Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yet another Google redirect topic


  • This topic is locked This topic is locked
19 replies to this topic

#1 mantis.toboggan

mantis.toboggan

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 20 December 2012 - 10:32 PM

Hello,
I've had this problem off/on for the last year+, but it has really gotten annoying as of late. About 10% of the time when I either go to a google based site (gmail/google/etc) or use my google toolbar search (today it redirected me at StubHub for the first time) it redirects me to a page that states:


This Connection is Untrusted

You have asked Firefox to connect
securely to www.google.com, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.

What Should I Do?

If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.


Attached is the screenshot of what this thing has looked like all along.
Attached File  Capture.JPG   59.71KB   4 downloads


I usually only use Firefox, but it also occurs on IE and Safari. The really bizarre part is that it ONLY happens at my house and can happen on multiple computers. It doesn't make sense to me, but it seems to be a modem thing? My new iPhone will do it, friends' computers visiting for the first time will do it.

I regularly use anti-malwarebytes, avast, and spywareblaster to no avail.

Any help is appreciated I realize it may take awhile due to the holiday season. Thanks

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 20 December 2012 - 10:41 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 20 December 2012 - 11:01 PM

Thanks for the quick response!

Results of screen317's Security Check version 0.99.56
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
WinPatrol
MVPS Hosts File
SpywareBlaster 4.6
Secunia PSI (2.0.0.3001)
Malwarebytes Anti-Malware version 1.65.1.1000
CCleaner
Java™ 6 Update 26
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.1.102.62
Mozilla Firefox (17.0.1)
Google Chrome 17.0.963.79
````````Process Check: objlist.exe by Laurent````````
WinPatrol winpatrol.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
BillP Studios WinPatrol WinPatrol.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0 %
````````````````````End of Log``````````````````````


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_26
Run by Brandrea at 21:58:33 on 2012-12-20
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.1072 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Windows\SMINST\BLService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
uProxyOverride = <local>;*.local
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: NameServer = 192.168.1.1 208.67.222.222 208.67.220.220
TCP: Interfaces\{E18ED7EC-B595-42D7-B881-3CB09CFBA590} : DHCPNameServer = 192.168.1.1 208.67.222.222 208.67.220.220
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 analytics.microsoft.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1 om.symantec.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\brandrea\appdata\roaming\mozilla\firefox\profiles\8p0ti9w2.default-1354940689758\
FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll
FF - plugin: c:\users\brandrea\appdata\roaming\facebook\npfbplugin_1_0_1.dll
FF - ExtSQL: 2012-12-07 22:08; wrc@avast.com; c:\program files\avast software\avast\webrep\FF
FF - ExtSQL: 2012-12-07 23:30; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\brandrea\appdata\roaming\mozilla\firefox\profiles\8p0ti9w2.default-1354940689758\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-12-08 19:17; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\brandrea\appdata\roaming\mozilla\firefox\profiles\8p0ti9w2.default-1354940689758\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2012-12-08 22:41; {5384767E-00D9-40E9-B72F-9CC39D655D6F}; c:\users\brandrea\appdata\roaming\mozilla\firefox\profiles\8p0ti9w2.default-1354940689758\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-8-28 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-8-28 361032]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_a7e996cd\AEstSrv.exe [2008-6-27 77824]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-8-28 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-8-28 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-8-28 44808]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-18 19456]
R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\sminst\BLService.exe [2008-7-1 341328]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]
R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-1-24 52736]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2008-6-4 113664]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2008-7-1 193840]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-12-19 04:58:44 -------- d-----w- c:\program files\iPod
2012-12-19 04:58:37 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-12-19 04:58:37 -------- d-----w- c:\program files\iTunes
2012-12-19 04:53:26 -------- d-----w- c:\program files\Bonjour
2012-12-18 20:44:58 -------- d-----w- c:\program files\CHM To PDF
2012-12-18 19:39:12 -------- d-----w- c:\users\brandrea\appdata\roaming\calibre
2012-12-18 18:29:36 -------- d-----w- c:\users\brandrea\appdata\roaming\Softland
2012-12-18 00:01:02 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-18 00:00:52 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-18 00:00:52 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-18 00:00:51 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-18 00:00:51 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-18 00:00:51 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-18 00:00:40 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-18 00:00:40 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-18 00:00:37 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-18 00:00:36 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-18 00:00:36 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-17 23:59:25 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-17 23:59:25 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-15 03:30:46 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-15 03:30:45 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-15 03:30:45 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-15 03:30:42 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-15 03:30:36 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-07 18:20:57 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-06 19:39:59 96224 ----a-w- c:\program files\mozilla firefox\nssdbm3.dll
2012-12-02 22:23:11 -------- d-----w- c:\program files\LizardTech
2012-12-02 22:18:59 -------- d-----w- c:\program files\Ghostscript
2012-12-02 22:15:59 -------- d-----w- c:\programdata\A-PDF
2012-12-02 22:15:47 -------- d-----w- c:\programdata\Boxtools
2012-12-02 22:15:27 488448 ----a-w- c:\windows\system32\apdfprintmon.dll
2012-12-02 22:15:22 -------- d-----w- c:\program files\DjVu to PDF
2012-12-02 22:00:32 -------- d-----w- c:\users\brandrea\.swt
2012-12-02 21:48:44 -------- d-----w- C:\$APDF
2012-12-02 21:48:30 -------- d-----w- c:\programdata\3DPageFlip
2012-12-02 21:33:36 -------- d-----w- c:\users\brandrea\appdata\roaming\PrimoPDF
2012-12-02 21:31:44 180624 ----a-w- c:\windows\system32\Primomonnt.dll
2012-12-02 21:31:38 -------- d-----w- c:\program files\Nitro PDF
2012-12-02 19:36:34 -------- d-----w- c:\users\brandrea\appdata\local\Xenocode
2012-12-02 19:36:34 -------- d-----w- c:\program files\Xenocode
2012-12-02 19:36:01 579504 ----a-w- c:\windows\system32\Codejock.SkinFramework.Unicode.v13.2.1.ocx
2012-12-02 19:36:01 2381744 ----a-w- c:\windows\system32\Codejock.CommandBars.Unicode.v13.2.1.ocx
2012-12-02 19:20:00 -------- d-----w- c:\program files\HTML Help Workshop
.
==================== Find3M ====================
.
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-10-30 23:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51:57 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51:07 41224 ----a-w- c:\windows\avastSS.scr
2012-09-30 01:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 16:32:56 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 16:32:56 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-09-25 16:19:41 75776 ----a-w- c:\windows\system32\synceng.dll
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.0.6002
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll iaStor.sys
c:\windows\system32\drivers\hpdskflt.sys Hewlett-Packard Corporation Hewlett-Packard Corporation Mobile Data Protection System
c:\windows\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver
1 ntkrnlpa!IofCallDriver[0x82C95936] -> \Device\Harddisk0\DR0[0x87D59AC8]
3 CLASSPNP[0x832098B3] -> ntkrnlpa!IofCallDriver[0x82C95936] -> [0x87C566D8]
5 hpdskflt[0x8C1AAF05] -> ntkrnlpa!IofCallDriver[0x82C95936] -> \Device\Ide\IAAStorageDevice-1[0x86D06028]
kernel: MBR read successfully
_asm { XOR DI, DI; MOV SI, 0x200; MOV SS, DI; MOV SP, 0x7a00; MOV BX, 0x7a0; MOV CX, SI; MOV DS, BX; MOV ES, BX; REP MOVSB ; JMP FAR 0x7a0:0x72; }
user != kernel MBR !!!
.
============= FINISH: 21:59:13.26 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/27/2008 3:22:01 AM
System Uptime: 12/19/2012 12:54:45 PM (33 hours ago)
.
Motherboard: Quanta | | 3602
Processor: Intel® Pentium® Dual CPU T3200 @ 2.00GHz | CPU | 2000/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 65.638 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 1.238 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1423: 12/19/2012 8:00:12 PM - Windows Update
RP1424: 12/20/2012 3:06:51 PM - Scheduled Checkpoint
RP1425: 12/20/2012 8:00:12 PM - Windows Update
.
==== Hosts File Hijack ======================
.
Hosts: 127.0.0.1 ads.mcafee.com
Hosts: 127.0.0.1 analytics.microsoft.com
Hosts: 127.0.0.1 metrics.bitdefender.com
Hosts: 127.0.0.1 metrics.mcafee.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1 ads.bleepingcomputer.com
Hosts: 127.0.0.1 wdcs.trendmicro.com
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
32 Bit HP CIO Components Installer
4500_Help
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Bonjour
Boxoft DjVu to PDF Freeware
BPD_HPSU
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom 802.11 Wireless LAN Adapter
BufferChm
Cards_Calendar_OrderGift_DoMorePlugout
CCleaner
CHM To PDF Converter PRO
Cisco Network Magic
Combined Community Codec Pack 2009-09-09
Compatibility Pack for the 2007 Office system
ConvertXtoDVD 3.3.4.106e
CustomerResearchQFolder
Defraggler
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocMgr
DocProc
DocProcQFolder
ESET Online Scanner v3
eSupportQFolder
Exact Audio Copy 0.99pb5
Facebook Plug-In
Fax
ffdshow [rev 2496] [2008-12-16]
FLAC 1.2.1b (remove only)
Flickr Uploadr 3.2.1
Foxit Reader
Google Chrome
Google Drive
Google Update Helper
GPBaseService
GPL Ghostscript 8.71
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP Customer Participation Program 10.0
HP Doc Viewer
HP Document Manager 1.0
HP Help and Support
HP Imaging Device Functions 10.0
HP Officejet J4500 Series
HP Photosmart Essential 2.5
HP Quick Launch Buttons 6.40 D1
HP QuickPlay 3.7
HP QuickTouch 1.00 D2
HP Smart Web Printing
HP Solution Center 10.0
HP Total Care Advisor
HP Update
HP User Guides 0102
HP Wireless Assistant
HPNetworkAssistant
HPPhotoSmartDiscLabel_PaperLabel
HPPhotoSmartDiscLabel_PrintOnDisc
HPPhotoSmartDiscLabel_Tattoo
HPPhotoSmartDiscLabelContent1
hpphotosmartdisclabelplugin
HPPhotoSmartPhotobookHolidayPack1
HPPhotoSmartPhotobookModernPack1
HPPhotoSmartPhotobookPlayfulPack1
HPPhotoSmartPhotobookScrapbookPack1
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
HPTCSSetup
HTML Help Workshop
iCloud
iDisk Utility for Windows
IDT Audio
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes
J4500
Java Auto Updater
Java™ 6 Update 26
LabelPrint
Lizardtech DjVu Control
Malwarebytes Anti-Malware version 1.65.1.1000
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Communicator 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MobileMe Control Panel
Monkey's Audio
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
Mp3tag v2.46a
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.1
Network Magic
OCR Software by I.R.I.S. 10.0
Octoshape add-in for Adobe Flash Player
Power2Go
PowerDirector
ProductContext
ProtectSmart Hard Drive Protection
PSSWCORE
Pure Networks Platform
QuickTime
Realtek 8169 8168 8101E 8102E Ethernet Driver
Realtek USB 2.0 Card Reader
Scan
Secunia PSI (2.0.0.3001)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Serif WebPlus 10
Serif WebPlus 10 Resources
Shop for HP Supplies
SolutionCenter
SpywareBlaster 4.6
Status
Synaptics Pointing Device Driver
Toolbox
TrayApp
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VideoToolkit01
VZAccess Manager for RIM
WebReg
Windows Media Player Firefox Plugin
WinPatrol
WinRAR archiver
WinX DVD Ripper Platinum 5.22.0
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
12/20/2012 8:25:12 PM, Error: VDS Dynamic Provider [10] - The provider failed while storing notifications from the driver. The Virtual Disk Service should be restarted. hr=80042505
12/18/2012 11:46:45 PM, Error: Service Control Manager [7034] - The QuickPlay Task Scheduler (QTS) service terminated unexpectedly. It has done this 1 time(s).
12/18/2012 11:07:19 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: netbt
12/18/2012 11:07:19 PM, Error: Service Control Manager [7022] - The QuickPlay Task Scheduler (QTS) service hung on starting.
12/18/2012 11:07:19 PM, Error: Service Control Manager [7022] - The QuickPlay Background Capture Service (QBCS) service hung on starting.
12/18/2012 11:07:19 PM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
12/18/2012 11:05:20 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the netbt service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2012 11:05:20 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/17/2012 9:36:04 PM, Error: Service Control Manager [7034] - The Recovery Service for Windows service terminated unexpectedly. It has done this 1 time(s).
12/17/2012 6:44:41 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/17/2012 6:43:34 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
12/17/2012 6:33:11 PM, Error: Service Control Manager [7022] - The Pure Networks Platform Service service hung on starting.
12/17/2012 6:04:16 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
12/17/2012 6:04:16 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/17/2012 5:58:27 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/17/2012 5:49:31 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0021008354A7. The following error occurred: The wait operation timed out.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
12/14/2012 9:22:50 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the hpqwmiex service to connect.
12/14/2012 9:22:50 PM, Error: Service Control Manager [7000] - The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/14/2012 9:22:15 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Secunia Update Agent service to connect.
12/14/2012 9:22:15 PM, Error: Service Control Manager [7000] - The Secunia Update Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/14/2012 9:21:44 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service hpqwmiex with arguments "" in order to run the server: {F5539356-2F02-40D4-999E-FA61F45FE12E}
.
==== End Of File ===========================



