0661 2760 wuauserv - ok
17:11:00.0708 2760 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:11:00.0739 2760 WudfPf - ok
17:11:00.0755 2760 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
17:11:00.0771 2760 WUDFRd - ok
17:11:00.0802 2760 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:11:00.0833 2760 wudfsvc - ok
17:11:00.0833 2760 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:11:00.0864 2760 WUDFWpdFs - ok
17:11:00.0880 2760 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:11:00.0911 2760 WwanSvc - ok
17:11:00.0927 2760 [ F0814A5318A534E4742F5358DF59F3AD ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
17:11:00.0943 2760 ZAPrivacyService - ok
Geändert von Tandem (09.04.2014 um 00:53 Uhr) |
|
09.04.2014, 00:44
| #9 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 6/8: Code:
ATTFilter 17:11:00.0943 2760 ================ Scan global ===============================
17:11:00.0974 2760 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
17:11:01.0005 2760 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
17:11:01.0036 2760 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
17:11:01.0083 2760 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
17:11:01.0083 2760 [Global] - ok
17:11:01.0083 2760 ================ Scan MBR ==================================
17:11:01.0099 2760 [ 2AC0B3750D124F1F8D5FB9BB25EF9036 ] \Device\Harddisk0\DR0
17:11:01.0224 2760 \Device\Harddisk0\DR0 - ok
17:11:01.0240 2760 ================ Scan VBR ==================================
17:11:01.0271 2760 [ 58F6F415AA7132AB27319E8CCC14B98A ] \Device\Harddisk0\DR0\Partition1
17:11:01.0271 2760 \Device\Harddisk0\DR0\Partition1 - ok
17:11:01.0286 2760 [ 18AAD0907CE8C462C5A914CCB6FE4BED ] \Device\Harddisk0\DR0\Partition2
17:11:01.0286 2760 \Device\Harddisk0\DR0\Partition2 - ok
17:11:01.0302 2760 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:11:01.0302 2760 \Device\Harddisk0\DR0\Partition3 - ok
17:11:01.0318 2760 [ A79F3B0F13F1D5940F05C8710761DD97 ] \Device\Harddisk0\DR0\Partition4
17:11:01.0318 2760 \Device\Harddisk0\DR0\Partition4 - ok
17:11:01.0349 2760 [ 08D9FE6AEE866289048C2BC59BE9BC20 ] \Device\Harddisk0\DR0\Partition5
17:11:01.0365 2760 \Device\Harddisk0\DR0\Partition5 - ok
17:11:01.0380 2760 [ AAD1BDF2CF07F5F40EE9BE4B7FB64F36 ] \Device\Harddisk0\DR0\Partition6
17:11:01.0380 2760 \Device\Harddisk0\DR0\Partition6 - ok
17:11:01.0380 2760 ================ Scan active images ========================
17:11:01.0380 2760 [ FA47B0AA255B7CF4519E995C6404AE22 ] C:\Windows\System32\drivers\crashdmp.sys
17:11:01.0380 2760 C:\Windows\System32\drivers\crashdmp.sys - ok
17:11:01.0396 2760 [ 224C2CB37497472C345CB2A02DF11363 ] C:\Windows\System32\drivers\Diskdump.sys
17:11:01.0396 2760 C:\Windows\System32\drivers\Diskdump.sys - ok
17:11:01.0411 2760 [ 05C674A72412E6400D5A2684C867402D ] C:\Windows\System32\drivers\dumpfve.sys
17:11:01.0411 2760 C:\Windows\System32\drivers\dumpfve.sys - ok
17:11:01.0411 2760 [ 6C024B3AE192D72B216166802AF345DD ] C:\Windows\System32\drivers\iaStorA.sys
17:11:01.0411 2760 C:\Windows\System32\drivers\iaStorA.sys - ok
17:11:01.0427 2760 [ C6796EA22B513E3457514D92DCDB1A3D ] C:\Windows\System32\drivers\cdrom.sys
17:11:01.0427 2760 C:\Windows\System32\drivers\cdrom.sys - ok
17:11:01.0427 2760 [ 0885F0E0F03B19D685029540522BFD5C ] C:\Windows\System32\drivers\klflt.sys
17:11:01.0427 2760 C:\Windows\System32\drivers\klflt.sys - ok
17:11:01.0427 2760 [ 36A77AFB95BDD99E7E678D4B070AA2B9 ] C:\Windows\System32\drivers\klif.sys
17:11:01.0427 2760 C:\Windows\System32\drivers\klif.sys - ok
17:11:01.0443 2760 [ EF1B290FC9F0E47CC0B537292BEE5904 ] C:\Windows\System32\drivers\null.sys
17:11:01.0443 2760 C:\Windows\System32\drivers\null.sys - ok
17:11:01.0443 2760 [ EC19013E4CF87609534165DF897274D6 ] C:\Windows\System32\drivers\beep.sys
17:11:01.0443 2760 C:\Windows\System32\drivers\beep.sys - ok
17:11:01.0443 2760 [ 2748E116F8621A4DB0D39FCDD7318C01 ] C:\Windows\System32\drivers\BasicRender.sys
17:11:01.0443 2760 C:\Windows\System32\drivers\BasicRender.sys - ok
17:11:01.0458 2760 [ A3D1CB64DF885ACE126543E6D7067348 ] C:\Windows\System32\drivers\dxgkrnl.sys
17:11:01.0458 2760 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:11:01.0458 2760 [ 602811E8AAE68030C151345C84A0CDAF ] C:\Windows\System32\drivers\watchdog.sys
17:11:01.0458 2760 C:\Windows\System32\drivers\watchdog.sys - ok
17:11:01.0458 2760 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] C:\Windows\System32\drivers\BasicDisplay.sys
17:11:01.0458 2760 C:\Windows\System32\drivers\BasicDisplay.sys - ok
17:11:01.0474 2760 [ 9E167CDB2AEEF7994434543D0543AEEB ] C:\Windows\System32\drivers\dxgmms1.sys
17:11:01.0474 2760 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:11:01.0474 2760 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] C:\Windows\System32\drivers\npfs.sys
17:11:01.0474 2760 C:\Windows\System32\drivers\npfs.sys - ok
17:11:01.0474 2760 [ D13329FBF8345B28AB30F44CC247DC08 ] C:\Windows\System32\drivers\msfs.sys
17:11:01.0474 2760 C:\Windows\System32\drivers\msfs.sys - ok
17:11:01.0490 2760 [ 3C7361E0A5A6966DB957B94ECF924A9E ] C:\Windows\System32\drivers\tdi.sys
17:11:01.0490 2760 C:\Windows\System32\drivers\tdi.sys - ok
17:11:01.0490 2760 [ FFF28F9F6823EB1756C60F1649560BBF ] C:\Windows\System32\drivers\tdx.sys
17:11:01.0490 2760 C:\Windows\System32\drivers\tdx.sys - ok
17:11:01.0505 2760 [ F8C69EB4CC46FD2681B65212CA20DD97 ] C:\Windows\System32\drivers\vsdatant.sys
17:11:01.0505 2760 C:\Windows\System32\drivers\vsdatant.sys - ok
17:11:01.0505 2760 [ 0217532E19A748F0E5D569307363D5FD ] C:\Windows\System32\drivers\netbt.sys
17:11:01.0505 2760 C:\Windows\System32\drivers\netbt.sys - ok
17:11:01.0521 2760 [ 239268BAB58EAE9A3FF4E08334C00451 ] C:\Windows\System32\drivers\afd.sys
17:11:01.0521 2760 C:\Windows\System32\drivers\afd.sys - ok
17:11:01.0521 2760 [ A83D67D347A684F10B7D3019C8A6380C ] C:\Windows\System32\drivers\netbios.sys
17:11:01.0521 2760 C:\Windows\System32\drivers\netbios.sys - ok
17:11:01.0537 2760 [ 8528BB05E4D4E25945F78B00B2555FB7 ] C:\Windows\System32\drivers\pacer.sys
17:11:01.0537 2760 C:\Windows\System32\drivers\pacer.sys - ok
17:11:01.0537 2760 [ B939A2A0F9D6C6C186721E268EB6FA93 ] C:\Windows\System32\drivers\rdbss.sys
17:11:01.0537 2760 C:\Windows\System32\drivers\rdbss.sys - ok
17:11:01.0552 2760 [ 6B26AD573CCDD5209DF4397438B76354 ] C:\Windows\System32\drivers\vwififlt.sys
17:11:01.0552 2760 C:\Windows\System32\drivers\vwififlt.sys - ok
17:11:01.0552 2760 [ 315BA4BC19316D72B2E037534E048B93 ] C:\Windows\System32\drivers\dam.sys
17:11:01.0552 2760 C:\Windows\System32\drivers\dam.sys - ok
17:11:01.0568 2760 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] C:\Windows\System32\drivers\dfsc.sys
17:11:01.0568 2760 C:\Windows\System32\drivers\dfsc.sys - ok
17:11:01.0568 2760 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] C:\Windows\System32\drivers\mssmbios.sys
17:11:01.0568 2760 C:\Windows\System32\drivers\mssmbios.sys - ok
17:11:01.0584 2760 [ CBDB4F0871C88DF930FC0E8588CA67FC ] C:\Windows\System32\drivers\npsvctrig.sys
17:11:01.0584 2760 C:\Windows\System32\drivers\npsvctrig.sys - ok
17:11:01.0584 2760 [ E490B459978CB87779E84C761D22B827 ] C:\Windows\System32\drivers\nsiproxy.sys
17:11:01.0584 2760 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:11:01.0584 2760 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] C:\Windows\System32\drivers\avkmgr.sys
17:11:01.0584 2760 C:\Windows\System32\drivers\avkmgr.sys - ok
17:11:01.0599 2760 [ C3A58DBD18786C338126D30BF8C33D72 ] C:\Windows\System32\drivers\avipbb.sys
17:11:01.0599 2760 C:\Windows\System32\drivers\avipbb.sys - ok
17:11:01.0599 2760 [ 8E8E34B7BA059050EED827410D0697A2 ] C:\Windows\System32\drivers\ahcache.sys
17:11:01.0599 2760 C:\Windows\System32\drivers\ahcache.sys - ok
17:11:01.0599 2760 [ 03AAED827C36F35D70900558B8274905 ] C:\Windows\System32\drivers\CompositeBus.sys
17:11:01.0599 2760 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:11:01.0615 2760 [ 813871C7D402A05F2E3A7075F9584A05 ] C:\Windows\System32\drivers\kdnic.sys
17:11:01.0615 2760 C:\Windows\System32\drivers\kdnic.sys - ok
17:11:01.0615 2760 [ DA34C39A18E60E7C3FA0630566408034 ] C:\Windows\System32\drivers\umbus.sys
17:11:01.0615 2760 C:\Windows\System32\drivers\umbus.sys - ok
17:11:01.0615 2760 [ D81C3AAEE50F952A20C3548809CB5CE7 ] C:\Windows\System32\ntdll.dll
17:11:01.0615 2760 C:\Windows\System32\ntdll.dll - ok
17:11:01.0615 2760 [ 89B91AEEE4C0C5D3708C0F177C97B630 ] C:\Windows\System32\smss.exe
17:11:01.0615 2760 C:\Windows\System32\smss.exe - ok
17:11:01.0615 2760 [ 4F6363C26B4A3DDBC9FAFCBA68602B01 ] C:\Windows\System32\drivers\igdkmd64.sys
17:11:01.0615 2760 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:11:01.0615 2760 [ 3B44CB989757428208CCFCC028C13110 ] C:\Windows\System32\drivers\USBXHCI.SYS
17:11:01.0615 2760 C:\Windows\System32\drivers\USBXHCI.SYS - ok
17:11:01.0630 2760 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] C:\Windows\System32\drivers\UCX01000.SYS
17:11:01.0630 2760 C:\Windows\System32\drivers\UCX01000.SYS - ok
17:11:01.0630 2760 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] C:\Windows\System32\drivers\HECIx64.sys
17:11:01.0630 2760 C:\Windows\System32\drivers\HECIx64.sys - ok
17:11:01.0630 2760 [ 32F2E6BAD9FA8E14B55E97280661801E ] C:\Windows\System32\drivers\usbport.sys
17:11:01.0630 2760 C:\Windows\System32\drivers\usbport.sys - ok
17:11:01.0630 2760 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] C:\Windows\System32\drivers\hdaudbus.sys
17:11:01.0630 2760 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:11:01.0630 2760 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] C:\Windows\System32\drivers\usbehci.sys
17:11:01.0630 2760 C:\Windows\System32\drivers\usbehci.sys - ok
17:11:01.0630 2760 [ 8F62F985BDD2F333A3EE34D54894363D ] C:\Windows\System32\drivers\bScsiSDa.sys
17:11:01.0630 2760 C:\Windows\System32\drivers\bScsiSDa.sys - ok
17:11:01.0646 2760 [ 1C4EB3ACEA98CAD8FC7CF50F629FF0C6 ] C:\Windows\System32\drivers\scsiport.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\scsiport.sys - ok
17:11:01.0646 2760 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] C:\Windows\System32\drivers\i8042prt.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\i8042prt.sys - ok
17:11:01.0646 2760 [ 138DBAE80F390B22297ACD861BDA996E ] C:\Windows\System32\drivers\aPs2Kb2Hid.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\aPs2Kb2Hid.sys - ok
17:11:01.0646 2760 [ AC20C1DAC4E6E871F2930D57EF0906B3 ] C:\Windows\System32\drivers\ETD.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\ETD.sys - ok
17:11:01.0646 2760 [ ADB26481D4D247C1D6986EC45FFDAB53 ] C:\Windows\System32\drivers\hidclass.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\hidclass.sys - ok
17:11:01.0646 2760 [ 7FFB24B4A54B1ACD46CF6899D879CC9F ] C:\Windows\System32\drivers\hidparse.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\hidparse.sys - ok
17:11:01.0646 2760 [ 99387C515F80270F097F6DD9B5315649 ] C:\Windows\System32\drivers\battc.sys
17:11:01.0646 2760 C:\Windows\System32\drivers\battc.sys - ok
17:11:01.0662 2760 [ EF6EF85DADC3184A10D8F2F7159973CB ] C:\Windows\System32\drivers\CmBatt.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\CmBatt.sys - ok
17:11:01.0662 2760 [ CEAC6D40FE887CE8406C2393CF97DE06 ] C:\Windows\System32\drivers\mouclass.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\mouclass.sys - ok
17:11:01.0662 2760 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] C:\Windows\System32\drivers\wmiacpi.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:11:01.0662 2760 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] C:\Windows\System32\drivers\intelppm.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\intelppm.sys - ok
17:11:01.0662 2760 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] C:\Windows\System32\drivers\NdisVirtualBus.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
17:11:01.0662 2760 [ EE03564B7FAFE2E44EDA33D52E83B4A3 ] C:\Windows\System32\drivers\iwdbus.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\iwdbus.sys - ok
17:11:01.0662 2760 [ 65EBBB459B66C818E809DD8135DCFFA2 ] C:\Windows\System32\drivers\ks.sys
17:11:01.0662 2760 C:\Windows\System32\drivers\ks.sys - ok
17:11:01.0677 2760 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] C:\Windows\System32\drivers\rdpbus.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\rdpbus.sys - ok
17:11:01.0677 2760 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] C:\Windows\System32\drivers\swenum.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\swenum.sys - ok
17:11:01.0677 2760 [ 882222A9961418A75A08CB68671679D5 ] C:\Windows\System32\drivers\usbd.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\usbd.sys - ok
17:11:01.0677 2760 [ DF56C2C04EFA328D7A66B69007130266 ] C:\Windows\System32\drivers\usbhub.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\usbhub.sys - ok
17:11:01.0677 2760 [ 8BE92376799B6B44D543E8D07CDCF885 ] C:\Windows\System32\drivers\kbdclass.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\kbdclass.sys - ok
17:11:01.0677 2760 [ FB6E47E569D4872ABEB506BE03A45FBA ] C:\Windows\System32\drivers\kbdhid.sys
17:11:01.0677 2760 C:\Windows\System32\drivers\kbdhid.sys - ok
17:11:01.0693 2760 [ C0E33820326199CE3CFD3B9F27F81D99 ] C:\Windows\System32\drivers\USBHUB3.SYS
17:11:01.0693 2760 C:\Windows\System32\drivers\USBHUB3.SYS - ok
17:11:01.0693 2760 [ 3103BBAB41F0C75BE6FA302439C9B9D6 ] C:\Windows\System32\drivers\drmk.sys
17:11:01.0693 2760 C:\Windows\System32\drivers\drmk.sys - ok
17:11:01.0693 2760 [ 486F21443BD82029284AE82F238DA44C ] C:\Windows\System32\drivers\portcls.sys
17:11:01.0693 2760 C:\Windows\System32\drivers\portcls.sys - ok
17:11:01.0693 2760 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] C:\Windows\System32\drivers\RTKVHD64.sys
17:11:01.0693 2760 C:\Windows\System32\drivers\RTKVHD64.sys - ok
17:11:01.0693 2760 [ F5495B38BFB9149925F54F65AB40EFBF ] C:\Windows\System32\drivers\IntcDAud.sys
17:11:01.0693 2760 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:11:01.0693 2760 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] C:\Windows\System32\drivers\ksthunk.sys
17:11:01.0693 2760 C:\Windows\System32\drivers\ksthunk.sys - ok
17:11:01.0693 2760 [ 5D086AB43484A2DF5BE0AD28EC354728 ] C:\Windows\System32\wpbbin.exe
17:11:01.0693 2760 C:\Windows\System32\wpbbin.exe - ok
17:11:01.0709 2760 [ A7316E660E2DAC6D94A3B1D820C3A7F4 ] C:\Windows\SysWOW64\ntdll.dll
17:11:01.0709 2760 C:\Windows\SysWOW64\ntdll.dll - ok
17:11:01.0709 2760 [ FADE737DEAFE3BF4CFC151AD0F548A47 ] C:\Windows\System32\wow64.dll
17:11:01.0709 2760 C:\Windows\System32\wow64.dll - ok
17:11:01.0709 2760 [ 450C44450C72E3C75CEFA5E9C8371A23 ] C:\Windows\System32\wow64win.dll
17:11:01.0709 2760 C:\Windows\System32\wow64win.dll - ok
17:11:01.0709 2760 [ CFADC50692A845BAC30940E203393219 ] C:\Windows\System32\kernel32.dll
17:11:01.0709 2760 C:\Windows\System32\kernel32.dll - ok
17:11:01.0709 2760 [ CC29613C244DA266D40DBACC108FEAB5 ] C:\Windows\System32\wow64cpu.dll
17:11:01.0709 2760 C:\Windows\System32\wow64cpu.dll - ok
17:11:01.0709 2760 [ 6C8AC5035C39C818624EFA962B24AB3D ] C:\Windows\SysWOW64\kernel32.dll
17:11:01.0709 2760 C:\Windows\SysWOW64\kernel32.dll - ok
17:11:01.0724 2760 [ 1A811BAFA2114C2FC878507F9F86566C ] C:\Windows\System32\user32.dll
17:11:01.0724 2760 C:\Windows\System32\user32.dll - ok
17:11:01.0724 2760 [ 37D01B8BC15E263F4405367C9A442824 ] C:\Windows\System32\autochk.exe
17:11:01.0724 2760 C:\Windows\System32\autochk.exe - ok
17:11:01.0724 2760 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:11:01.0724 2760 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:11:01.0724 2760 [ 433ECDE01A52691FA7ACA51C10C09B70 ] C:\Windows\System32\drivers\usbccgp.sys
17:11:01.0724 2760 C:\Windows\System32\drivers\usbccgp.sys - ok
17:11:01.0724 2760 [ F31397220D9687E11EB448649AA6E038 ] C:\Windows\System32\drivers\hidusb.sys
17:11:01.0724 2760 C:\Windows\System32\drivers\hidusb.sys - ok
17:11:01.0724 2760 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] C:\Windows\System32\drivers\mouhid.sys
17:11:01.0724 2760 C:\Windows\System32\drivers\mouhid.sys - ok
17:11:01.0740 2760 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] C:\Windows\System32\drivers\fastfat.sys
17:11:01.0740 2760 C:\Windows\System32\drivers\fastfat.sys - ok
17:11:01.0740 2760 [ A4B86A08CEC7841895C817430CB76CE2 ] C:\Windows\System32\clbcatq.dll
17:11:01.0740 2760 C:\Windows\System32\clbcatq.dll - ok
17:11:01.0740 2760 [ 6F997D98C6A30D79C622811FBAB9119E ] C:\Windows\System32\ws2_32.dll
17:11:01.0740 2760 C:\Windows\System32\ws2_32.dll - ok
17:11:01.0740 2760 [ D84E30C42F76768B2040EB2A32A0F6E3 ] C:\Windows\System32\advapi32.dll
17:11:01.0740 2760 C:\Windows\System32\advapi32.dll - ok
17:11:01.0740 2760 [ F3A96882598EA84470646C6501917A98 ] C:\Windows\System32\imm32.dll
17:11:01.0740 2760 C:\Windows\System32\imm32.dll - ok
17:11:01.0740 2760 [ DB0F2D3A7561ECC396DF8878674B6DD9 ] C:\Windows\System32\ole32.dll
17:11:01.0740 2760 C:\Windows\System32\ole32.dll - ok
17:11:01.0740 2760 [ B7564AB4F8A12A16C568F256EC6C429B ] C:\Windows\System32\psapi.dll
17:11:01.0740 2760 C:\Windows\System32\psapi.dll - ok
17:11:01.0755 2760 [ DACC0040F6BB7F524BAE1D653B9FC329 ] C:\Windows\System32\Wldap32.dll
17:11:01.0755 2760 C:\Windows\System32\Wldap32.dll - ok
17:11:01.0755 2760 [ 8ACE1F60D8C4E8209F25BF945A828D96 ] C:\Windows\System32\comdlg32.dll
17:11:01.0755 2760 C:\Windows\System32\comdlg32.dll - ok
17:11:01.0755 2760 [ 447CB6699A8EAD2BC516991738A16277 ] C:\Windows\System32\imagehlp.dll
17:11:01.0755 2760 C:\Windows\System32\imagehlp.dll - ok
17:11:01.0755 2760 [ 74B258D5896FC8F8256E8D03459AC2A2 ] C:\Windows\System32\lpk.dll
17:11:01.0755 2760 C:\Windows\System32\lpk.dll - ok
17:11:01.0755 2760 [ 905A32D35E8CC1F08F040F77B03697FF ] C:\Windows\System32\shlwapi.dll
17:11:01.0755 2760 C:\Windows\System32\shlwapi.dll - ok
17:11:01.0755 2760 [ 5F9799975EAB95431BF78428B26B4FF6 ] C:\Windows\System32\shell32.dll
17:11:01.0755 2760 C:\Windows\System32\shell32.dll - ok
17:11:01.0755 2760 [ 1AEFA4B25F72772F131D760F664ED7E1 ] C:\Windows\System32\difxapi.dll
17:11:01.0755 2760 C:\Windows\System32\difxapi.dll - ok
17:11:01.0771 2760 [ 722B699957393AC38AD18C84964EFFA6 ] C:\Windows\System32\setupapi.dll
17:11:01.0771 2760 C:\Windows\System32\setupapi.dll - ok
17:11:01.0771 2760 [ C49981A2AD6B2793891075FD514F5728 ] C:\Windows\System32\gdi32.dll
17:11:01.0771 2760 C:\Windows\System32\gdi32.dll - ok
17:11:01.0771 2760 [ B65523C830308241407F6EBCC6484E70 ] C:\Windows\System32\sechost.dll
17:11:01.0771 2760 C:\Windows\System32\sechost.dll - ok
17:11:01.0771 2760 [ AD5CE3C874A6229D4B80F977FAF6EF87 ] C:\Windows\System32\GdiPlus.dll
17:11:01.0771 2760 C:\Windows\System32\GdiPlus.dll - ok
17:11:01.0771 2760 [ CFCDAAA210D62B277A2183F62FEE068F ] C:\Windows\System32\rpcrt4.dll
17:11:01.0771 2760 C:\Windows\System32\rpcrt4.dll - ok
17:11:01.0771 2760 [ 179E2B1F19FD949761EEAB36AD5DAB35 ] C:\Windows\System32\msctf.dll
17:11:01.0771 2760 C:\Windows\System32\msctf.dll - ok
17:11:01.0787 2760 [ C039246195C736A602F581D29F18A43D ] C:\Windows\System32\combase.dll
17:11:01.0787 2760 C:\Windows\System32\combase.dll - ok
17:11:01.0787 2760 [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC ] C:\Windows\System32\normaliz.dll
17:11:01.0787 2760 C:\Windows\System32\normaliz.dll - ok
17:11:01.0787 2760 [ 7CE4D5AB5626A26A6E6DFC7397179841 ] C:\Windows\System32\msvcrt.dll
17:11:01.0787 2760 C:\Windows\System32\msvcrt.dll - ok
17:11:01.0787 2760 [ 75428240F81D41B9F8F7CE5DDB07CA0F ] C:\Windows\System32\nsi.dll
17:11:01.0787 2760 C:\Windows\System32\nsi.dll - ok
17:11:01.0787 2760 [ B9FC41CEC711DC0E1BFE927EEDC49176 ] C:\Windows\System32\oleaut32.dll
17:11:01.0787 2760 C:\Windows\System32\oleaut32.dll - ok
17:11:01.0787 2760 [ 980CDCBF3EDB80CA20921F2C88260406 ] C:\Windows\System32\comctl32.dll
17:11:01.0787 2760 C:\Windows\System32\comctl32.dll - ok
17:11:01.0787 2760 [ 6EFAF0D87291F9FBD7C0ED3BD56511AA ] C:\Windows\System32\crypt32.dll
17:11:01.0787 2760 C:\Windows\System32\crypt32.dll - ok
17:11:01.0802 2760 [ 8D2DF744C20A8960C022BF71505D3B45 ] C:\Windows\System32\cfgmgr32.dll
17:11:01.0802 2760 C:\Windows\System32\cfgmgr32.dll - ok
17:11:01.0802 2760 [ D13EE1D0B33D2B19C048EFA53DD41A2B ] C:\Windows\System32\KernelBase.dll
17:11:01.0802 2760 C:\Windows\System32\KernelBase.dll - ok
17:11:01.0802 2760 [ 05579A2C16277280E0FAD02245B80C2D ] C:\Windows\System32\wintrust.dll
17:11:01.0802 2760 C:\Windows\System32\wintrust.dll - ok
17:11:01.0802 2760 [ 7DA935827BC3F48AE146BA4B2755F1AD ] C:\Windows\System32\msasn1.dll
17:11:01.0802 2760 C:\Windows\System32\msasn1.dll - ok
17:11:01.0802 2760 [ 00542019B2969529C5E9C68C83BD6F88 ] C:\Windows\SysWOW64\normaliz.dll
17:11:01.0802 2760 C:\Windows\SysWOW64\normaliz.dll - ok
17:11:01.0802 2760 [ 32F9650CD23F6F36706E9EA23ECCF484 ] C:\Windows\SysWOW64\lpk.dll
17:11:01.0802 2760 C:\Windows\SysWOW64\lpk.dll - ok
17:11:01.0802 2760 [ 1A69D165DDA78A4329B854D4FEDAD132 ] C:\Windows\System32\win32k.sys
17:11:01.0802 2760 C:\Windows\System32\win32k.sys - ok
17:11:01.0818 2760 [ B2D3F07F5E8A13AF988A8B3C0A800880 ] C:\Windows\System32\csrss.exe
17:11:01.0818 2760 C:\Windows\System32\csrss.exe - ok
17:11:01.0818 2760 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\Windows\System32\basesrv.dll
17:11:01.0818 2760 C:\Windows\System32\basesrv.dll - ok
17:11:01.0818 2760 [ 885901A37E73FA25F3F87A848BA8033F ] C:\Windows\System32\csrsrv.dll
17:11:01.0818 2760 C:\Windows\System32\csrsrv.dll - ok
17:11:01.0818 2760 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\Windows\System32\winsrv.dll
17:11:01.0818 2760 C:\Windows\System32\winsrv.dll - ok
17:11:01.0818 2760 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] C:\Windows\System32\drivers\monitor.sys
17:11:01.0818 2760 C:\Windows\System32\drivers\monitor.sys - ok
17:11:01.0818 2760 [ 8D3421127B05432B743719C239ABF80F ] C:\Windows\System32\tsddd.dll
17:11:01.0818 2760 C:\Windows\System32\tsddd.dll - ok
17:11:01.0834 2760 [ 57E1B83BB52651FF388788D8C4F12C80 ] C:\Windows\System32\KBDGR.DLL
17:11:01.0834 2760 C:\Windows\System32\KBDGR.DLL - ok
17:11:01.0834 2760 [ 8ED638461EFFCF584AF5A8C291A2F9DF ] C:\Windows\System32\profapi.dll
17:11:01.0834 2760 C:\Windows\System32\profapi.dll - ok
17:11:01.0834 2760 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\Windows\System32\sxssrv.dll
17:11:01.0834 2760 C:\Windows\System32\sxssrv.dll - ok
17:11:01.0834 2760 [ 48CFA7BE561A7BE144C29BB912055016 ] C:\Windows\System32\wininit.exe
17:11:01.0834 2760 C:\Windows\System32\wininit.exe - ok
17:11:01.0834 2760 [ 55D0BC5BA19B1BA3A82F75A33828BCC0 ] C:\Windows\System32\wininitext.dll
17:11:01.0834 2760 C:\Windows\System32\wininitext.dll - ok
17:11:01.0834 2760 [ 5EC5EC3A6118227CA3FFD1353BC61344 ] C:\Windows\System32\cdd.dll
17:11:01.0834 2760 C:\Windows\System32\cdd.dll - ok
17:11:01.0834 2760 [ 7C94FDA3809015B8F2208D2E1C221F17 ] C:\Windows\System32\winlogon.exe
17:11:01.0834 2760 C:\Windows\System32\winlogon.exe - ok
17:11:01.0849 2760 [ 1DBC3C3728F7787A36BEDF2DF7E48AB3 ] C:\Windows\System32\powrprof.dll
17:11:01.0849 2760 C:\Windows\System32\powrprof.dll - ok
17:11:01.0849 2760 [ F4DAE6CBE6EF5992934EFEE3A1AAC6D1 ] C:\Windows\System32\atmfd.dll
17:11:01.0849 2760 C:\Windows\System32\atmfd.dll - ok
17:11:01.0849 2760 [ 04F8A9CC544B08634EC932E017434457 ] C:\Windows\System32\winlogonext.dll
17:11:01.0849 2760 C:\Windows\System32\winlogonext.dll - ok
17:11:01.0849 2760 [ A7B9FCF37B64E878310EC62E6DCB9059 ] C:\Windows\System32\KBDUS.DLL
17:11:01.0849 2760 C:\Windows\System32\KBDUS.DLL - ok
17:11:01.0849 2760 [ BC18914CB16B0A7BF5D103A65359FAE4 ] C:\Windows\System32\WlS0WndH.dll
17:11:01.0849 2760 C:\Windows\System32\WlS0WndH.dll - ok
17:11:01.0849 2760 [ A41455649982EE080BE5CA8A72153808 ] C:\Windows\System32\winsta.dll
17:11:01.0849 2760 C:\Windows\System32\winsta.dll - ok
17:11:01.0865 2760 [ BCECD25BCFFE2FC4498374BF2E572DBE ] C:\Windows\System32\sxs.dll
17:11:01.0865 2760 C:\Windows\System32\sxs.dll - ok
17:11:01.0865 2760 [ B83B06508CADBC204B3DAEECC395A571 ] C:\Windows\System32\cryptbase.dll
17:11:01.0865 2760 C:\Windows\System32\cryptbase.dll - ok
17:11:01.0865 2760 [ 876A3E1A4DB8720DF66D653BDBAD3E5D ] C:\Windows\System32\bcryptprimitives.dll
17:11:01.0865 2760 C:\Windows\System32\bcryptprimitives.dll - ok
17:11:01.0865 2760 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\Windows\System32\services.exe
17:11:01.0865 2760 C:\Windows\System32\services.exe - ok
17:11:01.0865 2760 [ 652D7E7BC8D6A909480FF2BBD0E46210 ] C:\Windows\System32\sspicli.dll
17:11:01.0865 2760 C:\Windows\System32\sspicli.dll - ok
17:11:01.0865 2760 [ F6F209DDB94959BA104FC8FC87C53759 ] C:\Windows\System32\lsass.exe
17:11:01.0865 2760 C:\Windows\System32\lsass.exe - ok
17:11:01.0865 2760 [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC ] C:\Windows\System32\scext.dll
17:11:01.0865 2760 C:\Windows\System32\scext.dll - ok
17:11:01.0880 2760 [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648 ] C:\Windows\System32\dabapi.dll
17:11:01.0880 2760 C:\Windows\System32\dabapi.dll - ok
17:11:01.0880 2760 [ 61BAE7A83A8650CFC976E8242CE2E4DE ] C:\Windows\System32\EventAggregation.dll
17:11:01.0880 2760 C:\Windows\System32\EventAggregation.dll - ok
17:11:01.0880 2760 [ 13E04B8546D3F0D9533DA880A3357F12 ] C:\Windows\System32\SPInf.dll
17:11:01.0880 2760 C:\Windows\System32\SPInf.dll - ok
17:11:01.0880 2760 [ AA9973F611039A02C8D1F71A65F8C775 ] C:\Windows\System32\srvcli.dll
17:11:01.0880 2760 C:\Windows\System32\srvcli.dll - ok
17:11:01.0880 2760 [ 0D85B43A59FB7A63782F6A8969B5BB43 ] C:\Windows\System32\sspisrv.dll
17:11:01.0880 2760 C:\Windows\System32\sspisrv.dll - ok
17:11:01.0880 2760 [ E18E9C9EBCFCA456B74BB6A80B1DB226 ] C:\Windows\System32\lsasrv.dll
17:11:01.0880 2760 C:\Windows\System32\lsasrv.dll - ok
17:11:01.0880 2760 [ C0F957C92D21EE003BF57DB6B8E77FE5 ] C:\Windows\System32\samsrv.dll
17:11:01.0880 2760 C:\Windows\System32\samsrv.dll - ok
17:11:01.0896 2760 [ 187926CDEFF85D00FB055FC1CA89C3FB ] C:\Windows\System32\bcrypt.dll
17:11:01.0896 2760 C:\Windows\System32\bcrypt.dll - ok
17:11:01.0896 2760 [ BED41BC388BAF9D31152E9B0B4F88360 ] C:\Windows\System32\ncrypt.dll
17:11:01.0896 2760 C:\Windows\System32\ncrypt.dll - ok
17:11:01.0896 2760 [ 5AF14A9AEB3092F4304F5E5EC4328B67 ] C:\Windows\System32\ntasn1.dll
17:11:01.0896 2760 C:\Windows\System32\ntasn1.dll - ok
17:11:01.0896 2760 [ FF6AE8D9D0F0264656DC55C7F60C1EE5 ] C:\Windows\System32\msprivs.dll
17:11:01.0896 2760 C:\Windows\System32\msprivs.dll - ok
17:11:01.0896 2760 [ EECF7FE667129D5B52B1CCD54CB9EEF2 ] C:\Windows\System32\netjoin.dll
17:11:01.0896 2760 C:\Windows\System32\netjoin.dll - ok
17:11:01.0896 2760 [ 7D4665483FF800B8972E517748726AB6 ] C:\Windows\System32\negoexts.dll
17:11:01.0896 2760 C:\Windows\System32\negoexts.dll - ok
17:11:01.0896 2760 [ 853037685DDFA140E8386BA66A096BF8 ] C:\Windows\System32\cryptdll.dll
17:11:01.0912 2760 C:\Windows\System32\cryptdll.dll - ok
17:11:01.0912 2760 [ 4D1E2DC40048C2E07CE4B2ADEFF6A020 ] C:\Windows\System32\kerberos.dll
17:11:01.0912 2760 C:\Windows\System32\kerberos.dll - ok
17:11:01.0912 2760 [ 51DA757F8E4B7FB3DCB14184304C9328 ] C:\Windows\System32\cryptsp.dll
17:11:01.0912 2760 C:\Windows\System32\cryptsp.dll - ok
17:11:01.0912 2760 [ 896B307E803430F67EC772807F9CC023 ] C:\Windows\System32\mswsock.dll
17:11:01.0912 2760 C:\Windows\System32\mswsock.dll - ok
17:11:01.0912 2760 [ 53DC027553EB54B3F84B07122DEEE0CC ] C:\Windows\System32\msv1_0.dll
17:11:01.0912 2760 C:\Windows\System32\msv1_0.dll - ok
17:11:01.0912 2760 [ E01B8CE6646E055D2B806AE4DD5A1202 ] C:\Windows\System32\netlogon.dll
17:11:01.0912 2760 C:\Windows\System32\netlogon.dll - ok
17:11:01.0912 2760 [ 5A2020DDCCBB0ED08BAC2355A075F303 ] C:\Windows\System32\dnsapi.dll
17:11:01.0912 2760 C:\Windows\System32\dnsapi.dll - ok
17:11:01.0927 2760 [ 66385FE1DDCEA70EDFB25F57C8507D7B ] C:\Windows\System32\logoncli.dll
17:11:01.0927 2760 C:\Windows\System32\logoncli.dll - ok
17:11:01.0927 2760 [ 64E2C7176D189E4A838D04F7C724CAE7 ] C:\Windows\System32\userenv.dll
17:11:01.0927 2760 C:\Windows\System32\userenv.dll - ok
17:11:01.0927 2760 [ 40B10EAB69F4087C60DC21B5C92A4702 ] C:\Windows\System32\TSpkg.dll
17:11:01.0927 2760 C:\Windows\System32\TSpkg.dll - ok
17:11:01.0927 2760 [ C51CF4D9DA57EA894967752090F6E2CF ] C:\Windows\System32\pku2u.dll
17:11:01.0927 2760 C:\Windows\System32\pku2u.dll - ok
17:11:01.0927 2760 [ D617071B11C99CFE5C4BD0FD82C0609C ] C:\Windows\System32\livessp.dll
17:11:01.0927 2760 C:\Windows\System32\livessp.dll - ok
17:11:01.0927 2760 [ 4CB3F50D37FD6CF3282D018011FE6E87 ] C:\Windows\System32\rsaenh.dll
17:11:01.0927 2760 C:\Windows\System32\rsaenh.dll - ok
17:11:01.0927 2760 [ 45E4A2FADA3579F6DC68F2A0998C3419 ] C:\Windows\System32\wdigest.dll
17:11:01.0927 2760 C:\Windows\System32\wdigest.dll - ok
17:11:01.0943 2760 [ 9D27BB60487764A781FE453F9DED8F1F ] C:\Windows\System32\schannel.dll
17:11:01.0943 2760 C:\Windows\System32\schannel.dll - ok
17:11:01.0943 2760 [ 5EBAF77D01D75CAFEF78B47840C75569 ] C:\Windows\System32\efslsaext.dll
17:11:01.0943 2760 C:\Windows\System32\efslsaext.dll - ok
17:11:01.0943 2760 [ 700BB3365D04B1606A03FB1D6B19C138 ] C:\Windows\System32\credssp.dll
17:11:01.0943 2760 C:\Windows\System32\credssp.dll - ok
17:11:01.0959 2760 [ 995F43F02C9C99A895A72AAF8310CFE1 ] C:\Windows\System32\dpapisrv.dll
17:11:01.0959 2760 C:\Windows\System32\dpapisrv.dll - ok
17:11:01.0959 2760 [ 1F1B8D07708E40E54C55B392C78ECCE2 ] C:\Windows\System32\scecli.dll
17:11:01.0959 2760 C:\Windows\System32\scecli.dll - ok
17:11:01.0959 2760 [ 7172D44ED18787964B43146863466672 ] C:\Windows\System32\scesrv.dll
17:11:01.0959 2760 C:\Windows\System32\scesrv.dll - ok
17:11:01.0974 2760 [ 1FCCB71ADD51C919D003DD0D95FB8992 ] C:\Windows\System32\authz.dll
17:11:01.0974 2760 C:\Windows\System32\authz.dll - ok
17:11:01.0974 2760 [ 296823744D624E98A46759AD58911FC3 ] C:\Windows\System32\netutils.dll
17:11:01.0974 2760 C:\Windows\System32\netutils.dll - ok
17:11:01.0974 2760 [ E4CA434F251681590D0538BC21C32D2F ] C:\Windows\System32\svchost.exe
17:11:01.0974 2760 C:\Windows\System32\svchost.exe - ok
17:11:01.0974 2760 [ 752A457320A946E03C3AA86C3ACD735E ] C:\Windows\System32\umpnpmgr.dll
17:11:01.0974 2760 C:\Windows\System32\umpnpmgr.dll - ok
17:11:01.0974 2760 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] C:\Windows\System32\umpo.dll
17:11:01.0974 2760 C:\Windows\System32\umpo.dll - ok
17:11:01.0974 2760 [ 9FF64147DB9078337C15F41A6043C74F ] C:\Windows\System32\umpoext.dll
17:11:01.0974 2760 C:\Windows\System32\umpoext.dll - ok
17:11:01.0990 2760 [ 85936A752E6BBE740D9FCF156E1AC5E1 ] C:\Windows\System32\hid.dll
17:11:01.0990 2760 C:\Windows\System32\hid.dll - ok
17:11:01.0990 2760 [ 45F36BBDFD50134488ECA96BB9231818 ] C:\Windows\System32\pcwum.dll
17:11:01.0990 2760 C:\Windows\System32\pcwum.dll - ok
17:11:01.0990 2760 [ 2788CA31DD51CF747D9C94772CE93E02 ] C:\Windows\System32\gpapi.dll
17:11:01.0990 2760 C:\Windows\System32\gpapi.dll - ok
17:11:01.0990 2760 [ 3FD5AE42EC87C6F532A931F96BE731DD ] C:\Windows\System32\rpcss.dll
17:11:01.0990 2760 C:\Windows\System32\rpcss.dll - ok
17:11:01.0990 2760 [ D894CBD7DA753C881EE8D5E33B583225 ] C:\Windows\System32\RpcEpMap.dll
17:11:01.0990 2760 C:\Windows\System32\RpcEpMap.dll - ok
17:11:01.0990 2760 [ A6207A88B596F726DE558425F3B7E592 ] C:\Windows\System32\bisrv.dll
17:11:01.0990 2760 C:\Windows\System32\bisrv.dll - ok
17:11:01.0990 2760 [ 0D86DEB93CC1D2B32CAF658439350241 ] C:\Windows\System32\RpcRtRemote.dll
17:11:01.0990 2760 C:\Windows\System32\RpcRtRemote.dll - ok
17:11:02.0005 2760 [ 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 ] C:\Windows\System32\psmsrv.dll
17:11:02.0005 2760 C:\Windows\System32\psmsrv.dll - ok
17:11:02.0005 2760 [ B6B69FF200F68888A7FAFDF204D00C91 ] C:\Windows\System32\lsm.dll
17:11:02.0005 2760 C:\Windows\System32\lsm.dll - ok
17:11:02.0005 2760 [ 9A1175EF7B9E297FDC0ADD33783EF8FF ] C:\Windows\System32\sysntfy.dll
17:11:02.0005 2760 C:\Windows\System32\sysntfy.dll - ok
17:11:02.0005 2760 [ E55B850489F154F85110AE3B436A40D6 ] C:\Windows\System32\wmsgapi.dll
17:11:02.0005 2760 C:\Windows\System32\wmsgapi.dll - ok
17:11:02.0005 2760 [ 3260D5308DD9AE069FE4881D65389A84 ] C:\Windows\System32\FirewallAPI.dll
17:11:02.0005 2760 C:\Windows\System32\FirewallAPI.dll - ok
17:11:02.0005 2760 [ 1596DE403BD75918317F724776487262 ] C:\Windows\System32\UXInit.dll
17:11:02.0005 2760 C:\Windows\System32\UXInit.dll - ok
17:11:02.0005 2760 [ 5B19A3ED994EB972FBD99AC18D0AEA13 ] C:\Windows\System32\devobj.dll
17:11:02.0005 2760 C:\Windows\System32\devobj.dll - ok
17:11:02.0021 2760 [ 0D50F3C3D50B878CEAE21B9BE3F6A638 ] C:\Windows\System32\kernel.appcore.dll
17:11:02.0021 2760 C:\Windows\System32\kernel.appcore.dll - ok
