Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI virus infected computer


  • This topic is locked This topic is locked
43 replies to this topic

#1 carisil94

carisil94

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 15 November 2012 - 06:28 PM

Hi

I just got hit with the FBI moneypak virus and I have tried several times with Malwarebytes to get rid of it, but it comes back everytime. Help please?

Thanks in advanced!

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 15 November 2012 - 11:23 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Please take note:

  • If you have since resolved the original problem you were having, we would appreciate you letting us know.
  • If you are unable to create a log because your computer cannot start up successfully please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • If you are unable to perform the steps we have recommended please try one more time and if unsuccessful alert us of such and we will design an alternate means of obtaining the necessary information.
  • If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • Upon completing the steps below another staff member will review your topic an do their best to resolve your issues.
  • If you have already posted a DDS log, please do so again, as your situation may have changed.
  • Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


We also need a new log from the GMER anti-rootkit Scanner.

Please note that if you are running a 64-bit version of Windows you will not be able to run GMER and you may skip this step. Then proceed to run aswMbr.exe as noted below.

Please first disable any CD emulation programs using the steps found in this topic:

Why we request you disable CD Emulation when receiving Malware Removal Advice

Then create another GMER log and post it as an attachment to the reply where you post your new DDS log. Instructions on how to properly create a GMER log can be found here:

How to create a GMER log


Note:
If you are unable to run a Gmer scan due the fact you are running a 64bit machine please run the following tool and post its log.

Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.



Thanks and again sorry for the delay.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 16 November 2012 - 01:51 PM

No worries! I'm away from the infected computer right now so I'll post the results when I get a chance.

But here's a hopefully more clear description of what's going on;

I got hit with a virus that locks me from my computer when I try to click on internet explorer. When I click on IE, a "notice" from the "FBI" pops up and tells me that if I don't pay a certain amount within a couple of days I'll be arrested or some sort of action. I can't get rid of the notice once it pops up on my screen and therefore I am forced to shut down my computer and start over. I already know this is a virus, and I've already downloaded Malawarebytes to try and get rid of the virus. Malawarebytes does catch it and delete it, but the virus is still rooted in the computer somewhere since it keeps coming back.

Does that make the issue more clear?

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 16 November 2012 - 09:55 PM

Does that make the issue more clear?


This is a common virus now we just need the logs and maybe more to see exactly where it is loading from.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 18 November 2012 - 01:46 AM

I forgot to mention this before but I can turn the computer onto the Safe Mode with Networking option.

DDS report:

DDS (Ver_2012-11-07.01) - NTFS_x86 NETWORK
Internet Explorer: 7.0.6000.17037
Run by Steven Lumapas at 0:35:50 on 2012-11-18
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.2038.1637 [GMT -6:00]
.
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
uWindows: Load = c:\users\steven~1\locals~1\temp\msoawl.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn3\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Yahooo Search Protection: {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\yahoo!\search protection\ysp.dll
BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: @c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\6.3.2291.0\npwinext.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [YSearchProtection] c:\program files\yahoo!\search protection\YspService.exe
uRun: [Download] "c:\users\steven lumapas\appdata\local\supportsoft\ddoctorv2\steven lumapas\SSGet.exe" 120 "http://pcmctbc.cmc.motive.com/motivedocs/EasySolveInstaller.exe" "EasySolveInstaller.exe"
uRun: [ODBC] c:\users\steven lumapas\appdata\roaming\9bc7e3\9BC7E3.exe
uRun: [SCardDlg] c:\users\steven lumapas\appdata\local\microsoft\windows\3593\SCardDlg.exe
uRun: [Ufiworusu] "c:\users\steven lumapas\appdata\roaming\xeny\ysykd.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [TPwrMain] c:\program files\toshiba\power saver\TPwrMain.EXE
mRun: [SmoothView] c:\program files\toshiba\smoothview\SmoothView.exe
mRun: [00TCrdMain] c:\program files\toshiba\flashcards\TCrdMain.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ddoctorv2] "c:\program files\comcast\desktop doctor\bin\sprtcmd.exe" /P ddoctorv2
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
StartupFolder: c:\users\steven~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\pictur~1.lnk - c:\program files\sony\sony picture utility\volumewatcher\SPUVolumeWatcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - c:\program files\yahoo!\search protection\ysp.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{8A82B2E0-7A25-42E4-A58D-9913E9055F29} : DHCPNameServer = 192.168.1.254
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2007-11-12 7168]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2007-12-11 289792]
S2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-11-13 399432]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-11-13 676936]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-11-13 22856]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
.
=============== Created Last 30 ================
.
2012-11-15 22:36:36 -------- d-----w- c:\windows\ERUNT
2012-11-15 22:36:33 -------- d-----w- C:\JRT
2012-11-15 22:31:20 -------- d-----w- C:\d069c130452a844e03
2012-11-14 21:36:32 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Zaidy
2012-11-14 21:36:32 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Xeny
2012-11-14 21:36:32 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Obpu
2012-11-14 21:36:26 -------- d-----w- c:\users\steven lumapas\appdata\roaming\hellomoto
2012-11-13 20:32:22 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Malwarebytes
2012-11-13 20:32:13 -------- d-----w- c:\programdata\Malwarebytes
2012-11-13 20:32:12 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 20:32:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-13 19:54:28 -------- d-----w- c:\program files\Enigma Software Group
2012-11-13 19:53:41 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2012-11-13 19:53:35 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2012-11-13 19:21:49 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Ehtei
2012-11-13 19:21:49 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Baecyh
2012-11-13 19:21:49 -------- d-----w- c:\users\steven lumapas\appdata\roaming\Aceb
2012-11-13 07:51:27 6918632 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c350b180-8a6f-4f69-ab1d-1409ed633b2f}\mpengine.dll
.
==================== Find3M ====================
.
.
============= FINISH: 0:37:40.49 ===============





aswMBR report:
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-18 00:44:04
-----------------------------
00:44:04.600 OS Version: Windows 6.0.6000
00:44:04.600 Number of processors: 2 586 0xF0D
00:44:04.616 ComputerName: STEVENLUMAPA-PC UserName: Steven Lumapas
00:44:05.880 Initialize success
00:44:16.332 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
00:44:16.332 Disk 0 Vendor: Hitachi_HTS542512K9SA00 BB2OC33P Size: 114473MB BusType: 3
00:44:16.347 Disk 0 MBR read successfully
00:44:16.347 Disk 0 MBR scan
00:44:16.363 Disk 0 Windows VISTA default MBR code
00:44:16.363 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
00:44:16.394 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 112969 MB offset 3074048
00:44:16.410 Disk 0 scanning sectors +234434560
00:44:16.472 Disk 0 scanning C:\Windows\system32\drivers
00:44:23.211 Service scanning
00:44:40.512 Modules scanning
00:44:44.084 Disk 0 trace - called modules:
00:44:44.115 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll PCIIDEX.SYS msahci.sys
00:44:44.115 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x848f0030]
00:44:44.146 3 ntkrnlpa.exe[81cb07e2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x84881bb0]
00:44:44.146 Scan finished successfully
00:45:05.409 Disk 0 MBR has been saved successfully to "C:\Users\Steven Lumapas\Desktop\MBR.dat"
00:45:05.706 The log file has been saved successfully to "C:\Users\Steven Lumapas\Desktop\aswMBR.txt"

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 18 November 2012 - 11:38 AM

Hello,

Please run the following tolls and post their logs.

1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply:;
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 18 November 2012 - 01:33 PM