I didn't run into any problems during this.

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 20 December 2012 - 11:40 PM

Hello


These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 12:37 AM

I ran ADWCleaner with no problems. I then ran RogueKiller and subsequently ran into two problems.
1) As soon as RogueKiller finished, avast popped up saying it found a Root Kit

SVC: Truesight> C:Rootkit: Hidden Service

. (I didn't disable avast before running RogueKiller so that might be the problem)
2) I then tried to open Firefox to post the logs and it would not open. The busy icon would run for a couple seconds then stop. IE wouldn't run either. I had this problem briefly last week. So I rebooted, and still no luck. I shut the computer down a second time to reboot, and still Firefox would not open. So now I am in Safe Mode with Networking.


# AdwCleaner v2.101 - Logfile created 12/20/2012 at 22:54:54
# Updated 16/12/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Brandrea - BRANDREA-PC
# Boot Mode : Normal
# Running from : C:\Users\Brandrea\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default-1354940689758 [Profil par défaut]
File : C:\Users\Brandrea\AppData\Roaming\Mozilla\Firefox\Profiles\8p0ti9w2.default-1354940689758\prefs.js

[OK] File is clean.

-\\ Google Chrome v17.0.963.79

File : C:\Users\Brandrea\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [3358 octets] - [07/12/2012 21:51:27]
AdwCleaner[S2].txt - [965 octets] - [20/12/2012 22:54:54]

########## EOF - C:\AdwCleaner[S2].txt - [1024 octets] ##########


RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Brandrea [Admin rights]
Mode : Scan -- Date : 12/20/2012 23:05:51

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost #[IPv6]
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net
127.0.0.1 secure.aconti.net
127.0.0.1 www.aconti.net #[Dialer.Aconti]
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200BEVT-60ZCT1 +++++
--- User ---
[MBR] 6dd5ac132d333cf2f666b66b7ec6d93c
[BSP] 7cf95a057eaf12e275def1e848d6df0d : HP tatooed MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 294732 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603613184 | Size: 10509 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_12202012_02d2305.txt >>
RKreport[1]_S_12202012_02d2305.txt

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 21 December 2012 - 12:42 AM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 01:38 AM

Before running Combofix, I tried Firefox and it DID start this time. I turned of avast, it had the little 'x' covering it but Combofix still accused me of leaving it running. I hope that's alright. But I did exactly what the instructions told me to do.