17:11:02.0021 2760 [ D65B1C952AEB864C2BAC7A770B17ECCE ] C:\Windows\System32\SystemEventsBrokerServer.dll
17:11:02.0021 2760 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
17:11:02.0021 2760 [ CD45E3FE736150D45EFDC9145DA53757 ] C:\Windows\System32\bi.dll
17:11:02.0021 2760 C:\Windows\System32\bi.dll - ok
17:11:02.0021 2760 [ F5ED5BA1243201C5078764F916B0387E ] C:\Windows\System32\dab.dll
17:11:02.0021 2760 C:\Windows\System32\dab.dll - ok
17:11:02.0021 2760 [ 3BE05B2695179F8F3CF1136544E46A14 ] C:\Windows\System32\uxtheme.dll
17:11:02.0021 2760 C:\Windows\System32\uxtheme.dll - ok
17:11:02.0021 2760 [ 5EF604B0698F4FA962778285E8C5F1F2 ] C:\Windows\System32\drivers\luafv.sys
17:11:02.0021 2760 C:\Windows\System32\drivers\luafv.sys - ok
17:11:02.0021 2760 [ 92ABF534E992C61730C24F003BBE192A ] C:\Windows\System32\dpapi.dll
17:11:02.0021 2760 C:\Windows\System32\dpapi.dll - ok
17:11:02.0037 2760 [ 7806BFCD1D7FA5EC23F7324D4EAFD25B ] C:\Windows\System32\drivers\avgntflt.sys
17:11:02.0037 2760 C:\Windows\System32\drivers\avgntflt.sys - ok
17:11:02.0037 2760 [ 3710A8A7508B36AD96A97CE79E17403E ] C:\Windows\System32\LogonUI.exe
17:11:02.0037 2760 C:\Windows\System32\LogonUI.exe - ok
17:11:02.0037 2760 [ ABDD2AAA3C3842492FF11D68421D7648 ] C:\Windows\System32\apphelp.dll
17:11:02.0037 2760 C:\Windows\System32\apphelp.dll - ok
17:11:02.0037 2760 [ B4BBC6E4998042EF21437EED52EC0273 ] C:\Windows\System32\dwm.exe
17:11:02.0037 2760 C:\Windows\System32\dwm.exe - ok
17:11:02.0037 2760 [ 9E5FB30E22B37AC7A2CDB445F6AF71A1 ] C:\Windows\System32\dwmredir.dll
17:11:02.0037 2760 C:\Windows\System32\dwmredir.dll - ok
17:11:02.0037 2760 [ 4E905C48CA38770B2C62508E32DB974B ] C:\Windows\System32\dwmcore.dll
17:11:02.0037 2760 C:\Windows\System32\dwmcore.dll - ok
17:11:02.0052 2760 [ 1A818AF9E4AFC277C19082B9B644C5E7 ] C:\Windows\System32\dcomp.dll
17:11:02.0052 2760 C:\Windows\System32\dcomp.dll - ok
17:11:02.0052 2760 [ 9FF95D589B5626852CECA2444C5C5A58 ] C:\Windows\System32\authui.dll
17:11:02.0052 2760 C:\Windows\System32\authui.dll - ok
17:11:02.0052 2760 [ 5802776C98F842CA255F04067ACBB355 ] C:\Windows\System32\WindowsCodecs.dll
17:11:02.0052 2760 C:\Windows\System32\WindowsCodecs.dll - ok
17:11:02.0052 2760 [ 2F80A4B09F735EA880F4A836232613A2 ] C:\Windows\System32\SHCore.dll
17:11:02.0052 2760 C:\Windows\System32\SHCore.dll - ok
17:11:02.0052 2760 [ 6443D4EC94E47804389F323A272B5DC2 ] C:\Windows\System32\dui70.dll
17:11:02.0052 2760 C:\Windows\System32\dui70.dll - ok
17:11:02.0052 2760 [ 534677561FABA42D0EA52E054B8334D4 ] C:\Windows\System32\dwmapi.dll
17:11:02.0052 2760 C:\Windows\System32\dwmapi.dll - ok
17:11:02.0052 2760 [ 2527134BDF1302597BC6E531B3B53D2A ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll
17:11:02.0052 2760 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll - ok
17:11:02.0068 2760 [ 37A1B06AB3493CB276195B7358A6A805 ] C:\Windows\System32\avrt.dll
17:11:02.0068 2760 C:\Windows\System32\avrt.dll - ok
17:11:02.0068 2760 [ 4C66C21B6244A09DD671485D67D13DB9 ] C:\Windows\System32\duser.dll
17:11:02.0068 2760 C:\Windows\System32\duser.dll - ok
17:11:02.0068 2760 [ 18102CA0EB09DCFE520E69152590EE93 ] C:\Windows\System32\d3d11.dll
17:11:02.0068 2760 C:\Windows\System32\d3d11.dll - ok
17:11:02.0068 2760 [ 9860C19010CFB3F70DC6EDAEB1F1A5E2 ] C:\Windows\System32\wevtsvc.dll
17:11:02.0068 2760 C:\Windows\System32\wevtsvc.dll - ok
17:11:02.0068 2760 [ 8476172591FC115D931EA8DBBB4733FF ] C:\Windows\System32\SndVolSSO.dll
17:11:02.0068 2760 C:\Windows\System32\SndVolSSO.dll - ok
17:11:02.0068 2760 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] C:\Windows\System32\themeservice.dll
17:11:02.0068 2760 C:\Windows\System32\themeservice.dll - ok
17:11:02.0084 2760 [ BFD87A50EB3C37FABF6B1BB072D850E7 ] C:\Windows\System32\MMDevAPI.dll
17:11:02.0084 2760 C:\Windows\System32\MMDevAPI.dll - ok
17:11:02.0084 2760 [ 529011B16EF71630645DCFD195294332 ] C:\Windows\System32\slc.dll
17:11:02.0084 2760 C:\Windows\System32\slc.dll - ok
17:11:02.0084 2760 [ 59575523BCA5E8555208621719A32F62 ] C:\Windows\System32\dxgi.dll
17:11:02.0084 2760 C:\Windows\System32\dxgi.dll - ok
17:11:02.0084 2760 [ 389C4E97E3A498159B625A7A13EA4560 ] C:\Windows\System32\d3d10warp.dll
17:11:02.0084 2760 C:\Windows\System32\d3d10warp.dll - ok
17:11:02.0084 2760 [ 4FC7DF34EF1D1256CDAF8EFBBD029882 ] C:\Windows\System32\igdumdim64.dll
17:11:02.0084 2760 C:\Windows\System32\igdumdim64.dll - ok
17:11:02.0084 2760 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] C:\Windows\System32\profsvc.dll
17:11:02.0084 2760 C:\Windows\System32\profsvc.dll - ok
17:11:02.0084 2760 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] C:\Windows\System32\es.dll
17:11:02.0084 2760 C:\Windows\System32\es.dll - ok
17:11:02.0099 2760 [ 835D33D2EF07743028475486D0BA5696 ] C:\Windows\System32\wevtapi.dll
17:11:02.0099 2760 C:\Windows\System32\wevtapi.dll - ok
17:11:02.0099 2760 [ C77D967840F17DED03DA4BA9D3C40FDB ] C:\Windows\System32\profsvcext.dll
17:11:02.0099 2760 C:\Windows\System32\profsvcext.dll - ok
17:11:02.0099 2760 [ A5F79CC03396AAC79F79C1368DA08A95 ] C:\Windows\System32\ntdsapi.dll
17:11:02.0099 2760 C:\Windows\System32\ntdsapi.dll - ok
17:11:02.0099 2760 [ BA25717D6694B6C472129AD93893A03D ] C:\Windows\System32\netapi32.dll
17:11:02.0099 2760 C:\Windows\System32\netapi32.dll - ok
17:11:02.0099 2760 [ D60F99ECBFCE0C01BE4C5B06E09435DB ] C:\Windows\System32\atl.dll
17:11:02.0099 2760 C:\Windows\System32\atl.dll - ok
17:11:02.0099 2760 [ 0BDE0FCF597E9B65600121EF54FF8340 ] C:\Windows\System32\gpsvc.dll
17:11:02.0099 2760 C:\Windows\System32\gpsvc.dll - ok
17:11:02.0099 2760 [ F71E12EBA575EBD58B499BC7C39D0CD0 ] C:\Windows\System32\wkscli.dll
17:11:02.0099 2760 C:\Windows\System32\wkscli.dll - ok
17:11:02.0115 2760 [ 0341F92E52A8FF814671761179C103FB ] C:\Windows\System32\dsrole.dll
17:11:02.0115 2760 C:\Windows\System32\dsrole.dll - ok
17:11:02.0115 2760 [ E5DFD54D2DAA70738F581D1AC74C09CD ] C:\Windows\System32\nlaapi.dll
17:11:02.0115 2760 C:\Windows\System32\nlaapi.dll - ok
17:11:02.0115 2760 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] C:\Windows\System32\Sens.dll
17:11:02.0115 2760 C:\Windows\System32\Sens.dll - ok
17:11:02.0115 2760 [ 5E47B467A1CD51943C370BF781E1A4F1 ] C:\Windows\System32\taskschd.dll
17:11:02.0115 2760 C:\Windows\System32\taskschd.dll - ok
17:11:02.0115 2760 [ 8721643ED5447F245762DF0A976AB87A ] C:\Windows\System32\wtsapi32.dll
17:11:02.0115 2760 C:\Windows\System32\wtsapi32.dll - ok
17:11:02.0115 2760 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] C:\Windows\System32\AudioEndpointBuilder.dll
17:11:02.0115 2760 C:\Windows\System32\AudioEndpointBuilder.dll - ok
17:11:02.0130 2760 [ 183CA7699474FDE235853967D1DA4D9B ] C:\Windows\System32\FntCache.dll
17:11:02.0130 2760 C:\Windows\System32\FntCache.dll - ok
17:11:02.0130 2760 [ FD788C2D96EA91469A3C1D13E80D7473 ] C:\Windows\System32\mmcss.dll
17:11:02.0130 2760 C:\Windows\System32\mmcss.dll - ok
17:11:02.0130 2760 [ EF276593AD1BDF5A99032F62D6272848 ] C:\Windows\System32\audiosrv.dll
17:11:02.0130 2760 C:\Windows\System32\audiosrv.dll - ok
17:11:02.0130 2760 [ C09010B3680860131631F53E8FE7BAD8 ] C:\Windows\System32\drivers\lltdio.sys
17:11:02.0130 2760 C:\Windows\System32\drivers\lltdio.sys - ok
17:11:02.0130 2760 [ CF8B989D89D6807B887690F2CF24EFD9 ] C:\Windows\System32\drivers\nwifi.sys
17:11:02.0130 2760 C:\Windows\System32\drivers\nwifi.sys - ok
17:11:02.0130 2760 [ B832B35055BA2B7B4181861FF94D8E59 ] C:\Windows\System32\drivers\ndisuio.sys
17:11:02.0130 2760 C:\Windows\System32\drivers\ndisuio.sys - ok
17:11:02.0130 2760 [ 50D1A7BF4F35D3897657EAAFA377369D ] C:\Windows\System32\samlib.dll
17:11:02.0130 2760 C:\Windows\System32\samlib.dll - ok
17:11:02.0146 2760 [ 2D05A5508F4685412F2B89E8C2189ABC ] C:\Windows\System32\drivers\rspndr.sys
17:11:02.0146 2760 C:\Windows\System32\drivers\rspndr.sys - ok
17:11:02.0146 2760 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] C:\Windows\System32\nsisvc.dll
17:11:02.0146 2760 C:\Windows\System32\nsisvc.dll - ok
17:11:02.0146 2760 [ D113FAD71A5E67AA94B32A0F8828D265 ] C:\Windows\System32\lmhsvc.dll
17:11:02.0146 2760 C:\Windows\System32\lmhsvc.dll - ok
17:11:02.0146 2760 [ 0EFE4B5884A8032617826A4D76F80969 ] C:\Windows\System32\cryptsvc.dll
17:11:02.0146 2760 C:\Windows\System32\cryptsvc.dll - ok
17:11:02.0146 2760 [ ED8901D9AF4023CAD4738D3A4DF9645B ] C:\Windows\System32\crypttpmeksvc.dll
17:11:02.0146 2760 C:\Windows\System32\crypttpmeksvc.dll - ok
17:11:02.0146 2760 [ 0D12F606DE18A5739AF27F12A32C6A6E ] C:\Windows\System32\IPHLPAPI.DLL
17:11:02.0146 2760 C:\Windows\System32\IPHLPAPI.DLL - ok
17:11:02.0162 2760 [ 6AB51A84C2400F1346CCD6B65766DDCD ] C:\Windows\System32\cryptcatsvc.dll
17:11:02.0162 2760 C:\Windows\System32\cryptcatsvc.dll - ok
17:11:02.0162 2760 [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7 ] C:\Windows\System32\vssapi.dll
17:11:02.0162 2760 C:\Windows\System32\vssapi.dll - ok
17:11:02.0162 2760 [ DB9657253BD51C172B3262B9CD5463F3 ] C:\Windows\System32\nrpsrv.dll
17:11:02.0162 2760 C:\Windows\System32\nrpsrv.dll - ok
17:11:02.0162 2760 [ 772365894F14652D376B2E5030179DC9 ] C:\Windows\System32\wcmsvc.dll
17:11:02.0162 2760 C:\Windows\System32\wcmsvc.dll - ok
17:11:02.0162 2760 [ FD9683552D97156E0C5B948BDABA2569 ] C:\Windows\System32\winnsi.dll
17:11:02.0162 2760 C:\Windows\System32\winnsi.dll - ok
17:11:02.0162 2760 [ 941EDC6791A09356EEBEC309C1633CA2 ] C:\Windows\System32\vsstrace.dll
17:11:02.0162 2760 C:\Windows\System32\vsstrace.dll - ok
17:11:02.0162 2760 [ 7913D3236FC4EE7EB28B80361B1737BD ] C:\Windows\System32\bcd.dll
17:11:02.0162 2760 C:\Windows\System32\bcd.dll - ok
17:11:02.0177 2760 [ 5BAF7714E68F93515A937A3FA8587EF9 ] C:\Windows\System32\dnsrslvr.dll
17:11:02.0177 2760 C:\Windows\System32\dnsrslvr.dll - ok
17:11:02.0177 2760 [ 91E000AE0DA97BE6280376FDD477C476 ] C:\Windows\System32\FWPUCLNT.DLL
17:11:02.0177 2760 C:\Windows\System32\FWPUCLNT.DLL - ok
17:11:02.0177 2760 [ 46E0F92B51247ECCE5A837D613517182 ] C:\Windows\System32\samcli.dll
17:11:02.0177 2760 C:\Windows\System32\samcli.dll - ok
17:11:02.0177 2760 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] C:\Windows\System32\dhcpcore.dll
17:11:02.0177 2760 C:\Windows\System32\dhcpcore.dll - ok
17:11:02.0177 2760 [ 511238503CDDDCA563BB201EED26E7A0 ] C:\Windows\System32\wcmcsp.dll
17:11:02.0177 2760 C:\Windows\System32\wcmcsp.dll - ok
17:11:02.0177 2760 [ E475BEF9B460F4F678972F88C5FF50D2 ] C:\Windows\System32\wmiclnt.dll
17:11:02.0177 2760 C:\Windows\System32\wmiclnt.dll - ok
17:11:02.0193 2760 [ 1946308C7FF73E4CD47579F34F9F6E1B ] C:\Windows\System32\dhcpcore6.dll
17:11:02.0193 2760 C:\Windows\System32\dhcpcore6.dll - ok
17:11:02.0193 2760 [ 30D839DEBD6B0E89D13B9259C39B3FFA ] C:\Windows\System32\propsys.dll
17:11:02.0193 2760 C:\Windows\System32\propsys.dll - ok
17:11:02.0193 2760 [ 8D25DE2AC85BC807DC19D4DAF6AA6D27 ] C:\Windows\System32\dnsext.dll
17:11:02.0193 2760 C:\Windows\System32\dnsext.dll - ok
17:11:02.0193 2760 [ 3378C5241A1FE2F1D34BCC3ABC99F435 ] C:\Windows\System32\dhcpcsvc.dll
17:11:02.0193 2760 C:\Windows\System32\dhcpcsvc.dll - ok
17:11:02.0193 2760 [ D4CFAC89188EC0B887CFFCA7C80E495D ] C:\Windows\System32\dhcpcsvc6.dll
17:11:02.0193 2760 C:\Windows\System32\dhcpcsvc6.dll - ok
17:11:02.0193 2760 [ 936231534F4EE96BF752F66CB863788E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
17:11:02.0193 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe - ok
17:11:02.0193 2760 [ 94443607F11CA635408A89F598C16DDD ] C:\Windows\SysWOW64\KernelBase.dll
17:11:02.0193 2760 C:\Windows\SysWOW64\KernelBase.dll - ok
17:11:02.0209 2760 [ CDA8442EB61E9CB11ECC9A7E96740942 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll
17:11:02.0209 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdata.dll - ok
17:11:02.0209 2760 [ ACBA82820AF2B51B31969A0570A993F7 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:11:02.0209 2760 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:11:02.0209 2760 [ 0F843A2DBAFA67EECBAE0703E8CBF4BC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll
17:11:02.0209 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil.dll - ok
17:11:02.0209 2760 [ E0164E0E15A3CFFA970C35A92AB53B72 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll
17:11:02.0209 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsinit.dll - ok
17:11:02.0209 2760 [ 8A606C90276DCAC67F3D45A0A235ECD6 ] C:\Windows\SysWOW64\winmm.dll
17:11:02.0209 2760 C:\Windows\SysWOW64\winmm.dll - ok
17:11:02.0209 2760 [ DB530B4C83DC2439EA2397613C841AF4 ] C:\Windows\SysWOW64\version.dll
17:11:02.0209 2760 C:\Windows\SysWOW64\version.dll - ok
17:11:02.0224 2760 [ 564B43AE09C66E6D7D442B0B5C5925CD ] C:\Windows\SysWOW64\comctl32.dll
17:11:02.0224 2760 C:\Windows\SysWOW64\comctl32.dll - ok
17:11:02.0224 2760 [ 2294AB089A055F4621FDE40DDFAD4D7E ] C:\Windows\SysWOW64\rpcrt4.dll
17:11:02.0224 2760 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:11:02.0224 2760 [ 3510BDECCBCCFC97A5238BE65CE1EC42 ] C:\Windows\SysWOW64\wsock32.dll
17:11:02.0224 2760 C:\Windows\SysWOW64\wsock32.dll - ok
17:11:02.0224 2760 [ E0C156E4380CE5C64CFBF2650895038D ] C:\Windows\SysWOW64\shell32.dll
17:11:02.0224 2760 C:\Windows\SysWOW64\shell32.dll - ok
17:11:02.0224 2760 [ 949906B18AAE3C6AF975D8E4E9AFEC24 ] C:\Windows\System32\sppc.dll
17:11:02.0224 2760 C:\Windows\System32\sppc.dll - ok
17:11:02.0224 2760 [ 3B85C2DC57230C3EA71E2AF88EEB9DEC ] C:\Windows\System32\BCP47Langs.dll
17:11:02.0224 2760 C:\Windows\System32\BCP47Langs.dll - ok
17:11:02.0224 2760 [ 00349E7C08C18FA5917750FC84998D31 ] C:\Windows\System32\igd10iumd64.dll
17:11:02.0224 2760 C:\Windows\System32\igd10iumd64.dll - ok
17:11:02.0240 2760 [ 906664AF9FCE80DD4FDA268A3506FF13 ] C:\Windows\System32\DWrite.dll
17:11:02.0240 2760 C:\Windows\System32\DWrite.dll - ok
17:11:02.0240 2760 [ E521CCD352373B1825BEA80DEC2B7D97 ] C:\Windows\System32\oleacc.dll
17:11:02.0240 2760 C:\Windows\System32\oleacc.dll - ok
17:11:02.0240 2760 [ C72456BFFE941714CF05B0AA0BEE5B45 ] C:\Windows\SysWOW64\user32.dll
17:11:02.0240 2760 C:\Windows\SysWOW64\user32.dll - ok
17:11:02.0240 2760 [ 2898E39D1E0CB9074C18988A2F8B73D3 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:11:02.0240 2760 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:11:02.0240 2760 [ 80B7844BF20D44E1789EA6F46FC9CA9B ] C:\Windows\SysWOW64\advapi32.dll
17:11:02.0240 2760 C:\Windows\SysWOW64\advapi32.dll - ok
17:11:02.0240 2760 [ DD5B2173CFD5A32C66497B5C83D2F38D ] C:\Windows\SysWOW64\ole32.dll
17:11:02.0240 2760 C:\Windows\SysWOW64\ole32.dll - ok
17:11:02.0240 2760 [ A7DD65B8EBED0EEF4D415852A7BF232C ] C:\Windows\System32\igdusc64.dll
17:11:02.0240 2760 C:\Windows\System32\igdusc64.dll - ok
17:11:02.0256 2760 [ A956CC9503FD75F2372A6B673E1C07B2 ] C:\Windows\System32\UIAnimation.dll
17:11:02.0256 2760 C:\Windows\System32\UIAnimation.dll - ok
17:11:02.0256 2760 [ CF4C3815E577C7DC32BB8DB90F0B34C1 ] C:\Windows\SysWOW64\oleaut32.dll
17:11:02.0256 2760 C:\Windows\SysWOW64\oleaut32.dll - ok
17:11:02.0256 2760 [ D381B446466B468D27BF23A7A372D205 ] C:\Windows\System32\cngcredui.dll
17:11:02.0256 2760 C:\Windows\System32\cngcredui.dll - ok
17:11:02.0256 2760 [ 813292CC10F625BDAAEA76EABDECD82F ] C:\Windows\System32\winbrand.dll
17:11:02.0256 2760 C:\Windows\System32\winbrand.dll - ok
17:11:02.0256 2760 [ 46B984CDBE0E6C3F88AB89EB46638B42 ] C:\Windows\System32\AthCredentialProvider.dll
17:11:02.0256 2760 C:\Windows\System32\AthCredentialProvider.dll - ok
17:11:02.0256 2760 [ 5433EE6EE9AD64B8D45729815221866B ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll
17:11:02.0256 2760 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll - ok
17:11:02.0271 2760 [ 31D858C6F1C453AF516343758A4B2C69 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
17:11:02.0271 2760 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll - ok
17:11:02.0271 2760 [ DD02C0806C03506E03A24C984502B92B ] C:\Windows\System32\secur32.dll
17:11:02.0271 2760 C:\Windows\System32\secur32.dll - ok
17:11:02.0271 2760 [ 1144E34385970A8777AF5A7F8905A954 ] C:\Windows\System32\credui.dll
17:11:02.0271 2760 C:\Windows\System32\credui.dll - ok
17:11:02.0271 2760 [ 6CB5CFF7F48B8E226523BF2E849AA6E5 ] C:\Windows\SysWOW64\shlwapi.dll
17:11:02.0271 2760 C:\Windows\SysWOW64\shlwapi.dll - ok
17:11:02.0271 2760 [ EF5A9D7523E4530D2030D4EA2D90FEC3 ] C:\Windows\System32\uDWM.dll
17:11:02.0271 2760 C:\Windows\System32\uDWM.dll - ok
17:11:02.0271 2760 [ 64A5D80882CF405F515A1A1D3F136B6A ] C:\Windows\SysWOW64\nsi.dll
17:11:02.0271 2760 C:\Windows\SysWOW64\nsi.dll - ok
17:11:02.0287 2760 [ 9FAC7693213C54B25D0DC48BC20686CF ] C:\Windows\SysWOW64\crypt32.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\crypt32.dll - ok
17:11:02.0287 2760 [ 3265F568468AB87950342764F6D77E78 ] C:\Windows\SysWOW64\winnsi.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\winnsi.dll - ok
17:11:02.0287 2760 [ E46E5AC5AFF7DB8E39E2405AD6083138 ] C:\Windows\SysWOW64\gdi32.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\gdi32.dll - ok
17:11:02.0287 2760 [ A5BD16CF06D4ECB6445BFCAC9C0A366F ] C:\Windows\SysWOW64\netapi32.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\netapi32.dll - ok
17:11:02.0287 2760 [ 52EF8037A22F0EB0083AA29EAC706495 ] C:\Windows\SysWOW64\psapi.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\psapi.dll - ok
17:11:02.0287 2760 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
17:11:02.0287 2760 C:\Windows\System32\msvcr100.dll - ok
17:11:02.0287 2760 [ 6EBA4AA97BA64CEB363C1C8CE12214F9 ] C:\Windows\SysWOW64\msvcrt.dll
17:11:02.0287 2760 C:\Windows\SysWOW64\msvcrt.dll - ok
17:11:02.0302 2760 [ B232087914F1D97B79B712AF4CBF4AEF ] C:\Windows\SysWOW64\winmmbase.dll
17:11:02.0302 2760 C:\Windows\SysWOW64\winmmbase.dll - ok
17:11:02.0302 2760 [ 428AF7FA03FF09CE1CD373ABFEBAD8A3 ] C:\Windows\SysWOW64\ws2_32.dll
17:11:02.0302 2760 C:\Windows\SysWOW64\ws2_32.dll - ok
17:11:02.0302 2760 [ 6A5C1EA6E0B31B168FDE21A1FDC078C2 ] C:\Windows\System32\msimg32.dll
17:11:02.0302 2760 C:\Windows\System32\msimg32.dll - ok
17:11:02.0302 2760 [ 053472337FDD116BD010C88DB0C34DF1 ] C:\Windows\System32\d2d1.dll
17:11:02.0302 2760 C:\Windows\System32\d2d1.dll - ok
17:11:02.0302 2760 [ 2A3626E0B7F5A5317902EBDAF2B4CCE0 ] C:\Windows\SysWOW64\combase.dll
17:11:02.0302 2760 C:\Windows\SysWOW64\combase.dll - ok
17:11:02.0302 2760 [ 1CF1F62F2484C996DFB99D511E18D662 ] C:\Windows\SysWOW64\sspicli.dll
17:11:02.0302 2760 C:\Windows\SysWOW64\sspicli.dll - ok
17:11:02.0302 2760 [ 7101124E9C48FDBCD7C3DA690990010B ] C:\Windows\System32\bthprops.cpl
17:11:02.0302 2760 C:\Windows\System32\bthprops.cpl - ok
17:11:02.0318 2760 [ 89C84BF2D5A2A5DD867E046488B8DDE3 ] C:\Windows\System32\BluetoothApis.dll
17:11:02.0318 2760 C:\Windows\System32\BluetoothApis.dll - ok
17:11:02.0318 2760 [ 8685F31A9319FB0FA882C736783F5F5E ] C:\Windows\SysWOW64\msasn1.dll
17:11:02.0318 2760 C:\Windows\SysWOW64\msasn1.dll - ok
17:11:02.0318 2760 [ 3503F1397CB9BEE0D9684A7CA4C1C315 ] C:\Windows\SysWOW64\sechost.dll
17:11:02.0318 2760 C:\Windows\SysWOW64\sechost.dll - ok
17:11:02.0318 2760 [ 1547E5B7D2EF477D422EBE0FE58508CC ] C:\Windows\System32\AuthExt.dll
17:11:02.0318 2760 C:\Windows\System32\AuthExt.dll - ok
17:11:02.0318 2760 [ 0E9317A95DD3E678AFCD457DAAD01DA5 ] C:\Windows\SysWOW64\netutils.dll
17:11:02.0318 2760 C:\Windows\SysWOW64\netutils.dll - ok
17:11:02.0318 2760 [ A56878CE81935A6E3269C1B1669F9354 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:11:02.0318 2760 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:11:02.0318 2760 [ 522BF7088E69948A20DD5C89D359B2C4 ] C:\Windows\SysWOW64\srvcli.dll
17:11:02.0334 2760 C:\Windows\SysWOW64\srvcli.dll - ok
17:11:02.0334 2760 [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9 ] C:\Windows\SysWOW64\wkscli.dll
17:11:02.0334 2760 C:\Windows\SysWOW64\wkscli.dll - ok
17:11:02.0334 2760 [ 7E9AFBB34ACF6CDC4D596006CEEC74E5 ] C:\Windows\System32\BioCredProv.dll
17:11:02.0334 2760 C:\Windows\System32\BioCredProv.dll - ok
17:11:02.0334 2760 [ C70E652B7D507AAB25208E1602B29B89 ] C:\Windows\SysWOW64\cryptbase.dll
17:11:02.0334 2760 C:\Windows\SysWOW64\cryptbase.dll - ok
17:11:02.0334 2760 [ E494AC90229C06ADB8ACC8D20A3F27CB ] C:\Windows\SysWOW64\devobj.dll
17:11:02.0334 2760 C:\Windows\SysWOW64\devobj.dll - ok
17:11:02.0334 2760 [ 623825C1F07CC2C80C550FBD6CD3E65B ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:11:02.0334 2760 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:11:02.0334 2760 [ 8BDD004DC92D09CCD1F3922C59983019 ] C:\Windows\System32\winbio.dll
17:11:02.0334 2760 C:\Windows\System32\winbio.dll - ok
17:11:02.0349 2760 [ 9543FE667E9709640F1D9852BCF97A17 ] C:\Windows\System32\xmllite.dll
17:11:02.0349 2760 C:\Windows\System32\xmllite.dll - ok
17:11:02.0349 2760 [ F3C88687207F4F75773D288A6D4B61F7 ] C:\Windows\System32\certCredProvider.dll
17:11:02.0349 2760 C:\Windows\System32\certCredProvider.dll - ok
17:11:02.0349 2760 [ A76A00A5244DA1CE40DE8BFBAD1E2C4E ] C:\Windows\SysWOW64\samcli.dll
17:11:02.0349 2760 C:\Windows\SysWOW64\samcli.dll - ok
17:11:02.0349 2760 [ D6AE16663985EA7E81E17A1A810AC547 ] C:\Windows\SysWOW64\ntmarta.dll
17:11:02.0349 2760 C:\Windows\SysWOW64\ntmarta.dll - ok
17:11:02.0349 2760 [ EC2DB85DD72A3506D60B428A36F5E27E ] C:\Windows\System32\NetworkStatus.dll
17:11:02.0349 2760 C:\Windows\System32\NetworkStatus.dll - ok
17:11:02.0349 2760 [ 96F4101AA72C55A7554733A05A797088 ] C:\Windows\System32\wlidcredprov.dll
17:11:02.0349 2760 C:\Windows\System32\wlidcredprov.dll - ok
17:11:02.0365 2760 [ 119CE6CF93183EB144F5EA9A4A5A6AB3 ] C:\Windows\System32\rasplap.dll
17:11:02.0365 2760 C:\Windows\System32\rasplap.dll - ok
17:11:02.0365 2760 [ 4D8F3CEF04AFF366972ED6411DB2E0E0 ] C:\Windows\System32\rasapi32.dll
17:11:02.0365 2760 C:\Windows\System32\rasapi32.dll - ok
17:11:02.0365 2760 [ 950E87673E2AE1A536869BCC4E711D67 ] C:\Windows\System32\rtutils.dll
17:11:02.0365 2760 C:\Windows\System32\rtutils.dll - ok
17:11:02.0365 2760 [ 9FB85E37238FEA836E5E6779A93DA461 ] C:\Windows\System32\rasman.dll
17:11:02.0365 2760 C:\Windows\System32\rasman.dll - ok
17:11:02.0365 2760 [ 1CE1F2BBF92DF79CF8638FDA04DB4F10 ] C:\Windows\System32\shacct.dll
17:11:02.0365 2760 C:\Windows\System32\shacct.dll - ok
17:11:02.0365 2760 [ 5EC234995AFB7356A8B1A22C9244F243 ] C:\Windows\System32\wuaext.dll
17:11:02.0365 2760 C:\Windows\System32\wuaext.dll - ok
17:11:02.0365 2760 [ 2244C13A861137EE7D518607592C221D ] C:\Windows\System32\Windows.UI.Immersive.dll
17:11:02.0365 2760 C:\Windows\System32\Windows.UI.Immersive.dll - ok
17:11:02.0381 2760 [ 9D519CCC49EBEF2AB0F3282C097B141B ] C:\Windows\SysWOW64\cryptsp.dll
17:11:02.0381 2760 C:\Windows\SysWOW64\cryptsp.dll - ok
17:11:02.0381 2760 [ F22BC2C1BD805F874540B7595F0C804D ] C:\Windows\System32\IDStore.dll
17:11:02.0381 2760 C:\Windows\System32\IDStore.dll - ok
17:11:02.0381 2760 [ 68516BC692B58959933B5029747F2A2A ] C:\Windows\SysWOW64\rsaenh.dll
17:11:02.0381 2760 C:\Windows\SysWOW64\rsaenh.dll - ok
17:11:02.0381 2760 [ 04B39CF60E0E379D400750DAB02D12DB ] C:\Windows\System32\InputSwitch.dll
17:11:02.0381 2760 C:\Windows\System32\InputSwitch.dll - ok
17:11:02.0381 2760 [ B832E4D96463DBF77FC3AC35EC6390B3 ] C:\Windows\SysWOW64\bcrypt.dll
17:11:02.0381 2760 C:\Windows\SysWOW64\bcrypt.dll - ok
17:11:02.0381 2760 [ 58F28103889817C93E5B5AFABC87E709 ] C:\Windows\System32\wbiosrvc.dll
17:11:02.0381 2760 C:\Windows\System32\wbiosrvc.dll - ok
17:11:02.0396 2760 [ 88244F5A24F9CD98E74472FDFA827FA2 ] C:\Windows\SysWOW64\ncrypt.dll
17:11:02.0396 2760 C:\Windows\SysWOW64\ncrypt.dll - ok
17:11:02.0396 2760 [ 13B9417E93437480E168669EDE36298B ] C:\Windows\SysWOW64\ntasn1.dll
17:11:02.0396 2760 C:\Windows\SysWOW64\ntasn1.dll - ok
17:11:02.0396 2760 [ 1CD1B2F038D2697EA7AA7127551ED429 ] C:\Windows\System32\wlidres.dll
17:11:02.0396 2760 C:\Windows\System32\wlidres.dll - ok
17:11:02.0396 2760 [ 01D789D576998E81FC71CA12C0AF5B10 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll
17:11:02.0396 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\dbghelp.dll - ok
17:11:02.0396 2760 [ BA247631B40720DAEA89BEFAA4632EB6 ] C:\Windows\System32\PhotoMetadataHandler.dll
17:11:02.0396 2760 C:\Windows\System32\PhotoMetadataHandler.dll - ok
17:11:02.0396 2760 [ DF830438D15AAC311C594E47C5AB0F20 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0407.dll
17:11:02.0396 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsutil_loc0407.dll - ok
17:11:02.0396 2760 [ 03CC7C6D00212DF6D6CB5C93432410ED ] C:\Windows\System32\UIAutomationCore.dll
17:11:02.0396 2760 C:\Windows\System32\UIAutomationCore.dll - ok
17:11:02.0412 2760 [ 059D36ABEC9F2D3F677B8EA9240405CD ] C:\Windows\System32\batmeter.dll
17:11:02.0412 2760 C:\Windows\System32\batmeter.dll - ok
17:11:02.0412 2760 [ 0094F3A3E290B60A3DA2B68A5A85FDD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll
17:11:02.0412 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\icslta.dll - ok
17:11:02.0412 2760 [ 507E28FA1BC0D00B5D33EB9D4AF44642 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32_cp.dll
17:11:02.0412 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ssleay32_cp.dll - ok
17:11:02.0412 2760 [ 728D3349FAB251B0265EFA55C67DCA2D ] C:\Windows\System32\wlansvc.dll
17:11:02.0412 2760 C:\Windows\System32\wlansvc.dll - ok
17:11:02.0412 2760 [ B6757FE520137D6FB93459D784A40DE9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll
17:11:02.0412 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsdb.dll - ok
17:11:02.0412 2760 [ 83BE8D0CB7491589F35BC14E65BB41D7 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0407.dll
17:11:02.0412 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon_loc0407.dll - ok
17:11:02.0427 2760 [ E6B1B10184485EDFEF126204A33D31B0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll
17:11:02.0427 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsxml.dll - ok
17:11:02.0427 2760 [ AA21423B380157AFAA2F82E96D910E0F ] C:\Windows\SysWOW64\kernel.appcore.dll
17:11:02.0427 2760 C:\Windows\SysWOW64\kernel.appcore.dll - ok
17:11:02.0427 2760 [ 59C04629522B5815BF39F8A310FD2C81 ] C:\Windows\System32\onex.dll
17:11:02.0427 2760 C:\Windows\System32\onex.dll - ok
17:11:02.0427 2760 [ FE04048C1D11EEC3FA40982F78CA0178 ] C:\Windows\System32\wlanmsm.dll
17:11:02.0427 2760 C:\Windows\System32\wlanmsm.dll - ok
17:11:02.0427 2760 [ 8E54F32766CFFC9112800533D721236C ] C:\Windows\System32\wlansec.dll
17:11:02.0427 2760 C:\Windows\System32\wlansec.dll - ok
17:11:02.0427 2760 [ 2E226C2289C36E8A21854FC3A862757E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll
17:11:02.0427 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\fbl.dll - ok
17:11:02.0427 2760 [ F5946BC89C6D350ADADDA9676DF28CF3 ] C:\Windows\System32\eappprxy.dll
17:11:02.0427 2760 C:\Windows\System32\eappprxy.dll - ok
17:11:02.0443 2760 [ 0ED108A046CB2679B76FE9BD0C55E350 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll
17:11:02.0443 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\featuremap.dll - ok
17:11:02.0443 2760 [ A16B51596EEBA01E6B90CD15BB17965B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll
17:11:02.0443 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vswmi.dll - ok
17:11:02.0443 2760 [ 3B04158DE50AB283B3A5FB5E70C48FB4 ] C:\Windows\System32\wlansvcpal.dll
17:11:02.0443 2760 C:\Windows\System32\wlansvcpal.dll - ok
17:11:02.0443 2760 [ AC867DEC5E0E12BA342BF9B00D93F2B6 ] C:\Windows\System32\Windows.Globalization.dll
17:11:02.0443 2760 C:\Windows\System32\Windows.Globalization.dll - ok
17:11:02.0443 2760 [ 938A9E66272CA6FE4AD7AD9620F5A300 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll
17:11:02.0443 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcomm.dll - ok
17:11:02.0443 2760 [ D9D2CC3B8C41B59B1E964D0F89CCA330 ] C:\Windows\System32\msxml6.dll
17:11:02.0443 2760 C:\Windows\System32\msxml6.dll - ok
17:11:02.0459 2760 [ 06360BE7C8FB76B80032711FB0B4CA0B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll
17:11:02.0459 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlcommdb.dll - ok
17:11:02.0459 2760 [ 0DF0FA32C2841537B0610B4179320A3A ] C:\Windows\System32\TetheringIeProvider.dll
17:11:02.0459 2760 C:\Windows\System32\TetheringIeProvider.dll - ok
17:11:02.0459 2760 [ 9F309FB487DBA2D53EEC8418029D1784 ] C:\Windows\System32\WiFiDisplay.dll
17:11:02.0459 2760 C:\Windows\System32\WiFiDisplay.dll - ok
17:11:02.0459 2760 [ 4607B84C62D4537B0B7D69B217B8A999 ] C:\Windows\System32\wlanapi.dll
17:11:02.0459 2760 C:\Windows\System32\wlanapi.dll - ok
17:11:02.0459 2760 [ 3095D55353A22224E7972F9B552AA69D ] C:\Windows\System32\msftedit.dll
17:11:02.0459 2760 C:\Windows\System32\msftedit.dll - ok
17:11:02.0459 2760 [ 682C1B06C4E00A9DC995E4B2FD626CB2 ] C:\Windows\System32\wlgpclnt.dll
17:11:02.0459 2760 C:\Windows\System32\wlgpclnt.dll - ok
17:11:02.0459 2760 [ 6234321BF60C3CC6D344D3F1B10F0E7C ] C:\Windows\System32\l2gpstore.dll
17:11:02.0459 2760 C:\Windows\System32\l2gpstore.dll - ok
17:11:02.0474 2760 [ 2988ACC988D3FC47447D368CB5450162 ] C:\Windows\System32\wlanhlp.dll
17:11:02.0474 2760 C:\Windows\System32\wlanhlp.dll - ok
17:11:02.0474 2760 [ 7A1BAB2BDCF59A506588DDF58ED43E21 ] C:\Windows\System32\globinputhost.dll
17:11:02.0474 2760 C:\Windows\System32\globinputhost.dll - ok
17:11:02.0474 2760 [ 4897A55EEBC1D3F6DFEB1CD94C241F48 ] C:\Windows\System32\SubscriptionMgr.dll
17:11:02.0474 2760 C:\Windows\System32\SubscriptionMgr.dll - ok
17:11:02.0474 2760 [ 775965CF80FA406DEF00A1415372E82A ] C:\Windows\System32\ninput.dll
17:11:02.0474 2760 C:\Windows\System32\ninput.dll - ok
17:11:02.0474 2760 [ 01DE604AE86054272C967B52BC670588 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll
17:11:02.0474 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb.dll - ok
17:11:02.0474 2760 [ 9EE220DEE3DA294D3815E2D4EB56A7D9 ] C:\Windows\SysWOW64\wtsapi32.dll
17:11:02.0474 2760 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:11:02.0490 2760 [ 4730B48DAAE52EC39BBB0F623EBEF1B5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0407.dll
17:11:02.0490 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsruledb_loc0407.dll - ok
17:11:02.0490 2760 [ DED0B4D6D79EFB57794A91AC91BA4E83 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll
17:11:02.0490 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsvault.dll - ok
17:11:02.0490 2760 [ A7DDBD5DA334F3BA342EB828012FD1A5 ] C:\Windows\SysWOW64\clbcatq.dll
17:11:02.0490 2760 C:\Windows\SysWOW64\clbcatq.dll - ok
17:11:02.0490 2760 [ 1587F0517603793588035EACA5B3450F ] C:\Windows\SysWOW64\msxml4.dll
17:11:02.0490 2760 C:\Windows\SysWOW64\msxml4.dll - ok
17:11:02.0490 2760 [ 9BF990B5575B71B44A35D1B3B465D8D0 ] C:\Windows\SysWOW64\rasapi32.dll
17:11:02.0490 2760 C:\Windows\SysWOW64\rasapi32.dll - ok
17:11:02.0490 2760 [ BD91E0E0B09D89E4932DEE4FC23E2BD0 ] C:\Windows\SysWOW64\rasman.dll
17:11:02.0490 2760 C:\Windows\SysWOW64\rasman.dll - ok
17:11:02.0490 2760 [ AAFEAB4FC9D70253F8C7E353E879E8A2 ] C:\Windows\SysWOW64\wininet.dll
17:11:02.0490 2760 C:\Windows\SysWOW64\wininet.dll - ok
17:11:02.0506 2760 [ BD5E6C894130E7BB7ECE9A0925383068 ] C:\Windows\SysWOW64\iertutil.dll
17:11:02.0506 2760 C:\Windows\SysWOW64\iertutil.dll - ok
17:11:02.0506 2760 [ CC877931A205C47710456FFEE0BEF29D ] C:\Windows\SysWOW64\profapi.dll
17:11:02.0506 2760 C:\Windows\SysWOW64\profapi.dll - ok
17:11:02.0506 2760 [ B715110E1F4A0F0F3561E928A3617053 ] C:\Windows\SysWOW64\rtutils.dll
17:11:02.0506 2760 C:\Windows\SysWOW64\rtutils.dll - ok
17:11:02.0506 2760 [ FCA4D9D06C44BA66878DD01D132CD816 ] C:\Windows\SysWOW64\SHCore.dll
17:11:02.0506 2760 C:\Windows\SysWOW64\SHCore.dll - ok
17:11:02.0506 2760 [ E947B141DAAC7CBCD7C59FE2E63AFBBE ] C:\Windows\SysWOW64\wintrust.dll
17:11:02.0506 2760 C:\Windows\SysWOW64\wintrust.dll - ok
17:11:02.0506 2760 [ CBCA90CF2ACE96038571ED0A7BD3D756 ] C:\Windows\System32\esent.dll
17:11:02.0506 2760 C:\Windows\System32\esent.dll - ok
17:11:02.0506 2760 [ 73E50B6C22F18C6FBC4553B9ED983B9B ] C:\Windows\SysWOW64\gpapi.dll
17:11:02.0521 2760 C:\Windows\SysWOW64\gpapi.dll - ok
17:11:02.0521 2760 [ 1BA05E6A8212AFBA262635D5131D4CA9 ] C:\Windows\SysWOW64\cryptnet.dll
17:11:02.0521 2760 C:\Windows\SysWOW64\cryptnet.dll - ok
17:11:02.0521 2760 [ D4E028B34B8069DF1906EB9ADAF285FA ] C:\Windows\SysWOW64\Wldap32.dll
17:11:02.0521 2760 C:\Windows\SysWOW64\Wldap32.dll - ok
17:11:02.0521 2760 [ 5B4FF009D24F73F6FC6EB4870A789843 ] C:\Windows\SysWOW64\mswsock.dll
17:11:02.0521 2760 C:\Windows\SysWOW64\mswsock.dll - ok
17:11:02.0521 2760 [ 8EAC2D7D6EF8346A2A8654FE940413E6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll
17:11:02.0521 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\av.dll - ok
17:11:02.0521 2760 [ 31915E1705828AB5DD405D2873E7678B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\av_loc0407.dll
17:11:02.0521 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\av_loc0407.dll - ok