TDSSKiller log:
12:13:06.0612 1060 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:13:07.0096 1060 ============================================================
12:13:07.0096 1060 Current date / time: 2012/11/18 12:13:07.0096
12:13:07.0096 1060 SystemInfo:
12:13:07.0096 1060
12:13:07.0096 1060 OS Version: 6.0.6000 ServicePack: 0.0
12:13:07.0096 1060 Product type: Workstation
12:13:07.0096 1060 ComputerName: STEVENLUMAPA-PC
12:13:07.0096 1060 UserName: Steven Lumapas
12:13:07.0096 1060 Windows directory: C:\Windows
12:13:07.0096 1060 System windows directory: C:\Windows
12:13:07.0096 1060 Processor architecture: Intel x86
12:13:07.0096 1060 Number of processors: 2
12:13:07.0096 1060 Page size: 0x1000
12:13:07.0096 1060 Boot type: Safe boot with network
12:13:07.0096 1060 ============================================================
12:13:08.0266 1060 BG loaded
12:13:08.0687 1060 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:13:08.0687 1060 ============================================================
12:13:08.0687 1060 \Device\Harddisk0\DR0:
12:13:08.0687 1060 MBR partitions:
12:13:08.0687 1060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xDCA4800
12:13:08.0687 1060 ============================================================
12:13:08.0702 1060 C: <-> \Device\Harddisk0\DR0\Partition1
12:13:08.0702 1060 ============================================================
12:13:08.0702 1060 Initialize success
12:13:08.0702 1060 ============================================================
12:14:25.0111 0632 ============================================================
12:14:25.0111 0632 Scan started
12:14:25.0111 0632 Mode: Manual; SigCheck; TDLFS;
12:14:25.0111 0632 ============================================================
12:14:26.0000 0632 ================ Scan system memory ========================
12:14:26.0000 0632 System memory - ok
12:14:26.0000 0632 ================ Scan services =============================
12:14:26.0156 0632 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
12:14:26.0281 0632 ACPI - ok
12:14:26.0312 0632 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:14:26.0375 0632 adp94xx - ok
12:14:26.0422 0632 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:14:26.0437 0632 adpahci - ok
12:14:26.0468 0632 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
12:14:26.0484 0632 adpu160m - ok
12:14:26.0531 0632 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:14:26.0531 0632 adpu320 - ok
12:14:26.0609 0632 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:14:26.0749 0632 AeLookupSvc - ok
12:14:26.0780 0632 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
12:14:26.0983 0632 AFD - ok
12:14:27.0014 0632 [ 39E435C90C9C4F780FA0ED05CA3C3A1B ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
12:14:27.0061 0632 AgereModemAudio - ok
12:14:27.0108 0632 [ CE91B158FA490CF4C4D487A4130F4660 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
12:14:27.0202 0632 AgereSoftModem - ok
12:14:27.0233 0632 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:14:27.0248 0632 agp440 - ok
12:14:27.0311 0632 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
12:14:27.0311 0632 aic78xx - ok
12:14:27.0342 0632 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
12:14:27.0420 0632 ALG - ok
12:14:27.0436 0632 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
12:14:27.0451 0632 aliide - ok
12:14:27.0482 0632 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:14:27.0498 0632 amdagp - ok
12:14:27.0514 0632 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
12:14:27.0529 0632 amdide - ok
12:14:27.0545 0632 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
12:14:27.0607 0632 AmdK7 - ok
12:14:27.0638 0632 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:14:27.0716 0632 AmdK8 - ok
12:14:27.0763 0632 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
12:14:27.0841 0632 Appinfo - ok
12:14:27.0935 0632 [ 1961CB10BB48EB4D97E37DB6373E9E63 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
12:14:27.0966 0632 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
12:14:27.0966 0632 Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
12:14:28.0013 0632 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
12:14:28.0028 0632 arc - ok
12:14:28.0075 0632 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:14:28.0091 0632 arcsas - ok
12:14:28.0122 0632 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:14:28.0184 0632 AsyncMac - ok
12:14:28.0231 0632 [ B35CFCEF838382AB6490B321C87EDF17 ] atapi C:\Windows\system32\drivers\atapi.sys
12:14:28.0247 0632 atapi - ok
12:14:28.0294 0632 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:14:28.0372 0632 AudioEndpointBuilder - ok
12:14:28.0387 0632 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:14:28.0434 0632 Audiosrv - ok
12:14:28.0481 0632 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
12:14:28.0543 0632 Beep - ok
12:14:28.0621 0632 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
12:14:28.0746 0632 BITS - ok
12:14:28.0762 0632 blbdrive - ok
12:14:28.0793 0632 [ CFD4C3352E29A8B729536648466E8DF5 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:14:28.0840 0632 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
12:14:28.0840 0632 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
12:14:28.0855 0632 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:14:28.0933 0632 bowser - ok
12:14:28.0980 0632 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
12:14:29.0027 0632 BrFiltLo - ok
12:14:29.0042 0632 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
12:14:29.0074 0632 BrFiltUp - ok
12:14:29.0105 0632 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
12:14:29.0183 0632 Browser - ok
12:14:29.0214 0632 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
12:14:29.0276 0632 Brserid - ok
12:14:29.0323 0632 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
12:14:29.0370 0632 BrSerWdm - ok
12:14:29.0401 0632 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
12:14:29.0479 0632 BrUsbMdm - ok
12:14:29.0495 0632 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
12:14:29.0542 0632 BrUsbSer - ok
12:14:29.0573 0632 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:14:29.0620 0632 BTHMODEM - ok
12:14:29.0666 0632 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:14:29.0744 0632 cdfs - ok
12:14:29.0760 0632 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:14:29.0822 0632 cdrom - ok
12:14:29.0885 0632 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
12:14:29.0932 0632 CertPropSvc - ok
12:14:29.0978 0632 [ C82162949BBA6CC5D006C7BD008F3CF1 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
12:14:30.0010 0632 CFSvcs ( UnsignedFile.Multi.Generic ) - warning
12:14:30.0010 0632 CFSvcs - detected UnsignedFile.Multi.Generic (1)
12:14:30.0056 0632 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
12:14:30.0119 0632 circlass - ok
12:14:30.0181 0632 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
12:14:30.0197 0632 CLFS - ok
12:14:30.0275 0632 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:14:30.0290 0632 clr_optimization_v2.0.50727_32 - ok
12:14:30.0337 0632 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:14:30.0400 0632 CmBatt - ok
12:14:30.0431 0632 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:14:30.0446 0632 cmdide - ok
12:14:30.0478 0632 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:14:30.0493 0632 Compbatt - ok
12:14:30.0493 0632 COMSysApp - ok
12:14:30.0509 0632 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:14:30.0509 0632 crcdisk - ok
12:14:30.0540 0632 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
12:14:30.0602 0632 Crusoe - ok
12:14:30.0649 0632 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:14:30.0743 0632 CryptSvc - ok
12:14:30.0790 0632 CWMonitor - ok
12:14:30.0836 0632 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
12:14:30.0914 0632 DcomLaunch - ok
12:14:30.0914 0632 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:14:30.0992 0632 DfsC - ok
12:14:31.0117 0632 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
12:14:31.0289 0632 DFSR - ok
12:14:31.0351 0632 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
12:14:31.0429 0632 Dhcp - ok
12:14:31.0460 0632 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
12:14:31.0460 0632 disk - ok
12:14:31.0507 0632 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:14:31.0554 0632 Dnscache - ok
12:14:31.0585 0632 [ 1F795D214820E496BF1124434A6DB546 ] dot3svc C:\Windows\System32\dot3svc.dll
12:14:31.0663 0632 dot3svc - ok
12:14:31.0694 0632 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
12:14:31.0710 0632 DPS - ok
12:14:31.0741 0632 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:14:31.0819 0632 drmkaud - ok
12:14:31.0866 0632 [ 334988883DE69ADB27E2CF9F9715BBDB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:14:31.0913 0632 DXGKrnl - ok
12:14:31.0960 0632 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
12:14:32.0038 0632 E1G60 - ok
12:14:32.0084 0632 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
12:14:32.0162 0632 EapHost - ok
12:14:32.0194 0632 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
12:14:32.0209 0632 Ecache - ok
12:14:32.0272 0632 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:14:32.0287 0632 elxstor - ok
12:14:32.0350 0632 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
12:14:32.0428 0632 EMDMgmt - ok
12:14:32.0506 0632 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
12:14:32.0568 0632 EventSystem - ok
12:14:32.0599 0632 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:14:32.0646 0632 fastfat - ok
12:14:32.0693 0632 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:14:32.0771 0632 fdc - ok
12:14:32.0786 0632 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
12:14:32.0864 0632 fdPHost - ok
12:14:32.0880 0632 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
12:14:32.0942 0632 FDResPub - ok
12:14:32.0974 0632 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:14:32.0989 0632 FileInfo - ok
12:14:33.0005 0632 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:14:33.0067 0632 Filetrace - ok
12:14:33.0098 0632 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:14:33.0176 0632 flpydisk - ok
12:14:33.0223 0632 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:14:33.0223 0632 FltMgr - ok
12:14:33.0286 0632 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:14:33.0301 0632 FontCache3.0.0.0 - ok
12:14:33.0301 0632 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:14:33.0348 0632 Fs_Rec - ok
12:14:33.0379 0632 [ CBC22823628544735625B280665E434E ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
12:14:33.0410 0632 FwLnk - ok
12:14:33.0442 0632 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:14:33.0442 0632 gagp30kx - ok
12:14:33.0488 0632 [ 5DC17164F66380CBFEFD895C18467773 ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:14:33.0535 0632 GEARAspiWDM - ok
12:14:33.0582 0632 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
12:14:33.0738 0632 gpsvc - ok
12:14:33.0800 0632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:33.0816 0632 gupdate - ok
12:14:33.0863 0632 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:14:33.0878 0632 gupdatem - ok
12:14:33.0941 0632 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
12:14:33.0941 0632 gusvc - ok
12:14:34.0003 0632 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:14:34.0081 0632 HdAudAddService - ok
12:14:34.0112 0632 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:14:34.0159 0632 HDAudBus - ok
12:14:34.0175 0632 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:14:34.0237 0632 HidBth - ok
12:14:34.0268 0632 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
12:14:34.0331 0632 HidIr - ok
12:14:34.0393 0632 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\system32\hidserv.dll
12:14:34.0471 0632 hidserv - ok
12:14:34.0502 0632 [ 01E7971E9F4BD6AC6A08DB52D0EA0418 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:14:34.0534 0632 HidUsb - ok
12:14:34.0565 0632 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
12:14:34.0643 0632 hkmsvc - ok
12:14:34.0674 0632 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
12:14:34.0690 0632 HpCISSs - ok
12:14:34.0736 0632 [ 3C3CBA3CE1A66439A960D4531A167C39 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:14:34.0846 0632 HTTP - ok
12:14:34.0892 0632 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
12:14:34.0892 0632 i2omp - ok
12:14:34.0986 0632 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:14:35.0033 0632 i8042prt - ok
12:14:35.0080 0632 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
12:14:35.0095 0632 iaStorV - ok
12:14:35.0158 0632 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:14:35.0158 0632 IDriverT ( UnsignedFile.Multi.Generic ) - warning
12:14:35.0158 0632 IDriverT - detected UnsignedFile.Multi.Generic (1)
12:14:35.0267 0632 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:14:35.0314 0632 idsvc - ok
12:14:35.0454 0632 [ 038815297078D236D8CC064C295A74C6 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
12:14:35.0594 0632 igfx - ok
12:14:35.0626 0632 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:14:35.0641 0632 iirsp - ok
12:14:35.0688 0632 [ 35662FE4D8622F667AA5A5568F7F1B40 ] IKEEXT C:\Windows\System32\ikeext.dll
12:14:35.0828 0632 IKEEXT - ok
12:14:35.0922 0632 [ B84732D9F8459ABF6323D28A3270DC19 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
12:14:36.0047 0632 IntcAzAudAddService - ok
12:14:36.0094 0632 [ 988981C840084F480BA9E3319CEBDE1B ] intelide C:\Windows\system32\drivers\intelide.sys
12:14:36.0109 0632 intelide - ok
12:14:36.0187 0632 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:14:36.0265 0632 intelppm - ok
12:14:36.0296 0632 IO_Memory - ok
12:14:36.0328 0632 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:14:36.0406 0632 IPBusEnum - ok
12:14:36.0421 0632 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:14:36.0499 0632 IpFilterDriver - ok
12:14:36.0515 0632 IpInIp - ok
12:14:36.0546 0632 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
12:14:36.0608 0632 IPMIDRV - ok
12:14:36.0640 0632 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
12:14:36.0686 0632 IPNAT - ok
12:14:36.0733 0632 [ 1CB96E83FD76EB5580451CEF29E24303 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:14:36.0764 0632 iPod Service - ok
12:14:36.0780 0632 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:14:36.0842 0632 IRENUM - ok
12:14:36.0874 0632 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:14:36.0889 0632 isapnp - ok
12:14:36.0920 0632 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
12:14:36.0920 0632 iScsiPrt - ok
12:14:36.0952 0632 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
12:14:36.0967 0632 iteatapi - ok
12:14:36.0998 0632 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
12:14:36.0998 0632 iteraid - ok
12:14:37.0030 0632 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:14:37.0045 0632 kbdclass - ok
12:14:37.0092 0632 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:14:37.0154 0632 kbdhid - ok
12:14:37.0186 0632 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
12:14:37.0232 0632 KeyIso - ok
12:14:37.0248 0632 [ E8CA038F51F7761BD6E3A3B0B8014263 ] KR10I C:\Windows\system32\drivers\kr10i.sys
12:14:37.0326 0632 KR10I - ok
12:14:37.0373 0632 [ 6A4ADB9186DD0E114E623DAF57E42B31 ] KR10N C:\Windows\system32\drivers\kr10n.sys
12:14:37.0404 0632 KR10N - ok
12:14:37.0435 0632 [ 485E005CD51FF502FB16483EB4B69C17 ] KR3NPXP C:\Windows\system32\drivers\kr3npxp.sys
12:14:37.0482 0632 KR3NPXP ( UnsignedFile.Multi.Generic ) - warning
12:14:37.0482 0632 KR3NPXP - detected UnsignedFile.Multi.Generic (1)
12:14:37.0513 0632 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:14:37.0576 0632 KSecDD - ok
12:14:37.0622 0632 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
12:14:37.0700 0632 KtmRm - ok
12:14:37.0747 0632 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\system32\srvsvc.dll
12:14:37.0825 0632 LanmanServer - ok
12:14:37.0872 0632 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:14:37.0903 0632 LanmanWorkstation - ok
12:14:37.0934 0632 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:14:38.0012 0632 lltdio - ok
12:14:38.0044 0632 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:14:38.0122 0632 lltdsvc - ok
12:14:38.0153 0632 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:14:38.0215 0632 lmhosts - ok
12:14:38.0246 0632 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:14:38.0262 0632 LSI_FC - ok
12:14:38.0293 0632 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:14:38.0309 0632 LSI_SAS - ok
12:14:38.0340 0632 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:14:38.0340 0632 LSI_SCSI - ok
12:14:38.0371 0632 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
12:14:38.0418 0632 luafv - ok
12:14:38.0465 0632 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:14:38.0480 0632 MBAMProtector - ok
12:14:38.0527 0632 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:14:38.0590 0632 MBAMScheduler - ok
12:14:38.0636 0632 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:14:38.0699 0632 MBAMService - ok
12:14:38.0792 0632 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
12:14:38.0824 0632 McComponentHostService - ok
12:14:38.0948 0632 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
12:14:38.0980 0632 MDM - ok
12:14:39.0026 0632 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
12:14:39.0042 0632 megasas - ok
12:14:39.0073 0632 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
12:14:39.0136 0632 MMCSS - ok
12:14:39.0167 0632 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
12:14:39.0214 0632 Modem - ok
12:14:39.0260 0632 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:14:39.0307 0632 monitor - ok
12:14:39.0323 0632 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:14:39.0338 0632 mouclass - ok
12:14:39.0370 0632 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:14:39.0401 0632 mouhid - ok
12:14:39.0432 0632 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
12:14:39.0448 0632 MountMgr - ok
12:14:39.0479 0632 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
12:14:39.0479 0632 mpio - ok
12:14:39.0510 0632 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:14:39.0572 0632 mpsdrv - ok
12:14:39.0588 0632 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
12:14:39.0604 0632 Mraid35x - ok
12:14:39.0635 0632 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:14:39.0666 0632 MRxDAV - ok
12:14:39.0713 0632 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:14:39.0760 0632 mrxsmb - ok
12:14:39.0775 0632 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:14:39.0806 0632 mrxsmb10 - ok
12:14:39.0838 0632 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:14:39.0853 0632 mrxsmb20 - ok
12:14:39.0900 0632 [ B2EFB263600314BABCF9DADB1CBBA994 ] msahci C:\Windows\system32\drivers\msahci.sys
12:14:39.0900 0632 msahci - ok
12:14:39.0947 0632 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:14:39.0947 0632 msdsm - ok
12:14:39.0978 0632 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
12:14:39.0994 0632 MSDTC - ok
12:14:40.0025 0632 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:14:40.0087 0632 Msfs - ok
12:14:40.0103 0632 [ 5F454A16A5146CD91A176D70F0CFA3EC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:14:40.0118 0632 msisadrv - ok
12:14:40.0150 0632 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:14:40.0212 0632 MSiSCSI - ok
12:14:40.0212 0632 msiserver - ok
12:14:40.0259 0632 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:14:40.0321 0632 MSKSSRV - ok
12:14:40.0352 0632 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:14:40.0415 0632 MSPCLOCK - ok
12:14:40.0462 0632 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:14:40.0524 0632 MSPQM - ok
12:14:40.0540 0632 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:14:40.0555 0632 MsRPC - ok
12:14:40.0571 0632 [ 4385C80EDE885E25492D408CAD91BD6F ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:14:40.0586 0632 mssmbios - ok
12:14:40.0602 0632 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:14:40.0664 0632 MSTEE - ok
12:14:40.0696 0632 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
12:14:40.0711 0632 Mup - ok
12:14:40.0742 0632 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
12:14:40.0805 0632 napagent - ok
12:14:40.0852 0632 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:14:40.0898 0632 NativeWifiP - ok
12:14:40.0930 0632 [ FFFE00134C554E113EE186EEDDB0FF30 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:14:40.0992 0632 NDIS - ok
12:14:41.0039 0632 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:14:41.0086 0632 NdisTapi - ok
12:14:41.0132 0632 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:14:41.0195 0632 Ndisuio - ok
12:14:41.0210 0632 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:14:41.0273 0632 NdisWan - ok
12:14:41.0288 0632 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:14:41.0304 0632 NDProxy - ok
12:14:41.0335 0632 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:14:41.0413 0632 NetBIOS - ok
12:14:41.0444 0632 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
12:14:41.0522 0632 netbt - ok
12:14:41.0538 0632 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
12:14:41.0554 0632 Netlogon - ok
12:14:41.0585 0632 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
12:14:41.0632 0632 Netman - ok
12:14:41.0663 0632 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
12:14:41.0725 0632 netprofm - ok
12:14:41.0772 0632 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:14:41.0772 0632 NetTcpPortSharing - ok
12:14:41.0803 0632 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:14:41.0819 0632 nfrd960 - ok
12:14:41.0850 0632 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
12:14:41.0897 0632 NlaSvc - ok
12:14:41.0928 0632 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:14:41.0990 0632 Npfs - ok
12:14:42.0022 0632 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
12:14:42.0084 0632 nsi - ok
12:14:42.0115 0632 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:14:42.0193 0632 nsiproxy - ok
12:14:42.0256 0632 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:14:42.0302 0632 Ntfs - ok
12:14:42.0365 0632 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
12:14:42.0443 0632 ntrigdigi - ok
12:14:42.0458 0632 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
12:14:42.0536 0632 Null - ok
12:14:42.0552 0632 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:14:42.0568 0632 nvraid - ok
12:14:42.0599 0632 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:14:42.0614 0632 nvstor - ok
12:14:42.0646 0632 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:14:42.0646 0632 nv_agp - ok
12:14:42.0661 0632 NwlnkFlt - ok