ComboFix 12-12-20.02 - Brandrea 12/21/2012 0:12.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.2120 [GMT -6:00]
Running from: c:\users\Brandrea\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\releaseengineer\Application Data\64dlls.exe
c:\documents and settings\releaseengineer\Application Data\intel64.exe
c:\documents and settings\releaseengineer\Application Data\Kernel32.exe
c:\documents and settings\releaseengineer\Application Data\localsys64.exe
c:\documents and settings\releaseengineer\Application Data\ntos.exe
c:\documents and settings\releaseengineer\Application Data\oembios.exe
c:\documents and settings\releaseengineer\Application Data\sdra64.exe
c:\documents and settings\releaseengineer\Application Data\sdra73.exe
c:\documents and settings\releaseengineer\Application Data\swin32.exe
c:\documents and settings\releaseengineer\Application Data\twex.exe
c:\documents and settings\releaseengineer\Application Data\twext.exe
c:\documents and settings\releaseengineer\Application Data\win32avs.exe
c:\documents and settings\releaseengineer\Application Data\wsnpoema.exe
c:\users\Brandrea\AppData\Roaming\vso_ts_preview.xml
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 06:23 . 2012-12-21 06:26 -------- d-----w- c:\users\Brandrea\AppData\Local\temp
2012-12-21 06:23 . 2012-12-21 06:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-21 06:23 . 2012-12-21 06:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-21 02:00 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 02:00 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-19 04:58 . 2012-12-19 04:58 -------- d-----w- c:\program files\iPod
2012-12-19 04:58 . 2012-12-19 04:59 -------- d-----w- c:\program files\iTunes
2012-12-19 04:53 . 2012-12-19 04:53 -------- d-----w- c:\program files\Bonjour
2012-12-18 20:44 . 2012-12-18 20:48 -------- d-----w- c:\program files\CHM To PDF
2012-12-18 19:39 . 2012-12-18 19:40 -------- d-----w- c:\users\Brandrea\AppData\Roaming\calibre
2012-12-18 18:29 . 2012-12-18 18:29 -------- d-----w- c:\users\Brandrea\AppData\Roaming\Softland
2012-12-18 00:01 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-18 00:00 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-18 00:00 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-18 00:00 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-18 00:00 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-18 00:00 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-18 00:00 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-18 00:00 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-18 00:00 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-18 00:00 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-18 00:00 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-15 03:30 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-15 03:30 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-15 03:30 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-15 03:30 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-15 03:30 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-07 18:20 . 2012-08-21 19:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-02 22:23 . 2012-12-02 22:23 -------- d-----w- c:\program files\LizardTech
2012-12-02 22:18 . 2012-12-02 22:19 -------- d-----w- c:\program files\Ghostscript
2012-12-02 22:15 . 2009-10-09 18:46 488448 ----a-w- c:\windows\system32\apdfprintmon.dll
2012-12-02 22:15 . 2012-12-02 22:15 -------- d-----w- c:\program files\DjVu to PDF
2012-12-02 22:00 . 2012-12-02 22:00 -------- d-----w- c:\users\Brandrea\.swt
2012-12-02 21:48 . 2012-12-02 21:48 -------- d-----w- C:\$APDF
2012-12-02 21:33 . 2012-12-18 20:23 -------- d-----w- c:\users\Brandrea\AppData\Roaming\PrimoPDF
2012-12-02 21:31 . 2011-02-28 22:37 180624 ----a-w- c:\windows\system32\Primomonnt.dll
2012-12-02 21:31 . 2012-12-18 20:44 -------- d-----w- c:\program files\Nitro PDF
2012-12-02 19:36 . 2012-12-02 19:36 -------- d-----w- c:\users\Brandrea\AppData\Local\Xenocode
2012-12-02 19:36 . 2012-12-02 19:36 -------- d-----w- c:\program files\Xenocode
2012-12-02 19:36 . 2009-10-29 17:34 579504 ----a-w- c:\windows\system32\Codejock.SkinFramework.Unicode.v13.2.1.ocx
2012-12-02 19:36 . 2009-10-29 17:34 2381744 ----a-w- c:\windows\system32\Codejock.CommandBars.Unicode.v13.2.1.ocx
2012-12-02 19:20 . 2012-12-02 19:20 -------- d-----w- c:\program files\HTML Help Workshop
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 23:51 . 2011-08-28 14:58 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2011-08-28 14:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2011-08-28 14:58 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-08-28 14:58 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 23:51 . 2011-08-28 14:58 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2011-08-28 14:58 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2011-08-28 14:58 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2011-08-28 14:58 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-30 01:54 . 2011-08-28 14:16 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 16:32 . 2012-09-28 16:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 16:32 . 2012-09-28 16:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-09-25 16:19 . 2012-11-16 02:34 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-06 19:40 . 2012-12-06 19:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-28 1721640]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-02 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-11 c:\windows\Tasks\User_Feed_Synchronization-{96BDE39B-23C2-455A-9246-6ABB6E71351A}.job
- c:\windows\system32\msfeedssync.exe [2011-08-26 11:10]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 208.67.222.222 208.67.220.220
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-{007811BF-E310-4285-BFC6-55DB29B3EDDE} - c:\progra~2\INSTAL~2\{00781~1\Setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-21 00:28
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3708)
c:\program files\Pure Networks\Network Magic\nmrsrc.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Secunia\PSI\PSIA.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Secunia\PSI\sua.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2012-12-21 00:33:53 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-21 06:33
.
Pre-Run: 70,073,671,680 bytes free
Post-Run: 71,171,362,816 bytes free
.
- - End Of File - - C4ADC5171E4C96197066242EAEB740B1

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 21 December 2012 - 10:03 AM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 05:29 PM

No problems running either of theses.