17:11:02.0521 2760 [ 918D53BC3E65DA1A6629EA5253062253 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll
17:11:02.0521 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kave8.dll - ok
17:11:02.0537 2760 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll
17:11:02.0537 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcp100.dll - ok
17:11:02.0537 2760 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll
17:11:02.0537 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msvcr100.dll - ok
17:11:02.0537 2760 [ 3220C7768891C14C21447B8BA7619BB3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll
17:11:02.0537 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fssync.dll - ok
17:11:02.0537 2760 [ DA47CA990F00EB3EDD3B53E3E7761A14 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll
17:11:02.0537 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\scheduler.dll - ok
17:11:02.0537 2760 [ 138A81702EEC01DC703541710F801172 ] C:\Windows\SysWOW64\fltLib.dll
17:11:02.0537 2760 C:\Windows\SysWOW64\fltLib.dll - ok
17:11:02.0537 2760 [ 2A2104AF3487D47A8B577A9BE0665D33 ] C:\Windows\SysWOW64\logoncli.dll
17:11:02.0537 2760 C:\Windows\SysWOW64\logoncli.dll - ok
17:11:02.0552 2760 [ 4FC71D0DEC6421EE9620A8B02F2F7F31 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll
17:11:02.0552 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlupdate.dll - ok
17:11:02.0552 2760 [ 829A27486CAFCD21DC6059B0ECD5A166 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll
17:11:02.0552 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zdx.dll - ok
17:11:02.0552 2760 [ 0D190D8B4B20446BE6299AC734DFADF1 ] C:\Windows\System32\shsvcs.dll
17:11:02.0552 2760 C:\Windows\System32\shsvcs.dll - ok
17:11:02.0552 2760 [ 8B623D50C30C128C027602637E6EB7F3 ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
17:11:02.0552 2760 C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
17:11:02.0552 2760 [ E572557FD4CA855642A0B26CC9F3C788 ] C:\Windows\SysWOW64\secur32.dll
17:11:02.0552 2760 C:\Windows\SysWOW64\secur32.dll - ok
17:11:02.0552 2760 [ AA2BE96A5124A8789FC9267BE5F3BAD0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll
17:11:02.0552 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kavess.dll - ok
17:11:02.0552 2760 [ C386F4A32947092776A8E4EB88BFCD9E ] C:\Windows\System32\fveapi.dll
17:11:02.0552 2760 C:\Windows\System32\fveapi.dll - ok
17:11:02.0568 2760 [ 5D7148704D8715482695A534887359FA ] C:\Windows\SysWOW64\mpr.dll
17:11:02.0568 2760 C:\Windows\SysWOW64\mpr.dll - ok
17:11:02.0568 2760 [ D50705D14E8C876A47FF14B999B4A6C3 ] C:\Windows\System32\fvecerts.dll
17:11:02.0568 2760 C:\Windows\System32\fvecerts.dll - ok
17:11:02.0568 2760 [ 888A30EAB651502352C18745367FD179 ] C:\Windows\System32\schedsvc.dll
17:11:02.0568 2760 C:\Windows\System32\schedsvc.dll - ok
17:11:02.0568 2760 [ 984B3226C7A4CFC9FE91D7BACA133D8D ] C:\Windows\SysWOW64\winhttp.dll
17:11:02.0568 2760 C:\Windows\SysWOW64\winhttp.dll - ok
17:11:02.0568 2760 [ D229F8699331DE4F5E812CEC5701031D ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:11:02.0568 2760 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:11:02.0568 2760 [ 8F36F399F9EFBA4FA7B6A4E5305817EA ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:11:02.0568 2760 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:11:02.0568 2760 [ 0379D09E8D407F5BBE07C9D06DDA783D ] C:\Windows\SysWOW64\mlang.dll
17:11:02.0568 2760 C:\Windows\SysWOW64\mlang.dll - ok
17:11:02.0584 2760 [ 664A1DCFAD67C9A17B9BCA911C6457C5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl
17:11:02.0584 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\msoe.ppl - ok
17:11:02.0584 2760 [ 04EE1AD7E9277EC632C390DFEECF4C11 ] C:\Windows\SysWOW64\inetcomm.dll
17:11:02.0584 2760 C:\Windows\SysWOW64\inetcomm.dll - ok
17:11:02.0584 2760 [ 39435F4007F1CEDEF04356892B18D174 ] C:\Windows\System32\ubpm.dll
17:11:02.0584 2760 C:\Windows\System32\ubpm.dll - ok
17:11:02.0584 2760 [ E04863DDDA4D5386895D316B9A26958F ] C:\Windows\System32\ktmw32.dll
17:11:02.0584 2760 C:\Windows\System32\ktmw32.dll - ok
17:11:02.0584 2760 [ 3775C2671260284E34100B5D4A741807 ] C:\Windows\SysWOW64\msoert2.dll
17:11:02.0584 2760 C:\Windows\SysWOW64\msoert2.dll - ok
17:11:02.0584 2760 [ 5B9290D5540BDC461500DB84FC3606F0 ] C:\Windows\System32\CSystemEventsBrokerClient.dll
17:11:02.0584 2760 C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
17:11:02.0599 2760 [ 204A549F6AA4DC2F4CAF371FAA16747A ] C:\Windows\SysWOW64\oleacc.dll
17:11:02.0599 2760 C:\Windows\SysWOW64\oleacc.dll - ok
17:11:02.0599 2760 [ 68DEABD4CB0CF3920D3B6CCAA36173BC ] C:\Windows\System32\taskcomp.dll
17:11:02.0599 2760 C:\Windows\System32\taskcomp.dll - ok
17:11:02.0599 2760 [ 1E10B23560C34A90A0FA6ECD26E8565F ] C:\Windows\System32\ProximityService.dll
17:11:02.0599 2760 C:\Windows\System32\ProximityService.dll - ok
17:11:02.0599 2760 [ 02C6DF84328E271C3F844E477CB25169 ] C:\Windows\System32\ProximityServicePal.dll
17:11:02.0599 2760 C:\Windows\System32\ProximityServicePal.dll - ok
17:11:02.0599 2760 [ 8325177BBD77C2DAD43ED031A4EAE843 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll
17:11:02.0599 2760 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll - ok
17:11:02.0599 2760 [ 02E72187BE9329E4D9255BC5AE6D8286 ] C:\Windows\System32\ProximityCommon.dll
17:11:02.0599 2760 C:\Windows\System32\ProximityCommon.dll - ok
17:11:02.0615 2760 [ 1EE65FEAA57FBC2050AE153D07C8DC3F ] C:\Windows\System32\ProximityCommonPal.dll
17:11:02.0615 2760 C:\Windows\System32\ProximityCommonPal.dll - ok
17:11:02.0615 2760 [ EF34D2A2B64E5D7330F0926E8B826464 ] C:\Windows\SysWOW64\INETRES.dll
17:11:02.0615 2760 C:\Windows\SysWOW64\INETRES.dll - ok
17:11:02.0615 2760 [ 070B4DE2729515E9F22E4AAFD7B2497C ] C:\Windows\System32\ntmarta.dll
17:11:02.0615 2760 C:\Windows\System32\ntmarta.dll - ok
17:11:02.0615 2760 [ 3502776E366C913D49C0DA928AE3E6CB ] C:\Windows\System32\drivers\http.sys
17:11:02.0615 2760 C:\Windows\System32\drivers\http.sys - ok
17:11:02.0615 2760 [ 75F06513C384B2B999FAD8375FC63766 ] C:\Windows\SysWOW64\mapi32.dll
17:11:02.0615 2760 C:\Windows\SysWOW64\mapi32.dll - ok
17:11:02.0615 2760 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] C:\Windows\System32\spoolsv.exe
17:11:02.0615 2760 C:\Windows\System32\spoolsv.exe - ok
17:11:02.0615 2760 [ EDE582496D0CADEE35EA2B1076FF19A8 ] C:\Windows\System32\taskhost.exe
17:11:02.0615 2760 C:\Windows\System32\taskhost.exe - ok
17:11:02.0631 2760 [ 4D282B9C5BB05DF92C9F3977DFB9F916 ] C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:11:02.0631 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe - ok
17:11:02.0631 2760 [ 475D4A7E654A89B3665FCCF4D4BE75D6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll
17:11:02.0631 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\prloader.dll - ok
17:11:02.0631 2760 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
17:11:02.0631 2760 C:\Windows\SysWOW64\msvcp100.dll - ok
Geändert von Tandem (09.04.2014 um 00:53 Uhr) |
|
09.04.2014, 00:47
| #10 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 7/8: Code:
ATTFilter 17:11:02.0631 2760 [ DFD3F397BE9B1EE411A25DE34B6D58CE ] C:\Windows\SysWOW64\userenv.dll
17:11:02.0631 2760 C:\Windows\SysWOW64\userenv.dll - ok
17:11:02.0631 2760 [ 1387364237A13E9C12C184982138C52B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl
17:11:02.0631 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\nfio.ppl - ok
17:11:02.0631 2760 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
17:11:02.0631 2760 C:\Windows\SysWOW64\msvcr100.dll - ok
17:11:02.0646 2760 [ 0C014A85FB1CF81EE186224281CAAC6F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl
17:11:02.0646 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\fsdrvplg.ppl - ok
17:11:02.0646 2760 [ 0FE3CC41F2DF73529A0B2B76C1D85A0E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll
17:11:02.0646 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\service.dll - ok
17:11:02.0646 2760 [ 343CB2631CEAD5A6EC56FFA69937939F ] C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll
17:11:02.0646 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\grdcore.dll - ok
17:11:02.0646 2760 [ 86B4B70CE0332753CE18054DF0CC0896 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll
17:11:02.0646 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\eka_meta.dll - ok
17:11:02.0646 2760 [ 098A6AC9EC3D8958F2404073E488945A ] C:\Windows\System32\netcfgx.dll
17:11:02.0646 2760 C:\Windows\System32\netcfgx.dll - ok
17:11:02.0646 2760 [ 46065A1F1CA90E084E3217C883F69D4D ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
17:11:02.0646 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
17:11:02.0662 2760 [ BA0655E1856A16A14C9BC1FB27B111B9 ] C:\Windows\System32\TpmTasks.dll
17:11:02.0662 2760 C:\Windows\System32\TpmTasks.dll - ok
17:11:02.0662 2760 [ 0E53F1FB5A603B984DC3921D2FF76662 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
17:11:02.0662 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
17:11:02.0662 2760 [ 0D0CD1020D821F4D2AC95280213D2F2E ] C:\Windows\System32\aepic.dll
17:11:02.0662 2760 C:\Windows\System32\aepic.dll - ok
17:11:02.0677 2760 [ D1A3B6C2F8F39EC7F75D03740A8112A1 ] C:\Windows\System32\tbs.dll
17:11:02.0677 2760 C:\Windows\System32\tbs.dll - ok
17:11:02.0677 2760 [ F4C464208E81373B142FB87926EE8D71 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll
17:11:02.0677 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_legacy.dll - ok
17:11:02.0677 2760 [ 770D71782A90BE9C48C4310C5C35E25B ] C:\Windows\System32\sfc_os.dll
17:11:02.0677 2760 C:\Windows\System32\sfc_os.dll - ok
17:11:02.0677 2760 [ 3B03178E65E6903328644E329B24D8B2 ] C:\Windows\System32\version.dll
17:11:02.0693 2760 C:\Windows\System32\version.dll - ok
17:11:02.0693 2760 [ 6468B696C65775D51A06615830E0E79D ] C:\Windows\System32\BFE.DLL
17:11:02.0693 2760 C:\Windows\System32\BFE.DLL - ok
17:11:02.0693 2760 [ CDFC746E798A7AEFED4B996F75C9F8E8 ] C:\Windows\SysWOW64\wscisvif.dll
17:11:02.0693 2760 C:\Windows\SysWOW64\wscisvif.dll - ok
17:11:02.0693 2760 [ 18490AD7AB6320CDC0C04B137B385DB3 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll
17:11:02.0693 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpipc.dll - ok
17:11:02.0693 2760 [ 6B4FFFDDC618FCF64473CAA86E305697 ] C:\Windows\System32\drivers\bowser.sys
17:11:02.0693 2760 C:\Windows\System32\drivers\bowser.sys - ok
17:11:02.0693 2760 [ 1147C3047C28435826EDCE83C1CD8096 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll
17:11:02.0693 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgen.dll - ok
17:11:02.0693 2760 [ B539CFD39BB40964BD36AE037AB0887D ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll
17:11:02.0693 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpschd.dll - ok
17:11:02.0709 2760 [ 5D4BE903C0A693DC0CD2D441DBEBAE00 ] C:\Windows\SysWOW64\wscapi.dll
17:11:02.0709 2760 C:\Windows\SysWOW64\wscapi.dll - ok
17:11:02.0709 2760 [ 2402C221CCC47599E8D39118473E1457 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll
17:11:02.0709 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\key_value_storage.dll - ok
17:11:02.0709 2760 [ 6614EDFCF4AFE27E46FC0C1A5EC1269D ] C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll
17:11:02.0709 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avevtlog.dll - ok
17:11:02.0709 2760 [ 53F5464997776F0AD1F68798787D3537 ] C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll
17:11:02.0709 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\schedr.dll - ok
17:11:02.0709 2760 [ 9F6DCD344AD9BBD91E9E0B8E84CEC15F ] C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
17:11:02.0709 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll - ok
17:11:02.0709 2760 [ F170510BE94CF45E3C6274578F6204B2 ] C:\Windows\System32\drivers\mpsdrv.sys
17:11:02.0709 2760 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:11:02.0724 2760 [ 79B6F3DF7CDFD12159871FF71464F0CE ] C:\Windows\System32\drivers\mrxsmb.sys
17:11:02.0724 2760 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:11:02.0724 2760 [ D186C5844393252147BE934F3871DB7A ] C:\Windows\System32\MPSSVC.dll
17:11:02.0724 2760 C:\Windows\System32\MPSSVC.dll - ok
17:11:02.0724 2760 [ AAF56E4E84D35411B4E446C445732DFE ] C:\Windows\System32\drivers\mrxsmb20.sys
17:11:02.0724 2760 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:11:02.0724 2760 [ 0FF358906F2333B26267BC0064DC02C4 ] C:\Windows\SysWOW64\urlmon.dll
17:11:02.0724 2760 C:\Windows\SysWOW64\urlmon.dll - ok
17:11:02.0724 2760 [ 9B95FCB49595A869F27034916382FE57 ] C:\Windows\System32\adhapi.dll
17:11:02.0724 2760 C:\Windows\System32\adhapi.dll - ok
17:11:02.0724 2760 [ 9DF590DEA96B6756CF8D73C2525797BE ] C:\Windows\System32\wfapigp.dll
17:11:02.0724 2760 C:\Windows\System32\wfapigp.dll - ok
17:11:02.0740 2760 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] C:\Windows\System32\wkssvc.dll
17:11:02.0740 2760 C:\Windows\System32\wkssvc.dll - ok
17:11:02.0740 2760 [ 160A1B5BA583A8B73835EA2305351663 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll
17:11:02.0740 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\am_meta.dll - ok
17:11:02.0740 2760 [ 27CAF94BD894A03AAB29128D0B53464C ] C:\Windows\SysWOW64\comsvcs.dll
17:11:02.0740 2760 C:\Windows\SysWOW64\comsvcs.dll - ok
17:11:02.0740 2760 [ FC4A2DDDF5AE3CCBB1E309F5AB4599A4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll
17:11:02.0740 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ac_meta.dll - ok
17:11:02.0740 2760 [ C5F8007EAF82B13F3807503B81B38CB4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll
17:11:02.0740 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\app_core_meta.dll - ok
17:11:02.0740 2760 [ F2629AF810E939672173CB17ECAC1667 ] C:\Windows\System32\MrmCoreR.dll
17:11:02.0740 2760 C:\Windows\System32\MrmCoreR.dll - ok
17:11:02.0740 2760 [ 46E42A28B182E4268D9155B0484B08FF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll
17:11:02.0740 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp_meta.dll - ok
17:11:02.0756 2760 [ BA0A21F761CE5001DF712C51BF11F953 ] C:\Windows\System32\urlmon.dll
17:11:02.0756 2760 C:\Windows\System32\urlmon.dll - ok
17:11:02.0756 2760 [ 05A545F99EE042531CD5BCC32C3F76C1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll
17:11:02.0756 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\instrumental_meta.dll - ok
17:11:02.0756 2760 [ 14571C19B6B2445220F84B5DB8DD90F5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll
17:11:02.0756 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\storage.dll - ok
17:11:02.0756 2760 [ 2667A32680FD766E329D15DF94CF10C3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll
17:11:02.0756 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ichecker.dll - ok
17:11:02.0756 2760 [ 76862AAF77C049EC20217FDC209F7F13 ] C:\Windows\System32\iertutil.dll
17:11:02.0756 2760 C:\Windows\System32\iertutil.dll - ok
17:11:02.0756 2760 [ 5C8ED5CE71D16E64DAD1D5C8182703B0 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll
17:11:02.0756 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threats_disinfection.dll - ok
17:11:02.0771 2760 [ 7AE5F46F78B5355D02BA90878A44771A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl
17:11:02.0771 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\winreg.ppl - ok
17:11:02.0771 2760 [ 9FFFD87E90C8CB6BB43C1176BE461104 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll
17:11:02.0771 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_sync.dll - ok
17:11:02.0771 2760 [ A29FB03E41AF1700F5A5A5D10C9E3559 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll
17:11:02.0771 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_adaptor.dll - ok
17:11:02.0771 2760 [ DF79CE9B950C62677D232154E93A81C7 ] C:\Windows\System32\wininet.dll
17:11:02.0771 2760 C:\Windows\System32\wininet.dll - ok
17:11:02.0771 2760 [ 7668892E7ABC6FE867DCB097B36B6F3C ] C:\Windows\System32\Windows.UI.dll
17:11:02.0771 2760 C:\Windows\System32\Windows.UI.dll - ok
17:11:02.0771 2760 [ B4C2D97B1BA52926A8B6FA3E506295FD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl
17:11:02.0771 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\params.ppl - ok
17:11:02.0787 2760 [ DE94F448F4A6F39E0C2E4080E853BC9C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\tm.ppl - ok
17:11:02.0787 2760 [ 2022F1EC840827B3F004926AAE63E09C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\schedule.ppl - ok
17:11:02.0787 2760 [ 7F621C0A34CA6CA3832CCCD9951F789E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\regmap.ppl - ok
17:11:02.0787 2760 [ 41BFE19EC91D344ADE47C468089DA8B5 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\thpimpl.ppl - ok
17:11:02.0787 2760 [ FBFA77AACE9DD4DD61EDE05B90A4F910 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\timer.ppl - ok
17:11:02.0787 2760 [ 6F91CBB493233FA2EC58EAAC489DB006 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\report.ppl - ok
17:11:02.0787 2760 [ ADB3287AAB1C689162FB9DF52F96070F ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl
17:11:02.0787 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\reportdb.ppl - ok
17:11:02.0802 2760 [ 7F33E7CE477046414D21F307E8B6B899 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl
17:11:02.0802 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\procmon.ppl - ok
17:11:02.0802 2760 [ 58F4E62A09CD66CC3E60875C2517811D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll
17:11:02.0802 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\klifpp.dll - ok
17:11:02.0802 2760 [ 0601A49C6C32740BB25FD2AF759F5960 ] C:\Windows\SysWOW64\setupapi.dll
17:11:02.0802 2760 C:\Windows\SysWOW64\setupapi.dll - ok
17:11:02.0802 2760 [ C1CB4AE82E173A620720996EBC3D02D6 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll
17:11:02.0802 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\packed_io.dll - ok
17:11:02.0802 2760 [ 63BD0F89217177AC2596738E3A199BA1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl
17:11:02.0802 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\hashmd5.ppl - ok
17:11:02.0802 2760 [ 1C4276FAA89D41720EB2A1AB01D25CC3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl
17:11:02.0802 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\crpthlpr.ppl - ok
17:11:02.0818 2760 [ AFF76CD4D399D1347795D881F24A9508 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl
17:11:02.0818 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dtreg.ppl - ok
17:11:02.0818 2760 [ 281C47DE05FC1D4F2A8908A7CAC4C24E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll
17:11:02.0818 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\excludemanager.dll - ok
17:11:02.0818 2760 [ FCC56B97754E78D2DD6008C4D4EFB3C1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll
17:11:02.0818 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\acassembler.dll - ok
17:11:02.0818 2760 [ 3B1D694C2E3F31B74C4398585AB8BEFF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll
17:11:02.0818 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\format_recognizer.dll - ok
17:11:02.0818 2760 [ B362181ED3771DC03B4141927C80F801 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:11:02.0818 2760 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
17:11:02.0818 2760 [ 65AF41A7A2C5B6693E1B4164E7632C3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:11:02.0818 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe - ok
17:11:02.0834 2760 [ 46C6D8A6B4DEBBB55B6DA6B92C100599 ] C:\Windows\SysWOW64\propsys.dll
17:11:02.0834 2760 C:\Windows\SysWOW64\propsys.dll - ok
17:11:02.0834 2760 [ 5AA28997F6A30EB196A5AB09F684B7BE ] C:\Windows\SysWOW64\imagehlp.dll
17:11:02.0834 2760 C:\Windows\SysWOW64\imagehlp.dll - ok
17:11:02.0834 2760 [ 63FE35B2DFC1CCD2AA33EA8BA2460BE9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll
17:11:02.0834 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgrd.dll - ok
17:11:02.0834 2760 [ E7721DCE7EE53A22BBF6CFCAA145FB12 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll
17:11:02.0834 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgui.dll - ok
17:11:02.0834 2760 [ B792BBE05A18481016A7C39269D3E75C ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll
17:11:02.0834 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgavid.dll - ok
17:11:02.0834 2760 [ C8318A083DE9D8FFCA6E70D3E183490A ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
17:11:02.0834 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe - ok
17:11:02.0849 2760 [ 8F9F50F3810672AC36503B72A0B1808A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll
17:11:02.0849 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb44.dll - ok
17:11:02.0849 2760 [ 9C933EE52559A41B704CBB189E7D6495 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll
17:11:02.0849 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gplegacy.dll - ok
17:11:02.0849 2760 [ EDA04929396FBE9D3C6A93E847657AD4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll
17:11:02.0849 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpgenrep.dll - ok
17:11:02.0849 2760 [ 3B220F0D170EE8EE2B365749B03D73F6 ] C:\Windows\System32\drivers\avnetflt.sys
17:11:02.0849 2760 C:\Windows\System32\drivers\avnetflt.sys - ok
17:11:02.0849 2760 [ 23C77897F8DC43B25A1DD03542E479EA ] C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll
17:11:02.0849 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\onlcfg.dll - ok
17:11:02.0849 2760 [ 5C6ADD0111E1C6601B5911F7ACF85BB8 ] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
17:11:02.0849 2760 C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe - ok
17:11:02.0849 2760 [ D9053149D55CEB13C66A69A00A1B6D7D ] C:\Windows\System32\wbem\wbemprox.dll
17:11:02.0849 2760 C:\Windows\System32\wbem\wbemprox.dll - ok
17:11:02.0865 2760 [ 527429623E2A20C53DB246C51E6F2726 ] C:\Windows\System32\wbemcomn.dll
17:11:02.0865 2760 C:\Windows\System32\wbemcomn.dll - ok
17:11:02.0865 2760 [ D2BCDD6BBFCD068090C109854FCEE079 ] C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:11:02.0865 2760 C:\Program Files (x86)\Launch Manager\dsiwmis.exe - ok
17:11:02.0865 2760 [ CD135EBBA99C598F30E6093824193038 ] C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll
17:11:02.0865 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gavidb.dll - ok
17:11:02.0865 2760 [ 281BEE07BA97E3E98D12A822D923D0D8 ] C:\Windows\System32\dps.dll
17:11:02.0865 2760 C:\Windows\System32\dps.dll - ok
17:11:02.0865 2760 [ ECC0D0444FDDE870760083954F1CF52B ] C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll
17:11:02.0865 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libdb53.dll - ok
17:11:02.0865 2760 [ 425E22D9F5C01616AFC92987791B19E9 ] C:\Windows\SysWOW64\svchost.exe
17:11:02.0865 2760 C:\Windows\SysWOW64\svchost.exe - ok
17:11:02.0881 2760 [ 5878613C2E0EFB4F656DDADC452551B6 ] C:\Windows\SysWOW64\winsta.dll
17:11:02.0881 2760 C:\Windows\SysWOW64\winsta.dll - ok
17:11:02.0881 2760 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:11:02.0881 2760 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
17:11:02.0881 2760 [ B82255670D270B75D2D2F0F8747D1443 ] C:\Windows\System32\IKEEXT.DLL
17:11:02.0881 2760 C:\Windows\System32\IKEEXT.DLL - ok
17:11:02.0881 2760 [ 3C4002D339491AF73D663FFC7F6E5ECB ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
17:11:02.0881 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe - ok
17:11:02.0881 2760 [ 295771B092D4F7FCF2B62F80CCD14320 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:11:02.0881 2760 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:11:02.0881 2760 [ EE281DD6843F3F697C1AD7933EEB1E9B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:11:02.0881 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
17:11:02.0881 2760 [ 234F79CD1226D634BBC6B154E4CC7A44 ] C:\Windows\System32\vpnikeapi.dll
17:11:02.0881 2760 C:\Windows\System32\vpnikeapi.dll - ok
17:11:02.0896 2760 [ 2B9EED6835D269F35B310DC03D0F5768 ] C:\Windows\SysWOW64\dnsapi.dll
17:11:02.0896 2760 C:\Windows\SysWOW64\dnsapi.dll - ok
17:11:02.0896 2760 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] C:\Windows\System32\drivers\Ndu.sys
17:11:02.0896 2760 C:\Windows\System32\drivers\Ndu.sys - ok
17:11:02.0896 2760 [ B6C010F42053ED92E421EE5476E10645 ] C:\Windows\SysWOW64\rasadhlp.dll
17:11:02.0896 2760 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:11:02.0896 2760 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
17:11:02.0896 2760 C:\Windows\System32\HPZinw12.dll - ok
17:11:02.0896 2760 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] C:\Windows\System32\pcasvc.dll
17:11:02.0896 2760 C:\Windows\System32\pcasvc.dll - ok
17:11:02.0896 2760 [ BEA61BAC330230D3B1340F29A2312DD2 ] C:\Windows\System32\wsock32.dll
17:11:02.0896 2760 C:\Windows\System32\wsock32.dll - ok
17:11:02.0912 2760 [ F52DA6F31C7F197520ACC89F512CE848 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
17:11:02.0912 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
17:11:02.0912 2760 [ AF6B7381C18DBCE4FEB296FA5441AE0D ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:11:02.0912 2760 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:11:02.0912 2760 [ BA50CC0BD19004AAB88BE37338B6FA0D ] C:\Windows\System32\drivers\PEAuth.sys
17:11:02.0912 2760 C:\Windows\System32\drivers\PEAuth.sys - ok
17:11:02.0912 2760 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] C:\Windows\System32\nlasvc.dll
17:11:02.0912 2760 C:\Windows\System32\nlasvc.dll - ok
17:11:02.0912 2760 [ 2850EDC032C59C7673246BF8B1D301BC ] C:\Windows\SysWOW64\winspool.drv
17:11:02.0912 2760 C:\Windows\SysWOW64\winspool.drv - ok
17:11:02.0912 2760 [ F61333867216EDE1A09A7C55FEDCB6A8 ] C:\Windows\RfBtnSvc64.exe
17:11:02.0912 2760 C:\Windows\RfBtnSvc64.exe - ok
17:11:02.0912 2760 [ 380AA537624F698F4C51C55806D30E69 ] C:\Windows\System32\ncsi.dll
17:11:02.0912 2760 C:\Windows\System32\ncsi.dll - ok
17:11:02.0927 2760 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
17:11:02.0927 2760 C:\Windows\System32\HPZipm12.dll - ok
17:11:02.0927 2760 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] C:\Windows\System32\winhttp.dll
17:11:02.0927 2760 C:\Windows\System32\winhttp.dll - ok
17:11:02.0927 2760 [ 90B06AD0BA271ABDD56A77040B39C525 ] C:\Windows\System32\ssdpapi.dll
17:11:02.0927 2760 C:\Windows\System32\ssdpapi.dll - ok
17:11:02.0927 2760 [ 675C575444AAFD56B4E8A99EF8A570CD ] C:\Windows\SysWOW64\rpcnet.exe
17:11:02.0927 2760 C:\Windows\SysWOW64\rpcnet.exe - ok
17:11:02.0927 2760 [ 88028A645052327CE652A4CFCA16DBC9 ] C:\Windows\SysWOW64\apphelp.dll
17:11:02.0927 2760 C:\Windows\SysWOW64\apphelp.dll - ok
17:11:02.0927 2760 [ 88C01207F7772D6D16C36D63E0544DC1 ] C:\Windows\apppatch\AcGenral.dll
17:11:02.0927 2760 C:\Windows\apppatch\AcGenral.dll - ok
17:11:02.0943 2760 [ 2C95C9CB5DA80E779BF8A1C0ACD803A3 ] C:\Windows\SysWOW64\uxtheme.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\uxtheme.dll - ok
17:11:02.0943 2760 [ 0D70F07EB0BCCE2B13652EFFF0DDD75F ] C:\Windows\SysWOW64\msacm32.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\msacm32.dll - ok
17:11:02.0943 2760 [ 7254BFFB866CA443285A4D62294250BB ] C:\Windows\SysWOW64\dwmapi.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\dwmapi.dll - ok
17:11:02.0943 2760 [ 7A554464C1B1380C5B74ADF3DED4F663 ] C:\Windows\apppatch\AcLayers.dll
17:11:02.0943 2760 C:\Windows\apppatch\AcLayers.dll - ok
17:11:02.0943 2760 [ 3AA79A83EC7D1B16D296029035A9C399 ] C:\Windows\SysWOW64\sfc.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\sfc.dll - ok
17:11:02.0943 2760 [ EB5BB44DBA9F55DB59076E58F6E42C03 ] C:\Windows\SysWOW64\sfc_os.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\sfc_os.dll - ok
17:11:02.0943 2760 [ 53B05C9C35E422E7473CCBBA162DE62D ] C:\Windows\SysWOW64\tapi32.dll
17:11:02.0943 2760 C:\Windows\SysWOW64\tapi32.dll - ok
17:11:02.0959 2760 [ CA72332804C787B8E767C09FFE844B38 ] C:\Windows\SysWOW64\rpcnet.dll
17:11:02.0959 2760 C:\Windows\SysWOW64\rpcnet.dll - ok
17:11:02.0959 2760 [ 9247E2FA8B8242B1620B1B6931816373 ] C:\Windows\System32\rpcnetp.exe
17:11:02.0959 2760 C:\Windows\System32\rpcnetp.exe - ok
17:11:02.0959 2760 [ 0320929A497A57A243ED157BA082896D ] C:\Windows\SysWOW64\pcacli.dll
17:11:02.0959 2760 C:\Windows\SysWOW64\pcacli.dll - ok
17:11:02.0959 2760 [ 552DF4A9DD8F4A500E3F8FC9C512D47A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe
17:11:02.0959 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccuac.exe - ok
17:11:02.0959 2760 [ C3C9B251ABFA347AA454B6AA17068FA1 ] C:\Windows\SysWOW64\devrtl.dll
17:11:02.0959 2760 C:\Windows\SysWOW64\devrtl.dll - ok
17:11:02.0959 2760 [ 2E5E517A5ED5CA1E99DA3AE517089935 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
17:11:02.0959 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
17:11:02.0974 2760 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\Windows\SysWOW64\mfc100u.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\mfc100u.dll - ok
17:11:02.0974 2760 [ 0E28DA18EF14D77E236B4BD0E111BEC8 ] C:\Windows\SysWOW64\activeds.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\activeds.dll - ok
17:11:02.0974 2760 [ 3D7B4D033FE80A86B1FC530A03A53754 ] C:\Windows\SysWOW64\msimg32.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\msimg32.dll - ok
17:11:02.0974 2760 [ 25E3826F8A5CB3E8E95926AD271ED365 ] C:\Windows\SysWOW64\adsldpc.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\adsldpc.dll - ok
17:11:02.0974 2760 [ 8245D8290D263BB655E15C5FEFE8B8A8 ] C:\Windows\SysWOW64\browcli.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\browcli.dll - ok
17:11:02.0974 2760 [ ECA6624EFEBBE2C0C320AC942620C404 ] C:\Windows\SysWOW64\mfc100deu.dll
17:11:02.0974 2760 C:\Windows\SysWOW64\mfc100deu.dll - ok
17:11:02.0974 2760 [ E5624A279E2E98EAFCB6BCA7DB4DB2CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll
17:11:02.0974 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\firewall.dll - ok
17:11:02.0990 2760 [ FCA25104E526B1783F0366FF3B4E4445 ] C:\Windows\SysWOW64\FirewallAPI.dll
17:11:02.0990 2760 C:\Windows\SysWOW64\FirewallAPI.dll - ok
17:11:02.0990 2760 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:11:02.0990 2760 C:\Windows\System32\drivers\secdrv.sys - ok
17:11:02.0990 2760 [ 4A3B02AC2E1635C0A4603B32D447FBB2 ] C:\Windows\SysWOW64\rpcnetp.dll
17:11:02.0990 2760 C:\Windows\SysWOW64\rpcnetp.dll - ok
17:11:02.0990 2760 [ 77195C32175FC63D6054EBA5A066D727 ] C:\Windows\System32\drivers\srvnet.sys
17:11:02.0990 2760 C:\Windows\System32\drivers\srvnet.sys - ok
17:11:02.0990 2760 [ F0814A5318A534E4742F5358DF59F3AD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
17:11:02.0990 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe - ok
17:11:02.0990 2760 [ 33A7D83EEB15431773A6E186CFAABA21 ] C:\Windows\System32\drivers\tcpipreg.sys
17:11:02.0990 2760 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:11:03.0006 2760 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] C:\Windows\System32\sysmain.dll
17:11:03.0006 2760 C:\Windows\System32\sysmain.dll - ok
17:11:03.0006 2760 [ 84F20198CAE435DE32ABDB4511550BD7 ] C:\Windows\SysWOW64\mscoree.dll
17:11:03.0006 2760 C:\Windows\SysWOW64\mscoree.dll - ok
17:11:03.0006 2760 [ 9DB490F3E823C5C3C070644B96CB9D59 ] C:\Windows\System32\wbem\WMIsvc.dll
17:11:03.0006 2760 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:11:03.0006 2760 [ D638904FE86A5FE542A1BA13A9D68E5C ] C:\Windows\System32\wiaservc.dll
17:11:03.0006 2760 C:\Windows\System32\wiaservc.dll - ok
17:11:03.0006 2760 [ C97E14BB6A196B0554D6EB67D8818175 ] C:\Windows\System32\trkwks.dll
17:11:03.0006 2760 C:\Windows\System32\trkwks.dll - ok
17:11:03.0006 2760 [ E1D793FCCD26B862839217612830ECFC ] C:\Windows\System32\wbem\wbemcore.dll
17:11:03.0006 2760 C:\Windows\System32\wbem\wbemcore.dll - ok
17:11:03.0006 2760 [ 6E49FFDFBAC4AC6CB45238C67E3E15F2 ] C:\Windows\System32\wiatrace.dll
17:11:03.0006 2760 C:\Windows\System32\wiatrace.dll - ok
17:11:03.0021 2760 [ 415EE38FA22E6489ED95D0C0F1560BD8 ] C:\Windows\System32\deviceassociation.dll
17:11:03.0021 2760 C:\Windows\System32\deviceassociation.dll - ok
17:11:03.0021 2760 [ 536175601D6FDA57917D18D21476915A ] C:\Windows\System32\wsdchngr.dll
17:11:03.0021 2760 C:\Windows\System32\wsdchngr.dll - ok
17:11:03.0021 2760 [ B801371569B9E310BBD068E21D486F1A ] C:\Windows\System32\fundisc.dll
17:11:03.0021 2760 C:\Windows\System32\fundisc.dll - ok
17:11:03.0021 2760 [ 16BF6ADAED1427A7AF08125DD14BA52C ] C:\Windows\System32\fdPnp.dll
17:11:03.0021 2760 C:\Windows\System32\fdPnp.dll - ok
17:11:03.0021 2760 [ 2C6B75D50B9917766FE7BA0C11A1FA23 ] C:\Windows\System32\wbem\esscli.dll
17:11:03.0021 2760 C:\Windows\System32\wbem\esscli.dll - ok
17:11:03.0021 2760 [ EAA293B3C52C76449ABA8419C8AEC839 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:11:03.0021 2760 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:11:03.0021 2760 [ C510810D292782189F8BE12A1B0E366E ] C:\Windows\System32\wbem\fastprox.dll
17:11:03.0037 2760 C:\Windows\System32\wbem\fastprox.dll - ok