12:14:42.0661 0632 NwlnkFwd - ok
12:14:42.0739 0632 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:14:42.0770 0632 odserv - ok
12:14:42.0817 0632 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
12:14:42.0880 0632 ohci1394 - ok
12:14:42.0926 0632 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:14:42.0942 0632 ose - ok
12:14:42.0989 0632 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
12:14:43.0067 0632 p2pimsvc - ok
12:14:43.0082 0632 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
12:14:43.0114 0632 p2psvc - ok
12:14:43.0160 0632 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
12:14:43.0238 0632 Parport - ok
12:14:43.0270 0632 [ 555A5B2C8022983BC7467BC925B222EE ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:14:43.0285 0632 partmgr - ok
12:14:43.0301 0632 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
12:14:43.0363 0632 Parvdm - ok
12:14:43.0394 0632 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:14:43.0426 0632 PcaSvc - ok
12:14:43.0457 0632 [ 1085D75657807E0E8B32F9E19A1647C3 ] pci C:\Windows\system32\drivers\pci.sys
12:14:43.0472 0632 pci - ok
12:14:43.0504 0632 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
12:14:43.0519 0632 pciide - ok
12:14:43.0535 0632 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:14:43.0535 0632 pcmcia - ok
12:14:43.0597 0632 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:14:43.0753 0632 PEAUTH - ok
12:14:43.0894 0632 [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1 ] pinger C:\TOSHIBA\IVP\ISM\pinger.exe
12:14:43.0940 0632 pinger - ok
12:14:44.0003 0632 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
12:14:44.0112 0632 pla - ok
12:14:44.0174 0632 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:14:44.0221 0632 PlugPlay - ok
12:14:44.0252 0632 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
12:14:44.0315 0632 PNRPAutoReg - ok
12:14:44.0330 0632 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
12:14:44.0424 0632 PNRPsvc - ok
12:14:44.0486 0632 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:14:44.0611 0632 PolicyAgent - ok
12:14:44.0689 0632 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:14:44.0736 0632 PptpMiniport - ok
12:14:44.0783 0632 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
12:14:44.0845 0632 Processor - ok
12:14:44.0892 0632 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
12:14:44.0970 0632 ProfSvc - ok
12:14:45.0001 0632 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:14:45.0017 0632 ProtectedStorage - ok
12:14:45.0032 0632 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
12:14:45.0064 0632 PSched - ok
12:14:45.0110 0632 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
12:14:45.0110 0632 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
12:14:45.0110 0632 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
12:14:45.0188 0632 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:14:45.0235 0632 ql2300 - ok
12:14:45.0282 0632 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:14:45.0298 0632 ql40xx - ok
12:14:45.0344 0632 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
12:14:45.0360 0632 QWAVE - ok
12:14:45.0391 0632 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:14:45.0438 0632 QWAVEdrv - ok
12:14:45.0454 0632 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:14:45.0516 0632 RasAcd - ok
12:14:45.0547 0632 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
12:14:45.0625 0632 RasAuto - ok
12:14:45.0672 0632 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:14:45.0688 0632 Rasl2tp - ok
12:14:45.0703 0632 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
12:14:45.0766 0632 RasMan - ok
12:14:45.0781 0632 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:14:45.0828 0632 RasPppoe - ok
12:14:45.0844 0632 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:14:45.0906 0632 rdbss - ok
12:14:45.0906 0632 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:14:45.0968 0632 RDPCDD - ok
12:14:46.0000 0632 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
12:14:46.0062 0632 rdpdr - ok
12:14:46.0078 0632 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:14:46.0140 0632 RDPENCDD - ok
12:14:46.0171 0632 [ 8830E790A74A96605FABA74F9665BB3C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:14:46.0249 0632 RDPWD - ok
12:14:46.0280 0632 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
12:14:46.0343 0632 RemoteAccess - ok
12:14:46.0390 0632 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:14:46.0452 0632 RemoteRegistry - ok
12:14:46.0468 0632 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
12:14:46.0483 0632 RpcLocator - ok
12:14:46.0514 0632 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
12:14:46.0546 0632 RpcSs - ok
12:14:46.0592 0632 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:14:46.0639 0632 rspndr - ok
12:14:46.0717 0632 [ 6DD5492E16DEF68C87CCB727AA018382 ] RTL8187B C:\Windows\system32\DRIVERS\RTL8187B.sys
12:14:46.0764 0632 RTL8187B - ok
12:14:46.0780 0632 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
12:14:46.0795 0632 SamSs - ok
12:14:46.0826 0632 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:14:46.0858 0632 sbp2port - ok
12:14:46.0889 0632 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:14:46.0951 0632 SCardSvr - ok
12:14:47.0014 0632 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
12:14:47.0045 0632 Schedule - ok
12:14:47.0060 0632 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:14:47.0107 0632 SCPolicySvc - ok
12:14:47.0154 0632 [ BCCA63A3D143938273A3158757389DC7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
12:14:47.0185 0632 sdbus - ok
12:14:47.0201 0632 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:14:47.0232 0632 SDRSVC - ok
12:14:47.0310 0632 [ 331E7BDE228914574FC9AE6CD520DAFA ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:14:47.0326 0632 SeaPort - ok
12:14:47.0341 0632 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:14:47.0419 0632 secdrv - ok
12:14:47.0466 0632 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
12:14:47.0513 0632 seclogon - ok
12:14:47.0528 0632 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
12:14:47.0606 0632 SENS - ok
12:14:47.0638 0632 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:14:47.0716 0632 Serenum - ok
12:14:47.0731 0632 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
12:14:47.0794 0632 Serial - ok
12:14:47.0825 0632 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:14:47.0840 0632 sermouse - ok
12:14:47.0887 0632 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
12:14:47.0965 0632 SessionEnv - ok
12:14:47.0996 0632 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:14:48.0059 0632 sffdisk - ok
12:14:48.0074 0632 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:14:48.0137 0632 sffp_mmc - ok
12:14:48.0152 0632 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:14:48.0199 0632 sffp_sd - ok
12:14:48.0215 0632 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:14:48.0277 0632 sfloppy - ok
12:14:48.0324 0632 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:14:48.0340 0632 ShellHWDetection - ok
12:14:48.0355 0632 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:14:48.0371 0632 sisagp - ok
12:14:48.0386 0632 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
12:14:48.0418 0632 SiSRaid2 - ok
12:14:48.0464 0632 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:14:48.0480 0632 SiSRaid4 - ok
12:14:48.0574 0632 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
12:14:48.0698 0632 slsvc - ok
12:14:48.0730 0632 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
12:14:48.0761 0632 SLUINotify - ok
12:14:48.0792 0632 [ AC0D90738ADB51A6FD12FF00874A2162 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:14:48.0854 0632 Smb - ok
12:14:48.0870 0632 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:14:48.0886 0632 SNMPTRAP - ok
12:14:48.0901 0632 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
12:14:48.0901 0632 spldr - ok
12:14:48.0932 0632 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
12:14:48.0979 0632 Spooler - ok
12:14:49.0057 0632 [ C3716EC0D36AD924B6888D794563E647 ] sprtsvc_ddoctorv2 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
12:14:49.0073 0632 sprtsvc_ddoctorv2 - ok
12:14:49.0104 0632 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
12:14:49.0151 0632 srv - ok
12:14:49.0166 0632 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:14:49.0198 0632 srv2 - ok
12:14:49.0229 0632 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:14:49.0276 0632 srvnet - ok
12:14:49.0307 0632 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:14:49.0369 0632 SSDPSRV - ok
12:14:49.0416 0632 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
12:14:49.0463 0632 stisvc - ok
12:14:49.0494 0632 SVRPEDRV - ok
12:14:49.0510 0632 [ 1379BDB336F8158C176A465E30759F57 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:14:49.0525 0632 swenum - ok
12:14:49.0556 0632 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
12:14:49.0634 0632 swprv - ok
12:14:49.0666 0632 [ E1292C1ED4DEB17B8A9B586D22CB2061 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
12:14:49.0681 0632 Swupdtmr - ok
12:14:49.0697 0632 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
12:14:49.0712 0632 Symc8xx - ok
12:14:49.0728 0632 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
12:14:49.0759 0632 Sym_hi - ok
12:14:49.0775 0632 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
12:14:49.0775 0632 Sym_u3 - ok
12:14:49.0837 0632 [ 6502B82F306A8EE1C7BC098B0BB772C5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:14:49.0853 0632 SynTP - ok
12:14:49.0884 0632 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] SysMain C:\Windows\system32\sysmain.dll
12:14:49.0962 0632 SysMain - ok
12:14:50.0009 0632 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:14:50.0040 0632 TabletInputService - ok
12:14:50.0056 0632 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:14:50.0118 0632 TapiSrv - ok
12:14:50.0134 0632 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
12:14:50.0212 0632 TBS - ok
12:14:50.0258 0632 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:14:50.0336 0632 Tcpip - ok
12:14:50.0368 0632 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
12:14:50.0399 0632 Tcpip6 - ok
12:14:50.0414 0632 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:14:50.0492 0632 tcpipreg - ok
12:14:50.0524 0632 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:14:50.0570 0632 tdcmdpst - ok
12:14:50.0586 0632 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:14:50.0648 0632 TDPIPE - ok
12:14:50.0680 0632 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:14:50.0726 0632 TDTCP - ok
12:14:50.0758 0632 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:14:50.0804 0632 tdx - ok
12:14:50.0836 0632 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:14:50.0836 0632 TermDD - ok
12:14:50.0867 0632 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
12:14:50.0960 0632 TermService - ok
12:14:50.0992 0632 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
12:14:51.0007 0632 Themes - ok
12:14:51.0023 0632 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
12:14:51.0070 0632 THREADORDER - ok
12:14:51.0101 0632 [ E4C85C291DDB3DC5E4A2F227CA465BA6 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
12:14:51.0148 0632 tifm21 - ok
12:14:51.0194 0632 [ B351AA72EAE95C4447A3C5329977F064 ] TNaviSrv C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
12:14:51.0226 0632 TNaviSrv ( UnsignedFile.Multi.Generic ) - warning
12:14:51.0226 0632 TNaviSrv - detected UnsignedFile.Multi.Generic (1)
12:14:51.0272 0632 [ D540858E65BFA6FDED41AD2495ECE344 ] TODDSrv C:\Windows\system32\TODDSrv.exe
12:14:51.0288 0632 TODDSrv ( UnsignedFile.Multi.Generic ) - warning
12:14:51.0288 0632 TODDSrv - detected UnsignedFile.Multi.Generic (1)
12:14:51.0350 0632 [ 6A54C28B53C6B50D333C8EE974C6B208 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
12:14:51.0428 0632 TosCoSrv - ok
12:14:51.0538 0632 [ 87843B2DA99051BC66E2D6C211E3D6A4 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
12:14:51.0538 0632 TOSHIBA Bluetooth Service - ok
12:14:51.0600 0632 Tosrfcom - ok
12:14:51.0662 0632 [ 1EA5F27C29405BF49799FECA77186DA9 ] tos_sps32 C:\Windows\system32\DRIVERS\tos_sps32.sys
12:14:51.0709 0632 tos_sps32 - ok
12:14:51.0740 0632 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
12:14:51.0787 0632 TrkWks - ok
12:14:51.0818 0632 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:14:51.0850 0632 TrustedInstaller - ok
12:14:51.0881 0632 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:14:51.0943 0632 tssecsrv - ok
12:14:52.0006 0632 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
12:14:52.0021 0632 tunmp - ok
12:14:52.0021 0632 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:14:52.0068 0632 tunnel - ok
12:14:52.0084 0632 [ 521C5F39829875ADF5466DD94C6282C7 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:14:52.0115 0632 TVALZ - ok
12:14:52.0162 0632 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:14:52.0162 0632 uagp35 - ok
12:14:52.0193 0632 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:14:52.0255 0632 udfs - ok
12:14:52.0286 0632 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:14:52.0318 0632 UI0Detect - ok
12:14:52.0364 0632 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
12:14:52.0380 0632 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
12:14:52.0380 0632 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
12:14:52.0411 0632 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:14:52.0442 0632 uliagpkx - ok
12:14:52.0458 0632 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
12:14:52.0474 0632 uliahci - ok
12:14:52.0505 0632 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
12:14:52.0520 0632 UlSata - ok
12:14:52.0536 0632 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
12:14:52.0552 0632 ulsata2 - ok
12:14:52.0567 0632 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:14:52.0614 0632 umbus - ok
12:14:52.0661 0632 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
12:14:52.0739 0632 upnphost - ok
12:14:52.0786 0632 [ F340199E8CB097E1ACD58A967C665919 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
12:14:52.0817 0632 USBAAPL - ok
12:14:52.0864 0632 [ 51480458E6E9863F856EBF35AAE801B4 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:14:52.0879 0632 usbccgp - ok
12:14:52.0895 0632 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:14:52.0988 0632 usbcir - ok
12:14:53.0004 0632 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:14:53.0020 0632 usbehci - ok
12:14:53.0051 0632 [ 6A7858A38B5105731E219E7C6A238730 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:14:53.0082 0632 usbhub - ok
12:14:53.0098 0632 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:14:53.0160 0632 usbohci - ok
12:14:53.0176 0632 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:14:53.0254 0632 usbprint - ok
12:14:53.0300 0632 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:14:53.0363 0632 usbscan - ok
12:14:53.0410 0632 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:14:53.0425 0632 USBSTOR - ok
12:14:53.0456 0632 [ 4013315FED70A2D293B998CBBA4022EE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:14:53.0488 0632 usbuhci - ok
12:14:53.0534 0632 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
12:14:53.0597 0632 usbvideo - ok
12:14:53.0612 0632 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
12:14:53.0690 0632 UxSms - ok
12:14:53.0722 0632 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
12:14:53.0753 0632 vds - ok
12:14:53.0815 0632 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:14:53.0893 0632 vga - ok
12:14:53.0909 0632 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
12:14:53.0971 0632 VgaSave - ok
12:14:54.0002 0632 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:14:54.0018 0632 viaagp - ok
12:14:54.0034 0632 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
12:14:54.0096 0632 ViaC7 - ok
12:14:54.0127 0632 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
12:14:54.0127 0632 viaide - ok
12:14:54.0143 0632 [ 103E84C95832D0ED93507997CC7B54E8 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:14:54.0174 0632 volmgr - ok
12:14:54.0190 0632 [ 294DA8D3F965F6A8DB934A83C7B461FF ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:14:54.0221 0632 volmgrx - ok
12:14:54.0236 0632 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:14:54.0252 0632 volsnap - ok
12:14:54.0283 0632 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:14:54.0283 0632 vsmraid - ok
12:14:54.0330 0632 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
12:14:54.0377 0632 VSS - ok
12:14:54.0392 0632 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
12:14:54.0455 0632 W32Time - ok
12:14:54.0502 0632 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:14:54.0548 0632 WacomPen - ok
12:14:54.0580 0632 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
12:14:54.0580 0632 Wanarp - ok
12:14:54.0595 0632 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:14:54.0611 0632 Wanarpv6 - ok
12:14:54.0642 0632 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:14:54.0658 0632 wcncsvc - ok
12:14:54.0689 0632 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:14:54.0720 0632 WcsPlugInService - ok
12:14:54.0767 0632 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
12:14:54.0767 0632 Wd - ok
12:14:54.0814 0632 [ 7B5F66E4A2219C7D9DAF9E738480E534 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:14:54.0845 0632 Wdf01000 - ok
12:14:54.0876 0632 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:14:54.0892 0632 WdiServiceHost - ok
12:14:54.0892 0632 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:14:54.0907 0632 WdiSystemHost - ok
12:14:54.0954 0632 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
12:14:55.0001 0632 WebClient - ok
12:14:55.0016 0632 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
12:14:55.0094 0632 Wecsvc - ok
12:14:55.0126 0632 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:14:55.0204 0632 wercplsupport - ok
12:14:55.0219 0632 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
12:14:55.0297 0632 WerSvc - ok
12:14:55.0297 0632 WinHttpAutoProxySvc - ok
12:14:55.0375 0632 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:14:55.0422 0632 Winmgmt - ok
12:14:55.0453 0632 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
12:14:55.0547 0632 WinRM - ok
12:14:55.0609 0632 [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:14:55.0703 0632 Wlansvc - ok
12:14:55.0765 0632 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:14:55.0812 0632 WmiAcpi - ok
12:14:55.0843 0632 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:14:55.0859 0632 wmiApSrv - ok
12:14:55.0937 0632 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:14:56.0015 0632 WMPNetworkSvc - ok
12:14:56.0030 0632 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:14:56.0062 0632 WPCSvc - ok
12:14:56.0108 0632 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:14:56.0171 0632 WPDBusEnum - ok
12:14:56.0218 0632 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
12:14:56.0264 0632 WpdUsb - ok
12:14:56.0280 0632 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:14:56.0342 0632 ws2ifsl - ok
12:14:56.0358 0632 WSearch - ok
12:14:56.0436 0632 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
12:14:56.0514 0632 wuauserv - ok
12:14:56.0592 0632 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:14:56.0654 0632 WUDFRd - ok
12:14:56.0686 0632 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:14:56.0748 0632 wudfsvc - ok
12:14:56.0810 0632 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
12:14:56.0842 0632 YahooAUService - ok
12:14:56.0873 0632 [ 1DD951CF8A69FA2BEA82F3E3A811FA95 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
12:14:56.0904 0632 yukonwlh - ok
12:14:56.0935 0632 ================ Scan global ===============================
12:14:56.0966 0632 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
12:14:56.0998 0632 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
12:14:57.0013 0632 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
12:14:57.0044 0632 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
12:14:57.0044 0632 [Global] - ok
12:14:57.0044 0632 ================ Scan MBR ==================================
12:14:57.0060 0632 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
12:14:57.0949 0632 \Device\Harddisk0\DR0 - ok
12:14:57.0949 0632 ================ Scan VBR ==================================
12:14:57.0949 0632 [ 8CAEBB4D8115C05C72AD9744827C1AEE ] \Device\Harddisk0\DR0\Partition1
12:14:57.0965 0632 \Device\Harddisk0\DR0\Partition1 - ok
12:14:57.0965 0632 ================ Scan active images ========================
12:14:57.0980 0632 [ 3596CB9EA8A12E6E858107912973EBFB ] C:\Windows\System32\drivers\crashdmp.sys
12:14:57.0980 0632 C:\Windows\System32\drivers\crashdmp.sys - ok
12:14:57.0980 0632 [ 5D975CD05FC673794501E3CE37AEA6E0 ] C:\Windows\System32\drivers\Dumpata.sys
12:14:57.0980 0632 C:\Windows\System32\drivers\Dumpata.sys - ok
12:14:57.0996 0632 [ B2EFB263600314BABCF9DADB1CBBA994 ] C:\Windows\System32\drivers\msahci.sys
12:14:57.0996 0632 C:\Windows\System32\drivers\msahci.sys - ok
12:14:57.0996 0632 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] C:\Windows\System32\drivers\tunnel.sys
12:14:57.0996 0632 C:\Windows\System32\drivers\tunnel.sys - ok
12:14:57.0996 0632 [ 65E953BC0084D44498B51F59784D2A82 ] C:\Windows\System32\drivers\TUNMP.SYS
12:14:57.0996 0632 C:\Windows\System32\drivers\TUNMP.SYS - ok
12:14:58.0012 0632 [ CBC22823628544735625B280665E434E ] C:\Windows\System32\drivers\FwLnk.sys
12:14:58.0012 0632 C:\Windows\System32\drivers\FwLnk.sys - ok
12:14:58.0012 0632 [ 70084149CB7A072FD1D53677C91A16B8 ] C:\Windows\System32\drivers\usbport.sys
12:14:58.0012 0632 C:\Windows\System32\drivers\usbport.sys - ok
12:14:58.0043 0632 [ 4013315FED70A2D293B998CBBA4022EE ] C:\Windows\System32\drivers\usbuhci.sys
12:14:58.0043 0632 C:\Windows\System32\drivers\usbuhci.sys - ok
12:14:58.0043 0632 [ 11FA3ACBF0DE0286829C69E01FE705E4 ] C:\Windows\System32\drivers\usbehci.sys
12:14:58.0043 0632 C:\Windows\System32\drivers\usbehci.sys - ok
12:14:58.0058 0632 [ 0DB613A7E427B5663563677796FD5258 ] C:\Windows\System32\drivers\hdaudbus.sys
12:14:58.0058 0632 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:14:58.0058 0632 [ 1DD951CF8A69FA2BEA82F3E3A811FA95 ] C:\Windows\System32\drivers\yk60x86.sys
12:14:58.0058 0632 C:\Windows\System32\drivers\yk60x86.sys - ok
12:14:58.0074 0632 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] C:\Windows\System32\drivers\i8042prt.sys
12:14:58.0074 0632 C:\Windows\System32\drivers\i8042prt.sys - ok
12:14:58.0074 0632 [ B076B2AB806B3F696DAB21375389101C ] C:\Windows\System32\drivers\kbdclass.sys