16:05:02.0294 3404 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:05:04.0266 3404 ============================================================
16:05:04.0267 3404 Current date / time: 2012/12/21 16:05:04.0266
16:05:04.0267 3404 SystemInfo:
16:05:04.0267 3404
16:05:04.0267 3404 OS Version: 6.0.6002 ServicePack: 2.0
16:05:04.0267 3404 Product type: Workstation
16:05:04.0267 3404 ComputerName: BRANDREA-PC
16:05:04.0267 3404 UserName: Brandrea
16:05:04.0268 3404 Windows directory: C:\Windows
16:05:04.0268 3404 System windows directory: C:\Windows
16:05:04.0268 3404 Processor architecture: Intel x86
16:05:04.0268 3404 Number of processors: 2
16:05:04.0268 3404 Page size: 0x1000
16:05:04.0268 3404 Boot type: Normal boot
16:05:04.0268 3404 ============================================================
16:05:08.0008 3404 BG loaded
16:05:09.0030 3404 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:05:09.0132 3404 ============================================================
16:05:09.0132 3404 \Device\Harddisk0\DR0:
16:05:09.0217 3404 MBR partitions:
16:05:09.0217 3404 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23FA67C1
16:05:09.0217 3404 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23FA6800, BlocksNum 0x1486800
16:05:09.0218 3404 ============================================================
16:05:09.0266 3404 C: <-> \Device\Harddisk0\DR0\Partition1
16:05:09.0340 3404 D: <-> \Device\Harddisk0\DR0\Partition2
16:05:09.0341 3404 ============================================================
16:05:09.0341 3404 Initialize success
16:05:09.0341 3404 ============================================================
16:07:59.0056 4868 ============================================================
16:07:59.0056 4868 Scan started
16:07:59.0056 4868 Mode: Manual; SigCheck; TDLFS;
16:07:59.0056 4868 ============================================================
16:07:59.0365 4868 ================ Scan system memory ========================
16:07:59.0365 4868 System memory - ok
16:07:59.0365 4868 ================ Scan services =============================
16:07:59.0564 4868 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
16:07:59.0685 4868 Accelerometer - ok
16:07:59.0736 4868 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:07:59.0761 4868 ACPI - ok
16:07:59.0814 4868 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:07:59.0844 4868 adp94xx - ok
16:07:59.0872 4868 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:07:59.0895 4868 adpahci - ok
16:07:59.0925 4868 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:07:59.0944 4868 adpu160m - ok
16:07:59.0952 4868 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:07:59.0971 4868 adpu320 - ok
16:08:00.0024 4868 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:08:00.0096 4868 AeLookupSvc - ok
16:08:00.0406 4868 [ 3B1B2EE9DF189F6BBB080BF393D1B2EE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
16:08:00.0452 4868 AESTFilters - ok
16:08:00.0551 4868 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
16:08:00.0597 4868 AFD - ok
16:08:00.0640 4868 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:08:00.0656 4868 agp440 - ok
16:08:00.0673 4868 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:08:00.0690 4868 aic78xx - ok
16:08:00.0720 4868 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:08:00.0751 4868 ALG - ok
16:08:00.0772 4868 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
16:08:00.0788 4868 aliide - ok
16:08:00.0805 4868 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:08:00.0822 4868 amdagp - ok
16:08:00.0836 4868 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
16:08:00.0853 4868 amdide - ok
16:08:00.0875 4868 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:08:00.0931 4868 AmdK7 - ok
16:08:00.0957 4868 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:08:01.0019 4868 AmdK8 - ok
16:08:01.0073 4868 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
16:08:01.0123 4868 Appinfo - ok
16:08:01.0226 4868 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:08:01.0244 4868 Apple Mobile Device - ok
16:08:01.0314 4868 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
16:08:01.0335 4868 arc - ok
16:08:01.0349 4868 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:08:01.0369 4868 arcsas - ok
16:08:01.0392 4868 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:08:01.0416 4868 aswFsBlk - ok
16:08:01.0471 4868 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:08:01.0492 4868 aswMonFlt - ok
16:08:01.0518 4868 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
16:08:01.0537 4868 aswRdr - ok
16:08:01.0571 4868 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:08:01.0611 4868 aswSnx - ok
16:08:01.0652 4868 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:08:01.0698 4868 aswSP - ok
16:08:01.0723 4868 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:08:01.0737 4868 aswTdi - ok
16:08:01.0814 4868 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:08:01.0867 4868 AsyncMac - ok
16:08:01.0925 4868 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
16:08:01.0941 4868 atapi - ok
16:08:02.0028 4868 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:08:02.0082 4868 AudioEndpointBuilder - ok
16:08:02.0090 4868 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:08:02.0123 4868 Audiosrv - ok
16:08:02.0198 4868 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:08:02.0214 4868 avast! Antivirus - ok
16:08:02.0337 4868 [ 34A0A6386256080F52C74076C6157026 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
16:08:02.0418 4868 BCM43XV - ok
16:08:02.0493 4868 [ 34A0A6386256080F52C74076C6157026 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
16:08:02.0575 4868 BCM43XX - ok
16:08:02.0616 4868 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
16:08:02.0687 4868 Beep - ok
16:08:02.0761 4868 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
16:08:02.0820 4868 BFE - ok
16:08:02.0894 4868 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
16:08:03.0015 4868 BITS - ok
16:08:03.0044 4868 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
16:08:03.0137 4868 blbdrive - ok
16:08:03.0215 4868 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:08:03.0252 4868 Bonjour Service - ok
16:08:03.0301 4868 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:08:03.0371 4868 bowser - ok
16:08:03.0422 4868 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:08:03.0500 4868 BrFiltLo - ok
16:08:03.0532 4868 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:08:03.0618 4868 BrFiltUp - ok
16:08:03.0649 4868 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
16:08:03.0734 4868 Browser - ok
16:08:03.0764 4868 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:08:03.0878 4868 Brserid - ok
16:08:03.0908 4868 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:08:04.0028 4868 BrSerWdm - ok
16:08:04.0083 4868 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:08:04.0184 4868 BrUsbMdm - ok
16:08:04.0251 4868 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:08:04.0300 4868 BrUsbSer - ok
16:08:04.0338 4868 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:08:04.0411 4868 BTHMODEM - ok
16:08:04.0473 4868 catchme - ok
16:08:04.0491 4868 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:08:04.0541 4868 cdfs - ok
16:08:04.0599 4868 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:08:04.0649 4868 cdrom - ok
16:08:04.0707 4868 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
16:08:04.0758 4868 CertPropSvc - ok
16:08:04.0863 4868 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:08:04.0946 4868 circlass - ok
16:08:04.0990 4868 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
16:08:05.0022 4868 CLFS - ok
16:08:05.0077 4868 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:08:05.0106 4868 clr_optimization_v2.0.50727_32 - ok
16:08:05.0197 4868 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:08:05.0227 4868 clr_optimization_v4.0.30319_32 - ok
16:08:05.0278 4868 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:08:05.0357 4868 CmBatt - ok
16:08:05.0385 4868 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:08:05.0414 4868 cmdide - ok
16:08:05.0466 4868 [ A94146208170D78906C93EE39CEBDD9F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
16:08:05.0483 4868 Com4QLBEx - ok
16:08:05.0492 4868 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:08:05.0509 4868 Compbatt - ok
16:08:05.0515 4868 COMSysApp - ok
16:08:05.0526 4868 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:08:05.0542 4868 crcdisk - ok
16:08:05.0560 4868 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:08:05.0635 4868 Crusoe - ok
16:08:05.0687 4868 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:08:05.0729 4868 CryptSvc - ok
16:08:05.0788 4868 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:08:05.0860 4868 DcomLaunch - ok
16:08:05.0889 4868 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:08:05.0950 4868 DfsC - ok
16:08:06.0050 4868 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
16:08:06.0232 4868 DFSR - ok
16:08:06.0314 4868 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:08:06.0391 4868 Dhcp - ok
16:08:06.0422 4868 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
16:08:06.0447 4868 disk - ok
16:08:06.0470 4868 DM150Drv - ok
16:08:06.0516 4868 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:08:06.0565 4868 Dnscache - ok
16:08:06.0620 4868 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:08:06.0659 4868 dot3svc - ok
16:08:06.0704 4868 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:08:06.0770 4868 dot4 - ok
16:08:06.0807 4868 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
16:08:06.0873 4868 Dot4Print - ok
16:08:06.0905 4868 [ A84D8A9006B1AE515CC7B6B3586C295A ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
16:08:06.0966 4868 Dot4Scan - ok
16:08:06.0997 4868 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:08:07.0100 4868 dot4usb - ok
16:08:07.0144 4868 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:08:07.0246 4868 DPS - ok
16:08:07.0292 4868 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:08:07.0357 4868 drmkaud - ok
16:08:07.0409 4868 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:08:07.0461 4868 DXGKrnl - ok