17:11:03.0037 2760 [ 36BC2FF91264BB032FEB927B03DE4C29 ] C:\Windows\System32\wbem\wbemsvc.dll
17:11:03.0037 2760 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:11:03.0037 2760 [ 5FB52C4367FCABB27373F701C714192C ] C:\Windows\System32\wbem\wmiutils.dll
17:11:03.0037 2760 C:\Windows\System32\wbem\wmiutils.dll - ok
17:11:03.0037 2760 [ 4845FC917AB257CAE4F16A80ADC15412 ] C:\Windows\System32\wbem\repdrvfs.dll
17:11:03.0037 2760 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:11:03.0037 2760 [ 572EA523849EC996B61065E8E6BF9D37 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:11:03.0037 2760 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:11:03.0037 2760 [ A58E3C42883F36D743F9BE9B21BFC990 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
17:11:03.0037 2760 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll - ok
17:11:03.0052 2760 [ 824BC775A6B475D872431F6B36DD8BA3 ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:11:03.0052 2760 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:11:03.0052 2760 [ A19F9B39E739E89698E662896F4A76B5 ] C:\Windows\System32\ncobjapi.dll
17:11:03.0052 2760 C:\Windows\System32\ncobjapi.dll - ok
17:11:03.0052 2760 [ B2CF1AF98C13B3C19FDD7EF1EF56C05F ] C:\Windows\System32\wbem\wbemess.dll
17:11:03.0052 2760 C:\Windows\System32\wbem\wbemess.dll - ok
17:11:03.0052 2760 [ ABC05B8D756A6981DBCD2B6C1D62E159 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
17:11:03.0052 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll - ok
17:11:03.0052 2760 [ ACA8E5A15FE7E513E95FF2E9AE54ED0E ] C:\Windows\System32\wbem\unsecapp.exe
17:11:03.0052 2760 C:\Windows\System32\wbem\unsecapp.exe - ok
17:11:03.0052 2760 [ B2EC086D45532BCFBB3042C78C27A904 ] C:\Windows\System32\dsparse.dll
17:11:03.0052 2760 C:\Windows\System32\dsparse.dll - ok
17:11:03.0052 2760 [ A5B39B59E91EAC9585DB3F7ABDC67109 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
17:11:03.0052 2760 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
17:11:03.0068 2760 [ 9D2136DDE6753B36A0771FF34337B5D1 ] C:\Windows\SysWOW64\riched20.dll
17:11:03.0068 2760 C:\Windows\SysWOW64\riched20.dll - ok
17:11:03.0068 2760 [ A2D053D11E3756DB3C5642AACA84E69B ] C:\Windows\SysWOW64\usp10.dll
17:11:03.0068 2760 C:\Windows\SysWOW64\usp10.dll - ok
17:11:03.0068 2760 [ 2FE534AC99FE081D9A6950C0C8032751 ] C:\Windows\SysWOW64\msls31.dll
17:11:03.0068 2760 C:\Windows\SysWOW64\msls31.dll - ok
17:11:03.0068 2760 [ CE6D08350D0A1278E9A97D94023D1800 ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:11:03.0068 2760 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:11:03.0068 2760 [ BFC0069A46E1D1F38AFB253F76964471 ] C:\Windows\System32\wbem\wmiprov.dll
17:11:03.0068 2760 C:\Windows\System32\wbem\wmiprov.dll - ok
17:11:03.0068 2760 [ EF54D5BEF570516BFA9C0DB9BE99D7F0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
17:11:03.0068 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll - ok
17:11:03.0084 2760 [ 43B223C4799777C4DA008469DD913813 ] C:\Windows\System32\wbem\NCProv.dll
17:11:03.0084 2760 C:\Windows\System32\wbem\NCProv.dll - ok
17:11:03.0084 2760 [ 3BD314F6EA1B7C7CF0BEE5A65E1D548E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll
17:11:03.0084 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\465dac2a0ebb43fd93816404c1b03bc9\System.ServiceProcess.ni.dll - ok
17:11:03.0084 2760 [ 99DB2F9BFAE614880930B2BBDD78E3A6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:11:03.0084 2760 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:11:03.0099 2760 [ AA7F6E73297740FA1CFA4E28950AE0A4 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
17:11:03.0099 2760 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
17:11:03.0099 2760 [ A12CBF5ECE1227B034670A31DAD0BF3A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\865b858298279774d2a3c6cecac95124\System.Configuration.Install.ni.dll
17:11:03.0099 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\865b858298279774d2a3c6cecac95124\System.Configuration.Install.ni.dll - ok
17:11:03.0099 2760 [ B83132A1645106F5BC363EEE24E8C558 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3430f069c93f4233f0dbb775cb73b49b\System.Core.ni.dll
17:11:03.0099 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3430f069c93f4233f0dbb775cb73b49b\System.Core.ni.dll - ok
17:11:03.0115 2760 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] C:\Windows\System32\iphlpsvc.dll
17:11:03.0115 2760 C:\Windows\System32\iphlpsvc.dll - ok
17:11:03.0115 2760 [ 33F5EE33BAAD7DEF96DA4270D0F4B308 ] C:\Windows\System32\wbem\cimwin32.dll
17:11:03.0115 2760 C:\Windows\System32\wbem\cimwin32.dll - ok
17:11:03.0115 2760 [ C1AE59C0B0817236EC083A91C396005A ] C:\Windows\System32\drivers\srv2.sys
17:11:03.0115 2760 C:\Windows\System32\drivers\srv2.sys - ok
17:11:03.0115 2760 [ 42582B288CB1B9F9C996A49804E08B75 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll
17:11:03.0115 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\97272e5adde36ea896d7216bf0270e15\System.Configuration.ni.dll - ok
17:11:03.0115 2760 [ DA691E383B0F28C640BE68F0B914F1A1 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:11:03.0115 2760 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:11:03.0115 2760 [ C32ADB033616D0409641BCD4439033F8 ] C:\Windows\System32\framedynos.dll
17:11:03.0115 2760 C:\Windows\System32\framedynos.dll - ok
17:11:03.0131 2760 [ 5834A2432192ED502999CE24A5442CB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll
17:11:03.0131 2760 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\672138dc2f47a077f59ef14290a6973e\System.Xml.ni.dll - ok
17:11:03.0131 2760 [ 70DAA70A39D15868A0DDEDC46B7A823F ] C:\Windows\System32\httpprxm.dll
17:11:03.0131 2760 C:\Windows\System32\httpprxm.dll - ok
17:11:03.0131 2760 [ 1B8B4F73EE08B5A6EC5A70C96DA90667 ] C:\Windows\System32\adhsvc.dll
17:11:03.0131 2760 C:\Windows\System32\adhsvc.dll - ok
17:11:03.0131 2760 [ 582ED9A6D0B34F2F55607562FDA263E9 ] C:\Windows\System32\sqmapi.dll
17:11:03.0131 2760 C:\Windows\System32\sqmapi.dll - ok
17:11:03.0131 2760 [ 2B78788A1485F9B99A578A299DF42C02 ] C:\Windows\System32\drivers\srv.sys
17:11:03.0131 2760 C:\Windows\System32\drivers\srv.sys - ok
17:11:03.0131 2760 [ 5CEC21295040B8FA8F26CB07D650954D ] C:\Windows\System32\netprofm.dll
17:11:03.0131 2760 C:\Windows\System32\netprofm.dll - ok
17:11:03.0131 2760 [ 1E5C8EF393A0A07A1A397DEAF8FA17CC ] C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll
17:11:03.0131 2760 C:\Windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.ServiceProcess.Resources.dll - ok
17:11:03.0146 2760 [ 6E98157791491AEBF64B1392293E48A7 ] C:\Windows\System32\nci.dll
17:11:03.0146 2760 C:\Windows\System32\nci.dll - ok
17:11:03.0146 2760 [ 27B58E16CF895AC1F1A97C04814C2239 ] C:\Windows\System32\srvsvc.dll
17:11:03.0146 2760 C:\Windows\System32\srvsvc.dll - ok
17:11:03.0146 2760 [ A1BECE49EF88F58F6DC881AF251B822E ] C:\Windows\System32\dskquota.dll
17:11:03.0146 2760 C:\Windows\System32\dskquota.dll - ok
17:11:03.0146 2760 [ E372BBF897005442ECEB7843CEB394D2 ] C:\Windows\System32\rasadhlp.dll
17:11:03.0146 2760 C:\Windows\System32\rasadhlp.dll - ok
17:11:03.0146 2760 [ 5FE61B0E223FAC7316526A7B588E9F2D ] C:\Windows\System32\wdscore.dll
17:11:03.0146 2760 C:\Windows\System32\wdscore.dll - ok
17:11:03.0146 2760 [ 056A7F991CCBDACB5A132419FA244C3E ] C:\Windows\System32\mi.dll
17:11:03.0146 2760 C:\Windows\System32\mi.dll - ok
17:11:03.0162 2760 [ 830445350C7CDEC426FA5E1F9E1B0DAD ] C:\Windows\System32\sscore.dll
17:11:03.0162 2760 C:\Windows\System32\sscore.dll - ok
17:11:03.0162 2760 [ 3A8A50121A2600AEC63E4713AF6F25E7 ] C:\Windows\System32\sscoreext.dll
17:11:03.0162 2760 C:\Windows\System32\sscoreext.dll - ok
17:11:03.0162 2760 [ FD03915B5FD90025020971982CB32E18 ] C:\Windows\SysWOW64\httpapi.dll
17:11:03.0162 2760 C:\Windows\SysWOW64\httpapi.dll - ok
17:11:03.0162 2760 [ E8E50E7703204AE06C6B5FEFE2F701E7 ] C:\Windows\System32\miutils.dll
17:11:03.0162 2760 C:\Windows\System32\miutils.dll - ok
17:11:03.0162 2760 [ A7578E2FB09DD9D9CEE6791151C11334 ] C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\system.resources.dll
17:11:03.0162 2760 C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\system.resources.dll - ok
17:11:03.0162 2760 [ 38DF4E3D3559F58793E70ED8093A6F2B ] C:\Windows\System32\wmidcom.dll
17:11:03.0162 2760 C:\Windows\System32\wmidcom.dll - ok
17:11:03.0162 2760 [ 66F78ECB93F16BBDA095D9EA71CD712B ] C:\Windows\System32\resutils.dll
17:11:03.0162 2760 C:\Windows\System32\resutils.dll - ok
17:11:03.0177 2760 [ 0F9594CB8B35FAF12825285415414F85 ] C:\Windows\System32\clusapi.dll
17:11:03.0177 2760 C:\Windows\System32\clusapi.dll - ok
17:11:03.0177 2760 [ E90A3C2460984362BE38F572842C890A ] C:\Windows\System32\activeds.dll
17:11:03.0177 2760 C:\Windows\System32\activeds.dll - ok
17:11:03.0177 2760 [ E7CD6B5449030F4F9B29C742664B63B3 ] C:\Windows\System32\adsldpc.dll
17:11:03.0177 2760 C:\Windows\System32\adsldpc.dll - ok
17:11:03.0177 2760 [ 0488E461EEE18F5CFCE7C1774BBFCBB3 ] C:\Windows\System32\adsldp.dll
17:11:03.0177 2760 C:\Windows\System32\adsldp.dll - ok
17:11:03.0177 2760 [ AB8DC63BB90A2A3DE13B38D8B64B4DC6 ] C:\Windows\System32\cscapi.dll
17:11:03.0177 2760 C:\Windows\System32\cscapi.dll - ok
17:11:03.0177 2760 [ D5BE751B837C8B8CB58426EC9B2A29E9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
17:11:03.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
17:11:03.0193 2760 [ 6A6B49FD47A6BA4949A1E03CA4486439 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avlode.dll - ok
17:11:03.0193 2760 [ 8682F5AEFD0326B2A772E90EF1EFBE17 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libcurl.dll - ok
17:11:03.0193 2760 [ F2D9F23FFB2B0B2B8FF5126689615B3E ] C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libeay32.dll - ok
17:11:03.0193 2760 [ 582632E34C9FF3C658ED56E5FC8D7EC6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ssleay32.dll - ok
17:11:03.0193 2760 [ BE04DE758070B1CBA8B741436C955797 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
17:11:03.0193 2760 [ C8D87F1FE1D83C638D52F24B88E9D06F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
17:11:03.0193 2760 [ B30F23026AA2F12A690153FFB6983993 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
17:11:03.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
17:11:03.0209 2760 [ F74F82B5F0484193910C8CD242C8D1F2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
17:11:03.0209 2760 [ 70D6DEAB3C7E1942D7A6E67708222044 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
17:11:03.0209 2760 [ A93DAE6938F2C49E257B1A7F79D587A6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
17:11:03.0209 2760 [ 39050A12A2EFBEC944C3585374898E54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
17:11:03.0209 2760 [ 1202407DB7F776121B1EBF7225EBF669 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
17:11:03.0209 2760 [ B532B0128D21706EEDB62EE332151D54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
17:11:03.0209 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
17:11:03.0224 2760 [ 87FB156EF28F7D2B53B659572AFB2C94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
17:11:03.0224 2760 [ F78A75C0A42CD959A729A79CE708E520 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
17:11:03.0224 2760 [ 940D56DE91885C8AA34BA4788579820C ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
17:11:03.0224 2760 [ E3294F8C1461DDFB23E75F5E6D678DD5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
17:11:03.0224 2760 [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
17:11:03.0224 2760 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
17:11:03.0224 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
17:11:03.0240 2760 [ F4C3899CD75D19BCA12E3D3B878CDEC6 ] C:\Windows\SysWOW64\vdmdbg.dll
17:11:03.0240 2760 C:\Windows\SysWOW64\vdmdbg.dll - ok
17:11:03.0240 2760 [ 9A521D6FAB1402D71BD900E9054EF7DE ] C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\rctext.dll - ok
17:11:03.0240 2760 [ F89000BD2BF367B9A6423CEB1553E9AF ] C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\apcfile.dll - ok
17:11:03.0240 2760 [ D5094999316AE489620B3CB70C1AD5C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libaprutil-1.dll - ok
17:11:03.0240 2760 [ 42CC7633E6C898923AE57CEBCE6DB2B2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libapr-1.dll - ok
17:11:03.0240 2760 [ 9A86820CEDF2C6D2EBF2E6E66E89EA1A ] C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\libapriconv-1.dll - ok
17:11:03.0240 2760 [ ABF612BB29A6293A574710716246F58E ] C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll
17:11:03.0240 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avpref.dll - ok
17:11:03.0256 2760 [ 930B10F03BEF0733B42EA20DC1592C65 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avbb.dll - ok
17:11:03.0256 2760 [ 84F9EDB011F256CE3CA21E06876A7D7A ] C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\gpavgio.dll - ok
17:11:03.0256 2760 [ 217B846C2B74637EA326C7A07DD30177 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avgio.dll - ok
17:11:03.0256 2760 [ C2ABD6107231B010A1E489622E06575B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvc.dll - ok
17:11:03.0256 2760 [ AC8E4357A79199AF587514E4805DEEC1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\guardmsg.dll - ok
17:11:03.0256 2760 [ D8976CD6D0653CB6BBC000950590FBBD ] C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
17:11:03.0256 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe - ok
17:11:03.0271 2760 [ B5A72BA66AD8D4317EBEA61C1C5AE0CA ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll
17:11:03.0271 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avipc64.dll - ok
17:11:03.0271 2760 [ 42EE1AA800FFDD2484B2097535672142 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll
17:11:03.0271 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avreg.dll - ok
17:11:03.0271 2760 [ 4E8433BA8F7622808E66F17CDAAEE156 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll
17:11:03.0271 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avesvcr.dll - ok
17:11:03.0271 2760 [ 8DB30DA1FA8620A5C4AF53DEB85194D8 ] C:\Windows\SysWOW64\NapiNSP.dll
17:11:03.0271 2760 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:11:03.0271 2760 [ 4947B4C100BE88C83F027D1C8DBC4B84 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:11:03.0271 2760 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:11:03.0271 2760 [ 64ADDC6760CDED7EA432D7398318D919 ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll
17:11:03.0271 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok
17:11:03.0287 2760 [ F604350906CE4E3F67D81384566DE3E4 ] C:\Windows\SysWOW64\nlaapi.dll
17:11:03.0287 2760 C:\Windows\SysWOW64\nlaapi.dll - ok
17:11:03.0287 2760 [ C2411C9B1775B72440B4695A272871D8 ] C:\Windows\SysWOW64\OpenWith.exe
17:11:03.0287 2760 C:\Windows\SysWOW64\OpenWith.exe - ok
17:11:03.0287 2760 [ 5D9B166EFBA673C8221C5C97CCFB5BFE ] C:\Windows\System32\wcmapi.dll
17:11:03.0287 2760 C:\Windows\System32\wcmapi.dll - ok
17:11:03.0287 2760 [ 0D0213498683414DDE29B1686A4C08D5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:11:03.0287 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
17:11:03.0287 2760 [ 8700883867FBD565BF6C2DAE8B2D7810 ] C:\Windows\SysWOW64\winrnr.dll
17:11:03.0287 2760 C:\Windows\SysWOW64\winrnr.dll - ok
17:11:03.0287 2760 [ A7B4B1F48DF2AF71A59836ABC24F12F4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl
17:11:03.0287 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\avs.ppl - ok
17:11:03.0287 2760 [ AC25073CEBD9D5CE2F61D6AF93BC9585 ] C:\Windows\SysWOW64\shfolder.dll
17:11:03.0287 2760 C:\Windows\SysWOW64\shfolder.dll - ok
17:11:03.0302 2760 [ 93A9382276582DE4D6D34BC52D130692 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl
17:11:03.0302 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\dmap.ppl - ok
17:11:03.0302 2760 [ D349F1E9D0388A78B6AE769F1450BA3E ] C:\Windows\SysWOW64\wshbth.dll
17:11:03.0302 2760 C:\Windows\SysWOW64\wshbth.dll - ok
17:11:03.0302 2760 [ FCBDF1F1F22CB474ED9DC8C1DC8CD61C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll
17:11:03.0302 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\threatsmanager.dll - ok
17:11:03.0302 2760 [ C995EA1C6915D897E06D41AF95B9312C ] C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:11:03.0302 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL - ok
17:11:03.0302 2760 [ D27491CFCE452C154CECFA155AD0EBC8 ] C:\Windows\System32\wpdbusenum.dll
17:11:03.0302 2760 C:\Windows\System32\wpdbusenum.dll - ok
17:11:03.0302 2760 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] C:\Windows\System32\hidserv.dll
17:11:03.0302 2760 C:\Windows\System32\hidserv.dll - ok
17:11:03.0318 2760 [ C16097D77A232A288D65F299E2E01105 ] C:\Windows\System32\IPSECSVC.DLL
17:11:03.0318 2760 C:\Windows\System32\IPSECSVC.DLL - ok
17:11:03.0318 2760 [ F0F0A372C2EF6358399C4936F91B6131 ] C:\Windows\System32\netprofmsvc.dll
17:11:03.0318 2760 C:\Windows\System32\netprofmsvc.dll - ok
17:11:03.0318 2760 [ F0DF4F8D9F1F8FA36BA30ACAC213D03D ] C:\Windows\System32\PortableDeviceApi.dll
17:11:03.0318 2760 C:\Windows\System32\PortableDeviceApi.dll - ok
17:11:03.0318 2760 [ 4A1780F986DC1EAE2FADF3219F211C8D ] C:\Windows\SysWOW64\sxs.dll
17:11:03.0318 2760 C:\Windows\SysWOW64\sxs.dll - ok
17:11:03.0318 2760 [ 7E790DE2487CEDB349D1750B9E47F090 ] C:\Windows\System32\appinfo.dll
17:11:03.0318 2760 C:\Windows\System32\appinfo.dll - ok
17:11:03.0318 2760 [ 40C67D1A4891120874767F6E6604D6C5 ] C:\Windows\System32\wdi.dll
17:11:03.0318 2760 C:\Windows\System32\wdi.dll - ok
17:11:03.0318 2760 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] C:\Windows\System32\aelupsvc.dll
17:11:03.0318 2760 C:\Windows\System32\aelupsvc.dll - ok
17:11:03.0334 2760 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] C:\Windows\System32\DeviceSetupManager.dll
17:11:03.0334 2760 C:\Windows\System32\DeviceSetupManager.dll - ok
17:11:03.0334 2760 [ EE7C82B0D69F038245CECBCE9EC45A9A ] C:\Windows\SysWOW64\dllhost.exe
17:11:03.0334 2760 C:\Windows\SysWOW64\dllhost.exe - ok
17:11:03.0334 2760 [ 52A1F7EED5C036A76ED4938A7A39F61E ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl
17:11:03.0334 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\qb.ppl - ok
17:11:03.0334 2760 [ 03694A8350222AC9F0E8693986E92BE2 ] C:\Windows\System32\diagperf.dll
17:11:03.0334 2760 C:\Windows\System32\diagperf.dll - ok
17:11:03.0334 2760 [ 72C7BC98E2393F1DDD41459C659CC6E2 ] C:\Windows\System32\newdev.dll
17:11:03.0334 2760 C:\Windows\System32\newdev.dll - ok
17:11:03.0334 2760 [ 397006C14C023F8E494093E0EAFADC2A ] C:\Windows\System32\perftrack.dll
17:11:03.0334 2760 C:\Windows\System32\perftrack.dll - ok
17:11:03.0349 2760 [ F13A820F50114A9F364D6CA2A89ECB2E ] C:\Windows\System32\FwRemoteSvr.dll
17:11:03.0349 2760 C:\Windows\System32\FwRemoteSvr.dll - ok
17:11:03.0349 2760 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] C:\Windows\System32\das.dll
17:11:03.0349 2760 C:\Windows\System32\das.dll - ok
17:11:03.0349 2760 [ E9286577AD0D3BE9158DCE178A879123 ] C:\Windows\System32\devrtl.dll
17:11:03.0349 2760 C:\Windows\System32\devrtl.dll - ok
17:11:03.0349 2760 [ 59A343C3BD792AF308400B2EE5E1A924 ] C:\Windows\System32\wer.dll
17:11:03.0349 2760 C:\Windows\System32\wer.dll - ok
17:11:03.0349 2760 [ 45566BEAE514B157C3AC821EBE6A8784 ] C:\Windows\System32\winspool.drv
17:11:03.0349 2760 C:\Windows\System32\winspool.drv - ok
17:11:03.0349 2760 [ B4FC38795A0AFC18539E220F56348764 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:11:03.0349 2760 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:11:03.0349 2760 [ D528D6A92D187777691993DD757AF19A ] C:\Windows\System32\browser.dll
17:11:03.0349 2760 C:\Windows\System32\browser.dll - ok
17:11:03.0365 2760 [ 28C35503056748FA88499DAECF3D5557 ] C:\Windows\System32\npmproxy.dll
17:11:03.0365 2760 C:\Windows\System32\npmproxy.dll - ok
17:11:03.0365 2760 [ 7D02D20A9BB6867C09459F116FEAC15D ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\uds.dll.7d02d20a9bb6867c09459f116feac15d
17:11:03.0365 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\uds.dll.7d02d20a9bb6867c09459f116feac15d - ok
17:11:03.0365 2760 [ 415C3B227A91A9693AD5A51F07DBBA9C ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.415c3b227a91a9693ad5a51f07dbba9c
17:11:03.0365 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\avengine.dll.415c3b227a91a9693ad5a51f07dbba9c - ok
17:11:03.0365 2760 [ E58B2EA7B004184E229854A3D1C00CBB ] C:\Windows\System32\localspl.dll
17:11:03.0365 2760 C:\Windows\System32\localspl.dll - ok
17:11:03.0365 2760 [ 361ACBB95E4CD361DBC67699794434A5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.361acbb95e4cd361dbc67699794434a5
17:11:03.0365 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavbase.kdl.361acbb95e4cd361dbc67699794434a5 - ok
17:11:03.0365 2760 [ 205B59C8B291A707B24C97B123834E70 ] C:\Windows\System32\pnpts.dll
17:11:03.0365 2760 C:\Windows\System32\pnpts.dll - ok
17:11:03.0381 2760 [ 024A5FF9EB31F7D1E98E1167D28C6781 ] C:\Windows\System32\spoolss.dll
17:11:03.0381 2760 C:\Windows\System32\spoolss.dll - ok
17:11:03.0381 2760 [ 3958E82529DA716D1D2F0C44E6F14187 ] C:\Windows\System32\pcadm.dll
17:11:03.0381 2760 C:\Windows\System32\pcadm.dll - ok
17:11:03.0381 2760 [ E0BC37F2051E1CB6B768A53D9514E3FA ] C:\Windows\System32\pcacli.dll
17:11:03.0381 2760 C:\Windows\System32\pcacli.dll - ok
17:11:03.0381 2760 [ E41C0291E2F2FDFBF2875E4473F81031 ] C:\Windows\System32\mpr.dll
17:11:03.0381 2760 C:\Windows\System32\mpr.dll - ok
17:11:03.0381 2760 [ 4F1E771801EED912FB37CEB838F8F153 ] C:\Windows\System32\PrintIsolationProxy.dll
17:11:03.0381 2760 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:11:03.0381 2760 [ 647B3E3A60DED8DAECF4F798A058EADB ] C:\Windows\System32\srumsvc.dll
17:11:03.0381 2760 C:\Windows\System32\srumsvc.dll - ok
17:11:03.0396 2760 [ 448D8F8B51F785EAB56947D94EBDFC66 ] C:\Windows\System32\hnetcfg.dll
17:11:03.0396 2760 C:\Windows\System32\hnetcfg.dll - ok
17:11:03.0396 2760 [ C835670705596AE67EE7E0AE92A12071 ] C:\Windows\System32\HPZLLLHN.DLL
17:11:03.0396 2760 C:\Windows\System32\HPZLLLHN.DLL - ok
17:11:03.0396 2760 [ 64362206C83D3C300E37267118D5936B ] C:\Windows\System32\FXSMON.dll
17:11:03.0396 2760 C:\Windows\System32\FXSMON.dll - ok
17:11:03.0396 2760 [ 6AF7948D08E59B5690D3559AEB8E0F93 ] C:\Windows\System32\wdiasqmmodule.dll
17:11:03.0396 2760 C:\Windows\System32\wdiasqmmodule.dll - ok
17:11:03.0396 2760 [ 9F671913B8C75A72188A4B1CCFA592A3 ] C:\Windows\System32\DevPropMgr.dll
17:11:03.0396 2760 C:\Windows\System32\DevPropMgr.dll - ok
17:11:03.0396 2760 [ 8449B6B3E281AF44BEA98D318D7481A5 ] C:\Windows\System32\nduprov.dll
17:11:03.0396 2760 C:\Windows\System32\nduprov.dll - ok
17:11:03.0396 2760 [ 8F5E6EC1728272080B24A92F23DE78FA ] C:\Windows\System32\DeviceDriverRetrievalClient.dll
17:11:03.0396 2760 C:\Windows\System32\DeviceDriverRetrievalClient.dll - ok
17:11:03.0412 2760 [ C89B88BCA6D6B72A470D8BF5730254C6 ] C:\Windows\System32\pdfcmon.dll
17:11:03.0412 2760 C:\Windows\System32\pdfcmon.dll - ok
17:11:03.0412 2760 [ BEA157D1857FA63205558750720D9071 ] C:\Windows\System32\appsruprov.dll
17:11:03.0412 2760 C:\Windows\System32\appsruprov.dll - ok
17:11:03.0412 2760 [ D3F794546CE8666B663A0A906CA97DCA ] C:\Windows\System32\wpnsruprov.dll
17:11:03.0412 2760 C:\Windows\System32\wpnsruprov.dll - ok
17:11:03.0412 2760 [ DA7967BD9CD17F436E6059C3A7A1BF7C ] C:\Windows\System32\DeviceMetadataRetrievalClient.dll
17:11:03.0412 2760 C:\Windows\System32\DeviceMetadataRetrievalClient.dll - ok
17:11:03.0412 2760 [ 62D2F0DEED2F7A6B2A7F84977DF9A23A ] C:\Windows\System32\cabinet.dll
17:11:03.0412 2760 C:\Windows\System32\cabinet.dll - ok
17:11:03.0412 2760 [ 3B17ED08AD8C86A1C6407CEE7CCF446B ] C:\Windows\System32\snmpapi.dll
17:11:03.0412 2760 C:\Windows\System32\snmpapi.dll - ok
17:11:03.0412 2760 [ 70179FFB5487A8A2BB4A1AB1B22219E6 ] C:\Windows\System32\tcpmon.dll
17:11:03.0412 2760 C:\Windows\System32\tcpmon.dll - ok
17:11:03.0427 2760 [ 91F658373C97A1A2633690730B05C081 ] C:\Windows\System32\wsnmp32.dll
17:11:03.0427 2760 C:\Windows\System32\wsnmp32.dll - ok
17:11:03.0427 2760 [ 593E72E97CAEF5DD742B394BD296E21A ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.593e72e97caef5dd742b394bd296e21a
17:11:03.0427 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavemu.kdl.593e72e97caef5dd742b394bd296e21a - ok
17:11:03.0427 2760 [ F06F60158842691FA4B5DE0E08F55B29 ] C:\Windows\System32\ncuprov.dll
17:11:03.0427 2760 C:\Windows\System32\ncuprov.dll - ok
17:11:03.0427 2760 [ F12B563360D2BA8AD323A74986AF8A5B ] C:\Windows\System32\wwapi.dll
17:11:03.0427 2760 C:\Windows\System32\wwapi.dll - ok
17:11:03.0427 2760 [ E32D2083EB6EC8EBD56D1A509268492B ] C:\Windows\System32\energyprov.dll
17:11:03.0427 2760 C:\Windows\System32\energyprov.dll - ok
17:11:03.0427 2760 [ 90AC8D4574103FCF8942C526998F46BF ] C:\Windows\System32\srumapi.dll
17:11:03.0427 2760 C:\Windows\System32\srumapi.dll - ok
17:11:03.0443 2760 [ 9BE4639FD1A3F8A9FECFE958D7B04F9A ] C:\Windows\System32\usbmon.dll
17:11:03.0443 2760 C:\Windows\System32\usbmon.dll - ok
17:11:03.0443 2760 [ 48B5A62750FC3E3E8733106FB7E2DF0F ] C:\Windows\System32\WSDMon.dll
17:11:03.0443 2760 C:\Windows\System32\WSDMon.dll - ok
17:11:03.0443 2760 [ 1507FB3F5A2CE45C0796ED34A905A106 ] C:\Windows\System32\drvinst.exe
17:11:03.0443 2760 C:\Windows\System32\drvinst.exe - ok
17:11:03.0443 2760 [ BCCFC1C89017F4BDC90201E956EEA7C5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.bccfc1c89017f4bdc90201e956eea7c5
17:11:03.0443 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kjim.kdl.bccfc1c89017f4bdc90201e956eea7c5 - ok
17:11:03.0443 2760 [ 1C449AD92726ED14D895F09DCD861545 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.1c449ad92726ed14d895f09dcd861545
17:11:03.0443 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\mark.kdl.1c449ad92726ed14d895f09dcd861545 - ok
17:11:03.0443 2760 [ EF4C4EA376D172D966AB31388B3B63B6 ] C:\Windows\System32\drvstore.dll
17:11:03.0443 2760 C:\Windows\System32\drvstore.dll - ok
17:11:03.0443 2760 [ 8E2B57DA0ED837DB04030157A6C112CE ] C:\Windows\System32\WSDApi.dll
17:11:03.0459 2760 C:\Windows\System32\WSDApi.dll - ok
17:11:03.0459 2760 [ 3D47406245E32365413C5B6AB2246586 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.3d47406245e32365413c5b6ab2246586
17:11:03.0459 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\qscan.kdl.3d47406245e32365413c5b6ab2246586 - ok
17:11:03.0459 2760 [ CB79FA82A5D7CEAAA804EF15E87CC6D2 ] C:\Windows\System32\webservices.dll
17:11:03.0459 2760 C:\Windows\System32\webservices.dll - ok
17:11:03.0459 2760 [ 07106140D0596D785328DEFE0297166A ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:11:03.0459 2760 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:11:03.0459 2760 [ C4C552E0D1DFDCFEC0B755C05EFFEAC8 ] C:\Windows\System32\wpd_ci.dll
17:11:03.0459 2760 C:\Windows\System32\wpd_ci.dll - ok
17:11:03.0459 2760 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
17:11:03.0459 2760 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
17:11:03.0459 2760 [ EB1910FCBC61A478E07FCB59487B56AD ] C:\Windows\System32\win32spl.dll
17:11:03.0459 2760 C:\Windows\System32\win32spl.dll - ok
17:11:03.0474 2760 [ BE0FC6BFE7181F8621B2BD572658A83E ] C:\Windows\System32\inetpp.dll
17:11:03.0474 2760 C:\Windows\System32\inetpp.dll - ok
17:11:03.0474 2760 [ AF033A6377288725830CF3CCD3C12773 ] C:\Windows\System32\bidispl.dll
17:11:03.0474 2760 C:\Windows\System32\bidispl.dll - ok
17:11:03.0474 2760 [ 1AC77AE146B738962CBA86459E67F66D ] C:\Windows\System32\spfileq.dll
17:11:03.0474 2760 C:\Windows\System32\spfileq.dll - ok
17:11:03.0474 2760 [ 1B76D48A97E3E61661846A5BF64E2008 ] C:\Windows\System32\FXSRESM.dll
17:11:03.0474 2760 C:\Windows\System32\FXSRESM.dll - ok
17:11:03.0474 2760 [ 739F79546EC16695E613F63864132000 ] C:\Windows\System32\WUDFCoinstaller.dll
17:11:03.0474 2760 C:\Windows\System32\WUDFCoinstaller.dll - ok
17:11:03.0474 2760 [ 2FEAE33E9B2B56104596E1BA444405A9 ] C:\Windows\System32\drivers\WUDFPf.sys
17:11:03.0474 2760 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:11:03.0490 2760 [ 4D92CCDBF7BAE2228B1974849D8FDF13 ] C:\Windows\System32\WUDFPlatform.dll
17:11:03.0490 2760 C:\Windows\System32\WUDFPlatform.dll - ok
17:11:03.0490 2760 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] C:\Windows\System32\WUDFSvc.dll
17:11:03.0490 2760 C:\Windows\System32\WUDFSvc.dll - ok
17:11:03.0490 2760 [ B7229CC04482CEB6C08DA97A42338F6C ] C:\Windows\System32\DDORes.dll
17:11:03.0490 2760 C:\Windows\System32\DDORes.dll - ok
17:11:03.0490 2760 [ D0BB041536BB107963F55D6852298DAA ] C:\Program Files\Windows Portable Devices\sqmapi.dll
17:11:03.0490 2760 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
17:11:03.0490 2760 [ AC7C39F7A866BF81103042244CE85827 ] C:\Windows\System32\msxml3.dll
17:11:03.0490 2760 C:\Windows\System32\msxml3.dll - ok
17:11:03.0490 2760 [ EC4D28BDE98D9E3C76BF58EF5BA0728D ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavsys.kdl.ec4d28bde98d9e3c76bf58ef5ba0728d
17:11:03.0490 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\kavsys.kdl.ec4d28bde98d9e3c76bf58ef5ba0728d - ok
17:11:03.0506 2760 [ B3A9361231847F8F76294BE7A6A1406A ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\arkmon.kdl.b3a9361231847f8f76294be7a6a1406a
17:11:03.0506 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\arkmon.kdl.b3a9361231847f8f76294be7a6a1406a - ok
17:11:03.0506 2760 [ 8491F03503076D67196436D29D153A2C ] C:\Windows\SysWOW64\msi.dll
17:11:03.0506 2760 C:\Windows\SysWOW64\msi.dll - ok
17:11:03.0506 2760 [ 95FAA456CC603F32CAA0114DECCBB88B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_subscription.dll
17:11:03.0506 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\update_subscription.dll - ok
17:11:03.0506 2760 [ 50627C2C387E880B079E3D019535F1BF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\queue.dll
17:11:03.0506 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\queue.dll - ok
17:11:03.0506 2760 [ DF0B8EC405E6F1BC83FD4669A4225FA5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\bases_csd\sys_critical_obj.dll
17:11:03.0506 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\bases_csd\sys_critical_obj.dll - ok
17:11:03.0506 2760 [ 664F77FDC250E6F5A9710BFEF1F98D59 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\processmonitor.dll
17:11:03.0506 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\processmonitor.dll - ok
17:11:03.0521 2760 [ A95194BB6577E3D0E9CB2D877D22BB56 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ekasyswatch.dll
17:11:03.0521 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\ekasyswatch.dll - ok
17:11:03.0521 2760 [ C483206790CB66B3FCA659DFA98D39B5 ] C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavasyswatch.dll.c483206790cb66b3fca659dfa98d39b5
17:11:03.0521 2760 C:\ProgramData\CheckPoint\ZoneAlarm\Data\avsys\temp\sdk8\Cache\klavasyswatch.dll.c483206790cb66b3fca659dfa98d39b5 - ok
17:11:03.0521 2760 [ 47B71910C8135D075253818E584FD8DB ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\swpragueplugin.dll
17:11:03.0521 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\swpragueplugin.dll - ok
17:11:03.0521 2760 [ 15225081966C785A9192782401643FD4 ] C:\Windows\System32\qmgr.dll
17:11:03.0521 2760 C:\Windows\System32\qmgr.dll - ok
17:11:03.0521 2760 [ CBD8F6EAC15E1EF69917B3961315C4D4 ] C:\Windows\System32\bitsperf.dll
17:11:03.0521 2760 C:\Windows\System32\bitsperf.dll - ok
17:11:03.0521 2760 [ 25F83CCBFA07077EFB4EEFCFF3CC3E7A ] C:\Windows\System32\bitsigd.dll
17:11:03.0521 2760 C:\Windows\System32\bitsigd.dll - ok
17:11:03.0521 2760 [ 16A19EB29CDE3883DF43DC83D14F1817 ] C:\Windows\System32\upnp.dll
17:11:03.0521 2760 C:\Windows\System32\upnp.dll - ok
17:11:03.0537 2760 [ 4269D44BB47A6DA5D80B11F4C8536458 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:11:03.0537 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe - ok
17:11:03.0537 2760 [ BB9ED3EDD8E85008215A7250D325A72E ] C:\Windows\System32\ssdpsrv.dll
17:11:03.0537 2760 C:\Windows\System32\ssdpsrv.dll - ok
17:11:03.0537 2760 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] C:\Program Files (x86)\Nero\Update\NASvc.exe
17:11:03.0537 2760 C:\Program Files (x86)\Nero\Update\NASvc.exe - ok
17:11:03.0537 2760 [ 947E09E9669A264420A13C24C669E7C0 ] C:\Windows\SysWOW64\xmllite.dll
17:11:03.0537 2760 C:\Windows\SysWOW64\xmllite.dll - ok
17:11:03.0537 2760 [ 1AAC18818613890FBBA093892E926CD8 ] C:\Windows\SysWOW64\cryptdll.dll
17:11:03.0537 2760 C:\Windows\SysWOW64\cryptdll.dll - ok
17:11:03.0537 2760 [ 319A44F3656F89E045BCFAFD544810F5 ] C:\Windows\System32\qmgrprxy.dll
17:11:03.0537 2760 C:\Windows\System32\qmgrprxy.dll - ok
17:11:03.0552 2760 [ FEF48CEA8EEB03CE5588BF7DE1859EF1 ] C:\Windows\SysWOW64\qmgrprxy.dll
17:11:03.0552 2760 C:\Windows\SysWOW64\qmgrprxy.dll - ok
17:11:03.0552 2760 [ 57D5FB1012DDAFD5F190B604B149446D ] C:\Windows\SysWOW64\RstrtMgr.dll