12:14:58.0074 0632 C:\Windows\System32\drivers\kbdclass.sys - ok
12:14:58.0090 0632 [ 6502B82F306A8EE1C7BC098B0BB772C5 ] C:\Windows\System32\drivers\SynTP.sys
12:14:58.0090 0632 C:\Windows\System32\drivers\SynTP.sys - ok
12:14:58.0105 0632 [ 278F3D126C2BAFFA66DF732FC52E9B1D ] C:\Windows\System32\drivers\usbd.sys
12:14:58.0105 0632 C:\Windows\System32\drivers\usbd.sys - ok
12:14:58.0105 0632 [ 5FBA13C1A1841B0885D316ED3589489D ] C:\Windows\System32\drivers\mouclass.sys
12:14:58.0105 0632 C:\Windows\System32\drivers\mouclass.sys - ok
12:14:58.0121 0632 [ 1825BCEB47BF41C5A9F0E44DE82FC27A ] C:\Windows\System32\drivers\tdcmdpst.sys
12:14:58.0121 0632 C:\Windows\System32\drivers\tdcmdpst.sys - ok
12:14:58.0121 0632 [ 8D1866E61AF096AE8B582454F5E4D303 ] C:\Windows\System32\drivers\cdrom.sys
12:14:58.0121 0632 C:\Windows\System32\drivers\cdrom.sys - ok
12:14:58.0136 0632 [ 5DC17164F66380CBFEFD895C18467773 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
12:14:58.0136 0632 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
12:14:58.0136 0632 [ ED386E31D263448B2ED36D4839F2CA04 ] C:\Windows\System32\drivers\Storport.sys
12:14:58.0136 0632 C:\Windows\System32\drivers\Storport.sys - ok
12:14:58.0152 0632 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] C:\Windows\System32\drivers\msiscsi.sys
12:14:58.0152 0632 C:\Windows\System32\drivers\msiscsi.sys - ok
12:14:58.0168 0632 [ BBE07D2766FB165BDF1F49107DABCE85 ] C:\Windows\System32\drivers\tdi.sys
12:14:58.0168 0632 C:\Windows\System32\drivers\tdi.sys - ok
12:14:58.0168 0632 [ 68B0019FEE429EC49D29017AF937E482 ] C:\Windows\System32\drivers\rasl2tp.sys
12:14:58.0168 0632 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:14:58.0183 0632 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] C:\Windows\System32\drivers\ndistapi.sys
12:14:58.0183 0632 C:\Windows\System32\drivers\ndistapi.sys - ok
12:14:58.0199 0632 [ 397402ADCBB8946223A1950101F6CD94 ] C:\Windows\System32\drivers\ndiswan.sys
12:14:58.0199 0632 C:\Windows\System32\drivers\ndiswan.sys - ok
12:14:58.0199 0632 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] C:\Windows\System32\drivers\raspppoe.sys
12:14:58.0199 0632 C:\Windows\System32\drivers\raspppoe.sys - ok
12:14:58.0214 0632 [ C04DEC5ACE67C5247B150C4223970BB7 ] C:\Windows\System32\drivers\raspptp.sys
12:14:58.0214 0632 C:\Windows\System32\drivers\raspptp.sys - ok
12:14:58.0230 0632 [ 2C549BD9DD091FBFAA0A2A48E82EC2FB ] C:\Windows\System32\drivers\termdd.sys
12:14:58.0230 0632 C:\Windows\System32\drivers\termdd.sys - ok
12:14:58.0230 0632 [ 48314CDD79CE94B8F36BD6243323A310 ] C:\Windows\System32\drivers\ks.sys
12:14:58.0230 0632 C:\Windows\System32\drivers\ks.sys - ok
12:14:58.0246 0632 [ 1379BDB336F8158C176A465E30759F57 ] C:\Windows\System32\drivers\swenum.sys
12:14:58.0246 0632 C:\Windows\System32\drivers\swenum.sys - ok
12:14:58.0246 0632 [ 4385C80EDE885E25492D408CAD91BD6F ] C:\Windows\System32\drivers\mssmbios.sys
12:14:58.0246 0632 C:\Windows\System32\drivers\mssmbios.sys - ok
12:14:58.0261 0632 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] C:\Windows\System32\drivers\umbus.sys
12:14:58.0261 0632 C:\Windows\System32\drivers\umbus.sys - ok
12:14:58.0261 0632 [ 6A7858A38B5105731E219E7C6A238730 ] C:\Windows\System32\drivers\usbhub.sys
12:14:58.0261 0632 C:\Windows\System32\drivers\usbhub.sys - ok
12:14:58.0277 0632 [ 1B24FA907AF283199A81B3BB37E5E526 ] C:\Windows\System32\drivers\ndproxy.sys
12:14:58.0277 0632 C:\Windows\System32\drivers\ndproxy.sys - ok
12:14:58.0292 0632 [ 66A078591208BAA210C7634B11EB392C ] C:\Windows\System32\drivers\fs_rec.sys
12:14:58.0292 0632 C:\Windows\System32\drivers\fs_rec.sys - ok
12:14:58.0292 0632 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] C:\Windows\System32\drivers\beep.sys
12:14:58.0292 0632 C:\Windows\System32\drivers\beep.sys - ok
12:14:58.0308 0632 [ EC5EFB3C60F1B624648344A328BCE596 ] C:\Windows\System32\drivers\null.sys
12:14:58.0308 0632 C:\Windows\System32\drivers\null.sys - ok
12:14:58.0308 0632 [ 17A8F877314E4067F8C8172CC6D9101C ] C:\Windows\System32\drivers\vga.sys
12:14:58.0308 0632 C:\Windows\System32\drivers\vga.sys - ok
12:14:58.0324 0632 [ D1FA901E4878B7011FE8A8C2890E90C7 ] C:\Windows\System32\drivers\videoprt.sys
12:14:58.0324 0632 C:\Windows\System32\drivers\videoprt.sys - ok
12:14:58.0324 0632 [ 3A1F38A6FB749FC7A57A2826F6F8FB01 ] C:\Windows\System32\drivers\watchdog.sys
12:14:58.0324 0632 C:\Windows\System32\drivers\watchdog.sys - ok
12:14:58.0339 0632 [ 980B56E2E273E19D3A9D72D5C420F008 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:14:58.0339 0632 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:14:58.0355 0632 [ 729EAFEFD4E7417165F353A18DBE947D ] C:\Windows\System32\drivers\msfs.sys
12:14:58.0355 0632 C:\Windows\System32\drivers\msfs.sys - ok
12:14:58.0355 0632 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] C:\Windows\System32\drivers\npfs.sys
12:14:58.0355 0632 C:\Windows\System32\drivers\npfs.sys - ok
12:14:58.0370 0632 [ BD7B30F55B3649506DD8B3D38F571D2A ] C:\Windows\System32\drivers\rasacd.sys
12:14:58.0370 0632 C:\Windows\System32\drivers\rasacd.sys - ok
12:14:58.0370 0632 [ E216CF8C8605E546981098484B78D08B ] C:\Windows\System32\drivers\FWPKCLNT.SYS
12:14:58.0370 0632 C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
12:14:58.0386 0632 [ 4A82FA8F0DF67AA354580C3FAAF8BDE3 ] C:\Windows\System32\drivers\tcpip.sys
12:14:58.0386 0632 C:\Windows\System32\drivers\tcpip.sys - ok
12:14:58.0386 0632 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] C:\Windows\System32\drivers\tdx.sys
12:14:58.0386 0632 C:\Windows\System32\drivers\tdx.sys - ok
12:14:58.0417 0632 [ AC0D90738ADB51A6FD12FF00874A2162 ] C:\Windows\System32\drivers\smb.sys
12:14:58.0417 0632 C:\Windows\System32\drivers\smb.sys - ok
12:14:58.0417 0632 [ 5D24CAF8EFD924A875698FF28384DB8B ] C:\Windows\System32\drivers\afd.sys
12:14:58.0417 0632 C:\Windows\System32\drivers\afd.sys - ok
12:14:58.0433 0632 [ E3A168912E7EEFC3BD3B814720D68B41 ] C:\Windows\System32\drivers\netbt.sys
12:14:58.0433 0632 C:\Windows\System32\drivers\netbt.sys - ok
12:14:58.0433 0632 [ 2C8BAE55247C4E09352E870292E4D1AB ] C:\Windows\System32\drivers\pacer.sys
12:14:58.0433 0632 C:\Windows\System32\drivers\pacer.sys - ok
12:14:58.0448 0632 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] C:\Windows\System32\drivers\netbios.sys
12:14:58.0448 0632 C:\Windows\System32\drivers\netbios.sys - ok
12:14:58.0448 0632 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] C:\Windows\System32\drivers\rdbss.sys
12:14:58.0448 0632 C:\Windows\System32\drivers\rdbss.sys - ok
12:14:58.0464 0632 [ B488DFEC274DE1FC9D653870EF2587BE ] C:\Windows\System32\drivers\nsiproxy.sys
12:14:58.0464 0632 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:14:58.0480 0632 [ A7179DE59AE269AB70345527894CCD7C ] C:\Windows\System32\drivers\dfsc.sys
12:14:58.0480 0632 C:\Windows\System32\drivers\dfsc.sys - ok
12:14:58.0480 0632 [ 04E4C2069D7254E3FBB90D5B519AB53C ] C:\Windows\System32\ntdll.dll
12:14:58.0480 0632 C:\Windows\System32\ntdll.dll - ok
12:14:58.0495 0632 [ CAA75757BB3695478C23CB0624342A61 ] C:\Windows\System32\smss.exe
12:14:58.0495 0632 C:\Windows\System32\smss.exe - ok
12:14:58.0495 0632 [ 6DD5492E16DEF68C87CCB727AA018382 ] C:\Windows\System32\drivers\RTL8187B.sys
12:14:58.0495 0632 C:\Windows\System32\drivers\RTL8187B.sys - ok
12:14:58.0511 0632 [ C08D1FE284C3330934E45D6E5F5B768B ] C:\Windows\System32\autochk.exe
12:14:58.0511 0632 C:\Windows\System32\autochk.exe - ok
12:14:58.0511 0632 [ D99A071C1018BB3D4ABAAD4B62048AC2 ] C:\Windows\System32\ws2_32.dll
12:14:58.0511 0632 C:\Windows\System32\ws2_32.dll - ok
12:14:58.0526 0632 [ 0F340B61FA7221DDF8B8375BC0217B71 ] C:\Windows\System32\wininet.dll
12:14:58.0526 0632 C:\Windows\System32\wininet.dll - ok
12:14:58.0542 0632 [ E12CE9057795C0FD8545DB5D60D0CD42 ] C:\Windows\System32\iertutil.dll
12:14:58.0542 0632 C:\Windows\System32\iertutil.dll - ok
12:14:58.0542 0632 [ 5D53724E96F6B907355E616FFE08EB83 ] C:\Windows\System32\imagehlp.dll
12:14:58.0542 0632 C:\Windows\System32\imagehlp.dll - ok
12:14:58.0558 0632 [ 9F5D9DBBC7613712A8778385B6FB12CA ] C:\Windows\System32\rpcrt4.dll
12:14:58.0558 0632 C:\Windows\System32\rpcrt4.dll - ok
12:14:58.0558 0632 [ DF43158D5E043553CAC6BFE28F90E545 ] C:\Windows\System32\clbcatq.dll
12:14:58.0558 0632 C:\Windows\System32\clbcatq.dll - ok
12:14:58.0573 0632 [ 71A0DC633D1D76744441EFD4B7FB230F ] C:\Windows\System32\gdi32.dll
12:14:58.0573 0632 C:\Windows\System32\gdi32.dll - ok
12:14:58.0573 0632 [ 5CD3F8485A88CF0F035CFF5576D66029 ] C:\Windows\System32\nsi.dll
12:14:58.0573 0632 C:\Windows\System32\nsi.dll - ok
12:14:58.0589 0632 [ 7F3415D246E2AE6E8CFD6A561016A91F ] C:\Windows\System32\comdlg32.dll
12:14:58.0589 0632 C:\Windows\System32\comdlg32.dll - ok
12:14:58.0604 0632 [ CF1D75E7B4A7CC6D2A21FE64C9E50A12 ] C:\Windows\System32\shell32.dll
12:14:58.0604 0632 C:\Windows\System32\shell32.dll - ok
12:14:58.0604 0632 [ 438AE83490959C0F5A6BE97DAFEA68D2 ] C:\Windows\System32\shlwapi.dll
12:14:58.0604 0632 C:\Windows\System32\shlwapi.dll - ok
12:14:58.0620 0632 [ B82C7AC1D559F0FD088792171D64C7F3 ] C:\Windows\System32\kernel32.dll
12:14:58.0620 0632 C:\Windows\System32\kernel32.dll - ok
12:14:58.0620 0632 [ 456FB859236C9074ACF6C3B6243D8B46 ] C:\Windows\System32\usp10.dll
12:14:58.0620 0632 C:\Windows\System32\usp10.dll - ok
12:14:58.0636 0632 [ 75287677BB8BC9A16C32CE8A72F485A0 ] C:\Windows\System32\msvcrt.dll
12:14:58.0636 0632 C:\Windows\System32\msvcrt.dll - ok
12:14:58.0636 0632 [ 9178B1C1C55DAD01BD65A162A39AE6C3 ] C:\Windows\System32\advapi32.dll
12:14:58.0636 0632 C:\Windows\System32\advapi32.dll - ok
12:14:58.0667 0632 [ 7BE32E67440BB5B2205C5402A2FBDE25 ] C:\Windows\System32\lpk.dll
12:14:58.0667 0632 C:\Windows\System32\lpk.dll - ok
12:14:58.0667 0632 [ 7FB07AFC51D18CF2619F1FFD464495A9 ] C:\Windows\System32\urlmon.dll
12:14:58.0667 0632 C:\Windows\System32\urlmon.dll - ok
12:14:58.0682 0632 [ CCE6FB960F8985BF500CE9CB0B2EF4CF ] C:\Windows\System32\ole32.dll
12:14:58.0682 0632 C:\Windows\System32\ole32.dll - ok
12:14:58.0682 0632 [ 7924BCCE665AC92FC04CD45A46FE3E3D ] C:\Windows\System32\oleaut32.dll
12:14:58.0682 0632 C:\Windows\System32\oleaut32.dll - ok
12:14:58.0698 0632 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
12:14:58.0698 0632 C:\Windows\System32\normaliz.dll - ok
12:14:58.0698 0632 [ 3D7FE2E7923EEA92E68062BBA3377067 ] C:\Windows\System32\setupapi.dll
12:14:58.0698 0632 C:\Windows\System32\setupapi.dll - ok
12:14:58.0714 0632 [ 4306242128019B290E1FA7EB998952D7 ] C:\Windows\System32\Wldap32.dll
12:14:58.0714 0632 C:\Windows\System32\Wldap32.dll - ok
12:14:58.0729 0632 [ 63B4F59D7C89B1BF5277F1FFEFD491CD ] C:\Windows\System32\user32.dll
12:14:58.0729 0632 C:\Windows\System32\user32.dll - ok
12:14:58.0729 0632 [ F352E76E220EB21A0C29734B66048DDE ] C:\Windows\System32\msctf.dll
12:14:58.0729 0632 C:\Windows\System32\msctf.dll - ok
12:14:58.0745 0632 [ EE12864398F1C3BF5BEE91F6AF9842E1 ] C:\Windows\System32\imm32.dll
12:14:58.0745 0632 C:\Windows\System32\imm32.dll - ok
12:14:58.0745 0632 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
12:14:58.0745 0632 C:\Windows\System32\psapi.dll - ok
12:14:58.0760 0632 [ BB61FB941A382A197AC2989337BF6364 ] C:\Windows\System32\comctl32.dll
12:14:58.0760 0632 C:\Windows\System32\comctl32.dll - ok
12:14:58.0760 0632 [ A253AA14CA560A4B8BA6E9D1F78EF10E ] C:\Windows\System32\drivers\dxapi.sys
12:14:58.0760 0632 C:\Windows\System32\drivers\dxapi.sys - ok
12:14:58.0776 0632 [ 9352E049F234BFA756C840CD8BDF4FFE ] C:\Windows\System32\win32k.sys
12:14:58.0776 0632 C:\Windows\System32\win32k.sys - ok
12:14:58.0792 0632 [ 117B7C8A8B026A5DCE5E3180ED05E823 ] C:\Windows\System32\csrss.exe
12:14:58.0792 0632 C:\Windows\System32\csrss.exe - ok
12:14:58.0792 0632 [ 2F8A776FF2087357DDEB9992E06EECAA ] C:\Windows\System32\csrsrv.dll
12:14:58.0792 0632 C:\Windows\System32\csrsrv.dll - ok
12:14:58.0807 0632 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\System32\basesrv.dll
12:14:58.0807 0632 C:\Windows\System32\basesrv.dll - ok
12:14:58.0807 0632 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\System32\winsrv.dll
12:14:58.0807 0632 C:\Windows\System32\winsrv.dll - ok
12:14:58.0823 0632 [ 61D4D58D09357F0598A04D1192A4B76C ] C:\Windows\System32\drivers\dxg.sys
12:14:58.0823 0632 C:\Windows\System32\drivers\dxg.sys - ok
12:14:58.0823 0632 [ D77B3F6785289CEC0F32D5A7B5B1268E ] C:\Windows\System32\tsddd.dll
12:14:58.0823 0632 C:\Windows\System32\tsddd.dll - ok
12:14:58.0838 0632 [ D4385B03E8CCCEE6F0EE249F827C1F3E ] C:\Windows\System32\wininit.exe
12:14:58.0838 0632 C:\Windows\System32\wininit.exe - ok
12:14:58.0854 0632 [ CD5F587157B0150FB6955D939BDAB825 ] C:\Windows\System32\userenv.dll
12:14:58.0854 0632 C:\Windows\System32\userenv.dll - ok
12:14:58.0854 0632 [ 68410CF6FB13CED160EF0149EABFC35C ] C:\Windows\System32\secur32.dll
12:14:58.0854 0632 C:\Windows\System32\secur32.dll - ok
12:14:58.0870 0632 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
12:14:58.0870 0632 C:\Windows\System32\KBDUS.DLL - ok
12:14:58.0870 0632 [ 59FD701793A7B6653A115F2A99102DB2 ] C:\Windows\System32\vga.dll
12:14:58.0870 0632 C:\Windows\System32\vga.dll - ok
12:14:58.0885 0632 [ E9BA608E77F75FD5B3AD0CA826E3CE1E ] C:\Windows\System32\framebuf.dll
12:14:58.0885 0632 C:\Windows\System32\framebuf.dll - ok
12:14:58.0885 0632 [ 2BAC1F069A26B9552336488B9C6DE6F3 ] C:\Windows\System32\vga256.dll
12:14:58.0885 0632 C:\Windows\System32\vga256.dll - ok
12:14:58.0901 0632 [ C34B15EE7207975C912C9A5D5A9655C2 ] C:\Windows\System32\vga64k.dll
12:14:58.0901 0632 C:\Windows\System32\vga64k.dll - ok
12:14:58.0916 0632 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
12:14:58.0916 0632 C:\Windows\System32\WlS0WndH.dll - ok
12:14:58.0916 0632 [ 9F75392B9128A91ABAFB044EA350BAAD ] C:\Windows\System32\winlogon.exe
12:14:58.0916 0632 C:\Windows\System32\winlogon.exe - ok
12:14:58.0932 0632 [ C19BA7DAD3AB3AFE6322248047560122 ] C:\Windows\System32\sxs.dll
12:14:58.0932 0632 C:\Windows\System32\sxs.dll - ok
12:14:58.0932 0632 [ 9CA8B435FB0B8F7BD25268AE75639107 ] C:\Windows\System32\winsta.dll
12:14:58.0932 0632 C:\Windows\System32\winsta.dll - ok
12:14:58.0948 0632 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\System32\services.exe
12:14:58.0948 0632 C:\Windows\System32\services.exe - ok
12:14:58.0948 0632 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] C:\Windows\System32\lsass.exe
12:14:58.0948 0632 C:\Windows\System32\lsass.exe - ok
12:14:58.0979 0632 [ 77F52395637906269B91264FFE576B51 ] C:\Windows\System32\lsm.exe
12:14:58.0979 0632 C:\Windows\System32\lsm.exe - ok
12:14:58.0979 0632 [ D39DB142B8A0C56616136DD0A1028FC1 ] C:\Windows\System32\scesrv.dll
12:14:58.0979 0632 C:\Windows\System32\scesrv.dll - ok
12:14:58.0994 0632 [ 67FEFD286869A5EC50257AC62DCBA2B7 ] C:\Windows\System32\lsasrv.dll
12:14:58.0994 0632 C:\Windows\System32\lsasrv.dll - ok
12:14:58.0994 0632 [ F3AA50FABE35385A7A1613E75B95565D ] C:\Windows\System32\authz.dll
12:14:58.0994 0632 C:\Windows\System32\authz.dll - ok
12:14:59.0010 0632 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
12:14:59.0010 0632 C:\Windows\System32\sysntfy.dll - ok
12:14:59.0010 0632 [ E3AFCA30714898BAAE6F12B52627761C ] C:\Windows\System32\netapi32.dll
12:14:59.0010 0632 C:\Windows\System32\netapi32.dll - ok
12:14:59.0026 0632 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
12:14:59.0026 0632 C:\Windows\System32\wmsgapi.dll - ok
12:14:59.0041 0632 [ 1E4B805A21583C9BAEC3758AA6BCA1CD ] C:\Windows\System32\ncobjapi.dll
12:14:59.0041 0632 C:\Windows\System32\ncobjapi.dll - ok
12:14:59.0041 0632 [ 22054E4E3CF6174CFCE6AB2776DA22A0 ] C:\Windows\System32\samsrv.dll
12:14:59.0041 0632 C:\Windows\System32\samsrv.dll - ok
12:14:59.0057 0632 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
12:14:59.0057 0632 C:\Windows\System32\aelupsvc.dll - ok
12:14:59.0057 0632 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] C:\Windows\System32\alg.exe
12:14:59.0057 0632 C:\Windows\System32\alg.exe - ok
12:14:59.0057 0632 [ 2079C0B313846B4564380DBEDAD00E5E ] C:\Windows\System32\cryptdll.dll
12:14:59.0072 0632 C:\Windows\System32\cryptdll.dll - ok
12:14:59.0072 0632 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] C:\Windows\System32\appinfo.dll
12:14:59.0072 0632 C:\Windows\System32\appinfo.dll - ok
12:14:59.0072 0632 [ 1CF533790D3D883A7AB671040FB18A93 ] C:\Windows\System32\dnsapi.dll
12:14:59.0072 0632 C:\Windows\System32\dnsapi.dll - ok
12:14:59.0104 0632 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] C:\Windows\System32\audiosrv.dll
12:14:59.0104 0632 C:\Windows\System32\audiosrv.dll - ok
12:14:59.0104 0632 [ 039E4E0488F4E1A985139A24D0359AC3 ] C:\Windows\System32\samlib.dll
12:14:59.0104 0632 C:\Windows\System32\samlib.dll - ok
12:14:59.0119 0632 [ 24D50EA947B40A8C816B9206FBBB8BEE ] C:\Windows\System32\msasn1.dll
12:14:59.0119 0632 C:\Windows\System32\msasn1.dll - ok
12:14:59.0119 0632 [ 83942D329D01B8AA9721FEF668E1E1A6 ] C:\Windows\System32\ntdsapi.dll
12:14:59.0119 0632 C:\Windows\System32\ntdsapi.dll - ok
12:14:59.0135 0632 [ 47D3305C6986EC21A25B023779881015 ] C:\Windows\System32\feclient.dll
12:14:59.0135 0632 C:\Windows\System32\feclient.dll - ok
12:14:59.0135 0632 [ 75AEB9BA69D36AFF80011B74F27912AF ] C:\Windows\System32\mpr.dll
12:14:59.0135 0632 C:\Windows\System32\mpr.dll - ok
12:14:59.0150 0632 [ DA551697E34D2B9943C8B1C8EAFFE89A ] C:\Windows\System32\qmgr.dll
12:14:59.0150 0632 C:\Windows\System32\qmgr.dll - ok
12:14:59.0166 0632 [ 3233F31FF7046A5C54A312B6687C5376 ] C:\Windows\System32\crypt32.dll
12:14:59.0166 0632 C:\Windows\System32\crypt32.dll - ok
12:14:59.0166 0632 [ BEB6470532B7461D7BB426E3FACB424F ] C:\Windows\System32\browser.dll
12:14:59.0166 0632 C:\Windows\System32\browser.dll - ok
12:14:59.0182 0632 [ 0600E04315FE543802A379D5D23C8BE0 ] C:\Windows\System32\certprop.dll
12:14:59.0182 0632 C:\Windows\System32\certprop.dll - ok
12:14:59.0182 0632 [ 4843A1784BA6434DFF80F841DDC592C6 ] C:\Windows\System32\comres.dll
12:14:59.0182 0632 C:\Windows\System32\comres.dll - ok
12:14:59.0197 0632 [ AE43F1EEA8CB7BD6D372F5A08B00849D ] C:\Windows\System32\SLC.dll
12:14:59.0197 0632 C:\Windows\System32\SLC.dll - ok
12:14:59.0197 0632 [ BCE6F538105E7713C4A5A0CA683D6795 ] C:\Windows\System32\wevtapi.dll
12:14:59.0197 0632 C:\Windows\System32\wevtapi.dll - ok
12:14:59.0213 0632 [ 3B7336FC377803D3BDA3139DF1343B2D ] C:\Windows\System32\IPHLPAPI.DLL
12:14:59.0213 0632 C:\Windows\System32\IPHLPAPI.DLL - ok
12:14:59.0228 0632 [ DC45739BC22D528D2B3E50D3F6761750 ] C:\Windows\System32\dhcpcsvc.dll
12:14:59.0228 0632 C:\Windows\System32\dhcpcsvc.dll - ok
12:14:59.0228 0632 [ 86FBD7D3E975464E94F0A270E5E79CEC ] C:\Windows\System32\winnsi.dll
12:14:59.0228 0632 C:\Windows\System32\winnsi.dll - ok
12:14:59.0244 0632 [ B1143BE81DD6AE13943B806261CE91A0 ] C:\Windows\System32\dhcpcsvc6.dll
12:14:59.0244 0632 C:\Windows\System32\dhcpcsvc6.dll - ok
12:14:59.0244 0632 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
12:14:59.0244 0632 C:\Windows\System32\cngaudit.dll - ok
12:14:59.0260 0632 [ 1C26FB097170A2A91066D1E3A24366E3 ] C:\Windows\System32\cryptsvc.dll
12:14:59.0260 0632 C:\Windows\System32\cryptsvc.dll - ok
12:14:59.0260 0632 [ 121AFD967914292D5CBF7BEE9572BE71 ] C:\Windows\System32\ncrypt.dll
12:14:59.0260 0632 C:\Windows\System32\ncrypt.dll - ok
12:14:59.0275 0632 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
12:14:59.0275 0632 C:\Windows\System32\oleres.dll - ok
12:14:59.0291 0632 [ 1C90E67A15D7B35909AF8A808A1ECCFF ] C:\Windows\System32\bcrypt.dll
12:14:59.0291 0632 C:\Windows\System32\bcrypt.dll - ok
12:14:59.0291 0632 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
12:14:59.0291 0632 C:\Windows\System32\dfsrres.dll - ok
12:14:59.0306 0632 [ 8C312DE50B90F7C22349E6DB1D9538E3 ] C:\Windows\System32\credssp.dll
12:14:59.0306 0632 C:\Windows\System32\credssp.dll - ok
12:14:59.0306 0632 [ 1F795D214820E496BF1124434A6DB546 ] C:\Windows\System32\dot3svc.dll
12:14:59.0306 0632 C:\Windows\System32\dot3svc.dll - ok
12:14:59.0322 0632 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
12:14:59.0322 0632 C:\Windows\System32\msprivs.dll - ok
12:14:59.0322 0632 [ 032C90AD677BF7B7A8013D6087C7A921 ] C:\Windows\System32\dps.dll
12:14:59.0322 0632 C:\Windows\System32\dps.dll - ok
12:14:59.0338 0632 [ F4AFBEB2BD4972F57C53CB8D54561C4E ] C:\Windows\System32\kerberos.dll
12:14:59.0338 0632 C:\Windows\System32\kerberos.dll - ok
12:14:59.0353 0632 [ 90A0A875642E18618010645311B4E89E ] C:\Windows\System32\eapsvc.dll
12:14:59.0353 0632 C:\Windows\System32\eapsvc.dll - ok
12:14:59.0353 0632 [ 3226FDA08988526E819E364E8CCE4CEE ] C:\Windows\System32\emdmgmt.dll
12:14:59.0353 0632 C:\Windows\System32\emdmgmt.dll - ok
12:14:59.0369 0632 [ CE0D320700CCF7C78AEF9ED84332CC53 ] C:\Windows\System32\WSHTCPIP.DLL
12:14:59.0369 0632 C:\Windows\System32\WSHTCPIP.DLL - ok
12:14:59.0369 0632 [ 9F6487E56876511E764DD097AB0CE9A0 ] C:\Windows\System32\wship6.dll
12:14:59.0369 0632 C:\Windows\System32\wship6.dll - ok
12:14:59.0384 0632 [ FB036947195D5FEFBC8083D5DEB024DE ] C:\Windows\System32\wshqos.dll
12:14:59.0384 0632 C:\Windows\System32\wshqos.dll - ok
12:14:59.0384 0632 [ 37ADD2A134AE436FFF0976D69449F45C ] C:\Windows\System32\wevtsvc.dll
12:14:59.0384 0632 C:\Windows\System32\wevtsvc.dll - ok
12:14:59.0400 0632 [ C424117A562F2DE37A42266894C79AEB ] C:\Windows\System32\nlasvc.dll
12:14:59.0416 0632 C:\Windows\System32\nlasvc.dll - ok
12:14:59.0416 0632 [ 5E72DCFF9FB2374642043899A1C2E446 ] C:\Windows\System32\NapiNSP.dll
12:14:59.0416 0632 C:\Windows\System32\NapiNSP.dll - ok
12:14:59.0431 0632 [ C0DC476E89558242848572F9ADE1D685 ] C:\Windows\System32\pnrpnsp.dll
12:14:59.0431 0632 C:\Windows\System32\pnrpnsp.dll - ok
12:14:59.0431 0632 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] C:\Windows\System32\fdPHost.dll
12:14:59.0431 0632 C:\Windows\System32\fdPHost.dll - ok
12:14:59.0447 0632 [ 54E9576169A248AD62A1EB9773225826 ] C:\Windows\System32\mswsock.dll
12:14:59.0447 0632 C:\Windows\System32\mswsock.dll - ok
12:14:59.0447 0632 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
12:14:59.0447 0632 C:\Windows\System32\FDResPub.dll - ok
12:14:59.0462 0632 [ C5213AC0CD7D4A6BE4BBABA0B18B9BE5 ] C:\Windows\System32\msv1_0.dll
12:14:59.0462 0632 C:\Windows\System32\msv1_0.dll - ok
12:14:59.0478 0632 [ 8DFB65834D4EE6DEB463858F591EA8D8 ] C:\Windows\System32\PresentationHost.exe
12:14:59.0478 0632 C:\Windows\System32\PresentationHost.exe - ok
12:14:59.0478 0632 [ 889A2C9F2AACCD8F64EF50AC0B3D553B ] C:\Windows\System32\netlogon.dll
12:14:59.0478 0632 C:\Windows\System32\netlogon.dll - ok
12:14:59.0494 0632 [ 0DFC9EA99681BF966F794AF7C39495F2 ] C:\Windows\System32\gpapi.dll
12:14:59.0494 0632 C:\Windows\System32\gpapi.dll - ok
12:14:59.0494 0632 [ 8FA640195279ACE21BEA91396A0054FC ] C:\Windows\System32\hidserv.dll