16:08:07.0509 4868 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:08:07.0590 4868 E1G60 - ok
16:08:07.0641 4868 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
16:08:07.0709 4868 EapHost - ok
16:08:07.0763 4868 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
16:08:07.0800 4868 Ecache - ok
16:08:07.0843 4868 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:08:07.0880 4868 ehRecvr - ok
16:08:07.0901 4868 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
16:08:07.0946 4868 ehSched - ok
16:08:07.0972 4868 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
16:08:08.0045 4868 ehstart - ok
16:08:08.0095 4868 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:08:08.0131 4868 elxstor - ok
16:08:08.0180 4868 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:08:08.0247 4868 EMDMgmt - ok
16:08:08.0287 4868 [ 4CD6B056C5FD9E97C06FE74C81479517 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
16:08:08.0328 4868 enecir - ok
16:08:08.0348 4868 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:08:08.0395 4868 ErrDev - ok
16:08:08.0449 4868 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
16:08:08.0494 4868 EventSystem - ok
16:08:08.0546 4868 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
16:08:08.0593 4868 exfat - ok
16:08:08.0636 4868 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:08:08.0690 4868 fastfat - ok
16:08:08.0711 4868 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:08:08.0762 4868 fdc - ok
16:08:08.0791 4868 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
16:08:08.0828 4868 fdPHost - ok
16:08:08.0835 4868 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:08:08.0894 4868 FDResPub - ok
16:08:08.0936 4868 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:08:08.0955 4868 FileInfo - ok
16:08:08.0988 4868 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:08:09.0038 4868 Filetrace - ok
16:08:09.0063 4868 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:08:09.0121 4868 flpydisk - ok
16:08:09.0167 4868 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:08:09.0186 4868 FltMgr - ok
16:08:09.0320 4868 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
16:08:09.0354 4868 FontCache - ok
16:08:09.0413 4868 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:08:09.0427 4868 FontCache3.0.0.0 - ok
16:08:09.0464 4868 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:08:09.0506 4868 Fs_Rec - ok
16:08:09.0533 4868 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:08:09.0550 4868 gagp30kx - ok
16:08:09.0595 4868 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:08:09.0608 4868 GEARAspiWDM - ok
16:08:09.0649 4868 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
16:08:09.0689 4868 gpsvc - ok
16:08:09.0779 4868 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:08:09.0798 4868 gupdate - ok
16:08:09.0813 4868 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:08:09.0829 4868 gupdatem - ok
16:08:09.0854 4868 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:08:09.0937 4868 HdAudAddService - ok
16:08:09.0989 4868 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:08:10.0035 4868 HDAudBus - ok
16:08:10.0067 4868 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:08:10.0152 4868 HidBth - ok
16:08:10.0191 4868 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:08:10.0225 4868 HidIr - ok
16:08:10.0368 4868 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
16:08:10.0437 4868 hidserv - ok
16:08:10.0470 4868 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:08:10.0599 4868 HidUsb - ok
16:08:10.0674 4868 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:08:10.0738 4868 hkmsvc - ok
16:08:10.0842 4868 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
16:08:10.0849 4868 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
16:08:10.0849 4868 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
16:08:10.0912 4868 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:08:10.0929 4868 HpCISSs - ok
16:08:10.0962 4868 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
16:08:10.0974 4868 hpdskflt - ok
16:08:11.0156 4868 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:08:11.0166 4868 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:08:11.0166 4868 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:08:11.0288 4868 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:08:11.0297 4868 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:08:11.0297 4868 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:08:11.0324 4868 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
16:08:11.0366 4868 HpqKbFiltr - ok
16:08:11.0412 4868 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
16:08:11.0472 4868 HpqRemHid - ok
16:08:11.0521 4868 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:08:11.0536 4868 hpqwmiex - ok
16:08:11.0563 4868 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
16:08:11.0579 4868 hpsrv - ok
16:08:11.0613 4868 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:08:11.0663 4868 HSFHWAZL - ok
16:08:11.0715 4868 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:08:11.0826 4868 HSF_DPV - ok
16:08:11.0975 4868 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:08:12.0073 4868 HTTP - ok
16:08:12.0130 4868 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:08:12.0146 4868 i2omp - ok
16:08:12.0180 4868 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:08:12.0228 4868 i8042prt - ok
16:08:12.0329 4868 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:08:12.0349 4868 IAANTMON - ok
16:08:12.0399 4868 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:08:12.0416 4868 iaStor - ok
16:08:12.0466 4868 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:08:12.0493 4868 iaStorV - ok
16:08:12.0543 4868 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
16:08:12.0595 4868 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:08:12.0595 4868 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:08:12.0671 4868 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:08:12.0804 4868 idsvc - ok
16:08:12.0938 4868 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
16:08:13.0083 4868 igfx - ok
16:08:13.0131 4868 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:08:13.0153 4868 iirsp - ok
16:08:13.0192 4868 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
16:08:13.0495 4868 IKEEXT - ok
16:08:13.0607 4868 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
16:08:13.0813 4868 IntcHdmiAddService - ok
16:08:13.0861 4868 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
16:08:13.0879 4868 intelide - ok
16:08:13.0916 4868 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:08:13.0971 4868 intelppm - ok
16:08:14.0013 4868 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:08:14.0062 4868 IPBusEnum - ok
16:08:14.0098 4868 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:08:14.0145 4868 IpFilterDriver - ok
16:08:14.0212 4868 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:08:14.0266 4868 iphlpsvc - ok
16:08:14.0272 4868 IpInIp - ok
16:08:14.0333 4868 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:08:14.0371 4868 IPMIDRV - ok
16:08:14.0387 4868 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:08:14.0423 4868 IPNAT - ok
16:08:14.0487 4868 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:08:14.0534 4868 iPod Service - ok
16:08:14.0548 4868 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:08:14.0584 4868 IRENUM - ok
16:08:14.0611 4868 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:08:14.0630 4868 isapnp - ok
16:08:14.0676 4868 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:08:14.0699 4868 iScsiPrt - ok
16:08:14.0745 4868 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:08:14.0763 4868 iteatapi - ok
16:08:14.0770 4868 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:08:14.0788 4868 iteraid - ok
16:08:14.0805 4868 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:08:14.0823 4868 kbdclass - ok
16:08:14.0861 4868 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:08:14.0895 4868 kbdhid - ok
16:08:14.0934 4868 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
16:08:14.0997 4868 KeyIso - ok
16:08:15.0069 4868 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:08:15.0111 4868 KSecDD - ok
16:08:15.0161 4868 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:08:15.0475 4868 KtmRm - ok
16:08:15.0537 4868 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
16:08:15.0935 4868 LanmanServer - ok
16:08:16.0024 4868 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:08:16.0089 4868 LanmanWorkstation - ok
16:08:16.0238 4868 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:08:16.0293 4868 lltdio - ok
16:08:16.0367 4868 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:08:16.0698 4868 lltdsvc - ok
16:08:16.0725 4868 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:08:16.0775 4868 lmhosts - ok
16:08:16.0805 4868 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:08:16.0822 4868 LSI_FC - ok
16:08:16.0831 4868 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:08:16.0850 4868 LSI_SAS - ok
16:08:16.0904 4868 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:08:16.0922 4868 LSI_SCSI - ok
16:08:16.0932 4868 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
16:08:16.0984 4868 luafv - ok
16:08:17.0027 4868 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:08:17.0064 4868 Mcx2Svc - ok
16:08:17.0102 4868 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
16:08:17.0123 4868 megasas - ok
16:08:17.0175 4868 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
16:08:17.0206 4868 MegaSR - ok
16:08:17.0305 4868 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
16:08:17.0324 4868 Microsoft Office Groove Audit Service - ok
16:08:17.0405 4868 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
16:08:17.0492 4868 MMCSS - ok
16:08:17.0523 4868 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
16:08:17.0600 4868 Modem - ok
16:08:17.0639 4868 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:08:17.0705 4868 monitor - ok
16:08:17.0736 4868 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:08:17.0752 4868 mouclass - ok
16:08:17.0768 4868 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:08:17.0798 4868 mouhid - ok