17:11:03.0552 2760 C:\Windows\SysWOW64\RstrtMgr.dll - ok
17:11:03.0552 2760 [ 18A42CDF285C0720E01099D4678F8391 ] C:\Windows\SysWOW64\msiltcfg.dll
17:11:03.0552 2760 C:\Windows\SysWOW64\msiltcfg.dll - ok
17:11:03.0552 2760 [ 39F03455A7C449FFFB2BC4BBDE480EB5 ] C:\Program Files (x86)\Nero\Update\NASvcPS.dll
17:11:03.0552 2760 C:\Program Files (x86)\Nero\Update\NASvcPS.dll - ok
17:11:03.0552 2760 [ C993A0B97BECD3AAF5158E3869878465 ] C:\Windows\System32\sppsvc.exe
17:11:03.0552 2760 C:\Windows\System32\sppsvc.exe - ok
17:11:03.0552 2760 [ 4CEC4C390F0B53AC8AEA2407D88A0ABF ] C:\Windows\SysWOW64\webio.dll
17:11:03.0552 2760 C:\Windows\SysWOW64\webio.dll - ok
17:11:03.0552 2760 [ 325D9D1D5D819BD6474BC3E674650138 ] C:\Windows\System32\cryptxml.dll
17:11:03.0552 2760 C:\Windows\System32\cryptxml.dll - ok
17:11:03.0568 2760 [ 5CFA46C4ACB2FD70572017052378DAE5 ] C:\Windows\System32\wscsvc.dll
17:11:03.0568 2760 C:\Windows\System32\wscsvc.dll - ok
17:11:03.0568 2760 [ C7DFBE21051D5E44B479CBF74B968335 ] C:\Windows\System32\dbghelp.dll
17:11:03.0568 2760 C:\Windows\System32\dbghelp.dll - ok
17:11:03.0568 2760 [ 79227C1E2225DE455F365B607A6D46FB ] C:\Windows\System32\SearchIndexer.exe
17:11:03.0568 2760 C:\Windows\System32\SearchIndexer.exe - ok
17:11:03.0568 2760 [ 8CC7ED11965BDF475585156059392CD1 ] C:\Windows\System32\wuapi.dll
17:11:03.0568 2760 C:\Windows\System32\wuapi.dll - ok
17:11:03.0568 2760 [ 36215D975F1DCB76752F4C32B1D31C4A ] C:\Windows\System32\wups.dll
17:11:03.0568 2760 C:\Windows\System32\wups.dll - ok
17:11:03.0568 2760 [ 616DF4ADC4E04753BB4951D3464B8157 ] C:\Windows\System32\tquery.dll
17:11:03.0568 2760 C:\Windows\System32\tquery.dll - ok
17:11:03.0568 2760 [ 96BD578CA0CDCEC566A3259D73C4330C ] C:\Windows\System32\mssrch.dll
17:11:03.0568 2760 C:\Windows\System32\mssrch.dll - ok
17:11:03.0584 2760 [ 951AECDFBE4925B59769D49873DD8051 ] C:\Windows\System32\msidle.dll
17:11:03.0584 2760 C:\Windows\System32\msidle.dll - ok
17:11:03.0584 2760 [ C8CEE20876BCA18363FD73842FAB610B ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
17:11:03.0584 2760 C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
17:11:03.0584 2760 [ 4BDA81E32B28ECEF27305A9580D3CBEB ] C:\Windows\System32\sppwinob.dll
17:11:03.0584 2760 C:\Windows\System32\sppwinob.dll - ok
17:11:03.0584 2760 [ 0C1DB99164874B08B687891B1A2A4D68 ] C:\Windows\System32\sppobjs.dll
17:11:03.0584 2760 C:\Windows\System32\sppobjs.dll - ok
17:11:03.0584 2760 [ DBE2E6388379D5CC78099650541E9566 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:11:03.0584 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe - ok
17:11:03.0584 2760 [ 64EE4663A3876638471F03586474DC13 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
17:11:03.0584 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll - ok
17:11:03.0599 2760 [ E2430ECA924632371CC085AA4F086E65 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Common.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Common.dll - ok
17:11:03.0599 2760 [ D0C751D4D43B16327566FE17F39F461D ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WsmanClient.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\WsmanClient.dll - ok
17:11:03.0599 2760 [ 7B07B798B13DB6C65DFD16FC765F7139 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\GmsCommon.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\GmsCommon.dll - ok
17:11:03.0599 2760 [ 2120A35C9222C972AE75950A234CCB50 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Configurator.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\Configurator.dll - ok
17:11:03.0599 2760 [ 4D3D037C655D35AE8FF6F8A30B11CF90 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\EventManager.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\EventManager.dll - ok
17:11:03.0599 2760 [ 04B16F85684A1D3F74E4A07653F6BF14 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusEventHandler.dll
17:11:03.0599 2760 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusEventHandler.dll - ok
17:11:03.0615 2760 [ 688FF87A0A328A880FBE32ABB1EE16BF ] C:\Windows\SysWOW64\dpapi.dll
17:11:03.0615 2760 C:\Windows\SysWOW64\dpapi.dll - ok
17:11:03.0615 2760 [ B9C17E91C1FE19463FB90008FB2CE1FC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe
17:11:03.0615 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe - ok
17:11:03.0615 2760 [ E45CC81B9DFA24B1A0A8ECAAD33E8030 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
17:11:03.0615 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
17:11:03.0615 2760 [ 61DD8DB0E175F31EE83CA5C5A556E508 ] C:\Windows\SysWOW64\GdiPlus.dll
17:11:03.0615 2760 C:\Windows\SysWOW64\GdiPlus.dll - ok
17:11:03.0615 2760 [ 66F9DC09831B0B00272794E3C7E40755 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
17:11:03.0615 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
17:11:03.0615 2760 [ 66DD03D42EB4C1EBDAB89B48A9DA8760 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
17:11:03.0615 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
17:11:03.0631 2760 [ 01987F34FAF1A32EB7B13BF1BBAEF522 ] C:\Windows\SysWOW64\wscproxystub.dll
17:11:03.0631 2760 C:\Windows\SysWOW64\wscproxystub.dll - ok
17:11:03.0631 2760 [ FBEB9658133497F8D1F70480FED7DB67 ] C:\Windows\System32\wbem\WMIADAP.exe
17:11:03.0631 2760 C:\Windows\System32\wbem\WMIADAP.exe - ok
17:11:03.0631 2760 [ E4B40D5609F2E5513E616F5BF9D32689 ] C:\Windows\System32\loadperf.dll
17:11:03.0631 2760 C:\Windows\System32\loadperf.dll - ok
17:11:03.0631 2760 [ 37EBBED0584F9F62B4DE958C4890356C ] C:\Windows\System32\wbem\WmiApRes.dll
17:11:03.0631 2760 C:\Windows\System32\wbem\WmiApRes.dll - ok
17:11:03.0631 2760 [ D6021013D7C4E248AEB8BED12D3DCC88 ] C:\Windows\System32\SearchProtocolHost.exe
17:11:03.0631 2760 C:\Windows\System32\SearchProtocolHost.exe - ok
17:11:03.0631 2760 [ 1968E2E5143D2EB964F836BA19A51104 ] C:\Windows\System32\actxprxy.dll
17:11:03.0631 2760 C:\Windows\System32\actxprxy.dll - ok
17:11:03.0631 2760 [ 1FC8997292BE3362A5B40EBBBD137982 ] C:\Windows\System32\radardt.dll
17:11:03.0631 2760 C:\Windows\System32\radardt.dll - ok
17:11:03.0646 2760 [ 9FBB2F038A2DDCE696BDEE7080241C0C ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
17:11:03.0646 2760 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
17:11:03.0646 2760 [ 2EAF0A1F9E4DF34862CC5A2B5437E450 ] C:\Windows\System32\SettingSyncCore.dll
17:11:03.0646 2760 C:\Windows\System32\SettingSyncCore.dll - ok
17:11:03.0646 2760 [ 0934499394EB3D8027B8AB78C07D56CB ] C:\Windows\System32\dllhost.exe
17:11:03.0646 2760 C:\Windows\System32\dllhost.exe - ok
17:11:03.0646 2760 [ 418CE7366D46EB9F008DD8CEDE9A2CEC ] C:\Windows\System32\CredentialMigrationHandler.dll
17:11:03.0646 2760 C:\Windows\System32\CredentialMigrationHandler.dll - ok
17:11:03.0646 2760 [ 8744BDDA941E77B6402C91D220EFD4F9 ] C:\Windows\System32\AppxAllUserStore.dll
17:11:03.0646 2760 C:\Windows\System32\AppxAllUserStore.dll - ok
17:11:03.0646 2760 [ 40BD4960734B0FA0872AF71B1E4314CE ] C:\Windows\System32\taskhostex.exe
17:11:03.0646 2760 C:\Windows\System32\taskhostex.exe - ok
17:11:03.0646 2760 [ 0DA4B7E7EFB6CC0546FA407DFE8C531D ] C:\Windows\System32\AtBroker.exe
17:11:03.0646 2760 C:\Windows\System32\AtBroker.exe - ok
17:11:03.0662 2760 [ 08C191B2917862BE90C33E31CB6B6D79 ] C:\Windows\System32\userinit.exe
17:11:03.0662 2760 C:\Windows\System32\userinit.exe - ok
17:11:03.0662 2760 [ D8EB154CC954E526970E7C56B724E659 ] C:\Windows\System32\userinitext.dll
17:11:03.0662 2760 C:\Windows\System32\userinitext.dll - ok
17:11:03.0662 2760 [ 5E536FD2C9EBFB9388DD76BCC56C7232 ] C:\Windows\System32\MsCtfMonitor.dll
17:11:03.0662 2760 C:\Windows\System32\MsCtfMonitor.dll - ok
17:11:03.0662 2760 [ 9729D3F9896B6F309DC50CE3769AC9C1 ] C:\Windows\System32\msutb.dll
17:11:03.0662 2760 C:\Windows\System32\msutb.dll - ok
17:11:03.0662 2760 [ 91F27BC87BEB6DFDC709FF484F64F1D4 ] C:\Windows\System32\PlaySndSrv.dll
17:11:03.0662 2760 C:\Windows\System32\PlaySndSrv.dll - ok
17:11:03.0662 2760 [ 63DC38C3E4564B2405D562855643ABA2 ] C:\Windows\explorer.exe
17:11:03.0662 2760 C:\Windows\explorer.exe - ok
17:11:03.0677 2760 [ 6AA868B3C2A014AE76ECF53B667BF086 ] C:\Windows\System32\winmm.dll
17:11:03.0677 2760 C:\Windows\System32\winmm.dll - ok
17:11:03.0677 2760 [ F12D8EB9E944BEB0FB4C5E4F1336401B ] C:\Windows\System32\winmmbase.dll
17:11:03.0677 2760 C:\Windows\System32\winmmbase.dll - ok
17:11:03.0677 2760 [ 40932AF9B3D04E307F019784243A18F3 ] C:\Windows\System32\twinapi.dll
17:11:03.0677 2760 C:\Windows\System32\twinapi.dll - ok
17:11:03.0677 2760 [ 17C9CEA667906DA7CAA1175DE437F4FC ] C:\Windows\System32\runonce.exe
17:11:03.0677 2760 C:\Windows\System32\runonce.exe - ok
17:11:03.0677 2760 [ 8BE1C89BD0C6F659C3AE3A2C8D0955C4 ] C:\Windows\SysWOW64\runonce.exe
17:11:03.0677 2760 C:\Windows\SysWOW64\runonce.exe - ok
17:11:03.0677 2760 [ A49453C2A68A410B0A9801954B99AA16 ] C:\Windows\SysWOW64\imm32.dll
17:11:03.0677 2760 C:\Windows\SysWOW64\imm32.dll - ok
17:11:03.0677 2760 [ 88F8095C355E6BA4ACCBF2F3E07552E7 ] C:\Windows\SysWOW64\msctf.dll
17:11:03.0677 2760 C:\Windows\SysWOW64\msctf.dll - ok
17:11:03.0693 2760 [ 5BD47B7C7DF76203FD639F2568A8C7B7 ] C:\Windows\System32\twinui.dll
17:11:03.0693 2760 C:\Windows\System32\twinui.dll - ok
17:11:03.0693 2760 [ 4878EB5F04D9DD02E76190D2105EC0F9 ] C:\Windows\System32\twinapi.appcore.dll
17:11:03.0693 2760 C:\Windows\System32\twinapi.appcore.dll - ok
17:11:03.0693 2760 [ 053778EEC0CB0966814909980FD45960 ] C:\Windows\System32\StartMenuHelper64.dll
17:11:03.0693 2760 C:\Windows\System32\StartMenuHelper64.dll - ok
17:11:03.0693 2760 [ CF879A95A0D4B7BACCA5CF68579ACCEB ] C:\Windows\System32\ExplorerFrame.dll
17:11:03.0693 2760 C:\Windows\System32\ExplorerFrame.dll - ok
17:11:03.0693 2760 [ 16C803EEE5BE1304748BD2F88AEF8C64 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:11:03.0693 2760 C:\Program Files\Classic Shell\ClassicStartMenu.exe - ok
17:11:03.0693 2760 [ 74541452095D89F4A9F5426AC53CB416 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
17:11:03.0693 2760 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
17:11:03.0709 2760 [ 9262533ED09398B1C5FB4961669D9C81 ] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
17:11:03.0709 2760 C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll - ok
17:11:03.0709 2760 [ 63CB763FE4CEADFFF5F047332814E8F9 ] C:\Windows\System32\wldp.dll
17:11:03.0709 2760 C:\Windows\System32\wldp.dll - ok
17:11:03.0709 2760 [ D8E54AB89C84C0AD065EE0BDEBD50A99 ] C:\Windows\System32\twinui.appcore.dll
17:11:03.0709 2760 C:\Windows\System32\twinui.appcore.dll - ok
17:11:03.0709 2760 [ 56FCA8AA450BD181A0BA94F25E244C46 ] C:\Windows\System32\wpncore.dll
17:11:03.0709 2760 C:\Windows\System32\wpncore.dll - ok
17:11:03.0709 2760 [ C399CCD155AB26F2CC8A9045FC569BBC ] C:\Windows\System32\WinTypes.dll
17:11:03.0709 2760 C:\Windows\System32\WinTypes.dll - ok
17:11:03.0709 2760 [ 3BDB77EBDBC4AA34E75DB4A5CF7B477F ] C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll
17:11:03.0709 2760 C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll - ok
17:11:03.0709 2760 [ 6360EB7FE61FC6D1369C2E34D37AF9E9 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe
17:11:03.0709 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\livecomm.exe - ok
17:11:03.0724 2760 [ BBE61A1D2E6DCA92F8BACBE924DC55A0 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll
17:11:03.0724 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll - ok
17:11:03.0724 2760 [ DD73856179DEC505253F1DAFF8ABB647 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\wllog.dll
17:11:03.0724 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\wllog.dll - ok
17:11:03.0724 2760 [ CF9076FE886AABE8C5ED6FBFCDF70DA1 ] C:\Windows\System32\wlidprov.dll
17:11:03.0724 2760 C:\Windows\System32\wlidprov.dll - ok
17:11:03.0724 2760 [ F78580C6B84E2129867B5C94077EB4D4 ] C:\Windows\System32\thumbcache.dll
17:11:03.0724 2760 C:\Windows\System32\thumbcache.dll - ok
17:11:03.0724 2760 [ 813B52550153A284ED6583A5EAAC44AF ] C:\Windows\System32\Windows.Networking.Connectivity.dll
17:11:03.0724 2760 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
17:11:03.0724 2760 [ D4E3BC36A7A0D7A445DCF7342DCB3566 ] C:\Windows\System32\ELSCore.dll
17:11:03.0724 2760 C:\Windows\System32\ELSCore.dll - ok
17:11:03.0740 2760 [ E8511D133B449BEE41CABFCA6EB35526 ] C:\Windows\System32\BrokerLib.dll
17:11:03.0740 2760 C:\Windows\System32\BrokerLib.dll - ok
17:11:03.0740 2760 [ 4CB85D450E4816BEDBBDB8ABD697F597 ] C:\Windows\System32\elslad.dll
17:11:03.0740 2760 C:\Windows\System32\elslad.dll - ok
17:11:03.0740 2760 [ 121BCF3FB6C1F8AA214EB83C76B944FB ] C:\Windows\System32\elsTrans.dll
17:11:03.0740 2760 C:\Windows\System32\elsTrans.dll - ok
17:11:03.0740 2760 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] C:\Windows\System32\ncbservice.dll
17:11:03.0740 2760 C:\Windows\System32\ncbservice.dll - ok
17:11:03.0740 2760 [ 347A3E49CE18402305B8119A6EC7CFEB ] C:\Windows\System32\TimeBrokerServer.dll
17:11:03.0740 2760 C:\Windows\System32\TimeBrokerServer.dll - ok
17:11:03.0740 2760 [ 5577CAB1056C24B8E1A887A6402A1110 ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
17:11:03.0740 2760 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
17:11:03.0740 2760 [ 570444FD34EE07261E22536122ECD720 ] C:\Windows\System32\Windows.UI.Search.dll
17:11:03.0740 2760 C:\Windows\System32\Windows.UI.Search.dll - ok
17:11:03.0756 2760 [ 99D8A8A6713314B0D1EB22C9C441361A ] C:\Windows\System32\wincorlib.dll
17:11:03.0756 2760 C:\Windows\System32\wincorlib.dll - ok
17:11:03.0756 2760 [ 294AAE73D0D7BDAACC5224BC7334077B ] C:\Windows\System32\WSClient.dll
17:11:03.0756 2760 C:\Windows\System32\WSClient.dll - ok
17:11:03.0756 2760 [ E3E168E733B0E8383BA5635542FDB96F ] C:\Windows\System32\WSShared.dll
17:11:03.0756 2760 C:\Windows\System32\WSShared.dll - ok
17:11:03.0756 2760 [ 839CF25B9B8614CE7319BC5CF1F5C01F ] C:\Windows\System32\WSSync.dll
17:11:03.0756 2760 C:\Windows\System32\WSSync.dll - ok
17:11:03.0756 2760 [ 013BB1B12833CD646175312307768F93 ] C:\Windows\System32\Windows.UI.Xaml.dll
17:11:03.0756 2760 C:\Windows\System32\Windows.UI.Xaml.dll - ok
17:11:03.0756 2760 [ EB34CE5EFA1591915F973EB30C77A1D8 ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
17:11:03.0756 2760 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
17:11:03.0771 2760 [ A9154084EBC2A190943548AE4275A0E9 ] C:\Windows\System32\SearchFolder.dll
17:11:03.0771 2760 C:\Windows\System32\SearchFolder.dll - ok
17:11:03.0771 2760 [ 6CA842F30CB19D0789F1B599B7A62B76 ] C:\Windows\System32\StructuredQuery.dll
17:11:03.0771 2760 C:\Windows\System32\StructuredQuery.dll - ok
17:11:03.0771 2760 [ CFEB08503784A596CE9E28D2E9FDDEF7 ] C:\Windows\System32\SettingSyncPolicy.dll
17:11:03.0771 2760 C:\Windows\System32\SettingSyncPolicy.dll - ok
17:11:03.0771 2760 [ E617B946FE0BCBE709F60BE611724618 ] C:\Windows\System32\stobject.dll
17:11:03.0771 2760 C:\Windows\System32\stobject.dll - ok
17:11:03.0771 2760 [ 5A9895295C7C6174C73496BD06B2E288 ] C:\Windows\System32\SkyDrive.exe
17:11:03.0771 2760 C:\Windows\System32\SkyDrive.exe - ok
17:11:03.0771 2760 [ 2B96525A8E9A3FDD6516A0FFB6E7C0AF ] C:\Windows\System32\prnfldr.dll
17:11:03.0771 2760 C:\Windows\System32\prnfldr.dll - ok
17:11:03.0771 2760 [ 9C5ADB26632D46919ABB231CF7DE98B9 ] C:\Windows\System32\ieframe.dll
17:11:03.0771 2760 C:\Windows\System32\ieframe.dll - ok
17:11:03.0787 2760 [ 5C6F6CC5C1395A8B5864713CD3F7F329 ] C:\Windows\System32\SkyDriveTelemetry.dll
17:11:03.0787 2760 C:\Windows\System32\SkyDriveTelemetry.dll - ok
17:11:03.0787 2760 [ 5D2A65C08953962327A21A51B5FC2089 ] C:\Windows\SysWOW64\actxprxy.dll
17:11:03.0787 2760 C:\Windows\SysWOW64\actxprxy.dll - ok
17:11:03.0787 2760 [ F67102E9791A5B80070B30ADF1159A3C ] C:\Windows\System32\SyncEngine.dll
17:11:03.0787 2760 C:\Windows\System32\SyncEngine.dll - ok
17:11:03.0787 2760 [ EF9A6365F4E2A331E79CA1DBBA9D0141 ] C:\Windows\System32\VAN.dll
17:11:03.0787 2760 C:\Windows\System32\VAN.dll - ok
17:11:03.0787 2760 [ BBB9A31169B4969169ADE608231E2985 ] C:\Windows\System32\winbici.dll
17:11:03.0787 2760 C:\Windows\System32\winbici.dll - ok
17:11:03.0787 2760 [ DB5F0DFF669AB88296134F82258AEFB8 ] C:\Windows\System32\AudioSes.dll
17:11:03.0787 2760 C:\Windows\System32\AudioSes.dll - ok
17:11:03.0802 2760 [ FA5BCD67BC10E0828D2A0A0FF52E62DE ] C:\Windows\System32\fontext.dll
17:11:03.0802 2760 C:\Windows\System32\fontext.dll - ok
17:11:03.0802 2760 [ EB248189E980B367D09C36A1C2A6FC3D ] C:\Windows\System32\linkinfo.dll
17:11:03.0802 2760 C:\Windows\System32\linkinfo.dll - ok
17:11:03.0802 2760 [ 1E93DEF34A2368E7355467B34DE7A965 ] C:\Windows\System32\DeviceCenter.dll
17:11:03.0802 2760 C:\Windows\System32\DeviceCenter.dll - ok
17:11:03.0802 2760 [ E6B65614304E4695C87FC4BD8894F3B3 ] C:\Windows\System32\networkexplorer.dll
17:11:03.0802 2760 C:\Windows\System32\networkexplorer.dll - ok
17:11:03.0802 2760 [ AC00CE3402B7EB0D0B9C581E30F7E167 ] C:\Windows\System32\hccutils.dll
17:11:03.0802 2760 C:\Windows\System32\hccutils.dll - ok
17:11:03.0802 2760 [ 95CDE3D2ACB58BE981AEC25D986016F1 ] C:\Windows\System32\igfxcpl.cpl
17:11:03.0802 2760 C:\Windows\System32\igfxcpl.cpl - ok
17:11:03.0802 2760 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] C:\Windows\System32\wlidsvc.dll
17:11:03.0802 2760 C:\Windows\System32\wlidsvc.dll - ok
17:11:03.0818 2760 [ 144E692C7C8718A0A013C8A47417BA01 ] C:\Windows\System32\igfxsrvc.exe
17:11:03.0818 2760 C:\Windows\System32\igfxsrvc.exe - ok
17:11:03.0818 2760 [ D1852D42D01C19066C6C75289D4A5C6F ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
17:11:03.0818 2760 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
17:11:03.0818 2760 [ 0B4EB4F2304D3BED88359F971482C6D5 ] C:\Windows\System32\igfxsrvc.dll
17:11:03.0818 2760 C:\Windows\System32\igfxsrvc.dll - ok
17:11:03.0818 2760 [ 0671CBE2B5CE6B2ECE03332CE6C09DC9 ] C:\Windows\System32\igfxdev.dll
17:11:03.0818 2760 C:\Windows\System32\igfxdev.dll - ok
17:11:03.0818 2760 [ 41BD327A7518C4102969FCEE8F3D5030 ] C:\Windows\System32\SkyDriveShell.dll
17:11:03.0818 2760 C:\Windows\System32\SkyDriveShell.dll - ok
17:11:03.0818 2760 [ 7B7B7DC98921D6EA5DBF132A72C4E395 ] C:\Windows\System32\opengl32.dll
17:11:03.0818 2760 C:\Windows\System32\opengl32.dll - ok
17:11:03.0834 2760 [ 1300F74B95965CD749A2F3E66FBC4EBB ] C:\Windows\System32\mssprxy.dll
17:11:03.0834 2760 C:\Windows\System32\mssprxy.dll - ok
17:11:03.0834 2760 [ 854DA94B8CB68D74CB7480B2F426CA2A ] C:\Windows\System32\ddraw.dll
17:11:03.0834 2760 C:\Windows\System32\ddraw.dll - ok
17:11:03.0834 2760 [ D9D960D70B1866A513BCBBA2FBEE6144 ] C:\Windows\System32\dssenh.dll
17:11:03.0834 2760 C:\Windows\System32\dssenh.dll - ok
17:11:03.0834 2760 [ 9415D8364F64C603853D4CA27CECB3BA ] C:\Windows\System32\DXP.dll
17:11:03.0834 2760 C:\Windows\System32\DXP.dll - ok
17:11:03.0834 2760 [ D85D513A0C4DADD8E61EB4D9101F562C ] C:\Windows\System32\glu32.dll
17:11:03.0834 2760 C:\Windows\System32\glu32.dll - ok
17:11:03.0834 2760 [ 17F26A480391D5AB4935AE77D4F6F18A ] C:\Windows\System32\shdocvw.dll
17:11:03.0834 2760 C:\Windows\System32\shdocvw.dll - ok
17:11:03.0834 2760 [ 9590CA2728AACAD7ECE35008D789C3B6 ] C:\Windows\System32\Syncreg.dll
17:11:03.0834 2760 C:\Windows\System32\Syncreg.dll - ok
17:11:03.0849 2760 [ B4E9D29333302BAF9E809EC150355D47 ] C:\Windows\System32\dciman32.dll
17:11:03.0849 2760 C:\Windows\System32\dciman32.dll - ok
17:11:03.0849 2760 [ C8E8B16FC3FB5A7E888F8D63823086E0 ] C:\Windows\System32\igfxrdeu.lrc
17:11:03.0849 2760 C:\Windows\System32\igfxrdeu.lrc - ok
17:11:03.0849 2760 [ BB4B52A3C9B231CE21DFECD1FCB93870 ] C:\Windows\System32\igfxress.dll
17:11:03.0849 2760 C:\Windows\System32\igfxress.dll - ok
17:11:03.0849 2760 [ FD18FDF7A70803A42ECEA1D7C9709E7C ] C:\Windows\System32\mssvp.dll
17:11:03.0849 2760 C:\Windows\System32\mssvp.dll - ok
17:11:03.0849 2760 [ 49F60588AB685D85DD93A9B500C19356 ] C:\Windows\System32\wscui.cpl
17:11:03.0849 2760 C:\Windows\System32\wscui.cpl - ok
17:11:03.0849 2760 [ 4A895F718857F9A7F6198951F3B106CB ] C:\Windows\System32\mapi32.dll
17:11:03.0849 2760 C:\Windows\System32\mapi32.dll - ok
17:11:03.0849 2760 [ F4DD265D2D7F23C903FCF502B7A1C508 ] C:\Windows\System32\wscapi.dll
17:11:03.0849 2760 C:\Windows\System32\wscapi.dll - ok
17:11:03.0865 2760 [ 35CD038DD39A8F6995527C10C2DE8017 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\bici.dll
17:11:03.0865 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\bici.dll - ok
17:11:03.0865 2760 [ 13FD5C8E6451BAB58ADD147356ACA41F ] C:\Windows\System32\threadpoolwinrt.dll
17:11:03.0865 2760 C:\Windows\System32\threadpoolwinrt.dll - ok
17:11:03.0865 2760 [ BC786FF9CF7253BDD416E18420519B09 ] C:\Windows\System32\biwinrt.dll
17:11:03.0865 2760 C:\Windows\System32\biwinrt.dll - ok
17:11:03.0865 2760 [ AF78C9165878C2A0CCD4728334148C50 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll
17:11:03.0865 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll - ok
17:11:03.0865 2760 [ 716228882A7BE5133B97D70CDDB69E6B ] C:\Windows\System32\Windows.ApplicationModel.dll
17:11:03.0865 2760 C:\Windows\System32\Windows.ApplicationModel.dll - ok
17:11:03.0865 2760 [ 2F65C548322123B479616DFA8238770A ] C:\Windows\System32\RuntimeBroker.exe
17:11:03.0865 2760 C:\Windows\System32\RuntimeBroker.exe - ok
17:11:03.0881 2760 [ FCEA631F1D30CADF368F93ACC1B839C5 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
17:11:03.0881 2760 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
17:11:03.0881 2760 [ EBDB50C7BD8023CE98380A4648857F4B ] C:\Windows\System32\msauserext.dll
17:11:03.0881 2760 C:\Windows\System32\msauserext.dll - ok
17:11:03.0881 2760 [ 99D2F96C49336EFA01A4F14EC72AA7B6 ] C:\Windows\System32\AuthBroker.dll
17:11:03.0881 2760 C:\Windows\System32\AuthBroker.dll - ok
17:11:03.0881 2760 [ C72641B570E9C1AD19D8BD9576EFBF6C ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\errorreporting.dll
17:11:03.0881 2760 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe\errorreporting.dll - ok
17:11:03.0881 2760 [ 9079D01C4785CB8D69DC162ADFCE6172 ] C:\Windows\System32\AltTab.dll
17:11:03.0881 2760 C:\Windows\System32\AltTab.dll - ok
17:11:03.0881 2760 [ 776F9D8FA4186E2976DBC89D99CB59A6 ] C:\Windows\System32\WPDShServiceObj.dll
17:11:03.0881 2760 C:\Windows\System32\WPDShServiceObj.dll - ok
17:11:03.0881 2760 [ DE320127B1ED10BF465AF9FB7EBD4557 ] C:\Windows\System32\PortableDeviceTypes.dll
17:11:03.0881 2760 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:11:03.0896 2760 [ 226572AB3AF54C551072D623FE29255A ] C:\Windows\System32\SettingMonitor.dll
17:11:03.0896 2760 C:\Windows\System32\SettingMonitor.dll - ok
17:11:03.0896 2760 [ 622BA2CC9CB692623E4015DE54060DE4 ] C:\Windows\System32\AepRoam.dll
17:11:03.0896 2760 C:\Windows\System32\AepRoam.dll - ok
17:11:03.0896 2760 [ 991FB4D35BCA212FF14314D9AB34833E ] C:\Windows\System32\PackageStateRoaming.dll
17:11:03.0896 2760 C:\Windows\System32\PackageStateRoaming.dll - ok
17:11:03.0896 2760 [ FF61A6193677644D25C9CE1361676AFB ] C:\Windows\System32\pnidui.dll
17:11:03.0896 2760 C:\Windows\System32\pnidui.dll - ok
17:11:03.0896 2760 [ B9B896F671BB26960E3F6BF1BA525F68 ] C:\Windows\System32\srchadmin.dll
17:11:03.0896 2760 C:\Windows\System32\srchadmin.dll - ok
17:11:03.0896 2760 [ 8A0B04A69BFFDA2E7DA712EC2CCB19E9 ] C:\Windows\System32\SyncCenter.dll
17:11:03.0896 2760 C:\Windows\System32\SyncCenter.dll - ok
17:11:03.0912 2760 [ F310AB7C5A54C42C38C4DA974BDB4271 ] C:\Windows\System32\ActionCenter.dll
17:11:03.0912 2760 C:\Windows\System32\ActionCenter.dll - ok
17:11:03.0912 2760 [ 0515B5D282D87678EE47D23AF95A948A ] C:\Windows\System32\imapi2.dll
17:11:03.0912 2760 C:\Windows\System32\imapi2.dll - ok
17:11:03.0912 2760 [ 7C514A95C3EAB34547DDBEA9AB09FC19 ] C:\Windows\System32\hgcpl.dll
17:11:03.0912 2760 C:\Windows\System32\hgcpl.dll - ok
17:11:03.0912 2760 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] C:\Windows\System32\provsvc.dll
17:11:03.0912 2760 C:\Windows\System32\provsvc.dll - ok
17:11:03.0912 2760 [ F611E6125B86F2CFB6D2C6A4F98E487A ] C:\Windows\System32\ntshrui.dll
17:11:03.0912 2760 C:\Windows\System32\ntshrui.dll - ok
17:11:03.0912 2760 [ 51E0339BAA4C418D894B0BF888A344A6 ] C:\Windows\System32\EhStorShell.dll
17:11:03.0912 2760 C:\Windows\System32\EhStorShell.dll - ok
17:11:03.0912 2760 [ 97F304F26F9A6DA61D9D5BAD6667D097 ] C:\Program Files\Classic Shell\ClassicExplorer64.dll
17:11:03.0912 2760 C:\Program Files\Classic Shell\ClassicExplorer64.dll - ok
17:11:03.0927 2760 [ 781C4A0B5114611E2594B9678B438040 ] C:\Windows\System32\DsmUserTask.exe
17:11:03.0927 2760 C:\Windows\System32\DsmUserTask.exe - ok
17:11:03.0927 2760 [ 5430FA34D2FDA83ED1DBC43A8D516E31 ] C:\Windows\System32\xwizards.dll
17:11:03.0927 2760 C:\Windows\System32\xwizards.dll - ok
17:11:03.0927 2760 [ D882A7154D6256FC2B01DAC29BA61CAE ] C:\Windows\System32\xwtpw32.dll
17:11:03.0927 2760 C:\Windows\System32\xwtpw32.dll - ok
17:11:03.0927 2760 [ A28E6194079CA6DD070872B27AB7A94D ] C:\Windows\System32\Dsui.dll
17:11:03.0927 2760 C:\Windows\System32\Dsui.dll - ok
17:11:03.0927 2760 [ 43531A5993380CC5113242C29D265FD9 ] C:\Windows\System32\drivers\EhStorClass.sys
17:11:03.0927 2760 C:\Windows\System32\drivers\EhStorClass.sys - ok
17:11:03.0927 2760 [ 4C4B246743F477AAEAC778D8CBDAB7A7 ] C:\Windows\System32\DeviceSetupManagerAPI.dll
17:11:03.0927 2760 C:\Windows\System32\DeviceSetupManagerAPI.dll - ok
17:11:03.0943 2760 [ CC1F7CD41484539BA295CCD2335364F5 ] C:\Windows\System32\wbem\mofd.dll
17:11:03.0943 2760 C:\Windows\System32\wbem\mofd.dll - ok
17:11:03.0943 2760 [ 8F15F54BBA6EDE7C120C17C97FBE9523 ] C:\Windows\System32\IconCodecService.dll
17:11:03.0943 2760 C:\Windows\System32\IconCodecService.dll - ok
17:11:03.0943 2760 [ 858CE77F3476265F64250BD2F7927C6D ] C:\Windows\System32\gameux.dll
17:11:03.0943 2760 C:\Windows\System32\gameux.dll - ok
17:11:03.0943 2760 [ 475FB7084CC6D2D11A2B6E56CF91C57B ] C:\Windows\System32\msiltcfg.dll
17:11:03.0943 2760 C:\Windows\System32\msiltcfg.dll - ok
17:11:03.0943 2760 [ 3E9F09C81250B892623CCB5E5FC4EB33 ] C:\Windows\System32\msi.dll
17:11:03.0943 2760 C:\Windows\System32\msi.dll - ok
17:11:03.0943 2760 [ 15476D6A3B1A88B401D25A1298432571 ] C:\Windows\System32\twext.dll
17:11:03.0943 2760 C:\Windows\System32\twext.dll - ok
17:11:03.0943 2760 [ 6B1032278F24EBC331059A9506FED227 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
17:11:03.0943 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll - ok
17:11:03.0959 2760 [ 1E36C5366CC5CF5597FA4C97FF781DD3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
17:11:03.0959 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll - ok
17:11:03.0959 2760 [ 8841E682C886F47759BFA6AA4D92EF79 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
17:11:03.0959 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll - ok
17:11:03.0959 2760 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
17:11:03.0959 2760 C:\Windows\System32\msvcp100.dll - ok
17:11:03.0959 2760 [ A1AD4C9F3DF06F7F4517DDB6D69F2C5C ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
17:11:03.0959 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll - ok
17:11:03.0959 2760 [ 696CBA0FABB700F652F2FF0B70B323B0 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
17:11:03.0959 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll - ok
17:11:03.0959 2760 [ F4D618F9681297E299423A56754504B2 ] C:\PROGRA~1\Eraser\ERASER~3.DLL
17:11:03.0959 2760 C:\PROGRA~1\Eraser\ERASER~3.DLL - ok
17:11:03.0974 2760 [ 04B470896143EA0BCCB210467DC69498 ] C:\Windows\System32\apprepapi.dll
17:11:03.0974 2760 C:\Windows\System32\apprepapi.dll - ok
17:11:03.0974 2760 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
17:11:03.0974 2760 C:\Windows\WinSxS\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
17:11:03.0974 2760 [ 4585BC6152F3F255EF1E10A663D0FB0D ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll
17:11:03.0974 2760 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll - ok
17:11:03.0974 2760 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
17:11:03.0974 2760 C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
17:11:03.0974 2760 [ 8B4FF31A06DA3BFB82D37D77040B2019 ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll
17:11:03.0974 2760 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll - ok
17:11:03.0974 2760 [ A112E0E48F3AB7545D7F797AFD484B96 ] C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL
17:11:03.0974 2760 C:\Windows\WinSxS\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90DEU.DLL - ok
17:11:03.0990 2760 [ 1F238657C40F6641818CFAD1E5B359B0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll
17:11:03.0990 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll - ok
17:11:03.0990 2760 [ 7B1E7019C586B08E21B6C4D4EF682DFD ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll
17:11:03.0990 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zlavscan.dll - ok
17:11:03.0990 2760 [ C95ED96994E9ED3FC1B5ECD62BD5CB6D ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
17:11:03.0990 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe - ok
17:11:03.0990 2760 [ 9B7AADF9D19D62FC2283D636FCE8A804 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
17:11:03.0990 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll - ok
17:11:03.0990 2760 [ 87A23F1E69467D0068855DC5823DE8C9 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
17:11:03.0990 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll - ok
17:11:03.0990 2760 [ 4BADC3411348BA8AC7EE6EFCA08ACB3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
17:11:03.0990 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
17:11:04.0006 2760 [ 84F4B86745A38E6BE841D4E5E7CAA6B8 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
17:11:04.0006 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll - ok
17:11:04.0006 2760 [ 9A581E482BC9679FC6B288BAB19E924F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\Audio.dll
17:11:04.0006 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\Audio.dll - ok
17:11:04.0006 2760 [ 0CDC22C2846A918369DABBBB15F4F68F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\RfcommLib.dll
17:11:04.0006 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\RfcommLib.dll - ok
17:11:04.0006 2760 [ 5F540AD6674AEFD64C1051648FF87DE3 ] C:\Windows\System32\dsound.dll
17:11:04.0006 2760 C:\Windows\System32\dsound.dll - ok
17:11:04.0006 2760 [ 1A90D513878C70295EAA2A15B111E5F8 ] C:\Windows\System32\synceng.dll
17:11:04.0006 2760 C:\Windows\System32\synceng.dll - ok
17:11:04.0006 2760 [ A6DB9DCC34A9EFF0EAECF1978B84C5A2 ] C:\Windows\System32\syncui.dll
17:11:04.0006 2760 C:\Windows\System32\syncui.dll - ok
17:11:04.0006 2760 [ 85ED13922DF97474AF9979CA456C6748 ] C:\Windows\System32\mfc100u.dll
17:11:04.0006 2760 C:\Windows\System32\mfc100u.dll - ok
17:11:04.0021 2760 [ 0961B0C35311F6C22B0A7E97875F51F3 ] C:\Windows\System32\UIRibbon.dll
17:11:04.0021 2760 C:\Windows\System32\UIRibbon.dll - ok
17:11:04.0021 2760 [ 53A3DE22A97A40469FC6AEB54A151A61 ] C:\Windows\System32\atl100.dll
17:11:04.0021 2760 C:\Windows\System32\atl100.dll - ok
17:11:04.0021 2760 [ 004337A5B8B2AA9769B02DBC489FFE9F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\L2capLib.dll
17:11:04.0021 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\L2capLib.dll - ok
17:11:04.0021 2760 [ D10C0CFDDC42E43618953C5786B43B9E ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\SesMgr.dll
17:11:04.0021 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\SesMgr.dll - ok
17:11:04.0021 2760 [ 9D3E70686F38D26F9111920F0A4F2202 ] C:\Windows\System32\mfc100deu.dll
17:11:04.0021 2760 C:\Windows\System32\mfc100deu.dll - ok
17:11:04.0021 2760 [ DEE3ED699BFBAD5A483B11428BF64E3A ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
17:11:04.0021 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll - ok
17:11:04.0037 2760 [ 3B72AC53144763B44D46591ED1BE0133 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
17:11:04.0037 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll - ok
17:11:04.0037 2760 [ 8BBD9FC2A16E33F6CCF4949BDF23CAE2 ] C:\Windows\System32\UIRibbonRes.dll
17:11:04.0037 2760 C:\Windows\System32\UIRibbonRes.dll - ok
17:11:04.0037 2760 [ 53FB52AC29DF3DF005273AC179141E62 ] C:\Windows\System32\drprov.dll
17:11:04.0037 2760 C:\Windows\System32\drprov.dll - ok
17:11:04.0037 2760 [ 4292F8C1722134F6F6AC6A6D048772BC ] C:\Windows\System32\davclnt.dll
17:11:04.0037 2760 C:\Windows\System32\davclnt.dll - ok
17:11:04.0037 2760 [ 8F37ADC302D59D09E0A9D29B9A78D3A6 ] C:\Windows\System32\davhlpr.dll
17:11:04.0037 2760 C:\Windows\System32\davhlpr.dll - ok
17:11:04.0037 2760 [ EDC796C4C9588D28CCB6031E365C4F32 ] C:\Windows\System32\ntlanman.dll
17:11:04.0037 2760 C:\Windows\System32\ntlanman.dll - ok
17:11:04.0052 2760 [ 08232556286653EA2E8FD96AFAB11023 ] C:\Windows\System32\dlnashext.dll
17:11:04.0052 2760 C:\Windows\System32\dlnashext.dll - ok