12:14:59.0494 0632 C:\Windows\System32\hidserv.dll - ok
12:14:59.0509 0632 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
12:14:59.0509 0632 C:\Windows\System32\winbrand.dll - ok
12:14:59.0509 0632 [ D40AA05E29BF6ED29B139F044B461E9B ] C:\Windows\System32\KMSVC.DLL
12:14:59.0509 0632 C:\Windows\System32\KMSVC.DLL - ok
12:14:59.0525 0632 [ 58236642134BC28334F3209F0130F7A0 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
12:14:59.0525 0632 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
12:14:59.0540 0632 [ 4F34903E7989C6EDDAAABDEE6E01D381 ] C:\Windows\System32\schannel.dll
12:14:59.0540 0632 C:\Windows\System32\schannel.dll - ok
12:14:59.0540 0632 [ 35662FE4D8622F667AA5A5568F7F1B40 ] C:\Windows\System32\IKEEXT.DLL
12:14:59.0540 0632 C:\Windows\System32\IKEEXT.DLL - ok
12:14:59.0556 0632 [ 8B8DF4AE8B98BB671E1DAB65C72411B4 ] C:\Windows\System32\wdigest.dll
12:14:59.0556 0632 C:\Windows\System32\wdigest.dll - ok
12:14:59.0556 0632 [ 88CF5281ED9880D74DC9011CF8B5262D ] C:\Windows\System32\IPBusEnum.dll
12:14:59.0556 0632 C:\Windows\System32\IPBusEnum.dll - ok
12:14:59.0572 0632 [ A90247CD20C2DB51C264EACC00A3039F ] C:\Windows\System32\rsaenh.dll
12:14:59.0572 0632 C:\Windows\System32\rsaenh.dll - ok
12:14:59.0572 0632 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
12:14:59.0572 0632 C:\Windows\System32\keyiso.dll - ok
12:14:59.0587 0632 [ 07A6B9B0227E2FAAD4DF420B7230E790 ] C:\Windows\System32\TSpkg.dll
12:14:59.0587 0632 C:\Windows\System32\TSpkg.dll - ok
12:14:59.0603 0632 [ 53D1482FC1AA36AC015A85E6CF2146BD ] C:\Windows\System32\srvsvc.dll
12:14:59.0603 0632 C:\Windows\System32\srvsvc.dll - ok
12:14:59.0603 0632 [ 435F0F6DC87A4B5DA78F1FA309884189 ] C:\Windows\System32\wkssvc.dll
12:14:59.0603 0632 C:\Windows\System32\wkssvc.dll - ok
12:14:59.0618 0632 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
12:14:59.0618 0632 C:\Windows\System32\lltdres.dll - ok
12:14:59.0618 0632 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
12:14:59.0618 0632 C:\Windows\System32\lmhsvc.dll - ok
12:14:59.0634 0632 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] C:\Windows\System32\mmcss.dll
12:14:59.0634 0632 C:\Windows\System32\mmcss.dll - ok
12:14:59.0634 0632 [ 5ED6BB7CB8726BB1E5EE479FB9E61A18 ] C:\Windows\System32\FirewallAPI.dll
12:14:59.0634 0632 C:\Windows\System32\FirewallAPI.dll - ok
12:14:59.0650 0632 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
12:14:59.0650 0632 C:\Windows\System32\iscsidsc.dll - ok
12:14:59.0665 0632 [ 200C81D5EB703CEF14C5A11D12E22396 ] C:\Windows\System32\msimsg.dll
12:14:59.0665 0632 C:\Windows\System32\msimsg.dll - ok
12:14:59.0665 0632 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] C:\Windows\System32\QAGENTRT.DLL
12:14:59.0665 0632 C:\Windows\System32\QAGENTRT.DLL - ok
12:14:59.0681 0632 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] C:\Windows\System32\netman.dll
12:14:59.0681 0632 C:\Windows\System32\netman.dll - ok
12:14:59.0681 0632 [ 3A500F3E98436E852C25E6206161B0D4 ] C:\Windows\System32\netprof.dll
12:14:59.0681 0632 C:\Windows\System32\netprof.dll - ok
12:14:59.0696 0632 [ 23B8201A363DE0E649FC75EE9874DEE2 ] C:\Windows\System32\nsisvc.dll
12:14:59.0696 0632 C:\Windows\System32\nsisvc.dll - ok
12:14:59.0696 0632 [ 016D01D3B8FB976A193C7434BED8DCCF ] C:\Windows\System32\p2psvc.dll
12:14:59.0696 0632 C:\Windows\System32\p2psvc.dll - ok
12:14:59.0728 0632 [ D8C5C215C932233A4F1D7F368F4E4E65 ] C:\Windows\System32\pcasvc.dll
12:14:59.0728 0632 C:\Windows\System32\pcasvc.dll - ok
12:14:59.0728 0632 [ CD05A38D166BEADE18030BAFC0C0A939 ] C:\Windows\System32\pla.dll
12:14:59.0728 0632 C:\Windows\System32\pla.dll - ok
12:14:59.0743 0632 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] C:\Windows\System32\umpnpmgr.dll
12:14:59.0743 0632 C:\Windows\System32\umpnpmgr.dll - ok
12:14:59.0743 0632 [ 6B23DBA3732D20A59348B766E1CFBD20 ] C:\Windows\System32\polstore.dll
12:14:59.0743 0632 C:\Windows\System32\polstore.dll - ok
12:14:59.0759 0632 [ 213112E152E68F0E4705E36F052A2880 ] C:\Windows\System32\profsvc.dll
12:14:59.0759 0632 C:\Windows\System32\profsvc.dll - ok
12:14:59.0759 0632 [ 740FCD1371B5E2E34072397DBA4BCFB2 ] C:\Windows\System32\psbase.dll
12:14:59.0759 0632 C:\Windows\System32\psbase.dll - ok
12:14:59.0774 0632 [ CA61BDFD3713A7CE75F2812AFC431594 ] C:\Windows\System32\qwave.dll
12:14:59.0774 0632 C:\Windows\System32\qwave.dll - ok
12:14:59.0790 0632 [ D2B3E2B7426DC23E185FBC73C8936C12 ] C:\Windows\System32\drivers\qwavedrv.sys
12:14:59.0790 0632 C:\Windows\System32\drivers\qwavedrv.sys - ok
12:14:59.0790 0632 [ F14F4AAB9F54D099FE99192BDB100AC9 ] C:\Windows\System32\rasauto.dll
12:14:59.0790 0632 C:\Windows\System32\rasauto.dll - ok
12:14:59.0806 0632 [ 11D65E29BC9D1E4114D18FE68194394C ] C:\Windows\System32\rasmans.dll
12:14:59.0806 0632 C:\Windows\System32\rasmans.dll - ok
12:14:59.0806 0632 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] C:\Windows\System32\mprdim.dll
12:14:59.0806 0632 C:\Windows\System32\mprdim.dll - ok
12:14:59.0821 0632 [ 9A043808667C8C1893DA7275AF373F0E ] C:\Windows\System32\regsvc.dll
12:14:59.0821 0632 C:\Windows\System32\regsvc.dll - ok
12:14:59.0821 0632 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
12:14:59.0821 0632 C:\Windows\System32\Locator.exe - ok
12:14:59.0837 0632 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] C:\Windows\System32\SCardSvr.dll
12:14:59.0837 0632 C:\Windows\System32\SCardSvr.dll - ok
12:14:59.0852 0632 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] C:\Windows\System32\schedsvc.dll
12:14:59.0852 0632 C:\Windows\System32\schedsvc.dll - ok
12:14:59.0852 0632 [ F7B6BF02240D0A764ADF8C8966735552 ] C:\Windows\System32\sdrsvc.dll
12:14:59.0852 0632 C:\Windows\System32\sdrsvc.dll - ok
12:14:59.0868 0632 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] C:\Windows\System32\seclogon.dll
12:14:59.0868 0632 C:\Windows\System32\seclogon.dll - ok
12:14:59.0868 0632 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] C:\Windows\System32\Sens.dll
12:14:59.0868 0632 C:\Windows\System32\Sens.dll - ok
12:14:59.0884 0632 [ 78878235DA4DF0D116E86837A0A21DF8 ] C:\Windows\System32\SessEnv.dll
12:14:59.0884 0632 C:\Windows\System32\SessEnv.dll - ok
12:14:59.0884 0632 [ B264DFA21677728613267FE63802B332 ] C:\Windows\System32\shsvcs.dll
12:14:59.0884 0632 C:\Windows\System32\shsvcs.dll - ok
12:14:59.0899 0632 [ A1DCD30534835CB67733AD00175125A6 ] C:\Windows\System32\SLsvc.exe
12:14:59.0899 0632 C:\Windows\System32\SLsvc.exe - ok
12:14:59.0915 0632 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] C:\Windows\System32\SLUINotify.dll
12:14:59.0915 0632 C:\Windows\System32\SLUINotify.dll - ok
12:14:59.0915 0632 [ 925E6EC977B316AB3D3A536E8AD36B5E ] C:\Windows\System32\tcpipcfg.dll
12:14:59.0915 0632 C:\Windows\System32\tcpipcfg.dll - ok
12:14:59.0930 0632 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
12:14:59.0930 0632 C:\Windows\System32\snmptrap.exe - ok
12:14:59.0930 0632 [ DA612EF2556776DF2630B68BF2D48935 ] C:\Windows\System32\spoolsv.exe
12:14:59.0930 0632 C:\Windows\System32\spoolsv.exe - ok
12:14:59.0946 0632 [ 8D3E4BAFF8B3997138C38EB1B600519A ] C:\Windows\System32\ssdpsrv.dll
12:14:59.0946 0632 C:\Windows\System32\ssdpsrv.dll - ok
12:14:59.0946 0632 [ A941E099EF46E3CC12F898CBE1C39910 ] C:\Windows\System32\wiaservc.dll
12:14:59.0946 0632 C:\Windows\System32\wiaservc.dll - ok
12:14:59.0962 0632 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] C:\Windows\System32\swprv.dll
12:14:59.0962 0632 C:\Windows\System32\swprv.dll - ok
12:14:59.0977 0632 [ 8F2B5FEDE18BD3C4C926CBF88E6F1264 ] C:\Windows\System32\sysmain.dll
12:14:59.0977 0632 C:\Windows\System32\sysmain.dll - ok
12:14:59.0977 0632 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
12:14:59.0977 0632 C:\Windows\System32\TabSvc.dll - ok
12:14:59.0993 0632 [ EF3DD33C740FC2F82E7E4622F1C49289 ] C:\Windows\System32\tapisrv.dll
12:14:59.0993 0632 C:\Windows\System32\tapisrv.dll - ok
12:14:59.0993 0632 [ 68FA52794AE9ACC61BDE16FE0956B414 ] C:\Windows\System32\tbssvc.dll
12:14:59.0993 0632 C:\Windows\System32\tbssvc.dll - ok
12:15:00.0008 0632 [ FAD71C1E8E4047B154E899AE31EB8CAA ] C:\Windows\System32\termsrv.dll
12:15:00.0008 0632 C:\Windows\System32\termsrv.dll - ok
12:15:00.0008 0632 [ 6BBA0582C0025D43729A1112D3B57897 ] C:\Windows\System32\trkwks.dll
12:15:00.0008 0632 C:\Windows\System32\trkwks.dll - ok
12:15:00.0024 0632 [ 34E388A395FEDBA1D0511ED39BBF4074 ] C:\Windows\servicing\TrustedInstaller.exe
12:15:00.0024 0632 C:\Windows\servicing\TrustedInstaller.exe - ok
12:15:00.0040 0632 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] C:\Windows\System32\UI0Detect.exe
12:15:00.0040 0632 C:\Windows\System32\UI0Detect.exe - ok
12:15:00.0040 0632 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] C:\Windows\System32\upnphost.dll
12:15:00.0040 0632 C:\Windows\System32\upnphost.dll - ok
12:15:00.0055 0632 [ E87B968F3D49117445893EB0503FE34F ] C:\Windows\System32\dwm.exe
12:15:00.0055 0632 C:\Windows\System32\dwm.exe - ok
12:15:00.0055 0632 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] C:\Windows\System32\vds.exe
12:15:00.0055 0632 C:\Windows\System32\vds.exe - ok
12:15:00.0071 0632 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] C:\Windows\System32\VSSVC.exe
12:15:00.0071 0632 C:\Windows\System32\VSSVC.exe - ok
12:15:00.0071 0632 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] C:\Windows\System32\w32time.dll
12:15:00.0071 0632 C:\Windows\System32\w32time.dll - ok
12:15:00.0102 0632 [ C1B19162E0509CEAB4CDF664E139D956 ] C:\Windows\System32\wcncsvc.dll
12:15:00.0102 0632 C:\Windows\System32\wcncsvc.dll - ok
12:15:00.0102 0632 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
12:15:00.0102 0632 C:\Windows\System32\WcsPlugInService.dll - ok
12:15:00.0118 0632 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] C:\Windows\System32\wdi.dll
12:15:00.0118 0632 C:\Windows\System32\wdi.dll - ok
12:15:00.0118 0632 [ 01E41C264EEDCB827820A1909162579F ] C:\Windows\System32\WebClnt.dll
12:15:00.0118 0632 C:\Windows\System32\WebClnt.dll - ok
12:15:00.0118 0632 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] C:\Windows\System32\wecsvc.dll
12:15:00.0118 0632 C:\Windows\System32\wecsvc.dll - ok
12:15:00.0133 0632 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] C:\Windows\System32\wercplsupport.dll
12:15:00.0133 0632 C:\Windows\System32\wercplsupport.dll - ok
12:15:00.0133 0632 [ 36BA0707680EF4236FD752BEE982CC25 ] C:\Windows\System32\wersvc.dll
12:15:00.0133 0632 C:\Windows\System32\wersvc.dll - ok
12:15:00.0164 0632 [ E762562A8D43BDE3EE11428EB681FF9C ] C:\Windows\System32\winhttp.dll
12:15:00.0164 0632 C:\Windows\System32\winhttp.dll - ok
12:15:00.0164 0632 [ 38A7B89DE4E3417C122317949667FDD8 ] C:\Windows\System32\wbem\WMIsvc.dll
12:15:00.0164 0632 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:15:00.0180 0632 [ 3F6823040030C3E4DA1CF11CD40B7534 ] C:\Windows\System32\WsmSvc.dll
12:15:00.0180 0632 C:\Windows\System32\WsmSvc.dll - ok
12:15:00.0180 0632 [ B410476A00961BF3FC368A346D8EA6A7 ] C:\Windows\System32\wlansvc.dll
12:15:00.0180 0632 C:\Windows\System32\wlansvc.dll - ok
12:15:00.0196 0632 [ A279323BEE5FFFAFDA222910BCE92132 ] C:\Windows\System32\wbem\WmiApSrv.exe
12:15:00.0196 0632 C:\Windows\System32\wbem\WmiApSrv.exe - ok
12:15:00.0196 0632 [ ACB2E63D50157E3EA7140F29D9E76A48 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:15:00.0196 0632 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:15:00.0211 0632 [ 3D3B3B80C12ABE506F56930C46422C28 ] C:\Windows\System32\wpcsvc.dll
12:15:00.0211 0632 C:\Windows\System32\wpcsvc.dll - ok
12:15:00.0227 0632 [ C24844A1D0D9528B19D5BC266B8CD572 ] C:\Windows\System32\wpdbusenum.dll
12:15:00.0227 0632 C:\Windows\System32\wpdbusenum.dll - ok
12:15:00.0227 0632 [ 5DE40982E3AE45DC00586A93637B351B ] C:\Windows\System32\SearchIndexer.exe
12:15:00.0227 0632 C:\Windows\System32\SearchIndexer.exe - ok
12:15:00.0242 0632 [ 6298277B73C77FA99106B271A7525163 ] C:\Windows\System32\wuaueng.dll
12:15:00.0242 0632 C:\Windows\System32\wuaueng.dll - ok
12:15:00.0242 0632 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] C:\Windows\System32\WUDFSvc.dll
12:15:00.0242 0632 C:\Windows\System32\WUDFSvc.dll - ok
12:15:00.0258 0632 [ 80E2839D05CA5970A86D7BE2A08BFF61 ] C:\Windows\System32\scecli.dll
12:15:00.0258 0632 C:\Windows\System32\scecli.dll - ok
12:15:00.0258 0632 [ BBDE9DB609D0657BE77AF63CC392F6B0 ] C:\Windows\System32\ntmarta.dll
12:15:00.0258 0632 C:\Windows\System32\ntmarta.dll - ok
12:15:00.0274 0632 [ 10DA15933D582D2FEDCF705EFE394B09 ] C:\Windows\System32\svchost.exe
12:15:00.0274 0632 C:\Windows\System32\svchost.exe - ok
12:15:00.0289 0632 [ 3CDEC51291F735C5C276B957239017A3 ] C:\Windows\System32\powrprof.dll
12:15:00.0289 0632 C:\Windows\System32\powrprof.dll - ok
12:15:00.0289 0632 [ 7B981222A257D076885BFFB66F19B7CE ] C:\Windows\System32\rpcss.dll
12:15:00.0289 0632 C:\Windows\System32\rpcss.dll - ok
12:15:00.0305 0632 [ D8C819157EBA10401FD25FB48184EF24 ] C:\Windows\System32\version.dll
12:15:00.0305 0632 C:\Windows\System32\version.dll - ok
12:15:00.0305 0632 [ EAB1144395AACB4CBB85AE5F6334CB3F ] C:\Windows\System32\LogonUI.exe
12:15:00.0305 0632 C:\Windows\System32\LogonUI.exe - ok
12:15:00.0320 0632 [ 501956FA7FF3E5277BEB396E4F5C6F23 ] C:\Windows\System32\authui.dll
12:15:00.0320 0632 C:\Windows\System32\authui.dll - ok
12:15:00.0320 0632 [ 0F0DA05C44E911301028D9CEC6294EBB ] C:\Windows\System32\nlaapi.dll
12:15:00.0320 0632 C:\Windows\System32\nlaapi.dll - ok
12:15:00.0352 0632 [ 36C5C3CAB3B467BA68AE345C9B9DADC3 ] C:\Windows\System32\atl.dll
12:15:00.0352 0632 C:\Windows\System32\atl.dll - ok
12:15:00.0352 0632 [ 7C0D4B898C24000DBEDFF0BDAFEC2EC4 ] C:\Windows\System32\adtschema.dll
12:15:00.0352 0632 C:\Windows\System32\adtschema.dll - ok
12:15:00.0367 0632 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
12:15:00.0367 0632 C:\Windows\System32\hid.dll - ok
12:15:00.0367 0632 [ 4D14689094BFE7C16CDECF659D8A80F6 ] C:\Windows\System32\wtsapi32.dll
12:15:00.0367 0632 C:\Windows\System32\wtsapi32.dll - ok
12:15:00.0383 0632 [ C6E246BE0C525762C474F7EC758A70A9 ] C:\Windows\System32\wintrust.dll
12:15:00.0383 0632 C:\Windows\System32\wintrust.dll - ok
12:15:00.0383 0632 [ 6DA4A0FC7C0E83DF0CB3CFD0A514C3BC ] C:\Windows\System32\drivers\nwifi.sys
12:15:00.0383 0632 C:\Windows\System32\drivers\nwifi.sys - ok
12:15:00.0383 0632 [ 265C5F6DA1308BCA004CA49C16D7510E ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20533_none_4634c4a0218d65c1\comctl32.dll
12:15:00.0383 0632 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.20533_none_4634c4a0218d65c1\comctl32.dll - ok
12:15:00.0414 0632 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] C:\Windows\System32\drivers\ndisuio.sys
12:15:00.0414 0632 C:\Windows\System32\drivers\ndisuio.sys - ok
12:15:00.0414 0632 [ EECBA1DD142BF8693C476BE8F32FE253 ] C:\Windows\System32\dnsrslvr.dll
12:15:00.0414 0632 C:\Windows\System32\dnsrslvr.dll - ok
12:15:00.0430 0632 [ F99AD9DC3B8CA26C211D92C030787A5C ] C:\Windows\System32\eapphost.dll
12:15:00.0430 0632 C:\Windows\System32\eapphost.dll - ok
12:15:00.0430 0632 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] C:\Windows\System32\drivers\fltMgr.sys
12:15:00.0430 0632 C:\Windows\System32\drivers\fltMgr.sys - ok
12:15:00.0445 0632 [ ED1CE465D0D897889FABEAE3ED9215CF ] C:\Windows\System32\rastls.dll
12:15:00.0445 0632 C:\Windows\System32\rastls.dll - ok
12:15:00.0445 0632 [ 8356A02DD1B2783987134FDF8B71633F ] C:\Windows\System32\ci.dll
12:15:00.0445 0632 C:\Windows\System32\ci.dll - ok
12:15:00.0476 0632 [ 8F23A0C652C9205A919476D1E62D3C65 ] C:\Windows\System32\raschap.dll
12:15:00.0476 0632 C:\Windows\System32\raschap.dll - ok
12:15:00.0476 0632 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
12:15:00.0476 0632 C:\Windows\System32\msimg32.dll - ok
12:15:00.0476 0632 [ E340D47578B8CB8A86D3578EA50A3B83 ] C:\Windows\System32\uxtheme.dll
12:15:00.0476 0632 C:\Windows\System32\uxtheme.dll - ok
12:15:00.0492 0632 [ 2F79ECA048F1EF286D0C13A4D36E6F03 ] C:\Windows\System32\wlanmsm.dll
12:15:00.0492 0632 C:\Windows\System32\wlanmsm.dll - ok
12:15:00.0492 0632 [ 972A0C4A4CBF7575D5E2CA20229820B9 ] C:\Windows\System32\PSHED.DLL
12:15:00.0492 0632 C:\Windows\System32\PSHED.DLL - ok
12:15:00.0508 0632 [ 4E2434B9461F1543946AADA251EFDB12 ] C:\Windows\System32\wlansec.dll
12:15:00.0508 0632 C:\Windows\System32\wlansec.dll - ok
12:15:00.0508 0632 [ AD5B9D71CCCFB5FA200271537F185544 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll
12:15:00.0508 0632 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll - ok
12:15:00.0539 0632 [ 39C4C7E087DC64C492108CA98936FF30 ] C:\Windows\System32\onex.dll
12:15:00.0539 0632 C:\Windows\System32\onex.dll - ok
12:15:00.0539 0632 [ F9FECFEEDCC32E55093FC9F3F5A09739 ] C:\Windows\System32\eappprxy.dll
12:15:00.0539 0632 C:\Windows\System32\eappprxy.dll - ok
12:15:00.0554 0632 [ FC34CA580010DABFEC1EA854BA94AA01 ] C:\Windows\System32\eappcfg.dll
12:15:00.0554 0632 C:\Windows\System32\eappcfg.dll - ok
12:15:00.0554 0632 [ 979B8FD012A35D567A9088A100DC4D78 ] C:\Windows\System32\wlgpclnt.dll
12:15:00.0554 0632 C:\Windows\System32\wlgpclnt.dll - ok
12:15:00.0570 0632 [ 2FA7EF1006DC44CB3C86E727D432D827 ] C:\Windows\System32\l2gpstore.dll
12:15:00.0570 0632 C:\Windows\System32\l2gpstore.dll - ok
12:15:00.0570 0632 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
12:15:00.0570 0632 C:\Windows\System32\wlanutil.dll - ok
12:15:00.0586 0632 [ 3CC7841F318C99819BE3A9736C9A7BA1 ] C:\Windows\System32\duser.dll
12:15:00.0586 0632 C:\Windows\System32\duser.dll - ok
12:15:00.0601 0632 [ 473DF61261C234A4A4C577F3631B9327 ] C:\Windows\System32\msxml6.dll
12:15:00.0601 0632 C:\Windows\System32\msxml6.dll - ok
12:15:00.0601 0632 [ 71A2DCA8F626FCEF8BFF7E2C17C67A7F ] C:\Windows\System32\xmllite.dll
12:15:00.0601 0632 C:\Windows\System32\xmllite.dll - ok
12:15:00.0617 0632 [ 913CD06FBE9105CE6077E90FD4418561 ] C:\Windows\System32\drivers\bowser.sys
12:15:00.0617 0632 C:\Windows\System32\drivers\bowser.sys - ok
12:15:00.0617 0632 [ 8AF705CE1BB907932157FAB821170F27 ] C:\Windows\System32\drivers\mrxsmb.sys
12:15:00.0617 0632 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:15:00.0632 0632 [ 9694942A39AB2A7DF58A1D95EA37AC3D ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:15:00.0632 0632 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:15:00.0632 0632 [ 35A9D03D0B77E4A35104D851B1095A59 ] C:\Windows\System32\WinSCard.dll
12:15:00.0632 0632 C:\Windows\System32\WinSCard.dll - ok
12:15:00.0648 0632 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] C:\Windows\System32\drivers\mrxsmb10.sys
12:15:00.0648 0632 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:15:00.0664 0632 [ 8758474CE387F7F18F2672C89D8AF6E8 ] C:\Windows\System32\shgina.dll
12:15:00.0664 0632 C:\Windows\System32\shgina.dll - ok
12:15:00.0664 0632 [ 0227EDA48B7A2E8751557006D4ABD832 ] C:\Windows\System32\shacct.dll
12:15:00.0664 0632 C:\Windows\System32\shacct.dll - ok
12:15:00.0679 0632 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] C:\Windows\System32\drivers\mrxsmb20.sys
12:15:00.0679 0632 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:15:00.0679 0632 [ 96BC076D1BA9FEE72709FC72DC025270 ] C:\Windows\System32\propsys.dll
12:15:00.0679 0632 C:\Windows\System32\propsys.dll - ok
12:15:00.0695 0632 [ D024930AE4DFFCFCE97481A77D485FBB ] C:\Windows\System32\wbem\wbemcomn.dll
12:15:00.0695 0632 C:\Windows\System32\wbem\wbemcomn.dll - ok
12:15:00.0695 0632 [ FDE35AE1E3A1F21AE1E31674295F31E9 ] C:\Windows\System32\netcfgx.dll
12:15:00.0695 0632 C:\Windows\System32\netcfgx.dll - ok
12:15:00.0726 0632 [ 38CCE934026691EA652C9955BB8AA04A ] C:\Windows\System32\vssapi.dll
12:15:00.0726 0632 C:\Windows\System32\vssapi.dll - ok
12:15:00.0726 0632 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:15:00.0726 0632 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:15:00.0742 0632 [ 54BF0DCEC92854F8FAEC362AB2BC8600 ] C:\Windows\System32\cabinet.dll
12:15:00.0742 0632 C:\Windows\System32\cabinet.dll - ok
12:15:00.0742 0632 [ 28B257AE1B63699A3415CBC80E26F7E1 ] C:\Windows\System32\vsstrace.dll
12:15:00.0742 0632 C:\Windows\System32\vsstrace.dll - ok
12:15:00.0757 0632 [ 85508A59E3B0D12D4737184A11C5F8E2 ] C:\Windows\System32\ncsi.dll
12:15:00.0757 0632 C:\Windows\System32\ncsi.dll - ok
12:15:00.0757 0632 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
12:15:00.0757 0632 C:\Windows\System32\ssdpapi.dll - ok
12:15:00.0773 0632 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] C:\Windows\System32\netprofm.dll
12:15:00.0773 0632 C:\Windows\System32\netprofm.dll - ok
12:15:00.0788 0632 [ B3FF96D8591FF8608BB53214FF0A8B49 ] C:\Windows\System32\avrt.dll
12:15:00.0788 0632 C:\Windows\System32\avrt.dll - ok
12:15:00.0788 0632 [ 3B5E50A380AE03249C9F60E5BB28EFCB ] C:\Windows\System32\winmm.dll
12:15:00.0788 0632 C:\Windows\System32\winmm.dll - ok
12:15:00.0804 0632 [ 40AC3601ACA74A015C4E0DB0727929CA ] C:\Windows\System32\oleacc.dll
12:15:00.0804 0632 C:\Windows\System32\oleacc.dll - ok
12:15:00.0804 0632 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
12:15:00.0804 0632 C:\Windows\System32\dllhost.exe - ok
12:15:00.0820 0632 [ 4A05089F43041903A3C523A3C16E3350 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
12:15:00.0820 0632 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll - ok
12:15:00.0820 0632 [ 89AE93A81985A65BFA55071DAA8C7CD0 ] C:\Windows\System32\AtBroker.exe
12:15:00.0820 0632 C:\Windows\System32\AtBroker.exe - ok
12:15:00.0835 0632 [ 22027835939F86C3E47AD8E3FBDE3D11 ] C:\Windows\System32\userinit.exe
12:15:00.0835 0632 C:\Windows\System32\userinit.exe - ok
12:15:00.0851 0632 [ 5C8D22F3E0B49216C9D2E71BDF202218 ] C:\Windows\System32\dwmapi.dll
12:15:00.0851 0632 C:\Windows\System32\dwmapi.dll - ok
12:15:00.0851 0632 [ 37440D09DEAE0B672A04DCCF7ABF06BE ] C:\Windows\explorer.exe
12:15:00.0851 0632 C:\Windows\explorer.exe - ok
12:15:00.0866 0632 [ A4B7D7F3675B7C4490C066A4829CB26D ] C:\Windows\System32\shdocvw.dll
12:15:00.0866 0632 C:\Windows\System32\shdocvw.dll - ok
12:15:00.0866 0632 [ EC4A360BA892320DA05BA504EA7390BC ] C:\Windows\System32\browseui.dll
12:15:00.0866 0632 C:\Windows\System32\browseui.dll - ok
12:15:00.0882 0632 [ AD38BD7F36A71D1B0BE965BD3CB376AC ] C:\Windows\System32\WindowsCodecs.dll
12:15:00.0882 0632 C:\Windows\System32\WindowsCodecs.dll - ok
12:15:00.0882 0632 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
12:15:00.0882 0632 C:\Windows\System32\imageres.dll - ok
12:15:00.0913 0632 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
12:15:00.0913 0632 C:\Windows\System32\IconCodecService.dll - ok
12:15:00.0913 0632 [ D24CEF0216E5AED59AFF4BA11F37274E ] C:\Windows\System32\runonce.exe
12:15:00.0913 0632 C:\Windows\System32\runonce.exe - ok
12:15:00.0929 0632 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