16:08:17.0818 4868 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:08:17.0834 4868 MountMgr - ok
16:08:17.0917 4868 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:08:17.0934 4868 MozillaMaintenance - ok
16:08:17.0950 4868 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
16:08:17.0969 4868 mpio - ok
16:08:17.0984 4868 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:08:18.0010 4868 mpsdrv - ok
16:08:18.0092 4868 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:08:18.0161 4868 MpsSvc - ok
16:08:18.0206 4868 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:08:18.0222 4868 Mraid35x - ok
16:08:18.0257 4868 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:08:18.0325 4868 MRxDAV - ok
16:08:18.0361 4868 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:08:18.0385 4868 mrxsmb - ok
16:08:18.0441 4868 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:08:18.0495 4868 mrxsmb10 - ok
16:08:18.0520 4868 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:08:18.0562 4868 mrxsmb20 - ok
16:08:18.0590 4868 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
16:08:18.0611 4868 msahci - ok
16:08:18.0636 4868 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:08:18.0656 4868 msdsm - ok
16:08:18.0668 4868 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
16:08:18.0709 4868 MSDTC - ok
16:08:18.0735 4868 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:08:18.0791 4868 Msfs - ok
16:08:18.0818 4868 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:08:18.0837 4868 msisadrv - ok
16:08:18.0869 4868 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:08:18.0912 4868 MSiSCSI - ok
16:08:18.0922 4868 msiserver - ok
16:08:18.0948 4868 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:08:18.0994 4868 MSKSSRV - ok
16:08:19.0044 4868 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:08:19.0075 4868 MSPCLOCK - ok
16:08:19.0103 4868 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:08:19.0134 4868 MSPQM - ok
16:08:19.0169 4868 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:08:19.0190 4868 MsRPC - ok
16:08:19.0207 4868 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:08:19.0223 4868 mssmbios - ok
16:08:19.0234 4868 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:08:19.0282 4868 MSTEE - ok
16:08:19.0350 4868 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
16:08:19.0370 4868 Mup - ok
16:08:19.0416 4868 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
16:08:19.0485 4868 napagent - ok
16:08:19.0529 4868 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:08:19.0552 4868 NativeWifiP - ok
16:08:19.0608 4868 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:08:19.0672 4868 NDIS - ok
16:08:19.0702 4868 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:08:19.0776 4868 NdisTapi - ok
16:08:19.0808 4868 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:08:19.0851 4868 Ndisuio - ok
16:08:19.0877 4868 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:08:19.0955 4868 NdisWan - ok
16:08:19.0989 4868 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:08:20.0025 4868 NDProxy - ok
16:08:20.0060 4868 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:08:20.0097 4868 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:08:20.0097 4868 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:08:20.0120 4868 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:08:20.0164 4868 NetBIOS - ok
16:08:20.0187 4868 netbt - ok
16:08:20.0226 4868 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
16:08:20.0254 4868 Netlogon - ok
16:08:20.0326 4868 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
16:08:20.0446 4868 Netman - ok
16:08:20.0478 4868 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
16:08:20.0534 4868 netprofm - ok
16:08:20.0613 4868 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:08:20.0629 4868 NetTcpPortSharing - ok
16:08:20.0653 4868 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:08:20.0669 4868 nfrd960 - ok
16:08:20.0691 4868 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:08:20.0726 4868 NlaSvc - ok
16:08:20.0863 4868 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
16:08:20.0892 4868 nmservice - ok
16:08:20.0933 4868 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:08:20.0981 4868 Npfs - ok
16:08:21.0006 4868 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
16:08:21.0074 4868 nsi - ok
16:08:21.0109 4868 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:08:21.0162 4868 nsiproxy - ok
16:08:21.0224 4868 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:08:21.0311 4868 Ntfs - ok
16:08:21.0364 4868 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:08:21.0418 4868 ntrigdigi - ok
16:08:21.0449 4868 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
16:08:21.0481 4868 Null - ok
16:08:21.0569 4868 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
16:08:21.0732 4868 NVENETFD - ok
16:08:21.0756 4868 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:08:21.0774 4868 nvraid - ok
16:08:21.0781 4868 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:08:21.0800 4868 nvstor - ok
16:08:21.0845 4868 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:08:21.0909 4868 nv_agp - ok
16:08:21.0919 4868 NwlnkFlt - ok
16:08:21.0930 4868 NwlnkFwd - ok
16:08:22.0067 4868 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:08:22.0095 4868 odserv - ok
16:08:22.0142 4868 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:08:22.0191 4868 ohci1394 - ok
16:08:22.0254 4868 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:08:22.0272 4868 ose - ok
16:08:22.0338 4868 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:08:22.0389 4868 p2pimsvc - ok
16:08:22.0448 4868 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
16:08:22.0480 4868 p2psvc - ok
16:08:22.0528 4868 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
16:08:22.0580 4868 Parport - ok
16:08:22.0631 4868 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:08:22.0649 4868 partmgr - ok
16:08:22.0671 4868 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
16:08:22.0744 4868 Parvdm - ok
16:08:22.0774 4868 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
16:08:22.0826 4868 PcaSvc - ok
16:08:22.0859 4868 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
16:08:22.0881 4868 pci - ok
16:08:22.0914 4868 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
16:08:22.0932 4868 pciide - ok
16:08:22.0952 4868 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:08:22.0972 4868 pcmcia - ok
16:08:23.0338 4868 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
16:08:23.0356 4868 pcouffin - ok
16:08:23.0593 4868 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:08:23.0839 4868 PEAUTH - ok
16:08:23.0936 4868 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:08:24.0104 4868 pla - ok
16:08:24.0295 4868 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:08:24.0690 4868 PlugPlay - ok
16:08:25.0061 4868 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:08:25.0189 4868 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:08:25.0190 4868 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:08:25.0503 4868 [ 3DE33BCE4A930EDF57BD1F742823BCD8 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
16:08:25.0526 4868 pnarp - ok
16:08:25.0564 4868 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:08:25.0621 4868 PNRPAutoReg - ok
16:08:25.0842 4868 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:08:25.0904 4868 PNRPsvc - ok
16:08:25.0949 4868 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:08:26.0376 4868 PolicyAgent - ok
16:08:26.0494 4868 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:08:27.0195 4868 PptpMiniport - ok
16:08:27.0245 4868 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
16:08:27.0303 4868 Processor - ok
16:08:27.0365 4868 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
16:08:27.0444 4868 ProfSvc - ok
16:08:27.0553 4868 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:08:27.0589 4868 ProtectedStorage - ok
16:08:27.0668 4868 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:08:27.0933 4868 PSched - ok
16:08:27.0985 4868 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
16:08:29.0089 4868 PSI - ok
16:08:29.0228 4868 [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC ] purendis C:\Windows\system32\DRIVERS\purendis.sys
16:08:29.0251 4868 purendis - ok
16:08:29.0322 4868 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:08:29.0492 4868 ql2300 - ok
16:08:29.0848 4868 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:08:29.0882 4868 ql40xx - ok
16:08:30.0002 4868 [ 6803B69C14696CC4907C5F77FBB04A14 ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
16:08:30.0033 4868 QPCapSvc - ok
16:08:30.0102 4868 [ 95A0B86B9F1D27B613830864341A8252 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
16:08:30.0126 4868 QPSched - ok
16:08:30.0272 4868 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
16:08:30.0316 4868 QWAVE - ok
16:08:30.0336 4868 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:08:30.0444 4868 QWAVEdrv - ok
16:08:30.0800 4868 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:08:31.0045 4868 RasAcd - ok
16:08:31.0385 4868 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
16:08:31.0478 4868 RasAuto - ok
16:08:31.0509 4868 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:08:31.0794 4868 Rasl2tp - ok
16:08:31.0924 4868 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
16:08:31.0983 4868 RasMan - ok
16:08:32.0051 4868 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:08:32.0717 4868 RasPppoe - ok
16:08:32.0932 4868 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:08:33.0030 4868 RasSstp - ok
16:08:33.0261 4868 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:08:33.0313 4868 rdbss - ok
16:08:33.0435 4868 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:08:33.0915 4868 RDPCDD - ok
16:08:34.0196 4868 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:08:34.0261 4868 rdpdr - ok
16:08:34.0424 4868 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:08:34.0733 4868 RDPENCDD - ok
16:08:35.0200 4868 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:08:35.0331 4868 RDPWD - ok
16:08:35.0852 4868 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
16:08:35.0878 4868 Recovery Service for Windows - ok