17:11:04.0052 2760 [ 9AD59BAA2F5F0E6E66D4360F670B6962 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
17:11:04.0052 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll - ok
17:11:04.0052 2760 [ C5D7AD1C21BB5D5139AAB1F392CCA2DE ] C:\Windows\System32\PlayToDevice.dll
17:11:04.0052 2760 C:\Windows\System32\PlayToDevice.dll - ok
17:11:04.0052 2760 [ 67DE24BDAA277DAAF66D06680D89737F ] C:\Windows\System32\DevDispItemProvider.dll
17:11:04.0052 2760 C:\Windows\System32\DevDispItemProvider.dll - ok
17:11:04.0052 2760 [ A8CD8DEB81EC555DE587DD98E7E42ED2 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
17:11:04.0052 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll - ok
17:11:04.0052 2760 [ B6705563C5B8889ADAFF4BFCD8FAFACC ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
17:11:04.0052 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll - ok
17:11:04.0052 2760 [ 1FAFEAF919B3D971D115BD6E1F45E8D4 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.dll
17:11:04.0052 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.dll - ok
17:11:04.0068 2760 [ C0ED72B5A88E455E6727513541A86E03 ] C:\Windows\System32\wpdshext.dll
17:11:04.0068 2760 C:\Windows\System32\wpdshext.dll - ok
17:11:04.0068 2760 [ 90B2434F51E68255C3AF40A8B6E2F274 ] C:\Windows\System32\EhStorAPI.dll
17:11:04.0068 2760 C:\Windows\System32\EhStorAPI.dll - ok
17:11:04.0068 2760 [ 6CDCE931A517A22BA6C2064BD7EEA725 ] C:\Program Files\Elantech\ETDCtrl.exe
17:11:04.0068 2760 C:\Program Files\Elantech\ETDCtrl.exe - ok
17:11:04.0068 2760 [ 9B870FE04BDF7DDF7DD736DE738038FB ] C:\Windows\System32\riched20.dll
17:11:04.0068 2760 C:\Windows\System32\riched20.dll - ok
17:11:04.0068 2760 [ 1DD757BFB4DB59B5E48E204F636F6777 ] C:\Windows\System32\msls31.dll
17:11:04.0068 2760 C:\Windows\System32\msls31.dll - ok
17:11:04.0068 2760 [ B88E2CFB8D10FB189762D0AC99382AC5 ] C:\Windows\System32\usp10.dll
17:11:04.0068 2760 C:\Windows\System32\usp10.dll - ok
17:11:04.0084 2760 [ BA31CB3666759D8878BF74FAC99E3069 ] C:\Program Files\Elantech\ETDFavorite.dll
17:11:04.0084 2760 C:\Program Files\Elantech\ETDFavorite.dll - ok
Geändert von Tandem (09.04.2014 um 00:53 Uhr) |
|
09.04.2014, 00:48
| #11 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! TDSS-log Part 8/8: Code:
ATTFilter 17:11:04.0084 2760 [ 28EFCAFAF85C9450DFECEE7520D3F9A4 ] C:\Program Files\Elantech\ETDApix.dll
17:11:04.0084 2760 C:\Program Files\Elantech\ETDApix.dll - ok
17:11:04.0084 2760 [ 9AC6179CB25B4A02A88954267E3F715E ] C:\Program Files\Elantech\ETDCmds.dll
17:11:04.0084 2760 C:\Program Files\Elantech\ETDCmds.dll - ok
17:11:04.0084 2760 [ 834A309C2FDF52FC09353F348CFE1235 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:11:04.0084 2760 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
17:11:04.0084 2760 [ 17804FCA602C24F7EF30791D4AF90885 ] C:\Windows\System32\oledlg.dll
17:11:04.0084 2760 C:\Windows\System32\oledlg.dll - ok
17:11:04.0084 2760 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
17:11:04.0084 2760 C:\Windows\System32\RtkCfg64.dll - ok
17:11:04.0084 2760 [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
17:11:04.0084 2760 C:\Windows\System32\RtkAPO64.dll - ok
17:11:04.0099 2760 [ 3BADC3E73CB058338765BEA4FE73AFBE ] C:\Windows\System32\AudioEng.dll
17:11:04.0099 2760 C:\Windows\System32\AudioEng.dll - ok
17:11:04.0099 2760 [ 2FA26C993349B4D2016CBE21A49E5432 ] C:\Windows\System32\igfxtray.exe
17:11:04.0099 2760 C:\Windows\System32\igfxtray.exe - ok
17:11:04.0099 2760 [ 47189B3FB35A23FD5A491A79EDBEDA0D ] C:\Windows\System32\igfxpers.exe
17:11:04.0099 2760 C:\Windows\System32\igfxpers.exe - ok
17:11:04.0099 2760 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
17:11:04.0099 2760 C:\Windows\System32\IccLibDll_x64.dll - ok
17:11:04.0099 2760 [ 0F77770991308CA1F58F18EED7EBE7B7 ] C:\Program Files\Eraser\Eraser.exe
17:11:04.0099 2760 C:\Program Files\Eraser\Eraser.exe - ok
17:11:04.0099 2760 [ 2A857CCAFE18B1D396484AC9CC0B9B80 ] C:\Windows\System32\mscoree.dll
17:11:04.0099 2760 C:\Windows\System32\mscoree.dll - ok
17:11:04.0115 2760 [ CC6AE7509ED274E0D904B60537BADDD4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:11:04.0115 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:11:04.0115 2760 [ 064ABA6D38A58D02DC6431B08CBA7233 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
17:11:04.0115 2760 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
17:11:04.0115 2760 [ D2D08C4A5EAFE12CEF7D48BC5A3CCED5 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll
17:11:04.0115 2760 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll - ok
17:11:04.0115 2760 [ CE6ECD42B9A6492B3BD069582C34ECBF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\c53e9fbf5110d2850666b09ae1e3f3d8\mscorlib.ni.dll
17:11:04.0115 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\c53e9fbf5110d2850666b09ae1e3f3d8\mscorlib.ni.dll - ok
17:11:04.0115 2760 [ 58B1FF38A8AC01FEB285F5C5692E8479 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
17:11:04.0115 2760 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
17:11:04.0115 2760 [ 63A2D767B9261B4F33F97BF88F2FB197 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
17:11:04.0115 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
17:11:04.0131 2760 [ 7C2E3117F0BF7B6F010B8C071253404C ] C:\Windows\System32\cryptnet.dll
17:11:04.0131 2760 C:\Windows\System32\cryptnet.dll - ok
17:11:04.0131 2760 [ 211BD0E2292CB18DD11515BE39CE5518 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
17:11:04.0131 2760 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
17:11:04.0131 2760 [ FF7CB5344094510654C240486B4B1B3F ] C:\Program Files (x86)\RadioController\RfBtnHelper.exe
17:11:04.0131 2760 C:\Program Files (x86)\RadioController\RfBtnHelper.exe - ok
17:11:04.0131 2760 [ 0BE6C341E0DD754C4D5031D391F97C86 ] C:\Windows\System32\shfolder.dll
17:11:04.0131 2760 C:\Windows\System32\shfolder.dll - ok
17:11:04.0131 2760 [ E034B873FFB81EE0D0B2AE53BC4F3BE1 ] C:\Windows\System32\sfc.dll
17:11:04.0131 2760 C:\Windows\System32\sfc.dll - ok
17:11:04.0131 2760 [ 038980C1F9FC6153856CAB3CFA337312 ] C:\Program Files (x86)\RadioController\HIDRead.dll
17:11:04.0131 2760 C:\Program Files (x86)\RadioController\HIDRead.dll - ok
17:11:04.0131 2760 [ 241B07FF7F5943B9C1BF3235F49AC1E1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:11:04.0131 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
17:11:04.0146 2760 [ BA642B414EDE8FE72D04FDD9BEB00D2F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\d146a72e9a4854762694e5f34b453782\System.ni.dll
17:11:04.0146 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\d146a72e9a4854762694e5f34b453782\System.ni.dll - ok
17:11:04.0146 2760 [ BC5B4692016B0C9C1E755AB8C8F9021E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
17:11:04.0146 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
17:11:04.0146 2760 [ 5E2428A834E4749981F206BC673C30A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
17:11:04.0146 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
17:11:04.0146 2760 [ FB35BA3010711105C6A7C9DD3BC9F76B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
17:11:04.0146 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
17:11:04.0146 2760 [ EEB13C6AAFB04F3C9512A22792AB9276 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\3d2003c352e64394e7582dbfec4439a2\System.Drawing.ni.dll
17:11:04.0146 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\3d2003c352e64394e7582dbfec4439a2\System.Drawing.ni.dll - ok
17:11:04.0146 2760 [ 236F60F2879B439BBFEF4401EC0161A6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e1884cd8e67259367836a8ed13d5422b\System.Windows.Forms.ni.dll
17:11:04.0146 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\e1884cd8e67259367836a8ed13d5422b\System.Windows.Forms.ni.dll - ok
17:11:04.0162 2760 [ 75AA0D543EE4D4A3E5C000FCE97C95B5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
17:11:04.0162 2760 [ 31F48225EBCB7ACB5D3DC1C0113677F0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
17:11:04.0162 2760 [ 07AB567D0CE7F5BC08CDB5BFB86CE5F5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
17:11:04.0162 2760 [ 0ABC50FDB2E1A5ECA26AEFE942CF273B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgt.dll - ok
17:11:04.0162 2760 [ 58FE3DB8D7653404E4B8DF496042F594 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccfwmgtrc.dll - ok
17:11:04.0162 2760 [ 1D5744CDB2FF4C8F8ECDF321FFE986CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
17:11:04.0162 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
17:11:04.0177 2760 [ 217B3D0C387328A6DA5C7782BDD2909E ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
17:11:04.0177 2760 [ 6A776B4D1B0A88BF9717E3F8EC312786 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
17:11:04.0177 2760 [ C4811C73C651A1312C56E5B851DFA2A4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
17:11:04.0177 2760 [ A2CB5EFE22B024E8D6F029314D5855C0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
17:11:04.0177 2760 [ E30A686A17B95F11DF396025DA10E82B ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
17:11:04.0177 2760 [ 65060E078CC53E5C8F572F62E8F1D586 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
17:11:04.0177 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
17:11:04.0193 2760 [ 1D76889EDA45FD47840C2E89C486A59A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
17:11:04.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
17:11:04.0193 2760 [ AC79B42FD1685CE7B82C8F604D8E2316 ] C:\Program Files (x86)\Avira\AntiVir Desktop\setup.dll
17:11:04.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\setup.dll - ok
17:11:04.0193 2760 [ C5C4281E3EAD9D9EBFBB51DAF0C1B3DC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\41717a8316cab3030cd4cb818c967826\Microsoft.VisualBasic.ni.dll
17:11:04.0193 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\41717a8316cab3030cd4cb818c967826\Microsoft.VisualBasic.ni.dll - ok
17:11:04.0193 2760 [ A9F809FC8885EADADC5347762B1E8661 ] C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe
17:11:04.0193 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\toastnotifier.exe - ok
17:11:04.0193 2760 [ 626A9EC445D06FBC1502BF53A1E3356B ] C:\Windows\System32\conhost.exe
17:11:04.0193 2760 C:\Windows\System32\conhost.exe - ok
17:11:04.0193 2760 [ A1FF7DFBFBE164CF92603C651D304DD2 ] C:\Windows\System32\drivers\condrv.sys
17:11:04.0193 2760 C:\Windows\System32\drivers\condrv.sys - ok
17:11:04.0193 2760 [ 030FA289AC1A0E702FAF4F8F8C894E12 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
17:11:04.0193 2760 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
17:11:04.0209 2760 [ 9A47EEA8F8A12323DFA8D6F553EAA3D4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\11c338e2262ed0c7ac21d1312cff0336\System.Core.ni.dll
17:11:04.0209 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\11c338e2262ed0c7ac21d1312cff0336\System.Core.ni.dll - ok
17:11:04.0209 2760 [ A0E857847B2794E071AEBDD2BD6E1393 ] C:\Windows\SysWOW64\msvcr120_clr0400.dll
17:11:04.0209 2760 C:\Windows\SysWOW64\msvcr120_clr0400.dll - ok
17:11:04.0209 2760 [ 76085F350AAC7EEA7D91471F58A9E344 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
17:11:04.0209 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe - ok
17:11:04.0209 2760 [ C2D379711654A6105C3B2EC8A65D01AD ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll
17:11:04.0209 2760 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll - ok
17:11:04.0209 2760 [ 129434BBFD99D2577DBE983A7855667E ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
17:11:04.0209 2760 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
17:11:04.0209 2760 [ DD605AC201BFB637F2693C41BA060863 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll
17:11:04.0209 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zpeng25.dll - ok
17:11:04.0224 2760 [ 5F72045F49779698473D8B09EEE87392 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\MainLoop.zip.dll - ok
17:11:04.0224 2760 [ 1C5F1C105B93F9F9C61B51A621F38F9A ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\NavBar.zip.dll - ok
17:11:04.0224 2760 [ B877EB2A5AFBCE49729864802FA8E1FB ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZAlert.zip.dll - ok
17:11:04.0224 2760 [ C7B722D1F9E27ABC90FFFC5233FEAD71 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ZClient.zip.dll - ok
17:11:04.0224 2760 [ 6C57B45573C2574A37EAE98FB0DB6F63 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zfde.zip.dll - ok
17:11:04.0224 2760 [ 3380B126CFA2168428B4582D7913210B ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll
17:11:04.0224 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zmenu.zip.dll - ok
17:11:04.0240 2760 [ 1427EDF83D4C1CA61F69F52C93BB8CCF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll
17:11:04.0240 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zpy.zip.dll - ok
17:11:04.0240 2760 [ 062AD458C3C3634FBF77BED9DD451025 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll
17:11:04.0240 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zsys.zip.dll - ok
17:11:04.0240 2760 [ 54DAE21EC19E3C57CF0A779CC87405B1 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll
17:11:04.0240 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\ztv.zip.dll - ok
17:11:04.0240 2760 [ 4606186A96BC7E01C7A41BADF1CF94B0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
17:11:04.0240 2760 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
17:11:04.0240 2760 [ 7A01639BEB97920CC83E54D87C4B3671 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll
17:11:04.0240 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\zui.zip.dll - ok
17:11:04.0240 2760 [ 540BEB6D71DFABB559453F2B8F3B703D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll
17:11:04.0240 2760 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll - ok
17:11:04.0256 2760 [ 77883251DAE149652C5A4DB9494F9D2D ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd
17:11:04.0256 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpui.pyd - ok
17:11:04.0256 2760 [ EF8E5E4FD6C023B1E6F26E947EDD1DD4 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll
17:11:04.0256 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\zhtml.dll - ok
17:11:04.0256 2760 [ A973AAC70312A0ABA7801BA4E38B96D7 ] C:\Windows\SysWOW64\comdlg32.dll
17:11:04.0256 2760 C:\Windows\SysWOW64\comdlg32.dll - ok
17:11:04.0256 2760 [ 5D0C6B8B8D8CF9724D0E4989B3E405C8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\a5cac84e015e8ab2067edc7f48375cee\System.Xml.ni.dll
17:11:04.0256 2760 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\a5cac84e015e8ab2067edc7f48375cee\System.Xml.ni.dll - ok
17:11:04.0256 2760 [ A55C6E555323380412C3FBE01C6A6600 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd
17:11:04.0256 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_ctypes.pyd - ok
17:11:04.0256 2760 [ 349BA6B6467EA9DF7241D94BE91441EC ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd
17:11:04.0256 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zpdx.pyd - ok
17:11:04.0271 2760 [ 9BC83DA13F394889F69C7BF5009BB1B3 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd
17:11:04.0271 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\pyexpat.pyd - ok
17:11:04.0271 2760 [ B1C3019A361D7AA2BFCF1148C48DA6D9 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd
17:11:04.0271 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\_socket.pyd - ok
17:11:04.0271 2760 [ C04E80E96EA075FA1540DC3849CBA384 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll
17:11:04.0271 2760 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll - ok
17:11:04.0271 2760 [ 6F4DB1382B26FB8291A38922A0B09284 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd
17:11:04.0271 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\lib\pyd\zptv.pyd - ok
17:11:04.0271 2760 [ D7E062826D2DEBEF4ECBE9A2873B4350 ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll
17:11:04.0271 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vspubapi.dll - ok
17:11:04.0271 2760 [ 1BD0A85A14A1D8615D165AF090F6577F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll
17:11:04.0271 2760 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsecimpl.dll - ok
17:11:04.0287 2760 [ DA80B547B3532947F326695C57168AB1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll
17:11:04.0287 2760 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll - ok
17:11:04.0287 2760 [ 1F947FF630A7336AB0E39DB409E2C406 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
17:11:04.0287 2760 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\mscorlib.resources\v4.0_4.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll - ok
17:11:04.0287 2760 [ 01F54CD1CAA39FCAFC977E7262926FE1 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:11:04.0287 2760 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:11:04.0287 2760 [ B3319F02D96299F3B63A7B998B1F3174 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
17:11:04.0287 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
17:11:04.0287 2760 [ 2504C76C1388412D130681265450091B ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
17:11:04.0287 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll - ok
17:11:04.0287 2760 [ A7BA0CC4704B92194DFB6785E4A0381C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll
17:11:04.0287 2760 C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmonapi.dll - ok
17:11:04.0302 2760 [ D658AB1B55127D18DCFBCAC8CAAEA522 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
17:11:04.0302 2760 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
17:11:04.0302 2760 [ 5276DD7EFE195F80B8AFF3DF581AA06C ] C:\Windows\System32\diskcopy.dll
17:11:04.0302 2760 C:\Windows\System32\diskcopy.dll - ok
17:11:04.0302 2760 [ DC225130BCAE999B1A660EEBF3D2E813 ] C:\Windows\System32\MSWB7.dll
17:11:04.0302 2760 C:\Windows\System32\MSWB7.dll - ok
17:11:04.0302 2760 [ 5DCC1BAB9A9DB133274082488F7A0F53 ] C:\Windows\System32\WorkFoldersShell.dll
17:11:04.0302 2760 C:\Windows\System32\WorkFoldersShell.dll - ok
17:11:04.0302 2760 [ 99B83EA684557E797865E46BEE840E95 ] C:\Windows\System32\igfxpph.dll
17:11:04.0302 2760 C:\Windows\System32\igfxpph.dll - ok
17:11:04.0302 2760 [ 0CB8C7B3207CFC6EADA732C1A42729A5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
17:11:04.0302 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
17:11:04.0302 2760 [ F85ED0C9047F49CFF3967915D318FDE6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
17:11:04.0302 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
17:11:04.0318 2760 [ D4607C4D0E171359F65633D19623DE52 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
17:11:04.0318 2760 [ 45DAC1E7A89EE4AF1487DC62116295C3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
17:11:04.0318 2760 [ 499BA0D7D07635F452F57B733B8D44A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
17:11:04.0318 2760 [ 32D05BF51477ADFA8E458477D60295B9 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
17:11:04.0318 2760 [ 09F66A1325A6680D6BF51DC12ACB4665 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
17:11:04.0318 2760 [ F9D0ADF9DA9EF0866C08112FAE0165BE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
17:11:04.0318 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
17:11:04.0334 2760 [ 0D239F4AC6ADAE0413BBB25687CDD363 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll
17:11:04.0334 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdw.dll - ok
17:11:04.0334 2760 [ 7AF6C9494E5B0D1C13A075F657B5FC65 ] C:\Windows\System32\fmifs.dll
17:11:04.0334 2760 C:\Windows\System32\fmifs.dll - ok
17:11:04.0334 2760 [ 084FFAFC9796DD43BD8FD854673E3132 ] C:\Windows\System32\ulib.dll
17:11:04.0334 2760 C:\Windows\System32\ulib.dll - ok
17:11:04.0334 2760 [ B2EC96B18F09B4CEE9C54A9A12A4AF9D ] C:\Windows\System32\ifsutil.dll
17:11:04.0334 2760 C:\Windows\System32\ifsutil.dll - ok
17:11:04.0334 2760 [ 50E77CABE8AB9AFE562D6BE47C15FB6A ] C:\Windows\System32\fsutilext.dll
17:11:04.0334 2760 C:\Windows\System32\fsutilext.dll - ok
17:11:04.0334 2760 [ D2518EA916E06F281376A8BDEF732022 ] C:\Windows\System32\untfs.dll
17:11:04.0334 2760 C:\Windows\System32\untfs.dll - ok
17:11:04.0334 2760 [ AC02E9BF8FF14AFB0899D93F7B23E7E2 ] C:\Windows\System32\uexfat.dll
17:11:04.0334 2760 C:\Windows\System32\uexfat.dll - ok
17:11:04.0349 2760 [ D23E1668D5602E7C236559F0D04F5C21 ] C:\Windows\System32\ufat.dll
17:11:04.0349 2760 C:\Windows\System32\ufat.dll - ok
17:11:04.0349 2760 [ D33DB105C4DB1CFA352A61FC7F424554 ] C:\Windows\System32\uudf.dll
17:11:04.0349 2760 C:\Windows\System32\uudf.dll - ok
17:11:04.0349 2760 [ 2A04A0CED0055AC64B424A70BF1C9A67 ] C:\Windows\System32\uReFS.dll
17:11:04.0349 2760 C:\Windows\System32\uReFS.dll - ok
17:11:04.0349 2760 [ 09FFF8FEE891ED820DD95428E091EA94 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll
17:11:04.0349 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\cclicw.dll - ok
17:11:04.0349 2760 [ D7E16AB9AAB8BFA219D84C79536319E2 ] C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
17:11:04.0349 2760 C:\Program Files\Acer\Acer Power Management\ePowerTray.exe - ok
17:11:04.0349 2760 [ D032F5E38912BAE509E10D56D62ABB9D ] C:\Program Files\Acer\Acer Power Management\CommonControl.dll
17:11:04.0349 2760 C:\Program Files\Acer\Acer Power Management\CommonControl.dll - ok
17:11:04.0365 2760 [ 297CF1664E92209ABCD9E59F18E09364 ] C:\Program Files\Acer\Acer Power Management\PowerSettingControl.dll
17:11:04.0365 2760 C:\Program Files\Acer\Acer Power Management\PowerSettingControl.dll - ok
17:11:04.0365 2760 [ 95266E4709CEE77B9ABE98289B61ECB2 ] C:\Windows\System32\dxva2.dll
17:11:04.0365 2760 C:\Windows\System32\dxva2.dll - ok
17:11:04.0365 2760 [ 616E1B9130314EB0E331197940AA625B ] C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
17:11:04.0365 2760 C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe - ok
17:11:04.0365 2760 [ D5FC69F365E98BB4A83D05A851F312F1 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
17:11:04.0365 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll - ok
17:11:04.0365 2760 [ 7E1ED9DCFB39E36E1192574A75CD9224 ] C:\Windows\System32\igfxext.exe
17:11:04.0365 2760 C:\Windows\System32\igfxext.exe - ok
17:11:04.0365 2760 [ D583667F17279CFCB6F250863EF9E98E ] C:\Windows\System32\igfxexps.dll
17:11:04.0365 2760 C:\Windows\System32\igfxexps.dll - ok
17:11:04.0381 2760 [ A8A9B9D954E11689E77FAC0E3B9CAAC8 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll - ok
17:11:04.0381 2760 [ 6F8759ABA553FA2C94C416BF3FF6F3BD ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll - ok
17:11:04.0381 2760 [ FAE5437BD06B53CF6F9969B81BA019C1 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll - ok
17:11:04.0381 2760 [ CCC3A7FE00CDF71EC53573FA9D46C654 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll - ok
17:11:04.0381 2760 [ 9DD1E9B81DC62558B8F87CFD12507D0F ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll - ok
17:11:04.0381 2760 [ 354EE0F5D8D315E78436ABE973EC79B3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll
17:11:04.0381 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll - ok
17:11:04.0396 2760 [ 25759EC676EF1C3D6DAAAE696105D3FF ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll - ok
17:11:04.0396 2760 [ C77D045E300AE723A7E4D24406961EEA ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll - ok
17:11:04.0396 2760 [ 11AA794DEA8445F93DF4F403992BD509 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll - ok
17:11:04.0396 2760 [ 49B870A4F18A7F8D4E919BEDA5C16482 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll - ok
17:11:04.0396 2760 [ 19261F74D64BA3DB9EF9ED20C2D277E3 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll - ok
17:11:04.0396 2760 [ B7241CFCD5BA32923E12CF4E89B62574 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtCommonRes.dll
17:11:04.0396 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtCommonRes.dll - ok
17:11:04.0412 2760 [ 8176D1F65BF6B2A08C183B26F32F511A ] C:\Windows\SysWOW64\asycfilt.dll
17:11:04.0412 2760 C:\Windows\SysWOW64\asycfilt.dll - ok
17:11:04.0412 2760 [ AB33393038DBA7F7E4257F0F85335D2F ] C:\Windows\System32\StorageContextHandler.dll
17:11:04.0412 2760 C:\Windows\System32\StorageContextHandler.dll - ok
17:11:04.0412 2760 [ 7426903310160A47A1052F1E194CC356 ] C:\Windows\System32\hotplug.dll
17:11:04.0412 2760 C:\Windows\System32\hotplug.dll - ok
17:11:04.0412 2760 [ 6E0BDFBEEED65B017F2E4C2C910B0520 ] C:\Windows\System32\rundll32.exe
17:11:04.0412 2760 C:\Windows\System32\rundll32.exe - ok
17:11:04.0412 2760 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] C:\Windows\System32\wuaueng.dll
17:11:04.0412 2760 C:\Windows\System32\wuaueng.dll - ok
17:11:04.0412 2760 [ 3FA61E33B20FD9D94DB7BDA9F324FBAB ] C:\Windows\System32\mspatcha.dll
17:11:04.0412 2760 C:\Windows\System32\mspatcha.dll - ok
17:11:04.0412 2760 [ EC2092F3B60F4206E84F87B6B15E0DE0 ] C:\Windows\System32\wups2.dll
17:11:04.0412 2760 C:\Windows\System32\wups2.dll - ok
17:11:04.0427 2760 [ CDADEFB3F75E59BF311686E66510385E ] C:\Windows\System32\TaskSchdPS.dll
17:11:04.0427 2760 C:\Windows\System32\TaskSchdPS.dll - ok
17:11:04.0427 2760 [ 35EF036F6EE1FAFD6CF49EBE9F2471C4 ] C:\Windows\System32\browcli.dll
17:11:04.0427 2760 C:\Windows\System32\browcli.dll - ok
17:11:04.0427 2760 [ D3DDD474C0128EBEC4B4A48896A1D2DC ] C:\Windows\System32\schedcli.dll
17:11:04.0427 2760 C:\Windows\System32\schedcli.dll - ok
17:11:04.0427 2760 [ E864425BF77080E8D780A3AEB3AF7E13 ] C:\Windows\System32\wmi.dll
17:11:04.0427 2760 C:\Windows\System32\wmi.dll - ok
17:11:04.0427 2760 [ 7F6FBED1A3E479017F6D3B35521281B1 ] C:\Windows\WinStore\WinStoreUI.dll
17:11:04.0427 2760 C:\Windows\WinStore\WinStoreUI.dll - ok
17:11:04.0427 2760 [ 83481CF1FAD89FAA7E3CDF6AF10C11D1 ] C:\Windows\System32\wpnapps.dll
17:11:04.0427 2760 C:\Windows\System32\wpnapps.dll - ok
17:11:04.0443 2760 [ 1305B94364F8F8F80DCD0E22E64E267A ] C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
17:11:04.0443 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe - ok
17:11:04.0443 2760 [ 4831AA1A6A112ACCEE240C9D5FA2108B ] C:\Windows\SysWOW64\ieframe.dll
17:11:04.0443 2760 C:\Windows\SysWOW64\ieframe.dll - ok
17:11:04.0443 2760 [ 70462E0A4E293FC80620AB945D8A59BB ] C:\Windows\SysWOW64\mshtml.dll
17:11:04.0443 2760 C:\Windows\SysWOW64\mshtml.dll - ok
17:11:04.0443 2760 [ B91BD9AB96E803F80C8F7C0F4CA0FD3A ] C:\Program Files\Internet Explorer\sqmapi.dll
17:11:04.0443 2760 C:\Program Files\Internet Explorer\sqmapi.dll - ok
17:11:04.0443 2760 [ 47DF8A0C94A86E465BC8DDA41F08F067 ] C:\Windows\SysWOW64\adsldp.dll
17:11:04.0443 2760 C:\Windows\SysWOW64\adsldp.dll - ok
17:11:04.0443 2760 [ 2C4965FA375C7C2C1FBD18EFD75F61CF ] C:\Windows\SysWOW64\cscapi.dll
17:11:04.0443 2760 C:\Windows\SysWOW64\cscapi.dll - ok
17:11:04.0443 2760 [ AC6A5EF688C0856598C7B36C27CECF5B ] C:\Windows\SysWOW64\dxdiagn.dll
17:11:04.0443 2760 C:\Windows\SysWOW64\dxdiagn.dll - ok
17:11:04.0459 2760 [ A4A91575D08F9835F6A5E94AF218B8FF ] C:\Windows\SysWOW64\d3d11.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\d3d11.dll - ok
17:11:04.0459 2760 [ 00AF22B51F217DC4C536F6039577B28C ] C:\Windows\SysWOW64\dxgi.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\dxgi.dll - ok
17:11:04.0459 2760 [ 73752F6A4E766AAE97C03C85DD322308 ] C:\Windows\SysWOW64\powrprof.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\powrprof.dll - ok
17:11:04.0459 2760 [ 20CF6C36949E73BE4462F09E1CAA1951 ] C:\Windows\SysWOW64\wbemcomn.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:11:04.0459 2760 [ 787648B9C1E7503D097D49EE46D9621F ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:11:04.0459 2760 [ 8DE93017BA7F77E95DF57E753269623D ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:11:04.0459 2760 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:11:04.0474 2760 [ 998AA337D8CA0E8832B3BB4AF8BBC7A0 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:11:04.0474 2760 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:11:04.0474 2760 [ C7AE6A1EAE773F8CEC7F1180CAAB2072 ] C:\Windows\SysWOW64\dsound.dll
17:11:04.0474 2760 C:\Windows\SysWOW64\dsound.dll - ok
17:11:04.0474 2760 [ 5849B1F0C63A25A3B7824C3ECE01CCC0 ] C:\Windows\SysWOW64\winbrand.dll
17:11:04.0474 2760 C:\Windows\SysWOW64\winbrand.dll - ok
17:11:04.0474 2760 [ 065C787060A095DD0DF8358BC7EF4070 ] C:\Windows\System32\perfos.dll
17:11:04.0474 2760 C:\Windows\System32\perfos.dll - ok
17:11:04.0474 2760 [ 1134E2BB2A41BC92819E1299AB82C088 ] C:\Windows\System32\wscinterop.dll
17:11:04.0474 2760 C:\Windows\System32\wscinterop.dll - ok
17:11:04.0474 2760 [ E21BE87CF4E8C3F4E237E609E8BB4257 ] C:\Windows\System32\werconcpl.dll
17:11:04.0474 2760 C:\Windows\System32\werconcpl.dll - ok
17:11:04.0474 2760 [ AA1315B87D9B2E39584165318A59F15D ] C:\Windows\System32\wercplsupport.dll
17:11:04.0474 2760 C:\Windows\System32\wercplsupport.dll - ok
17:11:04.0490 2760 [ D88390FF8C23957633033ECFC941D04A ] C:\Windows\System32\hcproviders.dll
17:11:04.0490 2760 C:\Windows\System32\hcproviders.dll - ok
17:11:04.0490 2760 [ FB7784A74CAA1DECE064954E73408F59 ] C:\Program Files\Internet Explorer\ieproxy.dll
17:11:04.0490 2760 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:11:04.0490 2760 [ EA1FF003AB7D3C8719D0A9E72C7F9F78 ] C:\Windows\System32\sendmail.dll
17:11:04.0490 2760 C:\Windows\System32\sendmail.dll - ok
17:11:04.0490 2760 [ 38045B7034108BA0000863A4EAC6A148 ] C:\Windows\System32\mydocs.dll
17:11:04.0490 2760 C:\Windows\System32\mydocs.dll - ok
17:11:04.0490 2760 [ 66E4F0A46F74345B0CD240C5B5AC06C0 ] C:\Windows\System32\zipfldr.dll
17:11:04.0490 2760 C:\Windows\System32\zipfldr.dll - ok
17:11:04.0490 2760 [ 024DAF3261166AD4090EED9579135802 ] C:\Windows\System32\chartv.dll
17:11:04.0490 2760 C:\Windows\System32\chartv.dll - ok
17:11:04.0490 2760 [ F1DCAF42618FE7515A9C4963CAD2A315 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
17:11:04.0490 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll - ok
17:11:04.0507 2760 [ 48D8A05AEBE8EC9F6BE38A770B9DFB0C ] C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
17:11:04.0507 2760 C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll - ok
17:11:04.0507 2760 [ 24DA05ADE2A978E199875DA0D859E7EB ] C:\Windows\System32\notepad.exe
17:11:04.0507 2760 C:\Windows\System32\notepad.exe - ok
17:11:04.0507 2760 [ A7069E793D4434CC7F4E5D0AFF493939 ] C:\Windows\System32\mlang.dll
17:11:04.0507 2760 C:\Windows\System32\mlang.dll - ok
17:11:04.0507 2760 [ 6DB5321D65FC1A5436A6F9AB9469AAF9 ] C:\Windows\System32\RacEngn.dll
17:11:04.0507 2760 C:\Windows\System32\RacEngn.dll - ok
17:11:04.0507 2760 [ 116EABEA69D40607116D3717D12248EC ] C:\Windows\System32\slwga.dll
17:11:04.0507 2760 C:\Windows\System32\slwga.dll - ok
17:11:04.0507 2760 [ EFB3CABED5D5C8CCD207ACC4B8E0A972 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
17:11:04.0507 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll - ok
17:11:04.0523 2760 [ 00BA48056AA18E55DE80FFE3902B32F5 ] C:\Program Files (x86)\Notepad++\NppShell_05.dll
17:11:04.0523 2760 C:\Program Files (x86)\Notepad++\NppShell_05.dll - ok
17:11:04.0523 2760 [ 178A34E5554DCE485E1262DDF027960C ] E:\Anti-Rootkit\tdsskiller.exe
17:11:04.0523 2760 E:\Anti-Rootkit\tdsskiller.exe - ok
17:11:04.0523 2760 [ CCF8BED843882F5C01FC93F6FEC5A8A7 ] C:\Windows\System32\consent.exe
17:11:04.0523 2760 C:\Windows\System32\consent.exe - ok
17:11:04.0523 2760 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\96240953.sys
17:11:04.0523 2760 C:\Windows\System32\drivers\96240953.sys - ok
17:11:04.0523 2760 [ 8387AF7783F772EC1D208409080CB5B8 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:11:04.0523 2760 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:11:04.0523 2760 [ CFE23A35E84A2CCA5DE8DF34DC238782 ] C:\Windows\SysWOW64\duser.dll
17:11:04.0523 2760 C:\Windows\SysWOW64\duser.dll - ok
17:11:04.0523 2760 [ FB34E929D9C8082D30EF87F6661C3A31 ] C:\Windows\SysWOW64\dui70.dll
17:11:04.0523 2760 C:\Windows\SysWOW64\dui70.dll - ok
17:11:04.0538 2760 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\20929863.sys
17:11:04.0538 2760 C:\Windows\System32\drivers\20929863.sys - ok
17:11:04.0538 2760 [ 23F5BD1BC5EE059986990029D03E66AA ] E:\Shredder-Tools\eraserportable_5.8.8_english.paf.exe
17:11:04.0538 2760 E:\Shredder-Tools\eraserportable_5.8.8_english.paf.exe - ok
17:11:04.0538 2760 [ 00A0194C20EE912257DF53BFE258EE4A ] C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\System.dll
17:11:04.0538 2760 C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\System.dll - ok
17:11:04.0538 2760 [ 0DC0CC7A6D9DB685BF05A7E5F3EA4781 ] C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\InstallOptions.dll
17:11:04.0538 2760 C:\Users\Tandem\AppData\Local\Temp\nsjF2D3.tmp\InstallOptions.dll - ok
17:11:04.0538 2760 [ 5416E1FBDC29105FB87AA36905141DA8 ] C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll
17:11:04.0538 2760 C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\tiptsf.dll - ok