12:15:00.0929 0632 C:\Windows\System32\msiltcfg.dll - ok
12:15:00.0929 0632 [ A68164A7BD62ADEE8ABDB3B88561E2C9 ] C:\Windows\System32\msi.dll
12:15:00.0929 0632 C:\Windows\System32\msi.dll - ok
12:15:00.0944 0632 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
12:15:00.0944 0632 C:\Windows\System32\sfc.dll - ok
12:15:00.0944 0632 [ 4DB158BC772FD434036487DCB7825625 ] C:\Windows\System32\sfc_os.dll
12:15:00.0944 0632 C:\Windows\System32\sfc_os.dll - ok
12:15:00.0960 0632 [ 976D0D12423A75408C6362797D481413 ] C:\Program Files\Common Files\microsoft shared\ink\penusa.dll
12:15:00.0960 0632 C:\Program Files\Common Files\microsoft shared\ink\penusa.dll - ok
12:15:00.0976 0632 [ 976D0D12423A75408C6362797D481413 ] C:\Program Files\Common Files\microsoft shared\ink\skchui.dll
12:15:00.0976 0632 C:\Program Files\Common Files\microsoft shared\ink\skchui.dll - ok
12:15:00.0976 0632 [ BA174723B7998BC2332D657DE720A9D3 ] C:\Windows\System32\timedate.cpl
12:15:00.0976 0632 C:\Windows\System32\timedate.cpl - ok
12:15:00.0991 0632 [ 75EDBAACA7D5F2B3B165B8DAB3E1542E ] C:\Windows\System32\apphelp.dll
12:15:00.0991 0632 C:\Windows\System32\apphelp.dll - ok
12:15:00.0991 0632 [ B9D6F987566F13E99E10AE0E0C680A2B ] C:\Windows\System32\msshsq.dll
12:15:00.0991 0632 C:\Windows\System32\msshsq.dll - ok
12:15:01.0007 0632 [ AB26EB32F91D3F04E14101B62EB47589 ] C:\Windows\System32\NaturalLanguage6.dll
12:15:01.0007 0632 C:\Windows\System32\NaturalLanguage6.dll - ok
12:15:01.0007 0632 [ 29ADC97527E30540944F1735B2795C3D ] C:\Windows\System32\NlsData0009.dll
12:15:01.0007 0632 C:\Windows\System32\NlsData0009.dll - ok
12:15:01.0022 0632 [ FD7B6F48B20D9A29D5811BA50051509A ] C:\Windows\System32\NlsLexicons0009.dll
12:15:01.0022 0632 C:\Windows\System32\NlsLexicons0009.dll - ok
12:15:01.0038 0632 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
12:15:01.0038 0632 C:\Windows\System32\linkinfo.dll - ok
12:15:01.0038 0632 [ 41E59135D4532EC9743430A5C148DEAA ] C:\Windows\System32\ieframe.dll
12:15:01.0038 0632 C:\Windows\System32\ieframe.dll - ok
12:15:01.0054 0632 [ D517ACAF8252713960AA0E0BB41614D1 ] C:\Windows\System32\ExplorerFrame.dll
12:15:01.0054 0632 C:\Windows\System32\ExplorerFrame.dll - ok
12:15:01.0054 0632 [ 810AE8B27B91240252D7223A536BB95E ] C:\Windows\System32\networkexplorer.dll
12:15:01.0054 0632 C:\Windows\System32\networkexplorer.dll - ok
12:15:01.0069 0632 [ 259E27152180B895DF395ED3E412B90E ] C:\Program Files\Internet Explorer\iexplore.exe
12:15:01.0069 0632 C:\Program Files\Internet Explorer\iexplore.exe - ok
12:15:01.0069 0632 [ A702A2ED07645100C2CAD8E0ADB87E9D ] C:\Windows\System32\thumbcache.dll
12:15:01.0069 0632 C:\Windows\System32\thumbcache.dll - ok
12:15:01.0100 0632 [ 42D08A04BEA63D24545C543583BC5D7A ] C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll
12:15:01.0100 0632 C:\PROGRA~1\Yahoo!\Common\YMMAPI.dll - ok
12:15:01.0100 0632 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
12:15:01.0100 0632 C:\Windows\System32\control.exe - ok
12:15:01.0116 0632 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe
12:15:01.0116 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\wordicon.exe - ok
12:15:01.0116 0632 [ 8A7F55E5B5543C95D8AF191BCBF6D125 ] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
12:15:01.0116 0632 C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe - ok
12:15:01.0132 0632 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe
12:15:01.0132 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pptico.exe - ok
12:15:01.0132 0632 [ 6D796D59977EB52B33B966EAB9C73E6A ] C:\Program Files\Microsoft Works\MSWorks.exe
12:15:01.0132 0632 C:\Program Files\Microsoft Works\MSWorks.exe - ok
12:15:01.0147 0632 [ 1CDB3DCE5174CBC12DC7B14809181848 ] C:\Windows\System32\mspaint.exe
12:15:01.0147 0632 C:\Windows\System32\mspaint.exe - ok
12:15:01.0163 0632 [ 4616054B57EBDC3C885A67FA08F6967C ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe
12:15:01.0163 0632 C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe - ok
12:15:01.0163 0632 [ 6D72EBA18C618ECC55E77DAF15D166E6 ] C:\Program Files\Toshiba Registration\Registration.exe
12:15:01.0163 0632 C:\Program Files\Toshiba Registration\Registration.exe - ok
12:15:01.0178 0632 [ 1EDEB2982D305451E689755DC4BCB7A2 ] C:\Program Files\Windows Calendar\WinCal.exe
12:15:01.0178 0632 C:\Program Files\Windows Calendar\WinCal.exe - ok
12:15:01.0178 0632 [ C3A87CA43956F2B8D0C3F567F129ABF3 ] C:\Windows\System32\wdmaud.drv
12:15:01.0178 0632 C:\Windows\System32\wdmaud.drv - ok
12:15:01.0194 0632 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
12:15:01.0194 0632 C:\Windows\System32\ksuser.dll - ok
12:15:01.0194 0632 [ B55A6BEA7EA9087DC72485D5E028EBCB ] C:\Windows\System32\MMDevAPI.dll
12:15:01.0194 0632 C:\Windows\System32\MMDevAPI.dll - ok
12:15:01.0210 0632 [ 02EA06DD2318BC0EAEAE17206D052A44 ] C:\Program Files\Windows Mail\wab.exe
12:15:01.0210 0632 C:\Program Files\Windows Mail\wab.exe - ok
12:15:01.0225 0632 [ 9253C752DC9B5CEEAA7747E165B75EEB ] C:\Windows\System32\stobject.dll
12:15:01.0225 0632 C:\Windows\System32\stobject.dll - ok
12:15:01.0225 0632 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
12:15:01.0225 0632 C:\Windows\System32\batmeter.dll - ok
12:15:01.0241 0632 [ AE2E36868172164EAD298DFC6051E5C3 ] C:\Program Files\Windows Mail\WinMail.exe
12:15:01.0241 0632 C:\Program Files\Windows Mail\WinMail.exe - ok
12:15:01.0241 0632 [ 05145613C47BF084976C2C762CD19A61 ] C:\Windows\System32\ntshrui.dll
12:15:01.0241 0632 C:\Windows\System32\ntshrui.dll - ok
12:15:01.0256 0632 [ 9AD9E2FB2811123DA13DE84CC154AB77 ] C:\Program Files\Windows Defender\MSASCui.exe
12:15:01.0256 0632 C:\Program Files\Windows Defender\MSASCui.exe - ok
12:15:01.0272 0632 [ F1AFC29716F91116E8A45ACE6EED6797 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exe
12:15:01.0272 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exe - ok
12:15:01.0288 0632 [ D7787D202FB15B2AE6B08A1AF57F91DD ] C:\Windows\System32\cscapi.dll
12:15:01.0288 0632 C:\Windows\System32\cscapi.dll - ok
12:15:01.0288 0632 [ 80660C611B596FFE8AF4074B31AA6FB7 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
12:15:01.0288 0632 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
12:15:01.0303 0632 [ 5A175C291F7C9EC48321A540CA3550D3 ] C:\Program Files\Windows Media Player\wmplayer.exe
12:15:01.0303 0632 C:\Program Files\Windows Media Player\wmplayer.exe - ok
12:15:01.0303 0632 [ FACE86ABDF4CE94989A9DA4849498EC7 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
12:15:01.0303 0632 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
12:15:01.0319 0632 [ 2B7B7526152CC891C78E9003505A501D ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\hpqDTSS.exe
12:15:01.0319 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\hpqDTSS.exe - ok
12:15:01.0319 0632 [ DE7D94281661D8A7F20A44B810BCDE9A ] C:\Users\Steven Lumapas\Desktop\dds.scr
12:15:01.0319 0632 C:\Users\Steven Lumapas\Desktop\dds.scr - ok
12:15:01.0334 0632 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Steven Lumapas\Desktop\tdsskiller.exe
12:15:01.0334 0632 C:\Users\Steven Lumapas\Desktop\tdsskiller.exe - ok
12:15:01.0350 0632 [ 5F86BAA76C0E1456DD8B17B6EE72482C ] C:\Windows\Installer\{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}\iTunesIco.exe
12:15:01.0350 0632 C:\Windows\Installer\{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}\iTunesIco.exe - ok
12:15:01.0350 0632 [ 63368D3E65AACE7D26F69D8B29384243 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
12:15:01.0366 0632 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
12:15:01.0366 0632 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Users\Steven Lumapas\Desktop\aswMBR.exe
12:15:01.0366 0632 C:\Users\Steven Lumapas\Desktop\aswMBR.exe - ok
12:15:01.0381 0632 [ 1C4D0F52B4238B9388F2A28DD0903588 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll
12:15:01.0381 0632 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\msvcr80.dll - ok
12:15:01.0381 0632 [ 7B4971C3D43525175A4EA0D143E0412E ] C:\Windows\System32\es.dll
12:15:01.0381 0632 C:\Windows\System32\es.dll - ok
12:15:01.0397 0632 [ 349CD4318E6E351C9BB72EE13B7CA807 ] C:\Windows\System32\cmd.exe
12:15:01.0397 0632 C:\Windows\System32\cmd.exe - ok
12:15:01.0412 0632 [ 2DE3E97D59E7930EBAA3EE8506570168 ] C:\Program Files\HP Photo Creations\PhotoProduct.exe
12:15:01.0412 0632 C:\Program Files\HP Photo Creations\PhotoProduct.exe - ok
12:15:01.0412 0632 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
12:15:01.0412 0632 C:\Windows\System32\SndVolSSO.dll - ok
12:15:01.0428 0632 [ FF7F14FDA901090E337488A1900E3660 ] C:\Windows\System32\notepad.exe
12:15:01.0428 0632 C:\Windows\System32\notepad.exe - ok
12:15:01.0428 0632 [ 9C2A1150A2902C503D092614E44A202A ] C:\Program Files\Windows Collaboration\WinCollab.exe
12:15:01.0428 0632 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
12:15:01.0444 0632 [ F4FF57BE16BED8A8BD45D0DB14E6125D ] C:\Windows\System32\netshell.dll
12:15:01.0444 0632 C:\Windows\System32\netshell.dll - ok
12:15:01.0444 0632 [ 15952FB2674ABB40C28CDDA116CE4560 ] C:\Windows\System32\HelpPaneProxy.dll
12:15:01.0444 0632 C:\Windows\System32\HelpPaneProxy.dll - ok
12:15:01.0459 0632 [ BE37415BBEB27A0797088868C498ED54 ] C:\Windows\System32\pnidui.dll
12:15:01.0459 0632 C:\Windows\System32\pnidui.dll - ok
12:15:01.0475 0632 [ 14667B73AF7D2B0E51DD15216571A97C ] C:\Windows\HelpPane.exe
12:15:01.0475 0632 C:\Windows\HelpPane.exe - ok
12:15:01.0475 0632 [ 409F5D96AD20EFABDFA9C8FA52A2D69B ] C:\Windows\System32\QUTIL.DLL
12:15:01.0475 0632 C:\Windows\System32\QUTIL.DLL - ok
12:15:01.0490 0632 [ 6CF13CA9C71F343833CBDE212D2AA956 ] C:\Windows\System32\apds.dll
12:15:01.0490 0632 C:\Windows\System32\apds.dll - ok
12:15:01.0490 0632 [ 77CCB4074CC32BF68CED66A90B865C8B ] C:\Program Files\Movie Maker\MOVIEMK.exe
12:15:01.0490 0632 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
12:15:01.0506 0632 [ C53CA84BF1C9E20AA1B0A8D7D5E28426 ] C:\Windows\System32\mlang.dll
12:15:01.0506 0632 C:\Windows\System32\mlang.dll - ok
12:15:01.0506 0632 [ 4E579F380701D9BF0669ED61E8EC5951 ] C:\Windows\System32\rasapi32.dll
12:15:01.0506 0632 C:\Windows\System32\rasapi32.dll - ok
12:15:01.0522 0632 [ 9BCBDCA7312A0806CE7D8976C314A988 ] C:\Windows\System32\rasman.dll
12:15:01.0522 0632 C:\Windows\System32\rasman.dll - ok
12:15:01.0537 0632 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
12:15:01.0537 0632 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
12:15:01.0537 0632 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
12:15:01.0537 0632 C:\Windows\System32\tapi32.dll - ok
12:15:01.0553 0632 [ C72DC4848F94A84BDBAE3B1080086316 ] C:\Windows\System32\msxml3.dll
12:15:01.0553 0632 C:\Windows\System32\msxml3.dll - ok
12:15:01.0553 0632 [ 8870208FCB90E11960D45ECC994D268F ] C:\Windows\System32\wuapp.exe
12:15:01.0553 0632 C:\Windows\System32\wuapp.exe - ok
12:15:01.0568 0632 [ 2FD1F9B233DAD29C06DC658F61DEFB09 ] C:\Windows\System32\accessibilitycpl.dll
12:15:01.0568 0632 C:\Windows\System32\accessibilitycpl.dll - ok
12:15:01.0568 0632 [ BF832D4C49AAEA869E7D9248D0E73A83 ] C:\Windows\System32\rtutils.dll
12:15:01.0568 0632 C:\Windows\System32\rtutils.dll - ok
12:15:01.0600 0632 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
12:15:01.0600 0632 C:\Windows\System32\npmproxy.dll - ok
12:15:01.0600 0632 [ 5B56A7A5AE0C118CF6413A6E99170BF8 ] C:\Windows\System32\wucltux.dll
12:15:01.0600 0632 C:\Windows\System32\wucltux.dll - ok
12:15:01.0615 0632 [ A01004B13E763DB42BF0F19DBEB62F51 ] C:\Windows\System32\mshtml.dll
12:15:01.0615 0632 C:\Windows\System32\mshtml.dll - ok
12:15:01.0615 0632 [ 1323F16A48CF6501907D4C8288231271 ] C:\Windows\System32\Magnify.exe
12:15:01.0615 0632 C:\Windows\System32\Magnify.exe - ok
12:15:01.0631 0632 [ DA20A42F514ADDD91F0E4D1533CB6AA0 ] C:\Windows\System32\rasdlg.dll
12:15:01.0631 0632 C:\Windows\System32\rasdlg.dll - ok
12:15:01.0631 0632 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
12:15:01.0631 0632 C:\Windows\System32\rundll32.exe - ok
12:15:01.0646 0632 [ 2600A4854B435D3C15A28369CCD0B1F3 ] C:\Windows\System32\mprapi.dll
12:15:01.0646 0632 C:\Windows\System32\mprapi.dll - ok
12:15:01.0662 0632 [ A9CB04FABBB885C98EC3620E0540ED47 ] C:\Windows\System32\activeds.dll
12:15:01.0662 0632 C:\Windows\System32\activeds.dll - ok
12:15:01.0662 0632 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe
12:15:01.0662 0632 C:\Windows\System32\Narrator.exe - ok
12:15:01.0678 0632 [ B86BE8E7D6709018C73E4B5E1C070F65 ] C:\Windows\System32\adsldpc.dll
12:15:01.0678 0632 C:\Windows\System32\adsldpc.dll - ok
12:15:01.0678 0632 [ 6A6E9935532F74A074BDD7C3D84A4376 ] C:\Windows\System32\credui.dll
12:15:01.0678 0632 C:\Windows\System32\credui.dll - ok
12:15:01.0693 0632 [ B9CBDC4650818F2EEF38CE900A6E1502 ] C:\Windows\System32\msls31.dll
12:15:01.0693 0632 C:\Windows\System32\msls31.dll - ok
12:15:01.0693 0632 [ 1E166C230CB72BAF5AAC3AAAD308F0DC ] C:\Windows\System32\osk.exe
12:15:01.0693 0632 C:\Windows\System32\osk.exe - ok
12:15:01.0709 0632 [ 145076536DB5E6561C0E24E047B07A62 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
12:15:01.0709 0632 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe - ok
12:15:01.0724 0632 [ B3A75C58ECEEE466CFB5A53A229DE353 ] C:\Windows\System32\msimtf.dll
12:15:01.0724 0632 C:\Windows\System32\msimtf.dll - ok
12:15:01.0724 0632 [ FF78B8E67EDCE9FEED651D7858D77A04 ] C:\Windows\System32\winrnr.dll
12:15:01.0724 0632 C:\Windows\System32\winrnr.dll - ok
12:15:01.0740 0632 [ A46C3ED71D8FCDE69D852423D5C896D6 ] C:\Windows\System32\apss.dll
12:15:01.0740 0632 C:\Windows\System32\apss.dll - ok
12:15:01.0740 0632 [ EDDEC321B128328BC370A5447F7F8D69 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:15:01.0740 0632 C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:15:01.0756 0632 [ 20EF9002CFF89C4C1077E4415EC7297B ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:15:01.0756 0632 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:15:01.0756 0632 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
12:15:01.0756 0632 C:\Windows\System32\rasadhlp.dll - ok
12:15:01.0771 0632 [ 71E979899A9FFDDB0D1D80153192DB86 ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:15:01.0771 0632 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:15:01.0787 0632 [ 6109C0E8AB58CD3D0506BB81E23F3B22 ] C:\Windows\System32\wlanapi.dll
12:15:01.0787 0632 C:\Windows\System32\wlanapi.dll - ok
12:15:01.0787 0632 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
12:15:01.0787 0632 C:\Windows\System32\AltTab.dll - ok
12:15:01.0802 0632 [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe
12:15:01.0802 0632 C:\Windows\System32\calc.exe - ok
12:15:01.0802 0632 [ DE55F0A8D2F7DF728E796509C846A17E ] C:\Windows\System32\WPDShServiceObj.dll
12:15:01.0802 0632 C:\Windows\System32\WPDShServiceObj.dll - ok
12:15:01.0818 0632 [ EDF5249A8DC8B453D54033E6A98807BF ] C:\Windows\System32\srchadmin.dll
12:15:01.0818 0632 C:\Windows\System32\srchadmin.dll - ok
12:15:01.0818 0632 [ DAB41BE2C7EAE22EB325864743878CFF ] C:\Windows\System32\mblctr.exe
12:15:01.0818 0632 C:\Windows\System32\mblctr.exe - ok
12:15:01.0834 0632 [ 4FD45F2A2C445359482CA3F34EAB1A4D ] C:\Windows\System32\webcheck.dll
12:15:01.0834 0632 C:\Windows\System32\webcheck.dll - ok
12:15:01.0849 0632 [ 78F9800FA0E89DA51747AEEAC8B422DB ] C:\Windows\System32\SyncCenter.dll
12:15:01.0849 0632 C:\Windows\System32\SyncCenter.dll - ok
12:15:01.0849 0632 [ 267398F636881C34EE6E852308530C95 ] C:\Windows\System32\bthprops.cpl
12:15:01.0849 0632 C:\Windows\System32\bthprops.cpl - ok
12:15:01.0865 0632 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] C:\Windows\System32\drivers\cdfs.sys
12:15:01.0865 0632 C:\Windows\System32\drivers\cdfs.sys - ok
12:15:01.0865 0632 [ 37F43EBE34FECB787033EA4DC705678D ] C:\Windows\System32\mstsc.exe
12:15:01.0865 0632 C:\Windows\System32\mstsc.exe - ok
12:15:01.0880 0632 [ 6E30D310BC7D1684B1CE7407F9A1638D ] C:\Windows\System32\imapi2.dll
12:15:01.0880 0632 C:\Windows\System32\imapi2.dll - ok
12:15:01.0880 0632 [ 56DE7AEB7435FEE1EDB8A83030026884 ] C:\Windows\System32\QAGENT.DLL
12:15:01.0880 0632 C:\Windows\System32\QAGENT.DLL - ok
12:15:01.0912 0632 [ 582F3A0BA61D8F0D50C66B592808B6D6 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:15:01.0912 0632 C:\Program Files\Windows Sidebar\sidebar.exe - ok
12:15:01.0912 0632 [ BBC285B1A17A0C08FC6A2E1FB3E9D141 ] C:\Windows\System32\FWPUCLNT.DLL
12:15:01.0912 0632 C:\Windows\System32\FWPUCLNT.DLL - ok
12:15:01.0927 0632 [ D05DC087ABAE3927CEE384AF9FE184E9 ] C:\Windows\System32\PortableDeviceTypes.dll
12:15:01.0927 0632 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:15:01.0927 0632 [ 19B8445EED63D61797610BD50938A09F ] C:\Windows\System32\SoundRecorder.exe
12:15:01.0927 0632 C:\Windows\System32\SoundRecorder.exe - ok
12:15:01.0943 0632 [ C5BFC12E10AFA0C80C8912BA6BBFE44C ] C:\Windows\System32\PortableDeviceApi.dll
12:15:01.0943 0632 C:\Windows\System32\PortableDeviceApi.dll - ok
12:15:01.0943 0632 [ 9C632DC0F1B6D79B05F46A4A5349CEF4 ] C:\Windows\System32\mobsync.exe
12:15:01.0943 0632 C:\Windows\System32\mobsync.exe - ok
12:15:01.0958 0632 [ 736A6F5FF321AAAAB140B1100E345F04 ] C:\Windows\System32\oobefldr.dll
12:15:01.0958 0632 C:\Windows\System32\oobefldr.dll - ok
12:15:01.0974 0632 [ 4E43F692504FCA0A2257335135722706 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
12:15:01.0974 0632 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
12:15:01.0974 0632 [ C76EC4E550A62ED1C13B29A685E27E8B ] C:\Windows\Speech\Common\sapisvr.exe
12:15:01.0974 0632 C:\Windows\Speech\Common\sapisvr.exe - ok
12:15:01.0990 0632 [ 312BA286EB3BE9EAE82DA427ED2C0284 ] C:\Windows\System32\hnetcfg.dll
12:15:01.0990 0632 C:\Windows\System32\hnetcfg.dll - ok
12:15:01.0990 0632 [ 9E56331DBFA7DC27B6A95D6261F6FE0A ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
12:15:01.0990 0632 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
12:15:02.0005 0632 [ B41DD8277022E22CE64BDD97F248D29C ] C:\Windows\System32\upnp.dll
12:15:02.0005 0632 C:\Windows\System32\upnp.dll - ok
12:15:02.0005 0632 [ FDA72FF6093B5488B93967281EB52FE6 ] C:\Windows\System32\sdclt.exe
12:15:02.0005 0632 C:\Windows\System32\sdclt.exe - ok
12:15:02.0021 0632 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe
12:15:02.0021 0632 C:\Windows\System32\charmap.exe - ok
12:15:02.0036 0632 [ 572B6DDC9DC24BE8C9F0A4DD56D64C9E ] C:\Windows\System32\dfrgui.exe
12:15:02.0036 0632 C:\Windows\System32\dfrgui.exe - ok
12:15:02.0036 0632 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe
12:15:02.0036 0632 C:\Windows\System32\cleanmgr.exe - ok
12:15:02.0052 0632 [ 3D1B56512A76C6583D96165A8A3A05A3 ] C:\Windows\System32\migwiz\migwiz.exe
12:15:02.0052 0632 C:\Windows\System32\migwiz\migwiz.exe - ok
12:15:02.0052 0632 [ 3E5E53C5B77A825A2A22DCE94D6004E2 ] C:\Windows\System32\msinfo32.exe
12:15:02.0052 0632 C:\Windows\System32\msinfo32.exe - ok
12:15:02.0068 0632 [ 6EBDE0B1572ACDAB62F5110DABCA14BB ] C:\Windows\System32\rstrui.exe
12:15:02.0068 0632 C:\Windows\System32\rstrui.exe - ok
12:15:02.0068 0632 [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\Windows\System32\miguiresource.dll
12:15:02.0068 0632 C:\Windows\System32\miguiresource.dll - ok
12:15:02.0083 0632 [ 5282223E063262EB8F2507F56D5AC4E7 ] C:\Windows\System32\mycomput.dll
12:15:02.0083 0632 C:\Windows\System32\mycomput.dll - ok
12:15:02.0099 0632 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe
12:15:02.0099 0632 C:\Windows\System32\odbcad32.exe - ok
12:15:02.0099 0632 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
12:15:02.0099 0632 C:\Windows\System32\odbcint.dll - ok
12:15:02.0114 0632 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe
12:15:02.0114 0632 C:\Windows\System32\iscsicpl.exe - ok
12:15:02.0114 0632 [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\Windows\System32\iscsicpl.dll
12:15:02.0114 0632 C:\Windows\System32\iscsicpl.dll - ok
12:15:02.0130 0632 [ E9BBF88B66ACD7E2164D19F228482A02 ] C:\Windows\System32\MdSched.exe
12:15:02.0130 0632 C:\Windows\System32\MdSched.exe - ok
12:15:02.0130 0632 [ 46197517E2120E1ED93F0E0C93032879 ] C:\Windows\System32\wdc.dll
12:15:02.0130 0632 C:\Windows\System32\wdc.dll - ok
12:15:02.0161 0632 [ EB646C39538244E916E9434842258062 ] C:\Windows\System32\filemgmt.dll
12:15:02.0161 0632 C:\Windows\System32\filemgmt.dll - ok
12:15:02.0161 0632 [ 1BB128A09911A936E8EFC30C3F6C597C ] C:\Windows\System32\msconfig.exe
12:15:02.0161 0632 C:\Windows\System32\msconfig.exe - ok
12:15:02.0177 0632 [ 28406BD4E1B7E32C78BE0A6A20F4DEC1 ] C:\Windows\System32\AuthFWGP.dll
12:15:02.0177 0632 C:\Windows\System32\AuthFWGP.dll - ok
12:15:02.0177 0632 [ FCFFC21EA2639C10CB7CD834F33EA32B ] C:\Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\DMFLauncher.exe
12:15:02.0177 0632 C:\Program Files\Ulead Systems\DVD MovieFactory for TOSHIBA\Ulead DVD MovieFactory 5\DMFLauncher.exe - ok
12:15:02.0192 0632 [ 50CE59D0083CD8B5BA7C9AA5FF34EC1D ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
12:15:02.0192 0632 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
12:15:02.0192 0632 [ F7141B70555CECBF4EC2C01E37353994 ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
12:15:02.0192 0632 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok
12:15:02.0208 0632 [ 813B7AF6377505DDDA831822A1C76887 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
12:15:02.0208 0632 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
12:15:02.0224 0632 [ A65BCEE890B5256BB9BDC8E365EB0DD2 ] C:\Windows\System32\gameux.dll
12:15:02.0224 0632 C:\Windows\System32\gameux.dll - ok
12:15:02.0224 0632 [ 0D8C719FCD2F761834870419DAB0835F ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
12:15:02.0224 0632 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
12:15:02.0239 0632 [ B194F722D9AFA9D8A07334468F1B526C ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
12:15:02.0239 0632 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
12:15:02.0239 0632 [ CB5FD24A32CF02071F3703BC88F06092 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
12:15:02.0239 0632 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
12:15:02.0255 0632 [ 5AD1D4ACCA7D3E54450524B73C7D70FA ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
12:15:02.0255 0632 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
12:15:02.0255 0632 [ DABA18738EFC868E4F27B041846AC5B4 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
12:15:02.0255 0632 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
12:15:02.0270 0632 [ 140488497BB98AC1CEF5CF6DF2DF0ED3 ] C:\Program Files\HP\HP Software Update\hpwucli.exe
12:15:02.0270 0632 C:\Program Files\HP\HP Software Update\hpwucli.exe - ok
12:15:02.0286 0632 [ 026EE593459C9A2EC280A8FDB378E5A1 ] C:\Windows\Installer\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe
12:15:02.0286 0632 C:\Windows\Installer\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe - ok