16:08:36.0259 4868 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:08:36.0475 4868 RemoteAccess - ok
16:08:36.0629 4868 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:08:36.0842 4868 RemoteRegistry - ok
16:08:37.0779 4868 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:08:37.0809 4868 RichVideo - ok
16:08:37.0817 4868 RimUsb - ok
16:08:37.0986 4868 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
16:08:38.0017 4868 RimVSerPort - ok
16:08:38.0916 4868 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
16:08:38.0967 4868 ROOTMODEM - ok
16:08:40.0082 4868 RoxLiveShare9 - ok
16:08:40.0124 4868 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:08:40.0150 4868 RpcLocator - ok
16:08:40.0187 4868 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
16:08:40.0233 4868 RpcSs - ok
16:08:40.0265 4868 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:08:40.0470 4868 rspndr - ok
16:08:40.0863 4868 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
16:08:40.0895 4868 RTL8169 - ok
16:08:41.0132 4868 [ E64FE039C7B35CCDC0FFF05DB544EE58 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
16:08:41.0154 4868 RTSTOR - ok
16:08:41.0650 4868 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
16:08:41.0687 4868 SamSs - ok
16:08:41.0856 4868 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:08:41.0886 4868 sbp2port - ok
16:08:41.0944 4868 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:08:41.0999 4868 SCardSvr - ok
16:08:42.0230 4868 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
16:08:42.0619 4868 Schedule - ok
16:08:42.0741 4868 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:08:42.0779 4868 SCPolicySvc - ok
16:08:43.0463 4868 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
16:08:43.0733 4868 sdbus - ok
16:08:43.0783 4868 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:08:43.0824 4868 SDRSVC - ok
16:08:43.0863 4868 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:08:43.0993 4868 secdrv - ok
16:08:44.0024 4868 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
16:08:44.0090 4868 seclogon - ok
16:08:44.0362 4868 [ 7198BBFBE46C0070257278C536386687 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
16:08:44.0500 4868 Secunia PSI Agent - ok
16:08:44.0771 4868 [ D2FCA567F9BE87E29B9A9FA32FFE79CA ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
16:08:44.0794 4868 Secunia Update Agent - ok
16:08:44.0875 4868 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
16:08:44.0965 4868 SENS - ok
16:08:44.0999 4868 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
16:08:45.0104 4868 Serenum - ok
16:08:45.0131 4868 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
16:08:45.0255 4868 Serial - ok
16:08:45.0295 4868 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:08:45.0339 4868 sermouse - ok
16:08:45.0453 4868 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
16:08:45.0507 4868 SessionEnv - ok
16:08:45.0543 4868 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:08:45.0579 4868 sffdisk - ok
16:08:45.0651 4868 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:08:45.0730 4868 sffp_mmc - ok
16:08:45.0750 4868 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:08:45.0797 4868 sffp_sd - ok
16:08:45.0816 4868 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:08:45.0912 4868 sfloppy - ok
16:08:45.0948 4868 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:08:46.0031 4868 SharedAccess - ok
16:08:46.0181 4868 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:08:46.0265 4868 ShellHWDetection - ok
16:08:46.0327 4868 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:08:46.0351 4868 sisagp - ok
16:08:46.0372 4868 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:08:46.0397 4868 SiSRaid2 - ok
16:08:46.0693 4868 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:08:46.0711 4868 SiSRaid4 - ok
16:08:46.0946 4868 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
16:08:47.0975 4868 slsvc - ok
16:08:48.0106 4868 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:08:48.0269 4868 SLUINotify - ok
16:08:48.0686 4868 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:08:48.0973 4868 Smb - ok
16:08:49.0244 4868 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:08:49.0454 4868 SNMPTRAP - ok
16:08:49.0656 4868 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
16:08:49.0687 4868 spldr - ok
16:08:50.0098 4868 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
16:08:50.0561 4868 Spooler - ok
16:08:50.0715 4868 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:08:50.0781 4868 srv - ok
16:08:50.0833 4868 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:08:50.0892 4868 srv2 - ok
16:08:50.0914 4868 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:08:50.0937 4868 srvnet - ok
16:08:50.0966 4868 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:08:51.0041 4868 SSDPSRV - ok
16:08:51.0086 4868 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:08:51.0112 4868 SstpSvc - ok
16:08:51.0345 4868 [ EC9C5F6C0F58446545D839BC11A3692B ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
16:08:51.0366 4868 STacSV - ok
16:08:51.0425 4868 [ 21CC262AB5F42F7A6B91DC7304C2F267 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
16:08:51.0450 4868 STHDA - ok
16:08:51.0636 4868 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
16:08:51.0673 4868 stisvc - ok
16:08:51.0755 4868 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:08:51.0773 4868 swenum - ok
16:08:51.0841 4868 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
16:08:52.0005 4868 swprv - ok
16:08:52.0092 4868 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:08:52.0114 4868 Symc8xx - ok
16:08:52.0136 4868 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:08:52.0161 4868 Sym_hi - ok
16:08:52.0210 4868 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:08:52.0232 4868 Sym_u3 - ok
16:08:52.0299 4868 [ 067CB9D745407A8C1B26E89A6A2CE152 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
16:08:52.0324 4868 SynTP - ok
16:08:52.0369 4868 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
16:08:52.0439 4868 SysMain - ok
16:08:52.0490 4868 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:08:52.0553 4868 TabletInputService - ok
16:08:52.0593 4868 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:08:52.0649 4868 TapiSrv - ok
16:08:52.0670 4868 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
16:08:52.0735 4868 TBS - ok
16:08:52.0794 4868 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:08:52.0888 4868 Tcpip - ok
16:08:52.0932 4868 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:08:52.0992 4868 Tcpip6 - ok
16:08:53.0049 4868 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:08:53.0069 4868 tcpipreg - ok
16:08:53.0099 4868 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:08:53.0171 4868 TDPIPE - ok
16:08:53.0200 4868 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:08:53.0234 4868 TDTCP - ok
16:08:53.0331 4868 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:08:53.0407 4868 tdx - ok
16:08:53.0446 4868 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:08:53.0464 4868 TermDD - ok
16:08:53.0590 4868 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
16:08:53.0657 4868 TermService - ok
16:08:53.0718 4868 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
16:08:53.0745 4868 Themes - ok
16:08:53.0771 4868 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
16:08:53.0812 4868 THREADORDER - ok
16:08:53.0857 4868 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
16:08:53.0894 4868 TrkWks - ok
16:08:53.0987 4868 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:08:54.0034 4868 TrustedInstaller - ok
16:08:54.0115 4868 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:08:54.0207 4868 tssecsrv - ok
16:08:54.0249 4868 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:08:54.0299 4868 tunmp - ok
16:08:54.0596 4868 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:08:54.0617 4868 tunnel - ok
16:08:54.0677 4868 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:08:54.0695 4868 uagp35 - ok
16:08:54.0743 4868 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:08:54.0773 4868 udfs - ok
16:08:54.0818 4868 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:08:54.0871 4868 UI0Detect - ok
16:08:54.0899 4868 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:08:54.0916 4868 uliagpkx - ok
16:08:54.0941 4868 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:08:54.0963 4868 uliahci - ok
16:08:54.0987 4868 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:08:55.0004 4868 UlSata - ok
16:08:55.0014 4868 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:08:55.0032 4868 ulsata2 - ok
16:08:55.0051 4868 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:08:55.0118 4868 umbus - ok
16:08:55.0152 4868 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
16:08:55.0275 4868 upnphost - ok
16:08:55.0348 4868 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
16:08:55.0370 4868 USBAAPL - ok
16:08:55.0413 4868 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:08:55.0521 4868 usbccgp - ok
16:08:55.0576 4868 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:08:55.0668 4868 usbcir - ok
16:08:55.0727 4868 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:08:55.0810 4868 usbehci - ok
16:08:55.0841 4868 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:08:55.0871 4868 usbhub - ok
16:08:55.0888 4868 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:08:55.0947 4868 usbohci - ok
16:08:56.0058 4868 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:08:56.0095 4868 usbprint - ok
16:08:56.0143 4868 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:08:56.0174 4868 usbscan - ok
16:08:56.0237 4868 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:08:56.0265 4868 USBSTOR - ok
16:08:56.0289 4868 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:08:56.0319 4868 usbuhci - ok
16:08:56.0419 4868 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:08:56.0494 4868 usbvideo - ok
16:08:56.0537 4868 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
16:08:56.0591 4868 UxSms - ok
16:08:56.0642 4868 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
16:08:56.0679 4868 vds - ok
16:08:56.0711 4868 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:08:56.0763 4868 vga - ok