17:11:04.0538 2760 [ 0A271DC253F4406E68C1216529CF143E ] C:\Windows\SysWOW64\thumbcache.dll
17:11:04.0538 2760 C:\Windows\SysWOW64\thumbcache.dll - ok
17:11:04.0554 2760 [ FF572D6FC50A7DA50B25FE9B122C045F ] C:\Windows\SysWOW64\networkexplorer.dll
17:11:04.0554 2760 C:\Windows\SysWOW64\networkexplorer.dll - ok
17:11:04.0554 2760 [ 1121EC6CAF4615C186BBF2200449327D ] C:\Program Files\Classic Shell\ClassicExplorer32.dll
17:11:04.0554 2760 C:\Program Files\Classic Shell\ClassicExplorer32.dll - ok
17:11:04.0554 2760 [ 3895ABD01CD6079FB7BAEED17D3D6089 ] C:\Windows\SysWOW64\mssprxy.dll
17:11:04.0554 2760 C:\Windows\SysWOW64\mssprxy.dll - ok
17:11:04.0554 2760 [ 42B1A6E8BA857C9D6238FD9C6B5FF960 ] C:\Program Files\Windows Defender\MpOAV.dll
17:11:04.0554 2760 C:\Program Files\Windows Defender\MpOAV.dll - ok
17:11:04.0554 2760 [ 1C3588802EE33660E620A046A505A337 ] C:\Program Files\Windows Defender\MpClient.dll
17:11:04.0554 2760 C:\Program Files\Windows Defender\MpClient.dll - ok
17:11:04.0554 2760 [ 6B6EEA141785ADDC561C51638783A382 ] C:\Users\Tandem\AppData\Local\Temp\Temp1_bubble2_setup.zip\bubble2_setup.exe
17:11:04.0554 2760 C:\Users\Tandem\AppData\Local\Temp\Temp1_bubble2_setup.zip\bubble2_setup.exe - ok
17:11:04.0554 2760 [ A2C4D52C66B4B399FACADB8CC8386745 ] C:\Users\Tandem\AppData\Local\Temp\is-61PG5.tmp\bubble2_setup.tmp
17:11:04.0554 2760 C:\Users\Tandem\AppData\Local\Temp\is-61PG5.tmp\bubble2_setup.tmp - ok
17:11:04.0569 2760 [ A2C4D52C66B4B399FACADB8CC8386745 ] C:\Users\Tandem\AppData\Local\Temp\is-MS8SL.tmp\bubble2_setup.tmp
17:11:04.0569 2760 C:\Users\Tandem\AppData\Local\Temp\is-MS8SL.tmp\bubble2_setup.tmp - ok
17:11:04.0569 2760 [ 0B93A4DE6B58AD04BF91B76316339817 ] C:\Windows\System32\wermgr.exe
17:11:04.0569 2760 C:\Windows\System32\wermgr.exe - ok
17:11:04.0569 2760 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] C:\Windows\System32\wersvc.dll
17:11:04.0569 2760 C:\Windows\System32\wersvc.dll - ok
17:11:04.0569 2760 [ C83AFB0B285F293EDECF5EBDEC074A94 ] C:\Windows\System32\WerFault.exe
17:11:04.0569 2760 C:\Windows\System32\WerFault.exe - ok
17:11:04.0569 2760 [ B5D2EBAD81739185A91D210F5F01824B ] C:\Windows\System32\Faultrep.dll
17:11:04.0569 2760 C:\Windows\System32\Faultrep.dll - ok
17:11:04.0569 2760 [ E81AC183EE021B3EC81B4005F4CE2D7D ] C:\Windows\SysWOW64\linkinfo.dll
17:11:04.0569 2760 C:\Windows\SysWOW64\linkinfo.dll - ok
17:11:04.0585 2760 [ 1AEA7E273E344C30C9883254DE75B180 ] C:\Windows\SysWOW64\ntshrui.dll
17:11:04.0585 2760 C:\Windows\SysWOW64\ntshrui.dll - ok
17:11:04.0585 2760 [ 9EAFB53FA36FFD02C7238B59CF3637BC ] C:\Program Files (x86)\Bubble Freespace Shredder 2\bubble2.exe
17:11:04.0585 2760 C:\Program Files (x86)\Bubble Freespace Shredder 2\bubble2.exe - ok
17:11:04.0585 2760 [ E96078C68F2AA832279FBD99AF2FD355 ] C:\Windows\System32\aeinv.dll
17:11:04.0585 2760 C:\Windows\System32\aeinv.dll - ok
17:11:04.0585 2760 [ 3ED8FA77F41F3AEAE2F0DCC0DB0596FF ] C:\Windows\System32\backgroundTaskHost.exe
17:11:04.0585 2760 C:\Windows\System32\backgroundTaskHost.exe - ok
17:11:04.0585 2760 [ 6C1DAB32294536B0EF4F7715C97C58A4 ] C:\Windows\System32\clrhost.dll
17:11:04.0585 2760 C:\Windows\System32\clrhost.dll - ok
17:11:04.0585 2760 [ 8BEF7E7E6477489F85F467DC8AAEFC05 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
17:11:04.0585 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
17:11:04.0601 2760 [ D69139606B4DCF4399DCD6DC6B19B52D ] C:\Windows\System32\msvcr120_clr0400.dll
17:11:04.0601 2760 C:\Windows\System32\msvcr120_clr0400.dll - ok
17:11:04.0601 2760 [ 98B0FCF48B4B910E3160728FC48D3E15 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll
17:11:04.0601 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll - ok
17:11:04.0601 2760 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:11:04.0601 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingNews_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:11:04.0601 2760 [ 5DD8A92CEC2F59D8A31328EA22D18FEB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\8848363a64856b740e9ebd321b6a98ca\Windows.ApplicationModel.ni.dll
17:11:04.0601 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\8848363a64856b740e9ebd321b6a98ca\Windows.ApplicationModel.ni.dll - ok
17:11:04.0601 2760 [ 4CF55EB6423F9D38CFDD798542A01BCC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtbff93e24#\b734d1d452ecc29bf9a02758520173b7\System.Runtime.InteropServices.WindowsRuntime.ni.dll
17:11:04.0601 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtbff93e24#\b734d1d452ecc29bf9a02758520173b7\System.Runtime.InteropServices.WindowsRuntime.ni.dll - ok
17:11:04.0601 2760 [ B2EBC679512A580B74F095E18738D907 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
17:11:04.0601 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
17:11:04.0616 2760 [ 5E87819201BB1DC463A127C3ED449BB9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\29e4b2d8f87a111865c3302f567b4a82\Windows.Storage.ni.dll
17:11:04.0616 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Storage\29e4b2d8f87a111865c3302f567b4a82\Windows.Storage.ni.dll - ok
17:11:04.0616 2760 [ DFB65B7E92A4946F319234549520749F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Diagd2d95910#\b2aefd08555f18ece557006afd577bf8\System.Diagnostics.Tracing.ni.dll
17:11:04.0616 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Diagd2d95910#\b2aefd08555f18ece557006afd577bf8\System.Diagnostics.Tracing.ni.dll - ok
17:11:04.0616 2760 [ F242938F69AA25B8ECD0D9E342799802 ] C:\Windows\System32\SettingSyncHost.exe
17:11:04.0616 2760 C:\Windows\System32\SettingSyncHost.exe - ok
17:11:04.0616 2760 [ C005747F5005AE7E80C087B821A5AED4 ] C:\Windows\System32\SettingSync.dll
17:11:04.0616 2760 C:\Windows\System32\SettingSync.dll - ok
17:11:04.0616 2760 [ 09C693F051507A134D180556A011A6C5 ] C:\Windows\System32\WinSync.dll
17:11:04.0616 2760 C:\Windows\System32\WinSync.dll - ok
17:11:04.0616 2760 [ A030B48F73CB01B89AD5CF725240401A ] C:\Windows\System32\OnDemandConnRouteHelper.dll
17:11:04.0616 2760 C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
17:11:04.0616 2760 [ BC78AE41C08746A043F5522D33497540 ] C:\Windows\System32\RoamingSecurity.dll
17:11:04.0616 2760 C:\Windows\System32\RoamingSecurity.dll - ok
17:11:04.0632 2760 [ 176CA3DE403C16AC50E9491319300F5B ] C:\Windows\System32\ConnectedAccountState.dll
17:11:04.0632 2760 C:\Windows\System32\ConnectedAccountState.dll - ok
17:11:04.0632 2760 [ 3ACBA856C37015F6F234279D5A4FD738 ] C:\Windows\System32\mskeyprotcli.dll
17:11:04.0632 2760 C:\Windows\System32\mskeyprotcli.dll - ok
17:11:04.0632 2760 [ CC9B5E86ACAE6E2006BCC2EB8EB18DD6 ] C:\Windows\System32\wlidcli.dll
17:11:04.0632 2760 C:\Windows\System32\wlidcli.dll - ok
17:11:04.0632 2760 [ 3EE048B4DBFFA5FDEB059BABCFDF9B69 ] C:\Windows\System32\wpninprc.dll
17:11:04.0632 2760 C:\Windows\System32\wpninprc.dll - ok
17:11:04.0632 2760 [ DEABE46484AADD7509B1D0CC308DCF77 ] C:\Windows\System32\acproxy.dll
17:11:04.0632 2760 C:\Windows\System32\acproxy.dll - ok
17:11:04.0632 2760 [ CA56145B0F1FA54FA21C2E0A7AC9C119 ] C:\Windows\System32\msched.dll
17:11:04.0632 2760 C:\Windows\System32\msched.dll - ok
17:11:04.0648 2760 [ 10782DE46A3A1903C8C2F6BDD4DFF851 ] C:\Windows\System32\lpremove.exe
17:11:04.0648 2760 C:\Windows\System32\lpremove.exe - ok
17:11:04.0648 2760 [ CB3A035BB1FD3A1E9AEE79BAE6499B99 ] C:\Windows\System32\aitagent.exe
17:11:04.0648 2760 C:\Windows\System32\aitagent.exe - ok
17:11:04.0648 2760 [ 3B0FECC41EE6B03057A0F9E26EAB5ADC ] C:\Windows\System32\fhtask.dll
17:11:04.0648 2760 C:\Windows\System32\fhtask.dll - ok
17:11:04.0648 2760 [ FF9754312611FB59DEB8CB2A9C96C10A ] C:\Windows\System32\aepdu.dll
17:11:04.0648 2760 C:\Windows\System32\aepdu.dll - ok
17:11:04.0648 2760 [ 3113EB7A0E4401F19F9B50A85E936562 ] C:\Windows\System32\fhsvcctl.dll
17:11:04.0648 2760 C:\Windows\System32\fhsvcctl.dll - ok
17:11:04.0648 2760 [ C1AF7D3C273AE7E72C69BE0E856FBCA3 ] C:\Windows\System32\kernelceip.dll
17:11:04.0648 2760 C:\Windows\System32\kernelceip.dll - ok
17:11:04.0648 2760 [ 75863FF57B3C0DF89439879969B05CEC ] C:\Windows\System32\Startupscan.dll
17:11:04.0648 2760 C:\Windows\System32\Startupscan.dll - ok
17:11:04.0663 2760 [ 9928E5C494BD933CDE560F5766D3BFB2 ] C:\Windows\System32\sdiagschd.dll
17:11:04.0663 2760 C:\Windows\System32\sdiagschd.dll - ok
17:11:04.0663 2760 [ 50DA2DFB41F5882861B6883F880792D9 ] C:\Windows\System32\SensApi.dll
17:11:04.0663 2760 C:\Windows\System32\SensApi.dll - ok
17:11:04.0663 2760 [ B4B04488BEE8B6D97DEF1D275825863C ] C:\Windows\System32\sdiageng.dll
17:11:04.0663 2760 C:\Windows\System32\sdiageng.dll - ok
17:11:04.0663 2760 [ D8E3A4701376CCFD0BE542D745FA4809 ] C:\Windows\System32\WSService.dll
17:11:04.0663 2760 C:\Windows\System32\WSService.dll - ok
17:11:04.0663 2760 [ 2A050C7DD55FAA6FBF1FA8AFD5812857 ] C:\Windows\System32\MemoryDiagnostic.dll
17:11:04.0663 2760 C:\Windows\System32\MemoryDiagnostic.dll - ok
17:11:04.0663 2760 [ 1630521CA49271034F998B332F7F3469 ] C:\Windows\System32\AppXDeploymentClient.dll
17:11:04.0663 2760 C:\Windows\System32\AppXDeploymentClient.dll - ok
17:11:04.0679 2760 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] C:\Windows\System32\AppXDeploymentServer.dll
17:11:04.0679 2760 C:\Windows\System32\AppXDeploymentServer.dll - ok
17:11:04.0679 2760 [ 4D35041E7A50BB259B36C4D5D4A77662 ] C:\Windows\System32\tdh.dll
17:11:04.0679 2760 C:\Windows\System32\tdh.dll - ok
17:11:04.0679 2760 [ D48920217A98322B9B62923B0D808674 ] C:\Windows\System32\pstask.dll
17:11:04.0679 2760 C:\Windows\System32\pstask.dll - ok
17:11:04.0679 2760 [ DACBAF039738C747754A5D5D94510FA8 ] C:\Windows\System32\regidle.dll
17:11:04.0679 2760 C:\Windows\System32\regidle.dll - ok
17:11:04.0679 2760 [ 8C2403F0371152D70741865688B57C8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll
17:11:04.0679 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll - ok
17:11:04.0679 2760 [ 23E0008E024F955428D71CEDD5CCF87F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll
17:11:04.0679 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll - ok
17:11:04.0694 2760 [ 2F2FC5E089D9A91E675817DFB0F78ADB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll
17:11:04.0694 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll - ok
17:11:04.0694 2760 [ B117A26FB2562FE1942E6F62369803E3 ] C:\Windows\System32\sdiagnhost.exe
17:11:04.0694 2760 C:\Windows\System32\sdiagnhost.exe - ok
17:11:04.0694 2760 [ 09D35AEF39E3A2F679AC4DC8D56FFAAD ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
17:11:04.0694 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe - ok
17:11:04.0694 2760 [ 350C510CA8D8C425944EEEB3D346E64B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
17:11:04.0694 2760 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe - ok
17:11:04.0694 2760 [ 5BE15CBF926B0C70B0F424774A2B75E6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wad78daf4#\1ab4f2e5e42ff1ef86cd2601e445bd92\Microsoft.Windows.Diagnosis.SDHost.ni.dll
17:11:04.0694 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wad78daf4#\1ab4f2e5e42ff1ef86cd2601e445bd92\Microsoft.Windows.Diagnosis.SDHost.ni.dll - ok
17:11:04.0694 2760 [ 524DAC623B9825226160C1C910624C6B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wed3937f9#\da5afc1a2df149f8a28255bd032d3e3b\Microsoft.Windows.Diagnosis.SDCommon.ni.dll
17:11:04.0694 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wed3937f9#\da5afc1a2df149f8a28255bd032d3e3b\Microsoft.Windows.Diagnosis.SDCommon.ni.dll - ok
17:11:04.0710 2760 [ D4E522C78B262827479FF27EF4B9A903 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll - ok
17:11:04.0710 2760 [ 0D9E2DB8997E3815D798A69E677084D4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\2b7245f16e86a452e31fd78ecfa3302d\System.Management.Automation.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\2b7245f16e86a452e31fd78ecfa3302d\System.Management.Automation.ni.dll - ok
17:11:04.0710 2760 [ 628DB15D8B4E4003324247478D5C3C3F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W0bb5dac4#\4e3912ec5842a3bab3f900db42e7295b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W0bb5dac4#\4e3912ec5842a3bab3f900db42e7295b\Microsoft.Windows.Diagnosis.Commands.UpdateDiagRootcause.ni.dll - ok
17:11:04.0710 2760 [ 601B9078F5345109A93AE0220EEBDE52 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W69ef49d2#\e00474f5df5a870e900f41a35fae6f44\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W69ef49d2#\e00474f5df5a870e900f41a35fae6f44\Microsoft.Windows.Diagnosis.Commands.GetDiagInput.ni.dll - ok
17:11:04.0710 2760 [ B3D867F60CD1AB4D2355C32CFA568238 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wd518ee0d#\dd8e0e020198d436215ee319ce9fc365\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Wd518ee0d#\dd8e0e020198d436215ee319ce9fc365\Microsoft.Windows.Diagnosis.Commands.UpdateDiagReport.ni.dll - ok
17:11:04.0710 2760 [ 5B2B58E244A3D27145376CBB55EB8CEA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W708fc392#\57794383b573a38e8e5a67716e41cd71\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll
17:11:04.0710 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.W708fc392#\57794383b573a38e8e5a67716e41cd71\Microsoft.Windows.Diagnosis.Commands.WriteDiagProgress.ni.dll - ok
17:11:04.0726 2760 [ E4498C3F60AD89BD5FC56244B4C6D9FC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\65ff83eb4f3c2cfbadf5db3a59a54f0b\System.Numerics.ni.dll
17:11:04.0726 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\65ff83eb4f3c2cfbadf5db3a59a54f0b\System.Numerics.ni.dll - ok
17:11:04.0726 2760 [ D66BCEA2916397F62F6EA2BA5191BA28 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll
17:11:04.0726 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll - ok
17:11:04.0726 2760 [ 3AE2E792BFCAB232CEF1AE15A8BE7519 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\42b800618837afb753d0029531ec2e9b\System.DirectoryServices.ni.dll
17:11:04.0726 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Dired13b18a9#\42b800618837afb753d0029531ec2e9b\System.DirectoryServices.ni.dll - ok
17:11:04.0741 2760 [ 3A6A4FAC0BBECA8BBF0B440044B3954D ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\207d88c7e31401aa445a1e38cb37fbbc\System.Management.ni.dll
17:11:04.0741 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\207d88c7e31401aa445a1e38cb37fbbc\System.Management.ni.dll - ok
17:11:04.0741 2760 [ 0F8CBD63779CEB55A2E53B6BD36A0ACE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\2a098d07b439d3cf612210725d8799e3\Microsoft.Management.Infrastructure.ni.dll
17:11:04.0741 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Mf49f6405#\2a098d07b439d3cf612210725d8799e3\Microsoft.Management.Infrastructure.ni.dll - ok
17:11:04.0741 2760 [ B837EA3A3EF1F949A421C724B82BFEBC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P1706cafe#\b621e59155acf4e16aad065809d19b94\Microsoft.PowerShell.Commands.Diagnostics.ni.dll
17:11:04.0741 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P1706cafe#\b621e59155acf4e16aad065809d19b94\Microsoft.PowerShell.Commands.Diagnostics.ni.dll - ok
17:11:04.0757 2760 [ E188528B2F50A1846DE08A3C5923F52B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\2b2701d52f2e3e722f65db71fe04756b\System.Configuration.Install.ni.dll
17:11:04.0757 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Confe64a9051#\2b2701d52f2e3e722f65db71fe04756b\System.Configuration.Install.ni.dll - ok
17:11:04.0757 2760 [ 473A57E8FD8D080C213EA2E2E6DB6C36 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll
17:11:04.0757 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll - ok
17:11:04.0757 2760 [ 7206E0063F3F083A934E8808506F125C ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
17:11:04.0757 2760 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
17:11:04.0757 2760 [ 26147D8DCD73A1CEE7B138BC349C8E85 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\4f19a4dae094c763eb40206492320bb1\Microsoft.PowerShell.Commands.Utility.ni.dll
17:11:04.0757 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P521220ea#\4f19a4dae094c763eb40206492320bb1\Microsoft.PowerShell.Commands.Utility.ni.dll - ok
17:11:04.0757 2760 [ 039EAEA186DC87B56FCD01DD74C369B8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\07d823a5fdff2a106df723bbb8690022\Microsoft.PowerShell.ConsoleHost.ni.dll
17:11:04.0757 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pb378ec07#\07d823a5fdff2a106df723bbb8690022\Microsoft.PowerShell.ConsoleHost.ni.dll - ok
17:11:04.0757 2760 [ CDF1448E6A1A1019EC02886C2E865CCB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\3b3281b8a00357ba15e0e4d9a2e1bfe7\Microsoft.PowerShell.Commands.Management.ni.dll
17:11:04.0757 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Pae3498d9#\3b3281b8a00357ba15e0e4d9a2e1bfe7\Microsoft.PowerShell.Commands.Management.ni.dll - ok
17:11:04.0773 2760 [ 82A6EFE0D5B34EC17483A510F3C76BD5 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\e7ff59e02f34e32d9478fc718037fc31\Microsoft.PowerShell.Security.ni.dll
17:11:04.0773 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P6f792626#\e7ff59e02f34e32d9478fc718037fc31\Microsoft.PowerShell.Security.ni.dll - ok
17:11:04.0773 2760 [ 11C2539DB7BA15CD0A79D6930D52E05A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.We0722664#\baf832f0caf00321592224b7fc42a558\Microsoft.WSMan.Management.ni.dll
17:11:04.0773 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.We0722664#\baf832f0caf00321592224b7fc42a558\Microsoft.WSMan.Management.ni.dll - ok
17:11:04.0773 2760 [ DF14559B0F039E3BF23A4B9334132401 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll
17:11:04.0773 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll - ok
17:11:04.0773 2760 [ E3C595CD9FA0F068619C49699AC2703F ] C:\Windows\System32\msisip.dll
17:11:04.0773 2760 C:\Windows\System32\msisip.dll - ok
17:11:04.0773 2760 [ 2B659DAB8F020252FF862AA2692B33CA ] C:\Windows\System32\wshext.dll
17:11:04.0773 2760 C:\Windows\System32\wshext.dll - ok
17:11:04.0773 2760 [ 8E6F37F12FE854CAA670C0BB3ADC9139 ] C:\Windows\System32\AppxSip.dll
17:11:04.0773 2760 C:\Windows\System32\AppxSip.dll - ok
17:11:04.0788 2760 [ BD11C5DBF7D84E4AE8703EF3B3AE794B ] C:\Windows\System32\OpcServices.dll
17:11:04.0788 2760 C:\Windows\System32\OpcServices.dll - ok
17:11:04.0788 2760 [ 0AF6E16842DAC19C22B9AF18584E0D33 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
17:11:04.0788 2760 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
17:11:04.0788 2760 [ 4345CA227F267909A57F368538EC4143 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\8319a0e63cbe4df581ca36dc75f039ab\System.Data.ni.dll
17:11:04.0788 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Data\8319a0e63cbe4df581ca36dc75f039ab\System.Data.ni.dll - ok
17:11:04.0788 2760 [ C5F6F6FF49A2A50EC9624B064B467176 ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
17:11:04.0788 2760 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:11:04.0788 2760 [ D7109186046CC1AFF17BDBD192E00308 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
17:11:04.0788 2760 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
17:11:04.0788 2760 [ 4CD5B246B2DB81DC403B7C9041456B0E ] C:\Windows\System32\NapiNSP.dll
17:11:04.0788 2760 C:\Windows\System32\NapiNSP.dll - ok
17:11:04.0804 2760 [ F916298AF3C6AC9887427E545C7E3A69 ] C:\Windows\System32\pnrpnsp.dll
17:11:04.0804 2760 C:\Windows\System32\pnrpnsp.dll - ok
17:11:04.0804 2760 [ 218F874A78CB670172280A39A58B8F8A ] C:\Windows\System32\winrnr.dll
17:11:04.0804 2760 C:\Windows\System32\winrnr.dll - ok
17:11:04.0804 2760 [ B78C9FB3D92F4502079BB1F07470BE60 ] C:\Windows\System32\wshbth.dll
17:11:04.0804 2760 C:\Windows\System32\wshbth.dll - ok
17:11:04.0804 2760 [ 610C3BA3E10CD2A7DB741FBE061ED093 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll
17:11:04.0804 2760 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll - ok
17:11:04.0804 2760 [ 7599E582CA3A6AAA95A18FFE1172D339 ] C:\Windows\System32\w32time.dll
17:11:04.0804 2760 C:\Windows\System32\w32time.dll - ok
17:11:04.0804 2760 [ 0A6341CF701E43B1AD3CC168D45161C6 ] C:\Windows\System32\w32tm.exe
17:11:04.0804 2760 C:\Windows\System32\w32tm.exe - ok
17:11:04.0819 2760 [ AC13A4FE5396E05B46C7E270BC5CC22C ] C:\Windows\System32\PING.EXE
17:11:04.0819 2760 C:\Windows\System32\PING.EXE - ok
17:11:04.0819 2760 [ 41E3F3C1E24549BBB94C53692333D3BE ] C:\Windows\System32\scrrun.dll
17:11:04.0819 2760 C:\Windows\System32\scrrun.dll - ok
17:11:04.0819 2760 [ B517410F157693043DACA21B19B258A6 ] C:\Windows\System32\tapisrv.dll
17:11:04.0819 2760 C:\Windows\System32\tapisrv.dll - ok
17:11:04.0819 2760 [ 33C2DB0C149036EC1BD5E9EF7E4844D0 ] C:\Windows\System32\unimdm.tsp
17:11:04.0819 2760 C:\Windows\System32\unimdm.tsp - ok
17:11:04.0819 2760 [ 4F0834059B081FB95E925DBACD6932A8 ] C:\Windows\System32\uniplat.dll
17:11:04.0819 2760 C:\Windows\System32\uniplat.dll - ok
17:11:04.0819 2760 [ A2F7284F25ACFFAF8630E074376ECCEC ] C:\Windows\System32\hidphone.tsp
17:11:04.0819 2760 C:\Windows\System32\hidphone.tsp - ok
17:11:04.0819 2760 [ 3E6D37564557486CEF1A82B8BD16090F ] C:\Windows\System32\kmddsp.tsp
17:11:04.0819 2760 C:\Windows\System32\kmddsp.tsp - ok
17:11:04.0835 2760 [ 2EC3B52F3359E87461F88C3D485B85C2 ] C:\Windows\System32\WWanAPI.dll
17:11:04.0835 2760 C:\Windows\System32\WWanAPI.dll - ok
17:11:04.0835 2760 [ 35F57F3C64A0E744F097159936DE3942 ] C:\Windows\System32\advpack.dll
17:11:04.0835 2760 C:\Windows\System32\advpack.dll - ok
17:11:04.0835 2760 [ 2517EF43B94CA4A2A46E4557E44B1B35 ] C:\Windows\System32\appwiz.cpl
17:11:04.0835 2760 C:\Windows\System32\appwiz.cpl - ok
17:11:04.0835 2760 [ F790470535B709B42B51CC105F27DE17 ] C:\Windows\System32\osbaseln.dll
17:11:04.0835 2760 C:\Windows\System32\osbaseln.dll - ok
17:11:04.0835 2760 [ BCFEFCF80E09551315F2C517B5FE928B ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe
17:11:04.0835 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sargui.exe - ok
17:11:04.0835 2760 [ EC2A81A5B4BB45DF0149EE63C0B5AD1C ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar1.dll
17:11:04.0835 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar1.dll - ok
17:11:04.0835 2760 [ 084A01045441FC7C0EA2B4825E84AAD8 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar2.dll
17:11:04.0835 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar2.dll - ok
17:11:04.0851 2760 [ CD8BEDD91DDAE53D27D9784246F81D48 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar5.dll
17:11:04.0851 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar5.dll - ok
17:11:04.0851 2760 [ 8FE3ADBB0BA2C6818D90FA12B976A8D5 ] C:\Windows\SysWOW64\oledlg.dll
17:11:04.0851 2760 C:\Windows\SysWOW64\oledlg.dll - ok
17:11:04.0851 2760 [ 34EF16B553D52E4C7DBC5F5E78675A0B ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar3.dll
17:11:04.0851 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar3.dll - ok
17:11:04.0851 2760 [ AEE70B180FCA9D378A300F82E9D6313F ] C:\Users\Tandem\AppData\Local\Temp\skxvcd.exe
17:11:04.0851 2760 C:\Users\Tandem\AppData\Local\Temp\skxvcd.exe - ok
17:11:04.0851 2760 [ D6CE5C3190CB672A92AE328789BB0F69 ] C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar4.dll
17:11:04.0851 2760 C:\Program Files (x86)\Sophos\Sophos Anti-Rootkit\sar4.dll - ok
17:11:04.0851 2760 [ C3135D2F6EC4463F0D335D6785EFEBE9 ] C:\Windows\System32\wsqmcons.exe
17:11:04.0851 2760 C:\Windows\System32\wsqmcons.exe - ok
17:11:04.0866 2760 [ 0F0BEECEB4ABAFA775279E2949E949E6 ] C:\Windows\System32\sppcext.dll
17:11:04.0866 2760 C:\Windows\System32\sppcext.dll - ok
17:11:04.0866 2760 [ D2B109C5B869A81AD074CBE38C0ED658 ] C:\Windows\System32\WinSCard.dll
17:11:04.0866 2760 C:\Windows\System32\WinSCard.dll - ok
17:11:04.0866 2760 [ 6E639FDBA5E9FA5974EF24412FEA30BF ] C:\Windows\System32\sc.exe
17:11:04.0866 2760 C:\Windows\System32\sc.exe - ok
17:11:04.0866 2760 [ 82841B061B403F291CF8CA9EE73913C5 ] C:\Windows\System32\winshfhc.dll
17:11:04.0866 2760 C:\Windows\System32\winshfhc.dll - ok
17:11:04.0866 2760 [ EE738FE9BCDD605821002CEC8C7206DB ] C:\Users\Tandem\Desktop\RV\RootkitRevealer.exe
17:11:04.0866 2760 C:\Users\Tandem\Desktop\RV\RootkitRevealer.exe - ok
17:11:04.0866 2760 [ 249DE8C6F690646CC8EC53D49ABC6BE9 ] C:\Windows\SysWOW64\WerFault.exe
17:11:04.0866 2760 C:\Windows\SysWOW64\WerFault.exe - ok
17:11:04.0866 2760 [ 7610BDF5018996927AA2E993CB6F2822 ] C:\Windows\SysWOW64\wer.dll
17:11:04.0866 2760 C:\Windows\SysWOW64\wer.dll - ok
17:11:04.0882 2760 [ 17500825FE6C7094ACC6E7DC6B578399 ] C:\Windows\SysWOW64\Faultrep.dll
17:11:04.0882 2760 C:\Windows\SysWOW64\Faultrep.dll - ok
17:11:04.0882 2760 [ FCD51A3EB7E47FBCE17382A95FD3AB35 ] C:\Windows\SysWOW64\dbgeng.dll
17:11:04.0882 2760 C:\Windows\SysWOW64\dbgeng.dll - ok
17:11:04.0882 2760 [ F5033F3C6F8E706D78ACB9351EBF7B3E ] C:\Windows\SysWOW64\dbghelp.dll
17:11:04.0882 2760 C:\Windows\SysWOW64\dbghelp.dll - ok
17:11:04.0882 2760 [ 9CB652EAE0AB5EB27DD0B589D4A0D345 ] C:\Windows\SysWOW64\SensApi.dll
17:11:04.0882 2760 C:\Windows\SysWOW64\SensApi.dll - ok
17:11:04.0882 2760 [ 3CD918A30800F17C3E380424DB16FCE0 ] C:\Windows\SysWOW64\werui.dll
17:11:04.0882 2760 C:\Windows\SysWOW64\werui.dll - ok
17:11:04.0882 2760 [ DE6BA34150AA58950EEC63D75C78A45A ] C:\Windows\System32\fthsvc.dll
17:11:04.0882 2760 C:\Windows\System32\fthsvc.dll - ok
17:11:04.0898 2760 [ 26801DC9D8AAEF91D0E937076723533A ] C:\Program Files (x86)\Opera\launcher.exe
17:11:04.0898 2760 C:\Program Files (x86)\Opera\launcher.exe - ok
17:11:04.0898 2760 [ 0FDA366EF6BCE1E66328331AB8C025DE ] C:\Program Files (x86)\Opera\19.0.1326.59\launcher_lib.dll
17:11:04.0898 2760 C:\Program Files (x86)\Opera\19.0.1326.59\launcher_lib.dll - ok
17:11:04.0898 2760 [ A878C3A1B4DE9C64060B4856355E70F2 ] C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe
17:11:04.0898 2760 C:\Program Files (x86)\Opera\19.0.1326.59\opera.exe - ok
17:11:04.0898 2760 [ 602CEC60E4F41C2FD196869E5FE1E9E0 ] C:\Windows\SysWOW64\cryptui.dll
17:11:04.0898 2760 C:\Windows\SysWOW64\cryptui.dll - ok
17:11:04.0898 2760 [ 3E12640379E473D6327D162EA8C008DE ] C:\Program Files (x86)\Opera\19.0.1326.59\opera_crashreporter.exe
17:11:04.0898 2760 C:\Program Files (x86)\Opera\19.0.1326.59\opera_crashreporter.exe - ok
17:11:04.0898 2760 [ 1864717B38CFE13E6BF51D2AC059D6C5 ] C:\Program Files (x86)\Opera\19.0.1326.59\icudt.dll
17:11:04.0898 2760 C:\Program Files (x86)\Opera\19.0.1326.59\icudt.dll - ok
17:11:04.0913 2760 [ 99BF1154DCA837428A94CD1BE96A8C14 ] C:\Windows\SysWOW64\KBDGR.DLL
17:11:04.0913 2760 C:\Windows\SysWOW64\KBDGR.DLL - ok
17:11:04.0913 2760 [ E0A9E2538A01364FBA8D180FD476FCC0 ] C:\Windows\SysWOW64\AudioSes.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\AudioSes.dll - ok
17:11:04.0913 2760 [ 5CCF34813D589FB8D682201BBC8F7181 ] C:\Windows\SysWOW64\MMDevAPI.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:11:04.0913 2760 [ D85F310B0871AF13961D1C9A9695D756 ] C:\Windows\SysWOW64\d3d9.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\d3d9.dll - ok
17:11:04.0913 2760 [ C765377BF03FD492F7F34BDD73513A47 ] C:\Windows\SysWOW64\dxva2.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\dxva2.dll - ok
17:11:04.0913 2760 [ 10ECF3FF5523363FB5E4A28EEDD46808 ] C:\Windows\SysWOW64\mf.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\mf.dll - ok
17:11:04.0913 2760 [ 474B4EC7DEDCF2D046EDB6E262BF34BE ] C:\Windows\SysWOW64\mfplat.dll
17:11:04.0913 2760 C:\Windows\SysWOW64\mfplat.dll - ok
17:11:04.0929 2760 [ D1A0832EE341870C1A26BB7F97F878BC ] C:\Windows\SysWOW64\RTWorkQ.dll
17:11:04.0929 2760 C:\Windows\SysWOW64\RTWorkQ.dll - ok
17:11:04.0929 2760 [ 54BB3FBA7AAED0FCB23D404DD67D4F1F ] C:\Windows\SysWOW64\avrt.dll
17:11:04.0929 2760 C:\Windows\SysWOW64\avrt.dll - ok
17:11:04.0929 2760 [ 9EA661DB9B393F46046D6181A3DDC4AD ] C:\Windows\SysWOW64\msmpeg2vdec.dll
17:11:04.0929 2760 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
17:11:04.0929 2760 [ EA3694CCEDC76161B80259F808890DA8 ] C:\Windows\SysWOW64\igdumdim32.dll
17:11:04.0929 2760 C:\Windows\SysWOW64\igdumdim32.dll - ok
17:11:04.0929 2760 [ AF44007FF0E9171C2FD66FD19DA05485 ] C:\Program Files (x86)\Opera\19.0.1326.59\opera_autoupdate.exe
17:11:04.0929 2760 C:\Program Files (x86)\Opera\19.0.1326.59\opera_autoupdate.exe - ok
17:11:04.0929 2760 [ 1DC846C435B3E36C2ADA7F6FF2DCFFF9 ] C:\Windows\SysWOW64\igdusc32.dll
17:11:04.0929 2760 C:\Windows\SysWOW64\igdusc32.dll - ok
17:11:04.0944 2760 [ 77CA588F46D2D9031ECF8BB45A2F31E0 ] C:\Program Files (x86)\Opera\19.0.1326.59\ffmpegsumo.dll
17:11:04.0944 2760 C:\Program Files (x86)\Opera\19.0.1326.59\ffmpegsumo.dll - ok
17:11:04.0944 2760 [ 008E331CCE44450185DA94FB273E4576 ] C:\Program Files (x86)\Opera\19.0.1326.59\d3dcompiler_46.dll
17:11:04.0944 2760 C:\Program Files (x86)\Opera\19.0.1326.59\d3dcompiler_46.dll - ok
17:11:04.0944 2760 [ 8DB526FBAE35EAFBB25BA8BF5F491027 ] C:\Windows\SysWOW64\credui.dll
17:11:04.0944 2760 C:\Windows\SysWOW64\credui.dll - ok
17:11:04.0944 2760 [ 5FC8D252C1FE351253AF89F1F0F6BEBB ] C:\Program Files (x86)\Opera\19.0.1326.59\libGLESv2.dll
17:11:04.0944 2760 C:\Program Files (x86)\Opera\19.0.1326.59\libGLESv2.dll - ok
17:11:04.0944 2760 [ 8E99C1C78747B8ADFDAB606492B7F1AE ] C:\Program Files (x86)\Opera\19.0.1326.59\libEGL.dll
17:11:04.0944 2760 C:\Program Files (x86)\Opera\19.0.1326.59\libEGL.dll - ok
17:11:04.0944 2760 [ 04767A913945012ADD32E2FCF4B0BE4B ] C:\Windows\SysWOW64\mscms.dll
17:11:04.0944 2760 C:\Windows\SysWOW64\mscms.dll - ok
17:11:04.0944 2760 [ 0C178B11066443E12D8A6B508477BC1A ] C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
17:11:04.0944 2760 C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll - ok
17:11:04.0960 2760 [ F9B22D89F4E96512867114CF821A7D5E ] C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe - ok
17:11:04.0960 2760 [ BB4950D08BA324908A3EB1560C8199D4 ] C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\updext.dll - ok
17:11:04.0960 2760 [ B1E9FAAC3B2CFB4DBF70C0FC00BEC4CC ] C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll - ok
17:11:04.0960 2760 [ 28F9CFBF3CD196114404C5684E701C3A ] C:\Program Files (x86)\Avira\AntiVir Desktop\updguirc.dll
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\updguirc.dll - ok
17:11:04.0960 2760 [ DE29479601E85DBCBE5CD04847AB805E ] C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe - ok
17:11:04.0960 2760 [ 27DA2A3CAE27AAC116567171AFE83AD8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll
17:11:04.0960 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll - ok
17:11:04.0976 2760 [ 4608A9F5FEC89626A6502ECBD40328AB ] C:\Program Files (x86)\Avira\AntiVir Desktop\avmres.dll
17:11:04.0976 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\avmres.dll - ok
17:11:04.0976 2760 [ 58C44A6A7342CEFEF98288C900B2EA64 ] C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll
17:11:04.0976 2760 C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll - ok
17:11:04.0976 2760 [ E64EBF5A8A0011E03663AD80C79FFA4D ] D:\antirootkit\adsl.exe
17:11:04.0976 2760 D:\antirootkit\adsl.exe - ok
17:11:04.0976 2760 [ 2BB04B67B907B341648376161070AF69 ] C:\Windows\SysWOW64\riched32.dll
17:11:04.0976 2760 C:\Windows\SysWOW64\riched32.dll - ok
17:11:04.0976 2760 [ BBFD73042D7CB18120EEE089A9F761EE ] C:\Windows\SysWOW64\UIAutomationCore.dll
17:11:04.0976 2760 C:\Windows\SysWOW64\UIAutomationCore.dll - ok
17:11:04.0976 2760 [ 513D77A8EE3FF8067CC3A65DAE1A3F5A ] C:\Windows\SysWOW64\msimtf.dll
17:11:04.0976 2760 C:\Windows\SysWOW64\msimtf.dll - ok
17:11:04.0991 2760 [ C9C0B562C7AA50A672766AAC8112DF05 ] C:\Windows\SysWOW64\d2d1.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\d2d1.dll - ok
17:11:04.0991 2760 [ 2ABD44418721B2502A3FF1928DB07F0B ] C:\Windows\SysWOW64\DWrite.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\DWrite.dll - ok
17:11:04.0991 2760 [ 2754B116D797255B6A2F2F5DB1760238 ] C:\Windows\SysWOW64\d3d10warp.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\d3d10warp.dll - ok
17:11:04.0991 2760 [ 3B122124BACF3F17A3336BD08E9D4D95 ] C:\Windows\SysWOW64\drprov.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\drprov.dll - ok
17:11:04.0991 2760 [ 8E5EA625360077325445907D972C268E ] C:\Windows\SysWOW64\davclnt.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\davclnt.dll - ok
17:11:04.0991 2760 [ 1CF62E2D53F326C40BDC1FEE3DF11BCB ] C:\Windows\SysWOW64\ntlanman.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\ntlanman.dll - ok
17:11:04.0991 2760 [ 0CAC22201AF1F9A54CFCA93059C06A39 ] C:\Windows\SysWOW64\davhlpr.dll
17:11:04.0991 2760 C:\Windows\SysWOW64\davhlpr.dll - ok
17:11:05.0007 2760 [ 01D719A5AD74FB7EAAA29924049C73BA ] C:\Windows\SysWOW64\dlnashext.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\dlnashext.dll - ok
17:11:05.0007 2760 [ 7D7D1177BD573F2FBE13369162D88E02 ] C:\Windows\SysWOW64\PlayToDevice.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\PlayToDevice.dll - ok
17:11:05.0007 2760 [ 8136DE913C41E8485E623154E9EF6B68 ] C:\Windows\SysWOW64\DevDispItemProvider.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\DevDispItemProvider.dll - ok