12:15:02.0302 0632 [ 5DBD6EB5292F8D30A8A6650E63DE8165 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HelpViewer\hpqlpvwr.exe
12:15:02.0302 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HelpViewer\hpqlpvwr.exe - ok
12:15:02.0302 0632 [ A39A9122BD4456B1B8AA1BF90D02031E ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
12:15:02.0302 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe - ok
12:15:02.0317 0632 [ 3FC265F29E0B42817D53B9BF18150208 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPScan.exe
12:15:02.0317 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPScan.exe - ok
12:15:02.0317 0632 [ 90396328F660FC8892E18885959FC3F6 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetupLauncher.exe
12:15:02.0317 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetupLauncher.exe - ok
12:15:02.0333 0632 [ B038D40785FA669BD8C3E0252909B4C2 ] C:\Windows\System32\msiexec.exe
12:15:02.0333 0632 C:\Windows\System32\msiexec.exe - ok
12:15:02.0348 0632 [ 4532FB3ACE58BA21CB3EFE80CA008017 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
12:15:02.0348 0632 C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe - ok
12:15:02.0348 0632 [ 26CA799DD561D1B29A67E4802F5F4AF9 ] C:\Program Files\HP Photo Creations\uninst.exe
12:15:02.0348 0632 C:\Program Files\HP Photo Creations\uninst.exe - ok
12:15:02.0364 0632 [ 47AD91EC0CFA4BE87E3B08D3DAEA8BDB ] C:\Windows\System32\brcpl.dll
12:15:02.0364 0632 C:\Windows\System32\brcpl.dll - ok
12:15:02.0364 0632 [ 8072CEDAEF0C606D364E24F6F75B1099 ] C:\Windows\System32\wercon.exe
12:15:02.0364 0632 C:\Windows\System32\wercon.exe - ok
12:15:02.0380 0632 [ 64601B4CE490015850049CFAC1EA965B ] C:\Windows\System32\msra.exe
12:15:02.0380 0632 C:\Windows\System32\msra.exe - ok
12:15:02.0380 0632 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
12:15:02.0380 0632 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok
12:15:02.0411 0632 [ 71A69210E0296378028E8350EADA904C ] C:\Program Files\McAfee Security Scan\2.0.181\mcuicnt.exe
12:15:02.0411 0632 C:\Program Files\McAfee Security Scan\2.0.181\mcuicnt.exe - ok
12:15:02.0411 0632 [ 6337769E12A5FD5DE95D63306217FF6C ] C:\Program Files\McAfee Security Scan\uninstall.exe
12:15:02.0411 0632 C:\Program Files\McAfee Security Scan\uninstall.exe - ok
12:15:02.0426 0632 [ 08457294C7E98C5D3E5EE8CDC25FA537 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe
12:15:02.0426 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\accicons.exe - ok
12:15:02.0426 0632 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe
12:15:02.0426 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\xlicons.exe - ok
12:15:02.0442 0632 [ 8F469035BDD4141122DA3D8491474F8A ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe
12:15:02.0442 0632 C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe - ok
12:15:02.0442 0632 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe
12:15:02.0442 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\outicon.exe - ok
12:15:02.0458 0632 [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe
12:15:02.0458 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\pubs.exe - ok
12:15:02.0473 0632 [ 95B8A4245A6CD37D36E56FAE5A23E2B1 ] C:\WORKSSETUP\OffHST07Trial\setup.exe
12:15:02.0473 0632 C:\WORKSSETUP\OffHST07Trial\setup.exe - ok
12:15:02.0473 0632 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe
12:15:02.0473 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\misc.exe - ok
12:15:02.0489 0632 [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe
12:15:02.0489 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\cagicon.exe - ok
12:15:02.0489 0632 [ EA3706978F5083C27633FB73F57D49B3 ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe
12:15:02.0489 0632 C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe - ok
12:15:02.0504 0632 [ 2B96CE0865E00540A12182FD8C8A9B96 ] C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe
12:15:02.0504 0632 C:\Windows\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe - ok
12:15:02.0504 0632 [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe
12:15:02.0504 0632 C:\Windows\Installer\{91120000-0014-0000-0000-0000000FF1CE}\oisicon.exe - ok
12:15:02.0536 0632 [ 4C2E417F278E73460B65FEED1F3C2D58 ] C:\Program Files\Microsoft Silverlight\4.0.50401.0\Silverlight.Configuration.exe
12:15:02.0536 0632 C:\Program Files\Microsoft Silverlight\4.0.50401.0\Silverlight.Configuration.exe - ok
12:15:02.0536 0632 [ EF648657E3EAC1376EFADF9AC1CC54CB ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
12:15:02.0536 0632 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - ok
12:15:02.0551 0632 [ 206EE4B42D11585EB53C47FB69F69E54 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
12:15:02.0551 0632 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe - ok
12:15:02.0551 0632 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
12:15:02.0551 0632 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe - ok
12:15:02.0567 0632 [ 528DA0632ACC3EC0DABF0EE8F1DD5C20 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
12:15:02.0567 0632 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe - ok
12:15:02.0567 0632 [ 08BC7211E4E06A47CAC85D5A73D006E2 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
12:15:02.0567 0632 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe - ok
12:15:02.0582 0632 [ 5C373483418D410C75BD3E53FEEC9070 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
12:15:02.0582 0632 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe - ok
12:15:02.0598 0632 [ 2506CE7E7AA190103E060E1C9DA8C1A5 ] C:\WORKSSETUP\MSWORKS\Setup.exe
12:15:02.0598 0632 C:\WORKSSETUP\MSWORKS\Setup.exe - ok
12:15:02.0598 0632 [ 1F63E3EBB9C0FC87E6C811743BD6860D ] C:\Program Files\Picasa2\Picasa2.exe
12:15:02.0598 0632 C:\Program Files\Picasa2\Picasa2.exe - ok
12:15:02.0614 0632 [ 024D7E0407DF29DE5CBB7CB7D0F67F11 ] C:\Program Files\Picasa2\Uninstall.exe
12:15:02.0614 0632 C:\Program Files\Picasa2\Uninstall.exe - ok
12:15:02.0614 0632 [ E9B1524D19C8704B519E02AAC2DEDEFD ] C:\Program Files\Sony\Sony Picture Utility\Browser\SPUBrowser.exe
12:15:02.0614 0632 C:\Program Files\Sony\Sony Picture Utility\Browser\SPUBrowser.exe - ok
12:15:02.0629 0632 [ C70119C665DDC17EAA2668D55AFCAB68 ] C:\Program Files\Sony\Sony Picture Utility\Importer\DCF\SPUDCFImporter.exe
12:15:02.0629 0632 C:\Program Files\Sony\Sony Picture Utility\Importer\DCF\SPUDCFImporter.exe - ok
12:15:02.0629 0632 [ DE7776413899C73FF511DAB90CAC3B85 ] C:\Program Files\Sony\Sony Picture Utility\Announce\SPUAnnounce.exe
12:15:02.0629 0632 C:\Program Files\Sony\Sony Picture Utility\Announce\SPUAnnounce.exe - ok
12:15:02.0660 0632 [ C109BE54853180620C1FF0BB504FA0F6 ] C:\Program Files\Sony\Sony Picture Utility\InitTool\SPULocaleSetting.exe
12:15:02.0660 0632 C:\Program Files\Sony\Sony Picture Utility\InitTool\SPULocaleSetting.exe - ok
12:15:02.0660 0632 [ 936CB5B1CDAA5E230308C1C64683A63E ] C:\Program Files\Sony\Sony Picture Utility\InitTool\SPUInit.exe
12:15:02.0660 0632 C:\Program Files\Sony\Sony Picture Utility\InitTool\SPUInit.exe - ok
12:15:02.0676 0632 [ 89F7C30A91E5581BDF14C62AB46A2B2D ] C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
12:15:02.0676 0632 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - ok
12:15:02.0676 0632 [ D08CA7E378D25FF95BA4E499CA5DF2C1 ] C:\TOSHIBA\IVP\swupdate\swupdate.exe
12:15:02.0676 0632 C:\TOSHIBA\IVP\swupdate\swupdate.exe - ok
12:15:02.0692 0632 [ 46A9A14AE3384040B8B9C8490AAD52D8 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc1.exe
12:15:02.0692 0632 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc1.exe - ok
12:15:02.0692 0632 [ 50F1AB35E170903CE09148D05675058E ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe
12:15:02.0692 0632 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ECCenter1.exe - ok
12:15:02.0707 0632 [ 2FBE7EB719E9B978FA59E8D71C036A4A ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BIP_Camera1.exe
12:15:02.0707 0632 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\BIP_Camera1.exe - ok
12:15:02.0723 0632 [ 81BB25EB3EB51FDF8D9D5A8405CC6E4E ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\UsrGuide.exe
12:15:02.0723 0632 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\UsrGuide.exe - ok
12:15:02.0738 0632 [ 6DB9074817206138A0811525F1EC2F48 ] C:\Program Files\Toshiba\Bluetooth Toshiba Stack\WirelessFTP1.exe
12:15:02.0738 0632 C:\Program Files\Toshiba\Bluetooth Toshiba Stack\WirelessFTP1.exe - ok
12:15:02.0738 0632 [ 225CF9FA72FB534999EA16827EE97100 ] C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\NewShortcut2_5DA0E02F970B424BBF41513A5018E4C0.chm
12:15:02.0738 0632 C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\NewShortcut2_5DA0E02F970B424BBF41513A5018E4C0.chm - ok
12:15:02.0754 0632 [ E193BF148DE4A7537F32AC2B7859C070 ] C:\Program Files\Toshiba\TOSHIBA Disc Creator\ToDisc.exe
12:15:02.0754 0632 C:\Program Files\Toshiba\TOSHIBA Disc Creator\ToDisc.exe - ok
12:15:02.0754 0632 [ 369E0A75B4F868C6BAD07ABC8ACA8313 ] C:\Windows\System32\dot3api.dll
12:15:02.0754 0632 C:\Windows\System32\dot3api.dll - ok
12:15:02.0770 0632 [ 8F1B4AF2EC86DCB47968FCBC38AA75DA ] C:\Windows\System32\wlanhlp.dll
12:15:02.0770 0632 C:\Windows\System32\wlanhlp.dll - ok
12:15:02.0785 0632 [ 6A82BBD57C2DEDD4FB85DF87C8883243 ] C:\Windows\System32\mfc42u.dll
12:15:02.0785 0632 C:\Windows\System32\mfc42u.dll - ok
12:15:02.0785 0632 [ 3D9A5347126A306084B858C0C61090F5 ] C:\Windows\System32\odbc32.dll
12:15:02.0785 0632 C:\Windows\System32\odbc32.dll - ok
12:15:02.0801 0632 [ B8A559FDF98DD186AB84898E7DD191DC ] C:\Windows\System32\wbem\wbemprox.dll
12:15:02.0801 0632 C:\Windows\System32\wbem\wbemprox.dll - ok
12:15:02.0801 0632 [ 47D89DC720723845900D483C7D80B00F ] C:\Windows\System32\wbem\wbemcore.dll
12:15:02.0801 0632 C:\Windows\System32\wbem\wbemcore.dll - ok
12:15:02.0816 0632 [ C291DCE7039F951938929A1582DCCA69 ] C:\Program Files\Toshiba\TOSHIBA Disc Creator\TosRamUtil.exe
12:15:02.0816 0632 C:\Program Files\Toshiba\TOSHIBA Disc Creator\TosRamUtil.exe - ok
12:15:02.0816 0632 [ C3BAC3F95F2FB22BA903928B68B107CC ] C:\Windows\System32\wbem\esscli.dll
12:15:02.0816 0632 C:\Windows\System32\wbem\esscli.dll - ok
12:15:02.0832 0632 [ 798FD364677DA5278266102371B96F4B ] C:\Windows\System32\wbem\fastprox.dll
12:15:02.0832 0632 C:\Windows\System32\wbem\fastprox.dll - ok
12:15:02.0848 0632 [ 4DF2A3847F231F6AA9F8C841389BC5FD ] C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\NewShortcut3_5DA0E02F970B424BBF41513A5018E4C0_1.exe
12:15:02.0848 0632 C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\NewShortcut3_5DA0E02F970B424BBF41513A5018E4C0_1.exe - ok
12:15:02.0848 0632 [ 4297615D968B294D8E95270EA7FC6A65 ] C:\Windows\System32\wbem\wbemsvc.dll
12:15:02.0848 0632 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:15:02.0863 0632 [ 0F751202DD25E725CB9556A8A1257B9B ] C:\Windows\System32\wbem\wmiutils.dll
12:15:02.0863 0632 C:\Windows\System32\wbem\wmiutils.dll - ok
12:15:02.0863 0632 [ EEAB9DF84B132F78C909CD8061A4076C ] C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
12:15:02.0863 0632 C:\Program Files\Toshiba\ConfigFree\NDSTray.exe - ok
12:15:02.0879 0632 [ CCA209EB7B096D2BAB66A4DBD500C088 ] C:\Windows\System32\wbem\repdrvfs.dll
12:15:02.0879 0632 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:15:02.0879 0632 [ 189B90F149D2E8A8806E8FE53DB53638 ] C:\Program Files\Toshiba\ConfigFree\cfmain.exe
12:15:02.0879 0632 C:\Program Files\Toshiba\ConfigFree\cfmain.exe - ok
12:15:02.0894 0632 [ E6E2DA076B902C99E40BD202A2936949 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:15:02.0894 0632 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:15:02.0910 0632 [ BD1D1FD2AC8579F94D97D976D498BECA ] C:\Windows\System32\wbem\wbemess.dll
12:15:02.0910 0632 C:\Windows\System32\wbem\wbemess.dll - ok
12:15:02.0910 0632 [ 2FC4602A2022B32093B273D4DDDDCF2F ] C:\Windows\System32\cselect.exe
12:15:02.0926 0632 C:\Windows\System32\cselect.exe - ok
12:15:02.0926 0632 [ ABBABB9718848FD74C2D156BDFEDBCD5 ] C:\Program Files\ltmoh\ltmoh.exe
12:15:02.0926 0632 C:\Program Files\ltmoh\ltmoh.exe - ok
12:15:02.0941 0632 [ 1FEDE70E5610A42C837C95B7B21A34AE ] C:\Program Files\Toshiba\Speech System NLS\TosSrWsN.exe
12:15:02.0941 0632 C:\Program Files\Toshiba\Speech System NLS\TosSrWsN.exe - ok
12:15:02.0941 0632 [ 38A0CA0405752789D9C4DCE0E4FFF409 ] C:\Program Files\Toshiba\Speech System NLS\TosvceN.exe
12:15:02.0941 0632 C:\Program Files\Toshiba\Speech System NLS\TosvceN.exe - ok
12:15:02.0957 0632 [ FAAC5396485FF45461EF485C2F59B455 ] C:\Program Files\Toshiba\Speech System NLS\ToswbrN.exe
12:15:02.0957 0632 C:\Program Files\Toshiba\Speech System NLS\ToswbrN.exe - ok
12:15:02.0972 0632 [ 42E826E62941368431FDE4AA01F9B483 ] C:\Program Files\Toshiba\Utilities\TACSPROP.exe
12:15:02.0972 0632 C:\Program Files\Toshiba\Utilities\TACSPROP.exe - ok
12:15:02.0972 0632 [ 7C06CED2F7B9272A126D53A2A9F52AC0 ] C:\Windows\hh.exe
12:15:02.0972 0632 C:\Windows\hh.exe - ok
12:15:02.0988 0632 [ E2D4ED590AB3EC29736F1BEBC9F7C7D0 ] C:\Program Files\Toshiba\Utilities\HWSetup.exe
12:15:02.0988 0632 C:\Program Files\Toshiba\Utilities\HWSetup.exe - ok
12:15:02.0988 0632 [ D78D4F49CA82713A5C77B818F1E11C61 ] C:\Program Files\Toshiba\PCDiag\PCDiag.exe
12:15:02.0988 0632 C:\Program Files\Toshiba\PCDiag\PCDiag.exe - ok
12:15:03.0004 0632 [ 94A9876906569E98FA010888EC65BF54 ] C:\Program Files\Toshiba\FlashCards\TfcRst.exe
12:15:03.0004 0632 C:\Program Files\Toshiba\FlashCards\TfcRst.exe - ok
12:15:03.0004 0632 [ D97E8D911E05A82247D4756FC3F37E0B ] C:\Windows\Installer\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}\TOSSDfmt.exe_EBFF48F53CFA436F8FD594FB01D3A0A7.exe
12:15:03.0004 0632 C:\Windows\Installer\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}\TOSSDfmt.exe_EBFF48F53CFA436F8FD594FB01D3A0A7.exe - ok
12:15:03.0019 0632 [ C1BFE524999A61915FF0E7C96F0186A0 ] C:\Program Files\Toshiba\FlashCards\TfcConf\TfcConf.exe
12:15:03.0019 0632 C:\Program Files\Toshiba\FlashCards\TfcConf\TfcConf.exe - ok
12:15:03.0035 0632 [ 21D14FF5629BC5FE09E3D9A520E04556 ] C:\Program Files\Toshiba\TOSHIBA Assist\TInTouch.exe
12:15:03.0035 0632 C:\Program Files\Toshiba\TOSHIBA Assist\TInTouch.exe - ok
12:15:03.0035 0632 [ 4E72F2DC0A0B2D48C70F7EE5D3B84B93 ] C:\Program Files\Toshiba\SmoothView\SmoothView.exe
12:15:03.0035 0632 C:\Program Files\Toshiba\SmoothView\SmoothView.exe - ok
12:15:03.0050 0632 [ 0A347DF4C6945C09BF33442F71E4B28C ] C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TosHDDVD.exe
12:15:03.0050 0632 C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TosHDDVD.exe - ok
12:15:03.0050 0632 [ C069084A91F29A80E1B45A048FCD5769 ] C:\Program Files\Windows Media Components\Encoder\wmenc.exe
12:15:03.0050 0632 C:\Program Files\Windows Media Components\Encoder\wmenc.exe - ok
12:15:03.0066 0632 [ C069084A91F29A80E1B45A048FCD5769 ] C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon
12:15:03.0066 0632 C:\Windows\Installer\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}\ARPIcon - ok
12:15:03.0066 0632 [ A65F84B50317427C58A14C1C3ACD8AA2 ] C:\Program Files\Windows Media Components\Encoder\wmeditor.exe
12:15:03.0066 0632 C:\Program Files\Windows Media Components\Encoder\wmeditor.exe - ok
12:15:03.0097 0632 [ 4EA314A1B26257B0A8724E2BF65B53C7 ] C:\Program Files\Windows Media Components\Encoder\WMProEdt.exe
12:15:03.0097 0632 C:\Program Files\Windows Media Components\Encoder\WMProEdt.exe - ok
12:15:03.0097 0632 [ BAE963F318A4E269799C1E04CF9E4056 ] C:\Program Files\Windows Media Components\Encoder\wmstreamedt.exe
12:15:03.0097 0632 C:\Program Files\Windows Media Components\Encoder\wmstreamedt.exe - ok
12:15:03.0113 0632 [ C7048E3DD4D9FA3AF7BC2747EF5C433F ] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
12:15:03.0113 0632 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe - ok
12:15:03.0113 0632 [ 7FCE5C54F97A995F09B6D448CF51F834 ] C:\Windows\System32\ntlanman.dll
12:15:03.0113 0632 C:\Windows\System32\ntlanman.dll - ok
12:15:03.0128 0632 [ 1692212E48CFA7E3B4647ECCE6308B46 ] C:\Windows\System32\esent.dll
12:15:03.0128 0632 C:\Windows\System32\esent.dll - ok
12:15:03.0128 0632 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
12:15:03.0128 0632 C:\Windows\System32\drprov.dll - ok
12:15:03.0144 0632 [ D306EA7436AC1587463A89BE29B456FB ] C:\Windows\System32\davclnt.dll
12:15:03.0144 0632 C:\Windows\System32\davclnt.dll - ok
12:15:03.0160 0632 [ B8A77A513C9FF5C0D54611495CA41902 ] C:\Windows\System32\wbem\NCProv.dll
12:15:03.0160 0632 C:\Windows\System32\wbem\NCProv.dll - ok
12:15:03.0160 0632 [ C4B15E1320CEAE3C713D2DBD0E4383F1 ] C:\Windows\System32\wbem\wbemcons.dll
12:15:03.0160 0632 C:\Windows\System32\wbem\wbemcons.dll - ok
12:15:03.0175 0632 [ A714E938F2DF3751820DDB640E171E19 ] C:\Program Files\Internet Explorer\sqmapi.dll
12:15:03.0175 0632 C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:15:03.0175 0632 [ 4EA9982C170EFA853B7EAAA96F461134 ] C:\Windows\System32\ieui.dll
12:15:03.0175 0632 C:\Windows\System32\ieui.dll - ok
12:15:03.0191 0632 [ 7812ED1E5F39F057C725ED9EFAE19529 ] C:\Windows\System32\actxprxy.dll
12:15:03.0191 0632 C:\Windows\System32\actxprxy.dll - ok
12:15:03.0191 0632 [ 3414665BEFFBC39AA743B13ECC7B0D66 ] C:\Windows\System32\url.dll
12:15:03.0191 0632 C:\Windows\System32\url.dll - ok
12:15:03.0222 0632 [ F2CFCBFED94C5F0F8C3EE869DF9B5B5D ] C:\Windows\System32\ieapfltr.dll
12:15:03.0222 0632 C:\Windows\System32\ieapfltr.dll - ok
12:15:03.0222 0632 [ F45BC6A78A7A732330949E4DE1EF84A8 ] C:\Windows\System32\jscript.dll
12:15:03.0222 0632 C:\Windows\System32\jscript.dll - ok
12:15:03.0222 0632 [ EAD7B35EEBA759E6912BEC92FAF8DFBD ] C:\Windows\System32\iepeers.dll
12:15:03.0222 0632 C:\Windows\System32\iepeers.dll - ok
12:15:03.0238 0632 [ E42320B5A0B23BCB2F324286D0572D68 ] C:\Windows\System32\winspool.drv
12:15:03.0238 0632 C:\Windows\System32\winspool.drv - ok
12:15:03.0253 0632 [ E2CE9A15106F3A4CEAD4FDFB501C371B ] C:\Windows\System32\dxtrans.dll
12:15:03.0253 0632 C:\Windows\System32\dxtrans.dll - ok
12:15:03.0253 0632 [ 734DAA4FEAC6905BCFB30410D6C7E003 ] C:\Windows\System32\ddrawex.dll
12:15:03.0253 0632 C:\Windows\System32\ddrawex.dll - ok
12:15:03.0269 0632 [ 29EF7A2EE634DD701571E781DE5E7E91 ] C:\Windows\System32\ddraw.dll
12:15:03.0269 0632 C:\Windows\System32\ddraw.dll - ok
12:15:03.0284 0632 [ 82ABE656D4CAAB9FA69C601D988D23BE ] C:\Windows\System32\dciman32.dll
12:15:03.0284 0632 C:\Windows\System32\dciman32.dll - ok
12:15:03.0284 0632 [ 73432756624987A88A4C60D973140F4B ] C:\Windows\System32\dxtmsft.dll
12:15:03.0284 0632 C:\Windows\System32\dxtmsft.dll - ok
12:15:03.0300 0632 [ 528735EC76B303AEED833EF64AE1FEBE ] C:\Windows\System32\imgutil.dll
12:15:03.0300 0632 C:\Windows\System32\imgutil.dll - ok
12:15:03.0300 0632 [ 70D261F33C704269DAC04D9CD0DF0993 ] C:\Windows\System32\pngfilt.dll
12:15:03.0300 0632 C:\Windows\System32\pngfilt.dll - ok
12:15:03.0300 0632 [ 6C2BB5A69A6046D52BA4D9040501F2C5 ] C:\Windows\System32\mshtmled.dll
12:15:03.0300 0632 C:\Windows\System32\mshtmled.dll - ok
12:15:03.0316 0632 [ A303750BF0EFFC0458175E67958A7324 ] C:\Windows\System32\Macromed\Flash\Flash11g.ocx
12:15:03.0316 0632 C:\Windows\System32\Macromed\Flash\Flash11g.ocx - ok
12:15:03.0316 0632 [ 68AC082734363E6BA813E7EAA353DB13 ] C:\Windows\System32\dsound.dll
12:15:03.0331 0632 C:\Windows\System32\dsound.dll - ok
12:15:03.0347 0632 [ E72A22DCF0733AC06695ACD2268F6EB3 ] C:\Windows\System32\d3d9.dll
12:15:03.0347 0632 C:\Windows\System32\d3d9.dll - ok
12:15:03.0347 0632 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
12:15:03.0347 0632 C:\Windows\System32\d3d8thk.dll - ok
12:15:03.0362 0632 [ 6CFCA2A5B71C1CB908049DBC6BF6C6D1 ] C:\Windows\System32\mscms.dll
12:15:03.0362 0632 C:\Windows\System32\mscms.dll - ok
12:15:03.0362 0632 [ CE9D2B921137E648AB0FA9B9940A3AD3 ] C:\Windows\System32\dssenh.dll
12:15:03.0362 0632 C:\Windows\System32\dssenh.dll - ok
12:15:03.0378 0632 [ 91B7EC5F0FE04566782075171BF94A86 ] C:\Windows\System32\p2pcollab.dll
12:15:03.0378 0632 C:\Windows\System32\p2pcollab.dll - ok
12:15:03.0378 0632 [ D351DFCAF085B4771580E3F256F8F6E0 ] C:\Windows\System32\cryptnet.dll
12:15:03.0378 0632 C:\Windows\System32\cryptnet.dll - ok
12:15:03.0394 0632 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
12:15:03.0394 0632 C:\Windows\System32\SensApi.dll - ok
12:15:03.0409 0632 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\95642944.sys
12:15:03.0409 0632 C:\Windows\System32\drivers\95642944.sys - ok
12:15:03.0409 0632 [ 4FF455520B17D15E9191C5BC7D8148FE ] C:\Windows\System32\riched20.dll
12:15:03.0409 0632 C:\Windows\System32\riched20.dll - ok
12:15:03.0425 0632 [ 5952BB927DF91B764978032699468218 ] C:\Windows\System32\wbem\WMIADAP.exe
12:15:03.0425 0632 C:\Windows\System32\wbem\WMIADAP.exe - ok
12:15:03.0425 0632 [ BA40ED380CB91442F283022D637B15CA ] C:\Windows\System32\loadperf.dll
12:15:03.0425 0632 C:\Windows\System32\loadperf.dll - ok
12:15:03.0440 0632 [ 8339E480B3D4740404D8EE50D415935B ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:15:03.0440 0632 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:15:03.0440 0632 [ 81CA5900886AA95FEC95CB4CCBE5CE26 ] C:\Windows\System32\wbem\wmiprov.dll
12:15:03.0440 0632 C:\Windows\System32\wbem\wmiprov.dll - ok
12:15:03.0456 0632 [ EE64560328E5800C38B7BC78E45699A1 ] C:\Windows\System32\wmi.dll
12:15:03.0456 0632 C:\Windows\System32\wmi.dll - ok
12:15:03.0472 0632 ============================================================
12:15:03.0472 0632 Scan finished
12:15:03.0472 0632 ============================================================
12:15:03.0487 1356 Detected object count: 9
12:15:03.0487 1356 Actual detected object count: 9
12:16:09.0288 1356 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0288 1356 Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0288 1356 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0288 1356 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0304 1356 CFSvcs ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0304 1356 CFSvcs ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0304 1356 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0304 1356 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0304 1356 KR3NPXP ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0304 1356 KR3NPXP ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0304 1356 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0304 1356 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0304 1356 TNaviSrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0304 1356 TNaviSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0319 1356 TODDSrv ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0319 1356 TODDSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:16:09.0319 1356 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
12:16:09.0319 1356 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip




Howeve I ran into problems while trying to run Combofix. I downloaded it and ran it, but it said access was denied because I was not an administrator and needed the administrator actions to run it.

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 18 November 2012 - 07:08 PM

Hello,

Try running it in safemode. You may need to right click on Combofix and Choose" Run as Administrator"


Now reboot into Safe Mode.
This can be done tapping the F8 key as soon as you start your computer
You will be brought to a menu where you can choose to boot into safe mode.
Make sure you choose the option without networking support.
Please see here for additional details.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 18 November 2012 - 10:54 PM

Combo Log:

ComboFix 12-11-16.02 - Steven Lumapas 11/18/2012 21:40:39.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.2038.1665 [GMT -6:00]
Running from: c:\users\Steven Lumapas\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\Steven Lumapas\AppData\Roaming\Xeny
c:\users\Steven Lumapas\AppData\Roaming\Xeny\ysykd.exe
c:\users\Steven Lumapas\Documents\~WRL3215.tmp
c:\users\Steven Lumapas\Documents\~WRL3234.tmp
.
.
((((((((((((((((((((((((( Files Created from 2012-10-19 to 2012-11-19 )))))))))))))))))))))))))))))))
.
.
2012-11-19 03:47 . 2012-11-19 03:47 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-11-19 03:47 . 2012-11-19 03:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-19 03:47 . 2012-11-19 03:47 -------- d-----w- c:\users\Steven Lumapas\AppData\Local\temp
2012-11-15 22:36 . 2012-11-15 22:36 -------- d-----w- c:\windows\ERUNT
2012-11-15 22:36 . 2012-11-15 22:36 -------- d-----w- C:\JRT
2012-11-15 22:31 . 2012-11-15 22:31 -------- d-----w- C:\d069c130452a844e03
2012-11-14 21:36 . 2012-11-15 23:16 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Obpu
2012-11-14 21:36 . 2012-11-14 21:36 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Zaidy
2012-11-14 21:36 . 2012-11-14 21:36 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\hellomoto
2012-11-13 20:32 . 2012-11-13 20:32 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Malwarebytes
2012-11-13 20:32 . 2012-11-13 20:32 -------- d-----w- c:\programdata\Malwarebytes
2012-11-13 20:32 . 2012-11-13 20:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-13 20:32 . 2012-09-30 01:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 19:54 . 2012-11-13 19:54 -------- d-----w- c:\program files\Enigma Software Group
2012-11-13 19:53 . 2012-11-13 21:07 -------- d-----w- c:\windows\DDABC66756B3412282B02F5782EA2F9A.TMP
2012-11-13 19:53 . 2012-11-13 19:53 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-11-13 19:21 . 2012-11-13 20:37 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Aceb
2012-11-13 19:21 . 2012-11-13 19:23 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Ehtei
2012-11-13 19:21 . 2012-11-13 19:21 -------- d-----w- c:\users\Steven Lumapas\AppData\Roaming\Baecyh
2012-11-13 07:51 . 2012-10-17 07:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C350B180-8A6F-4F69-AB1D-1409ED633B2F}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn3\yt.dll" [2012-06-11 1524056]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 4670704]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-05 39408]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\YspService.exe" [2010-06-14 296248]
"Download"="c:\users\Steven Lumapas\AppData\Local\SupportSoft\ddoctorv2\Steven Lumapas\SSGet.exe" [2012-01-11 987648]
"SCardDlg"="c:\users\Steven Lumapas\AppData\Local\Microsoft\Windows\3593\SCardDlg.exe" [2012-11-14 81920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-20 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-20 129560]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2007-03-29 411192]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-16 448080]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-05-23 538744]
"RtHDVCpl"="RtHDVCpl.exe" [2007-04-25 4444160]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-10-29 102400]
"NDSTray.exe"="NDSTray.exe" [BU]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-29 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-03-30 267048]
"ddoctorv2"="c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe" [2008-04-24 202560]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-03-24 49208]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"6D412FFE-B506-4731-8810-D4DE1E6B5D90"="start" [X]
.
c:\users\Steven Lumapas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2008-3-8 344064]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 18:02]
.
2012-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 18:02]
.
2012-11-13 c:\windows\Tasks\HP Photo Creations Messager.job
- c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKCU-Run-ODBC - c:\users\Steven Lumapas\AppData\Roaming\9BC7E3\9BC7E3.exe
HKCU-Run-Ufiworusu - c:\users\Steven Lumapas\AppData\Roaming\Xeny\ysykd.exe
SafeBoot-32552980.sys
AddRemove-alotAppbar - c:\program files\alotappbar\alotUninst.exe
AddRemove-Coupon Printer for Windows5.0.0.0 - c:\program files\Coupons\uninstall.exe
AddRemove-Wincore MediaBar - c:\program files\iMesh Applications\MediaBar\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-18 21:47
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\users\STEVEN~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2012-11-18 21:50:11
ComboFix-quarantined-files.txt 2012-11-19 03:50
.
Pre-Run: 41,915,842,560 bytes free
Post-Run: 41,740,349,440 bytes free
.
- - End Of File - - 0815D4AD648137A0EA45504219B0ECD1



So should the virus be gone at this point and everything run okay? I still have it running in safe mode until I get the okay to start it up normally.

#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 18 November 2012 - 11:10 PM

We need to run a CFScript.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

Folder::
c:\users\Steven Lumapas\AppData\Roaming\Obpu
c:\users\Steven Lumapas\AppData\Roaming\Zaidy
c:\users\Steven Lumapas\AppData\Roaming\Aceb
c:\users\Steven Lumapas\AppData\Roaming\Ehtei
c:\users\Steven Lumapas\AppData\Roaming\Baecyh


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Please try the computer in Normal mode after you run Combofix. Let me know how it goes.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 19 November 2012 - 12:32 AM

Something went terribly wrong.

I dragged the txt file onto combofix like as instructed, and combofix popped up and did another scan. While it was doing the scan, I left the room and when I came back about 15 minutes later, the computer had restarted itself and is now saying it's unable to start and needs to have a system restore done.

I did the system restore and the computer can now start up fine but I have no idea what's been changed or done but I do know that the virus is still there now.

#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 19 November 2012 - 06:21 PM

Can u please post the Combofix log. It should be loacted at C:\Combofix.txt2

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 19 November 2012 - 09:36 PM

The only Combo log I could find had this listed:

ComboFix 12-11-16.02 - Steven Lumapas 11/18/2012 22:53:56.1.2 - x86 NETWORK
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.2038.1643 [GMT -6:00]
Running from: C:\Users\Steven Lumapas\Desktop\ComboFix.exe
Command switches used :: C:\Users\Steven Lumapas\Desktop\CFScript.txt

#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:12 PM

Posted 19 November 2012 - 10:52 PM

I did the system restore and the computer can now start up fine but I have no idea what's been changed or done but I do know that the virus is still there now.

How do you know the virus is still there?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 carisil94

carisil94
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:08:12 PM

Posted 20 November 2012 - 12:23 AM

After I did the system restore, the computer started up in it's normal mode and as soon as I logged in the "FBI" message popped up like how it did before.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users