17:11:05.0007 2760 [ A9B6B177C78F8EEF66893C9512DF9F7C ] C:\Windows\SysWOW64\wpdshext.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\wpdshext.dll - ok
17:11:05.0007 2760 [ F655C3C8BA344799015B6E2015AD4022 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
17:11:05.0007 2760 [ 45D4D304E4D8B5D2352A26E1D1180A37 ] C:\Windows\SysWOW64\audiodev.dll
17:11:05.0007 2760 C:\Windows\SysWOW64\audiodev.dll - ok
17:11:05.0023 2760 [ 050FE6423C35792DB6FBA2CF035430B7 ] C:\Windows\SysWOW64\WMVCORE.DLL
17:11:05.0023 2760 C:\Windows\SysWOW64\WMVCORE.DLL - ok
17:11:05.0023 2760 [ 9E201E7A15BBE6260DE904968D973165 ] C:\Windows\SysWOW64\WMASF.DLL
17:11:05.0023 2760 C:\Windows\SysWOW64\WMASF.DLL - ok
17:11:05.0023 2760 [ 0AFFC88BE88EEB6A5F5A62B270E5F23B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\8167be7add46f0aee1818bd88b6b1341\Platform.ni.dll
17:11:05.0023 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\8167be7add46f0aee1818bd88b6b1341\Platform.ni.dll - ok
17:11:05.0023 2760 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:11:05.0023 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:11:05.0023 2760 [ 00000000000000000000000000000000 ] D:\antirootkit\sophos_virus_removal_tool.exe
17:11:05.0023 2760 D:\antirootkit\sophos_virus_removal_tool.exe - ok
17:11:05.0023 2760 [ 5AC254691AE3C8FDA64E80993AD888DD ] C:\Windows\System32\imageres.dll
17:11:05.0023 2760 C:\Windows\System32\imageres.dll - ok
17:11:05.0023 2760 [ E1D499C501DC2E1F8B451F1A43BFABED ] C:\Windows\SysWOW64\msiexec.exe
17:11:05.0023 2760 C:\Windows\SysWOW64\msiexec.exe - ok
17:11:05.0038 2760 [ D1B5D53F75C783D50CF57F5C0D8C8482 ] C:\Windows\SysWOW64\msisip.dll
17:11:05.0038 2760 C:\Windows\SysWOW64\msisip.dll - ok
17:11:05.0038 2760 [ 50DAB9E7E976BD7FF5F25B83440606AA ] C:\Windows\System32\msiexec.exe
17:11:05.0038 2760 C:\Windows\System32\msiexec.exe - ok
17:11:05.0038 2760 [ 4E472630DF3339388821D9AFB259F819 ] C:\Windows\apppatch\apppatch64\AcLayers.dll
17:11:05.0038 2760 C:\Windows\apppatch\apppatch64\AcLayers.dll - ok
17:11:05.0038 2760 [ 7E95B054F077791B565048541C49A0BD ] C:\Windows\SysWOW64\msihnd.dll
17:11:05.0038 2760 C:\Windows\SysWOW64\msihnd.dll - ok
17:11:05.0038 2760 [ EC0EFB91D81A9CE418254726D02ACA86 ] C:\Windows\System32\spp.dll
17:11:05.0038 2760 C:\Windows\System32\spp.dll - ok
17:11:05.0038 2760 [ 4FBA2FC8A08A94941213D79D74F26C0E ] C:\Windows\System32\srclient.dll
17:11:05.0038 2760 C:\Windows\System32\srclient.dll - ok
17:11:05.0054 2760 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] C:\Windows\System32\VSSVC.exe
17:11:05.0054 2760 C:\Windows\System32\VSSVC.exe - ok
17:11:05.0054 2760 [ E6C850668968BEBEDFCB6F3538791E5E ] C:\Windows\System32\virtdisk.dll
17:11:05.0054 2760 C:\Windows\System32\virtdisk.dll - ok
17:11:05.0054 2760 [ 57540FE9167823B79A6B9582732ABE50 ] C:\Windows\System32\fltLib.dll
17:11:05.0054 2760 C:\Windows\System32\fltLib.dll - ok
17:11:05.0054 2760 [ 2BAC6D8D45F2E56FEEBD8D703129E583 ] C:\Windows\System32\vss_ps.dll
17:11:05.0054 2760 C:\Windows\System32\vss_ps.dll - ok
17:11:05.0054 2760 [ 001D7515D08480C85AC172334590B9B2 ] C:\Windows\System32\catsrvut.dll
17:11:05.0054 2760 C:\Windows\System32\catsrvut.dll - ok
17:11:05.0054 2760 [ 79F10EB3518F1C85B0944B6C0BC60E68 ] C:\Windows\System32\mfcsubs.dll
17:11:05.0054 2760 C:\Windows\System32\mfcsubs.dll - ok
17:11:05.0054 2760 [ 99453C649DC4B0BE6D062B701CD2917F ] C:\Windows\System32\swprv.dll
17:11:05.0054 2760 C:\Windows\System32\swprv.dll - ok
17:11:05.0070 2760 [ 5B9273124588AB0F2E40AAEC9D3C62EC ] C:\Windows\System32\RstrtMgr.dll
17:11:05.0070 2760 C:\Windows\System32\RstrtMgr.dll - ok
17:11:05.0070 2760 [ CC61E1FE853E93ECEFF1C1190C411CF2 ] C:\Windows\Installer\MSI4C11.tmp
17:11:05.0070 2760 C:\Windows\Installer\MSI4C11.tmp - ok
17:11:05.0070 2760 [ 9337B4D6C70A18D801A2B970281079B5 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe
17:11:05.0070 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTgui.exe - ok
17:11:05.0070 2760 [ 6E764105D8B082BF8115FD09883549F1 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ResEnu.dll
17:11:05.0070 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ResEnu.dll - ok
17:11:05.0070 2760 [ F35245309CAD66CC9441E07DDA428981 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\control.dll
17:11:05.0070 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\control.dll - ok
17:11:05.0070 2760 [ DE6C4A4DDD24997ACB49A9675763B6E9 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SUL.dll
17:11:05.0070 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SUL.dll - ok
17:11:05.0085 2760 [ 1AB3BCAA310B3B87812260F2D49692AE ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libcurl.dll
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libcurl.dll - ok
17:11:05.0085 2760 [ 6C62E92F8FD06488EC5F4FB414B1AC3E ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libeay32.dll
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\libeay32.dll - ok
17:11:05.0085 2760 [ BE60A936B9639AB14D9EC033DC371E2A ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ssleay32.dll
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\ssleay32.dll - ok
17:11:05.0085 2760 [ 9DDCECE8A8D1BF1E47C02F7BD92CF2FE ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe - ok
17:11:05.0085 2760 [ 93DA95F022F0C6D501FFBD65D5D2C569 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\savi.dll
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\savi.dll - ok
17:11:05.0085 2760 [ 9D231213273155133CDCA2F822F264EC ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\osdp.dll
17:11:05.0085 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\osdp.dll - ok
17:11:05.0101 2760 [ 2766BC1EB2FAB6DD517C8E20D9877D5A ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\veex.dll
17:11:05.0101 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\engine\veex.dll - ok
17:11:05.0101 2760 [ D51874F106BE779DDDB377C73F0EFFE7 ] C:\Windows\SysWOW64\AppXDeploymentClient.dll
17:11:05.0101 2760 C:\Windows\SysWOW64\AppXDeploymentClient.dll - ok
17:11:05.0101 2760 [ 56E55B07E8C728C8B157D026583AEE29 ] C:\Windows\SysWOW64\Windows.ApplicationModel.dll
17:11:05.0101 2760 C:\Windows\SysWOW64\Windows.ApplicationModel.dll - ok
17:11:05.0101 2760 [ F592098A86D10FF4277F5D0EF6C90AD2 ] C:\Windows\SysWOW64\WinTypes.dll
17:11:05.0101 2760 C:\Windows\SysWOW64\WinTypes.dll - ok
17:11:05.0101 2760 [ FBC450EE38D38DE3220C98C6346EAD67 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\native.exe
17:11:05.0101 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\native.exe - ok
17:11:05.0101 2760 [ FEFEA4BD922EE55522D0A060D95C0896 ] C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\rkdisk.dll
17:11:05.0101 2760 C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\rkdisk.dll - ok
17:11:05.0117 2760 [ CC993BF7D8DE91303A124BE0CD88E03C ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\4e428c3a040941835c34c33609515ccd\Platform.ni.dll
17:11:05.0117 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingFinance_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\4e428c3a040941835c34c33609515ccd\Platform.ni.dll - ok
17:11:05.0117 2760 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:11:05.0117 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingTravel_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:11:05.0117 2760 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:11:05.0117 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:11:05.0117 2760 [ 7AE9C923CE3ED5E14A6818009A4D5D3B ] C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll
17:11:05.0117 2760 C:\Users\Tandem\AppData\Local\Packages\Microsoft.BingSports_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Platform\397c6839b837bd1ba256040605b55e8a\Platform.ni.dll - ok
17:11:05.0117 2760 [ C0912DE9D1E8E983DFC912C1501BE245 ] C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe
17:11:05.0117 2760 C:\Users\Tandem\Desktop\ADSL\ADSLocator.exe - ok
17:11:05.0117 2760 [ 703C8071DDD983D477E125B427113AC1 ] C:\Windows\SysWOW64\StructuredQuery.dll
17:11:05.0117 2760 C:\Windows\SysWOW64\StructuredQuery.dll - ok
17:11:05.0132 2760 [ D5B5184F8C258D2C3AC70E3799C7A4BF ] C:\Windows\SysWOW64\SearchFolder.dll
17:11:05.0132 2760 C:\Windows\SysWOW64\SearchFolder.dll - ok
17:11:05.0132 2760 [ CCDA8E6A2AC68FD417A8BB8D88CBFDAC ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
17:11:05.0132 2760 [ BEDDE513A3DB1E1714DDE235CEB09B37 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.dll - ok
17:11:05.0132 2760 [ AA3FD4237EE3C7C57D5DBC0EA38E2962 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AGM.dll
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AGM.dll - ok
17:11:05.0132 2760 [ F2C994E692EEAA2EAA49FECCB656F0E1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\CoolType.dll
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\CoolType.dll - ok
17:11:05.0132 2760 [ 57ED2EDE89BD9D8FE1475DDDC701AAF0 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIB.dll
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIB.dll - ok
17:11:05.0132 2760 [ 8D7360835BBF21D8FD2AEEF7E046871C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ACE.dll
17:11:05.0132 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\ACE.dll - ok
17:11:05.0148 2760 [ 5ABB70C804FC082189D2C57616746723 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll - ok
17:11:05.0148 2760 [ 245C90656B40C81CB63A6F3A35847E45 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\weblink.api - ok
17:11:05.0148 2760 [ D6907AA012124BC6101C84C36BF82193 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\EScript.api - ok
17:11:05.0148 2760 [ 33720DFF4FF9F76F20E2055D0D6D17C3 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\BIBUtils.dll - ok
17:11:05.0148 2760 [ CA35AD2AF2B975E04CFC65957B203533 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AXE8SharedExpat.dll
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AXE8SharedExpat.dll - ok
17:11:05.0148 2760 [ 46D3CD622B193D93A9EBD5FF5EAA9F4D ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api
17:11:05.0148 2760 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\IA32.api - ok
17:11:05.0164 2760 [ AEE70B180FCA9D378A300F82E9D6313F ] C:\Users\Tandem\AppData\Local\Temp\ccxmtz.exe
17:11:05.0164 2760 C:\Users\Tandem\AppData\Local\Temp\ccxmtz.exe - ok
17:11:05.0164 2760 [ CD95892713570725F4CBBA99F07CDDF2 ] C:\Windows\System32\dasHost.exe
17:11:05.0164 2760 C:\Windows\System32\dasHost.exe - ok
17:11:05.0164 2760 [ 3E7D36310137C20691C3E60D765EFF54 ] C:\Windows\System32\DafPrintProvider.dll
17:11:05.0164 2760 C:\Windows\System32\DafPrintProvider.dll - ok
17:11:05.0164 2760 [ BE3EC5AE153FFF43AFD5AF383A2DACDA ] C:\Windows\System32\VaultRoaming.dll
17:11:05.0164 2760 C:\Windows\System32\VaultRoaming.dll - ok
17:11:05.0164 2760 [ 16ECD0142EE5B2D2298E3511131B3452 ] C:\Windows\System32\vaultcli.dll
17:11:05.0164 2760 C:\Windows\System32\vaultcli.dll - ok
17:11:05.0164 2760 [ 81DAC9F3309A51C041545AF760CFDF06 ] C:\Windows\System32\vaultsvc.dll
17:11:05.0164 2760 C:\Windows\System32\vaultsvc.dll - ok
17:11:05.0179 2760 [ D38DF5EE43AD7E8CB65A224FC112862A ] C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll
17:11:05.0179 2760 C:\Program Files\Common Files\microsoft shared\ink\tipskins.dll - ok
17:11:05.0179 2760 [ BC5B189CD3A850F9309A68585CBAAABC ] C:\Windows\System32\fhcfg.dll
17:11:05.0179 2760 C:\Windows\System32\fhcfg.dll - ok
17:11:05.0179 2760 [ B0613DA5277250312241139DFFCD505D ] C:\Windows\System32\efsutil.dll
17:11:05.0179 2760 C:\Windows\System32\efsutil.dll - ok
17:11:05.0179 2760 [ 8D045B6AE7957B4801ED8B818966FEE6 ] C:\Windows\System32\InputMethod\SHARED\JpnKorRoaming.dll
17:11:05.0179 2760 C:\Windows\System32\InputMethod\SHARED\JpnKorRoaming.dll - ok
17:11:05.0179 2760 [ 809B24DDE4D7C13B348BFC9CC79A89E7 ] C:\Windows\System32\InputMethod\SHARED\IHDS.DLL
17:11:05.0179 2760 C:\Windows\System32\InputMethod\SHARED\IHDS.DLL - ok
17:11:05.0179 2760 [ 0216CAEAE677B3D4DB403040F8D52896 ] C:\Windows\System32\SystemSettingsDatabase.dll
17:11:05.0179 2760 C:\Windows\System32\SystemSettingsDatabase.dll - ok
17:11:05.0179 2760 [ A4F1FAB606C7C131615C1314E175688E ] C:\Windows\System32\SettingsHandlers.dll
17:11:05.0179 2760 C:\Windows\System32\SettingsHandlers.dll - ok
17:11:05.0195 2760 [ 3BE091E3FB06CC58BB5EA2DF28F04AB4 ] C:\Windows\System32\Winlangdb.dll
17:11:05.0195 2760 C:\Windows\System32\Winlangdb.dll - ok
17:11:05.0195 2760 [ 5DC76D5D6D5FD4830793B3928AAAA4DE ] C:\Windows\System32\input.dll
17:11:05.0195 2760 C:\Windows\System32\input.dll - ok
17:11:05.0195 2760 [ 886E5C5E7EE54F99F3482B3D935439A2 ] C:\Windows\System32\InputMethod\CHS\ChsRoaming.DLL
17:11:05.0195 2760 C:\Windows\System32\InputMethod\CHS\ChsRoaming.DLL - ok
17:11:05.0195 2760 [ 14B4AB502E572B142C4917A949B29706 ] C:\Windows\System32\themeui.dll
17:11:05.0195 2760 C:\Windows\System32\themeui.dll - ok
17:11:05.0195 2760 [ 5764E8261620179F4B9472D2E589E5D9 ] C:\Windows\System32\TimeBrokerClient.dll
17:11:05.0195 2760 C:\Windows\System32\TimeBrokerClient.dll - ok
17:11:05.0195 2760 [ 3599089381EFAAE7D93FC63EB27D04D1 ] C:\Windows\System32\pots.dll
17:11:05.0195 2760 C:\Windows\System32\pots.dll - ok
17:11:05.0210 2760 [ DAFF353325552D3A3A0384C7DF3F3357 ] C:\Windows\System32\powercpl.dll
17:11:05.0210 2760 C:\Windows\System32\powercpl.dll - ok
17:11:05.0210 2760 [ 4F32FE0318A902949E461F699030DA45 ] C:\Windows\System32\DAFWSD.dll
17:11:05.0210 2760 C:\Windows\System32\DAFWSD.dll - ok
17:11:05.0210 2760 [ F0BCFBBE7328DB539E9719E18C82004F ] C:\Windows\System32\powercfg.cpl
17:11:05.0210 2760 C:\Windows\System32\powercfg.cpl - ok
17:11:05.0210 2760 [ 6A993F9B16B993AE0E9D838EFA3A1C72 ] C:\Program Files\Windows Defender\MpCmdRun.exe
17:11:05.0210 2760 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
17:11:05.0210 2760 [ 9F6BF0058505A898B20F3B85D3E22F50 ] C:\Windows\System32\comsvcs.dll
17:11:05.0210 2760 C:\Windows\System32\comsvcs.dll - ok
17:11:05.0210 2760 [ 571885DB166B9AE744C25643F7A30509 ] C:\Windows\SysWOW64\appwiz.cpl
17:11:05.0210 2760 C:\Windows\SysWOW64\appwiz.cpl - ok
17:11:05.0226 2760 [ 17A3F23A0C4E6A0B9FF8F095C2BE0B42 ] C:\Windows\SysWOW64\osbaseln.dll
17:11:05.0226 2760 C:\Windows\SysWOW64\osbaseln.dll - ok
17:11:05.0226 2760 [ 860CA19B8523FDC97330381A472C8C8A ] C:\Program Files (x86)\Bubble Freespace Shredder 2\unins000.exe
17:11:05.0226 2760 C:\Program Files (x86)\Bubble Freespace Shredder 2\unins000.exe - ok
17:11:05.0226 2760 [ 860CA19B8523FDC97330381A472C8C8A ] C:\Users\Tandem\AppData\Local\Temp\_iu14D2N.tmp
17:11:05.0226 2760 C:\Users\Tandem\AppData\Local\Temp\_iu14D2N.tmp - ok
17:11:05.0226 2760 [ 5DCA9670170F065D6ACF587DA3FECE27 ] C:\Windows\SysWOW64\twinapi.dll
17:11:05.0226 2760 C:\Windows\SysWOW64\twinapi.dll - ok
17:11:05.0226 2760 [ 963CB4CDD293FAB48907B8A9211262E5 ] C:\Windows\SysWOW64\BCP47Langs.dll
17:11:05.0226 2760 C:\Windows\SysWOW64\BCP47Langs.dll - ok
17:11:05.0226 2760 [ F33323D3A93DA545CD63010FED334DE2 ] C:\Program Files (x86)\TrojanHunter 5.5\unins000.exe
17:11:05.0226 2760 C:\Program Files (x86)\TrojanHunter 5.5\unins000.exe - ok
17:11:05.0242 2760 [ 5DF2358DC115DAA1B439CE73B0B08FFB ] C:\Program Files (x86)\a-squared HiJackFree\a2hijackfree.exe
17:11:05.0242 2760 C:\Program Files (x86)\a-squared HiJackFree\a2hijackfree.exe - ok
17:11:05.0242 2760 [ 0FC9B04C7F729498B41A19FA55C33573 ] C:\Windows\SysWOW64\olepro32.dll
17:11:05.0242 2760 C:\Windows\SysWOW64\olepro32.dll - ok
17:11:05.0242 2760 [ 7D30E75C5C0FEAA40B79775C92C6AF23 ] C:\Windows\SysWOW64\MrmCoreR.dll
17:11:05.0242 2760 C:\Windows\SysWOW64\MrmCoreR.dll - ok
17:11:05.0242 2760 [ 13756A1B9D37398A99DAC0B7D3032CC6 ] C:\Windows\System32\LaunchTM.exe
17:11:05.0242 2760 C:\Windows\System32\LaunchTM.exe - ok
17:11:05.0242 2760 [ 2750EEB7440726085036BC746A095540 ] C:\Windows\System32\Taskmgr.exe
17:11:05.0242 2760 C:\Windows\System32\Taskmgr.exe - ok
17:11:05.0242 2760 [ 9524A1CEBC1CE82D59BCB6519E2FDBEF ] C:\Windows\System32\acppage.dll
17:11:05.0242 2760 C:\Windows\System32\acppage.dll - ok
17:11:05.0242 2760 [ 78A3191A74F110D6F08C6E7BFD27DD7D ] C:\Windows\System32\cryptext.dll
17:11:05.0242 2760 C:\Windows\System32\cryptext.dll - ok
17:11:05.0257 2760 [ 74C6B3109A607B89B1A3171A3D54C8D8 ] C:\Windows\System32\cryptui.dll
17:11:05.0257 2760 C:\Windows\System32\cryptui.dll - ok
17:11:05.0257 2760 [ 152ABECE6894153FA41157050BD1D99F ] C:\Windows\System32\rshx32.dll
17:11:05.0257 2760 C:\Windows\System32\rshx32.dll - ok
17:11:05.0257 2760 [ 52B153957363F4955096D64E691B1E95 ] C:\Windows\System32\aclui.dll
17:11:05.0257 2760 C:\Windows\System32\aclui.dll - ok
17:11:05.0257 2760 [ B9025D470B0D563853F57DE399DE31D4 ] C:\Windows\System32\docprop.dll
17:11:05.0257 2760 C:\Windows\System32\docprop.dll - ok
17:11:05.0257 2760 [ D7D364B8E764DB424B60F53E6FE078E1 ] C:\Windows\SysWOW64\samlib.dll
17:11:05.0257 2760 C:\Windows\SysWOW64\samlib.dll - ok
17:11:05.0257 2760 [ 206CA40E986033D62490D299F8E560E1 ] C:\Windows\System32\RADCUI.dll
17:11:05.0257 2760 C:\Windows\System32\RADCUI.dll - ok
17:11:05.0257 2760 [ 1503510900836FA6A0E4FE9662FE0768 ] C:\Windows\System32\TSWorkspace.dll
17:11:05.0257 2760 C:\Windows\System32\TSWorkspace.dll - ok
17:11:05.0273 2760 [ 92D0AB294435F653A5F1A4A14847A02E ] C:\Windows\System32\ActionCenterCPL.dll
17:11:05.0273 2760 C:\Windows\System32\ActionCenterCPL.dll - ok
17:11:05.0273 2760 [ CEB55F50B21F9F70BF379A779D6A9624 ] C:\Windows\System32\msconfig.exe
17:11:05.0273 2760 C:\Windows\System32\msconfig.exe - ok
17:11:05.0273 2760 [ C5B9D305CAD14D55BB4DA5071889EE49 ] C:\Windows\System32\mfc42u.dll
17:11:05.0273 2760 C:\Windows\System32\mfc42u.dll - ok
17:11:05.0273 2760 [ F7546CC82AE959BF322A49A7C11C1D5A ] C:\Windows\System32\odbc32.dll
17:11:05.0273 2760 C:\Windows\System32\odbc32.dll - ok
17:11:05.0273 2760 [ 5F40AAC4D3ABED2F258B3E6202EB351C ] C:\Windows\System32\SensorsCpl.dll
17:11:05.0273 2760 C:\Windows\System32\SensorsCpl.dll - ok
17:11:05.0273 2760 [ 946A73246A504476F4E429246F97BC28 ] C:\Windows\System32\netcenter.dll
17:11:05.0273 2760 C:\Windows\System32\netcenter.dll - ok
17:11:05.0273 2760 [ B7AD851A21FEBA3BA214972627614207 ] C:\Windows\System32\netman.dll
17:11:05.0273 2760 C:\Windows\System32\netman.dll - ok
17:11:05.0289 2760 [ BCE87B456D851A0C9E726331A040CE3F ] C:\Windows\System32\netshell.dll
17:11:05.0289 2760 C:\Windows\System32\netshell.dll - ok
17:11:05.0289 2760 [ 3F37066D0C5E41F0CEFDDAC8AC59163D ] C:\Windows\System32\rasdlg.dll
17:11:05.0289 2760 C:\Windows\System32\rasdlg.dll - ok
17:11:05.0289 2760 [ 95ED0EB4E1D30448AF1C55BB2B4F014C ] C:\Windows\System32\mprapi.dll
17:11:05.0289 2760 C:\Windows\System32\mprapi.dll - ok
17:11:05.0289 2760 [ A881FF42F3688C4E1F754F600B778AB8 ] C:\Windows\System32\connect.dll
17:11:05.0289 2760 C:\Windows\System32\connect.dll - ok
17:11:05.0289 2760 [ 465E8A5B79FF5134CECE8E43031ADBE1 ] C:\Windows\System32\dtsh.dll
17:11:05.0289 2760 C:\Windows\System32\dtsh.dll - ok
17:11:05.0289 2760 [ BF8DE533F533A07C22507C47F1B5AD0C ] C:\Windows\System32\wmp.dll
17:11:05.0289 2760 C:\Windows\System32\wmp.dll - ok
17:11:05.0304 2760 [ 7E8B2C23D6FF7C4AFE30F3EB6C606884 ] C:\Windows\System32\wmploc.DLL
17:11:05.0304 2760 C:\Windows\System32\wmploc.DLL - ok
17:11:05.0304 2760 [ C675604E14D05669880F70C2ABD65451 ] C:\Windows\System32\Vault.dll
17:11:05.0304 2760 C:\Windows\System32\Vault.dll - ok
17:11:05.0304 2760 [ EBD64C8DE8822479ECC2347EE1A68D8A ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe
17:11:05.0304 2760 C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok
17:11:05.0304 2760 [ 5221CDE3D000D49110C6A6442752A087 ] C:\Windows\System32\pidgenx.dll
17:11:05.0304 2760 C:\Windows\System32\pidgenx.dll - ok
17:11:05.0304 2760 [ DE34B169A4997EA1118BB9674B26397D ] C:\Windows\System32\winsku.dll
17:11:05.0304 2760 C:\Windows\System32\winsku.dll - ok
17:11:05.0304 2760 [ C7BC30CB3900935DC213C9B63DB36741 ] C:\Windows\System32\DismApi.dll
17:11:05.0304 2760 C:\Windows\System32\DismApi.dll - ok
17:11:05.0304 2760 [ 83296DE8CFFEADA636DCC1AB2E3BF643 ] C:\Windows\System32\inetcpl.cpl
17:11:05.0304 2760 C:\Windows\System32\inetcpl.cpl - ok
17:11:05.0320 2760 [ 439A00B0F73BD7B6C1C08F4A760BEC07 ] C:\Windows\System32\IEAdvpack.dll
17:11:05.0320 2760 C:\Windows\System32\IEAdvpack.dll - ok
17:11:05.0320 2760 [ 4E0709D9BB951AD1C22E4FF519B90839 ] C:\Windows\System32\mshtml.dll
17:11:05.0320 2760 C:\Windows\System32\mshtml.dll - ok
17:11:05.0320 2760 [ 19DF5724A1B05D493C9175890C0A2E46 ] C:\Windows\System32\DiagCpl.dll
17:11:05.0320 2760 C:\Windows\System32\DiagCpl.dll - ok
17:11:05.0320 2760 [ 4050668775C05D8D3E2B9BA8A489C9FD ] C:\Windows\System32\sdiagprv.dll
17:11:05.0320 2760 C:\Windows\System32\sdiagprv.dll - ok
17:11:05.0320 2760 [ 5E4E99CAC7103A3FCD2A048033BA6687 ] C:\Windows\System32\mblctr.exe
17:11:05.0320 2760 C:\Windows\System32\mblctr.exe - ok
17:11:05.0320 2760 [ 31FC5EBF5C8CE2237CADCFAD3AED7D4F ] C:\Windows\System32\mobsync.exe
17:11:05.0320 2760 C:\Windows\System32\mobsync.exe - ok
17:11:05.0320 2760 [ 27E9C23E43FE41702B0C244B9CA3F318 ] C:\Windows\System32\SyncInfrastructure.dll
17:11:05.0320 2760 C:\Windows\System32\SyncInfrastructure.dll - ok
17:11:05.0335 2760 [ 5C0C8BC61FD4931359DF11A8FCD24A45 ] C:\Windows\System32\mmc.exe
17:11:05.0335 2760 C:\Windows\System32\mmc.exe - ok
17:11:05.0335 2760 [ 62EB6BCCD4C8D1E942F579200AEB89AB ] C:\Windows\System32\mmcbase.dll
17:11:05.0335 2760 C:\Windows\System32\mmcbase.dll - ok
17:11:05.0335 2760 [ 4D24EDBCD7901AAE0525ABE26F43011E ] C:\Windows\System32\mmcndmgr.dll
17:11:05.0335 2760 C:\Windows\System32\mmcndmgr.dll - ok
17:11:05.0335 2760 [ 5D6801D34E4FB3144915108F758FDCC6 ] C:\Windows\System32\devmgr.dll
17:11:05.0335 2760 C:\Windows\System32\devmgr.dll - ok
17:11:05.0335 2760 [ C9854541C1DF8CFB1F7C5B4D90C9F5C5 ] C:\Windows\System32\dmocx.dll
17:11:05.0335 2760 C:\Windows\System32\dmocx.dll - ok
17:11:05.0335 2760 [ BA9ADE2B12F322224145350A88A23765 ] C:\Windows\System32\wlaninst.dll
17:11:05.0335 2760 C:\Windows\System32\wlaninst.dll - ok
17:11:05.0351 2760 [ 400657F9C16EE39A2A1F08AF7631192F ] C:\Windows\System32\wwaninst.dll
17:11:05.0351 2760 C:\Windows\System32\wwaninst.dll - ok
17:11:05.0351 2760 [ 45369E037410609D769852A1CE46A184 ] C:\Windows\System32\drivers\k57nd60a.sys
17:11:05.0351 2760 C:\Windows\System32\drivers\k57nd60a.sys - ok
17:11:05.0351 2760 [ 7EF478B7043A28AEC57F8FC6F11965C3 ] C:\Windows\System32\HelpPaneProxy.dll
17:11:05.0351 2760 C:\Windows\System32\HelpPaneProxy.dll - ok
17:11:05.0351 2760 [ EA3DDF258F653D8BCF35EEFDC83ECA5E ] C:\Windows\HelpPane.exe
17:11:05.0351 2760 C:\Windows\HelpPane.exe - ok
17:11:05.0351 2760 [ 0D2E1E435D503AAF74F2189212062DA3 ] C:\Windows\System32\apds.dll
17:11:05.0351 2760 C:\Windows\System32\apds.dll - ok
17:11:05.0351 2760 [ CF1C73DE1FADE3D3C44FCAF254F57DB2 ] C:\Windows\System32\jscript9.dll
17:11:05.0351 2760 C:\Windows\System32\jscript9.dll - ok
17:11:05.0351 2760 [ E4ACA305526214C454CCD83BBAF70F65 ] C:\Windows\System32\msimtf.dll
17:11:05.0351 2760 C:\Windows\System32\msimtf.dll - ok
17:11:05.0367 2760 [ D66289A41D9931DE7CDF470949C9BC24 ] C:\Windows\System32\imgutil.dll
17:11:05.0367 2760 C:\Windows\System32\imgutil.dll - ok
17:11:05.0367 2760 [ 689ABA32B7C61B9B3E0153E83F638C57 ] C:\Windows\System32\NaturalLanguage6.dll
17:11:05.0367 2760 C:\Windows\System32\NaturalLanguage6.dll - ok
17:11:05.0367 2760 [ 7570D0E275461E2B9E214895181BD8FE ] C:\Windows\System32\NlsData0007.dll
17:11:05.0367 2760 C:\Windows\System32\NlsData0007.dll - ok
17:11:05.0367 2760 [ CB2C30C436DC94F4A840AE8297E4601D ] C:\Windows\System32\NlsLexicons0007.dll
17:11:05.0367 2760 C:\Windows\System32\NlsLexicons0007.dll - ok
17:11:05.0367 2760 [ 40FF06267FECECF63FC982F641F3C155 ] C:\Windows\System32\msdt.exe
17:11:05.0367 2760 C:\Windows\System32\msdt.exe - ok
17:11:05.0367 2760 [ 91ADC5BD3E8C381021AC64A80AF25FE0 ] C:\Windows\System32\telephon.cpl
17:11:05.0367 2760 C:\Windows\System32\telephon.cpl - ok
17:11:05.0382 2760 [ 865E69EEE936C3FE9BF9668EDCBAFC8C ] C:\Windows\System32\tapi32.dll
17:11:05.0382 2760 C:\Windows\System32\tapi32.dll - ok
17:11:05.0382 2760 [ FF6F494B1DA4713DEA014DB84E254149 ] C:\Windows\System32\tapiui.dll
17:11:05.0382 2760 C:\Windows\System32\tapiui.dll - ok
17:11:05.0382 2760 [ CE525E3905C6AFD43E091A7295CF961E ] C:\Windows\System32\modemui.dll
17:11:05.0382 2760 C:\Windows\System32\modemui.dll - ok
17:11:05.0382 2760 [ 16CA67ACCB49AF11025AD44E07D8E724 ] C:\Windows\System32\systemcpl.dll
17:11:05.0382 2760 C:\Windows\System32\systemcpl.dll - ok
17:11:05.0382 2760 [ 03F03B8E77492EB7324F2FA979FC7E64 ] C:\Windows\System32\WinSATAPI.dll
17:11:05.0382 2760 C:\Windows\System32\WinSATAPI.dll - ok
17:11:05.0382 2760 [ A7BA28F69515DB31E8F673CDEB40EA75 ] C:\Windows\System32\SystemPropertiesRemote.exe
17:11:05.0382 2760 C:\Windows\System32\SystemPropertiesRemote.exe - ok
17:11:05.0382 2760 [ 488E39030B5492A0D13D9423F118E73F ] C:\Windows\System32\sysdm.cpl
17:11:05.0382 2760 C:\Windows\System32\sysdm.cpl - ok
17:11:05.0398 2760 [ 809E7AF3579E8A8D8744F4D74B63445D ] C:\Windows\System32\netid.dll
17:11:05.0398 2760 C:\Windows\System32\netid.dll - ok
17:11:05.0398 2760 [ 3DE4734EAB9E26CF70289EDE6C2C2613 ] C:\Windows\System32\srrstr.dll
17:11:05.0398 2760 C:\Windows\System32\srrstr.dll - ok
17:11:05.0398 2760 [ B598A73FB254C78DC267DCFC808DD9DD ] C:\Windows\System32\remotepg.dll
17:11:05.0398 2760 C:\Windows\System32\remotepg.dll - ok
17:11:05.0398 2760 [ C74B41A57513EC2FD6E57F493529F809 ] C:\Windows\System32\regapi.dll
17:11:05.0398 2760 C:\Windows\System32\regapi.dll - ok
17:11:05.0398 2760 [ 409B48BC4D05F5B4E3B17C9F417100DF ] C:\Windows\System32\racpldlg.dll
17:11:05.0398 2760 C:\Windows\System32\racpldlg.dll - ok
17:11:05.0398 2760 [ 15EB9FEE8DDBD7747539E05A50DBBCCD ] C:\Windows\System32\SystemPropertiesProtection.exe
17:11:05.0398 2760 C:\Windows\System32\SystemPropertiesProtection.exe - ok
17:11:05.0398 2760 [ 1BB7AC28F35687DABF3A099A8EED33B7 ] C:\Windows\System32\SystemPropertiesAdvanced.exe
17:11:05.0398 2760 C:\Windows\System32\SystemPropertiesAdvanced.exe - ok
17:11:05.0414 2760 [ 410263744BBC5538EAB0B3A065F97F3A ] C:\Windows\System32\changepk.exe
17:11:05.0414 2760 C:\Windows\System32\changepk.exe - ok
17:11:05.0414 2760 [ 7029F8CB6D1EF7B0D56FAB0146E42516 ] C:\Windows\System32\fhcpl.dll
17:11:05.0414 2760 C:\Windows\System32\fhcpl.dll - ok
17:11:05.0414 2760 [ 60FD6797BD2425FE012DA02A4778F96C ] C:\Windows\System32\shgina.dll
17:11:05.0414 2760 C:\Windows\System32\shgina.dll - ok
17:11:05.0414 2760 [ 858776908AF838E3790F3261B799CDA6 ] C:\Windows\System32\drivers\rdpvideominiport.sys
17:11:05.0414 2760 C:\Windows\System32\drivers\rdpvideominiport.sys - ok
17:11:05.0414 2760 [ 0F351EC71CE415D7EE85FFB8DF473F2C ] C:\Windows\System32\workerdd.dll
17:11:05.0414 2760 C:\Windows\System32\workerdd.dll - ok
17:11:05.0414 2760 [ A016186F9DF5E273BA9235BECEA0C6C2 ] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
17:11:05.0414 2760 C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe - ok
17:11:05.0429 2760 [ 2FB757B35C94B1C1C65BA35E4E7EC0F2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
17:11:05.0429 2760 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
17:11:05.0429 2760 [ BE8F5E1C39C6DF42AE69D613EAEF9936 ] C:\Program Files\Elantech\ETDTouch.exe
17:11:05.0429 2760 C:\Program Files\Elantech\ETDTouch.exe - ok
17:11:05.0429 2760 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
17:11:05.0429 2760 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
17:11:05.0429 2760 [ CD78DF1E4D1B5A9E2D3A120C8EBC4555 ] C:\Windows\System32\NcaApi.dll
17:11:05.0429 2760 C:\Windows\System32\NcaApi.dll - ok
17:11:05.0429 2760 [ 302337967FBA91C40745B96A42A39CC5 ] C:\Program Files (x86)\Launch Manager\LMutilps32.exe
17:11:05.0429 2760 C:\Program Files (x86)\Launch Manager\LMutilps32.exe - ok
17:11:05.0429 2760 [ 91647EAD53B68EFFDF17EC2FC9DF4018 ] C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
17:11:05.0429 2760 C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe - ok
17:11:05.0429 2760 [ BABD61928A74CD342EF02465DA63F186 ] C:\Windows\System32\sdclt.exe
17:11:05.0429 2760 C:\Windows\System32\sdclt.exe - ok
17:11:05.0445 2760 [ DD51E2B5AFEE55BB8429900FDFD0E263 ] C:\Windows\System32\ReAgent.dll
17:11:05.0445 2760 C:\Windows\System32\ReAgent.dll - ok
17:11:05.0445 2760 [ 0C1DD5D08EFBC9308BD8CA08E7CBA48D ] C:\Windows\System32\Windows.Media.Streaming.dll
17:11:05.0445 2760 C:\Windows\System32\Windows.Media.Streaming.dll - ok
17:11:05.0445 2760 [ B6906CDDA78F6CBFF4F2A0E214A29FEB ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
17:11:05.0445 2760 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
17:11:05.0445 2760 [ 14D3EDC750DAA89D322743781755314C ] C:\Windows\System32\d3d9.dll
17:11:05.0445 2760 C:\Windows\System32\d3d9.dll - ok
17:11:05.0445 2760 [ E567EA6FD3253C9080BED35B7D561381 ] C:\Program Files\Windows Photo Viewer\PhotoBase.dll
17:11:05.0445 2760 C:\Program Files\Windows Photo Viewer\PhotoBase.dll - ok
17:11:05.0445 2760 [ DED67B9BCFE9CE5F12E17C0842E6A809 ] C:\Windows\System32\mspaint.exe
17:11:05.0445 2760 C:\Windows\System32\mspaint.exe - ok
17:11:05.0460 2760 [ 8A8BB2BC560720C8FD0700C78D0FB0BB ] C:\Windows\System32\sti.dll
17:11:05.0460 2760 C:\Windows\System32\sti.dll - ok
17:11:05.0460 2760 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Tandem\Desktop\tdsskiller.exe
17:11:05.0460 2760 C:\Users\Tandem\Desktop\tdsskiller.exe - ok
17:11:05.0460 2760 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\40523956.sys
17:11:05.0460 2760 C:\Windows\System32\drivers\40523956.sys - ok
17:11:05.0460 2760 ============================================================
17:11:05.0460 2760 Scan finished
17:11:05.0460 2760 ============================================================
17:11:05.0460 4288 Detected object count: 5
17:11:05.0460 4288 Actual detected object count: 5
17:11:17.0215 4288 BrcmCardReader ( UnsignedFile.Multi.Generic ) - skipped by user
17:11:17.0215 4288 BrcmCardReader ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:11:17.0215 4288 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:11:17.0215 4288 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:11:17.0215 4288 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:11:17.0215 4288 MEMSWEEP2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:11:17.0215 4288 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:11:17.0215 4288 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:11:17.0215 4288 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:11:17.0215 4288 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von Tandem (09.04.2014 um 00:54 Uhr) |
|
09.04.2014, 15:18
| #12 |
| /// the machine /// TB-Ausbilder | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! Das Problem das ich habe ist eben, dass Du Vermutungen anstellst aufgrund von einem Schluckauf einer Software, die mit PDF rumzickt. Dann ein paar Scans gemacht, irgendwelche Fehlalarme als Funde, und dann fühlst du dich gleich in der Panik bestätigt. Deswegen die explizite Frage, ob Du dabei warst, vor dem Rechner sitzend, als jemand das Ding ferngesteuert hat. Das meine ich. Ist das ein Arbeitsrechner, sprich diese bestimmten Personen sitzen vielleicht im gleichen Gebäude, gleiches Netzwerk? Die emsi.zip bitte bei www.virustotal.com scannen lassen, mir mitteilen wieviele der 50 Scanner angeschlagen haben. Bis jetzt sind alle Logs sauber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.04.2014, 03:21
| #13 |
| | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! Es war wie oben beschrieben und für mich war es kein Schluckauf einer Software. Ich arbeite schon einige Jahre mit der Software und das war ungewöhnlich. Es ist ein einfaches Netbook das ich privat und beruflich nutze. Daher ja, es sind die gleichen Gebäude. Ich selbst habe das Netbook nicht mit anderen Netzwerken, WLANs verbunden. Ich habe es nur mit meinen privaten Internetzugang genutzt. Keiner der Scanner hat etwas gefunden. |
|
10.04.2014, 20:40
| #14 | |||
| /// the machine /// TB-Ausbilder | Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor!Zitat:
Zitat:
Zitat:
Gleiches Büro, eventuell dadruch (logischerweise) gleiches Netz. Dann wäre sowas wie Du denkst ja schon möglich. Ganz ohne "Malware".
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win8.1x64 UEFI SecureBoot infiziert mit Gen:Trojan.Heur.Fu.ku0 und Gen:Variant.Graftor.6958 . Suche Backdoor! |
| 4d36e972-e325-11ce-bfc1-08002be10318, antivirus, ausspioniert, avira, backdoor, browser, classpnp.sys, computer, flash player, frage, gen:trojan.heur.fu.ku0, gen:variant.graftor.6958, google, hal.dll, heuristics, homepage, installation, kaspersky, launch, live cd, log file, minidump, mozilla, officejet, popup, programm, prozess, realtek, registry, security, server, stick, svchost.exe, trojaner, uefi-secureboot, usb, win8.1x64 |