16:08:56.0793 4868 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:08:56.0848 4868 VgaSave - ok
16:08:57.0017 4868 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:08:57.0035 4868 viaagp - ok
16:08:57.0067 4868 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:08:57.0119 4868 ViaC7 - ok
16:08:57.0170 4868 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
16:08:57.0187 4868 viaide - ok
16:08:57.0206 4868 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:08:57.0224 4868 volmgr - ok
16:08:57.0306 4868 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:08:57.0349 4868 volmgrx - ok
16:08:57.0562 4868 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:08:57.0587 4868 volsnap - ok
16:08:57.0632 4868 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:08:57.0652 4868 vsmraid - ok
16:08:57.0738 4868 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
16:08:57.0850 4868 VSS - ok
16:08:57.0929 4868 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
16:08:58.0008 4868 W32Time - ok
16:08:58.0040 4868 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:08:58.0123 4868 WacomPen - ok
16:08:58.0235 4868 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:08:58.0264 4868 Wanarp - ok
16:08:58.0271 4868 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:08:58.0304 4868 Wanarpv6 - ok
16:08:58.0352 4868 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:08:58.0385 4868 wcncsvc - ok
16:08:58.0405 4868 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:08:58.0438 4868 WcsPlugInService - ok
16:08:58.0464 4868 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
16:08:58.0484 4868 Wd - ok
16:08:58.0555 4868 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
16:08:58.0590 4868 WDC_SAM - ok
16:08:58.0632 4868 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:08:58.0671 4868 Wdf01000 - ok
16:08:58.0698 4868 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:08:58.0781 4868 WdiServiceHost - ok
16:08:58.0788 4868 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:08:58.0840 4868 WdiSystemHost - ok
16:08:58.0884 4868 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
16:08:58.0942 4868 WebClient - ok
16:08:58.0978 4868 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:08:59.0045 4868 Wecsvc - ok
16:08:59.0072 4868 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:08:59.0115 4868 wercplsupport - ok
16:08:59.0155 4868 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
16:08:59.0186 4868 WerSvc - ok
16:08:59.0309 4868 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:08:59.0419 4868 winachsf - ok
16:08:59.0591 4868 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:08:59.0617 4868 WinDefend - ok
16:08:59.0627 4868 WinHttpAutoProxySvc - ok
16:08:59.0690 4868 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:08:59.0723 4868 Winmgmt - ok
16:08:59.0784 4868 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
16:08:59.0948 4868 WinRM - ok
16:09:00.0073 4868 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:09:00.0127 4868 Wlansvc - ok
16:09:00.0155 4868 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:09:00.0205 4868 WmiAcpi - ok
16:09:00.0254 4868 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:09:00.0291 4868 wmiApSrv - ok
16:09:00.0473 4868 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:09:00.0547 4868 WMPNetworkSvc - ok
16:09:00.0589 4868 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:09:00.0653 4868 WPCSvc - ok
16:09:00.0704 4868 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:09:00.0780 4868 WPDBusEnum - ok
16:09:00.0821 4868 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
16:09:00.0856 4868 WpdUsb - ok
16:09:01.0153 4868 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:09:01.0205 4868 WPFFontCache_v0400 - ok
16:09:01.0262 4868 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:09:01.0332 4868 ws2ifsl - ok
16:09:01.0369 4868 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
16:09:01.0431 4868 wscsvc - ok
16:09:01.0437 4868 WSearch - ok
16:09:01.0604 4868 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:09:01.0786 4868 wuauserv - ok
16:09:01.0816 4868 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:09:01.0839 4868 WudfPf - ok
16:09:02.0036 4868 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:09:02.0328 4868 WUDFRd - ok
16:09:02.0388 4868 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:09:02.0432 4868 wudfsvc - ok
16:09:02.0579 4868 ================ Scan global ===============================
16:09:02.0620 4868 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:09:02.0688 4868 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:09:02.0733 4868 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:09:02.0841 4868 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
16:09:02.0853 4868 [Global] - ok
16:09:02.0854 4868 ================ Scan MBR ==================================
16:09:03.0291 4868 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
16:09:04.0879 4868 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
16:09:04.0879 4868 \Device\Harddisk0\DR0 - detected TDSS File System (1)
16:09:04.0879 4868 ================ Scan VBR ==================================
16:09:05.0114 4868 [ F2B3419B2CC238556B1AE6FA32B7B6B9 ] \Device\Harddisk0\DR0\Partition1
16:09:05.0116 4868 \Device\Harddisk0\DR0\Partition1 - ok
16:09:05.0329 4868 [ 34C03B622213E2E4C4B06BBBB6C6A821 ] \Device\Harddisk0\DR0\Partition2
16:09:05.0330 4868 \Device\Harddisk0\DR0\Partition2 - ok
16:09:05.0331 4868 ================ Scan active images ========================
16:09:05.0334 4868 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
16:09:05.0334 4868 C:\Windows\System32\drivers\crashdmp.sys - ok
16:09:05.0342 4868 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] C:\Windows\System32\drivers\iaStor.sys
16:09:05.0342 4868 C:\Windows\System32\drivers\iaStor.sys - ok
16:09:05.0348 4868 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
16:09:05.0348 4868 C:\Windows\System32\drivers\tunnel.sys - ok
16:09:05.0355 4868 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
16:09:05.0355 4868 C:\Windows\System32\drivers\intelppm.sys - ok
16:09:05.0362 4868 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
16:09:05.0362 4868 C:\Windows\System32\drivers\TUNMP.SYS - ok
16:09:05.0369 4868 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys
16:09:05.0369 4868 C:\Windows\System32\drivers\CmBatt.sys - ok
16:09:05.0376 4868 [ 6FB1858D1F0923D122B0331865695041 ] C:\Windows\System32\drivers\igdkmd32.sys
16:09:05.0377 4868 C:\Windows\System32\drivers\igdkmd32.sys - ok
16:09:05.0384 4868 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
16:09:05.0384 4868 C:\Windows\System32\drivers\dxgkrnl.sys - ok
16:09:05.0391 4868 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
16:09:05.0391 4868 C:\Windows\System32\drivers\watchdog.sys - ok
16:09:05.0398 4868 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
16:09:05.0398 4868 C:\Windows\System32\drivers\usbport.sys - ok
16:09:05.0406 4868 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
16:09:05.0406 4868 C:\Windows\System32\drivers\usbehci.sys - ok
16:09:05.0413 4868 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
16:09:05.0413 4868 C:\Windows\System32\drivers\usbuhci.sys - ok
16:09:05.0419 4868 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
16:09:05.0419 4868 C:\Windows\System32\drivers\hdaudbus.sys - ok
16:09:05.0427 4868 [ 34A0A6386256080F52C74076C6157026 ] C:\Windows\System32\drivers\BCMWL6.SYS
16:09:05.0427 4868 C:\Windows\System32\drivers\BCMWL6.SYS - ok
16:09:05.0434 4868 [ 7157E70A90CCE49DEB8885D23A073A39 ] C:\Windows\System32\drivers\Rtlh86.sys
16:09:05.0434 4868 C:\Windows\System32\drivers\Rtlh86.sys - ok
16:09:05.0441 4868 [ 35956140E686D53BF676CF0C778880FC ] C:\Windows\System32\drivers\HpqKbFiltr.sys
16:09:05.0441 4868 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
16:09:05.0448 4868 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
16:09:05.0448 4868 C:\Windows\System32\drivers\i8042prt.sys - ok
16:09:05.0455 4868 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
16:09:05.0456 4868 C:\Windows\System32\drivers\kbdclass.sys - ok
16:09:05.0462 4868 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
16:09:05.0462 4868 C:\Windows\System32\drivers\mouclass.sys - ok
16:09:05.0469 4868 [ 067CB9D745407A8C1B26E89A6A2CE152 ] C:\Windows\System32\drivers\SynTP.sys
16:09:05.0469 4868 C:\Windows\System32\drivers\SynTP.sys - ok
16:09:05.0476 4868 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
16:09:05.0477 4868 C:\Windows\System32\drivers\usbd.sys - ok
16:09:05.0483 4868 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
16:09:05.0483 4868 C:\Windows\System32\drivers\cdrom.sys - ok
16:09:05.0490 4868 [ 4CD6B056C5FD9E97C06FE74C81479517 ] C:\Windows\System32\drivers\enecir.sys
16:09:05.0490 4868 C:\Windows\System32\drivers\enecir.sys - ok
16:09:05.0497 4868 [ 3B10711AD8656C097E0D16A41B29C54C ] C:\Windows\System32\drivers\Accelerometer.sys
16:09:05.0497 4868 C:\Windows\System32\drivers\Accelerometer.sys - ok
16:09:05.0504 4868 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
16:09:05.0505 4868 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
16:09:05.0511 4868 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\Windows\System32\drivers\wmiacpi.sys
16:09:05.0511 4868 C:\Windows\System32\drivers\wmiacpi.sys - ok
16:09:05.0519 4868 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
16:09:05.0519 4868 C:\Windows\System32\drivers\tdi.sys - ok
16:09:05.0526 4868 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
16:09:05.0526 4868 C:\Windows\System32\drivers\msiscsi.sys - ok
16:09:05.0533 4868 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
16:09:05.0533 4868 C:\Windows\System32\drivers\ndistapi.sys - ok
16:09:05.0540 4868 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
16:09:05.0540 4868 C:\Windows\System32\drivers\rasl2tp.sys - ok
16:09:05.0547 4868 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
16:09:05.0547 4868 C:\Windows\System32\drivers\ndiswan.sys - ok
16:09:05.0554 4868 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
16:09:05.0555 4868 C:\Windows\System32\drivers\raspppoe.sys - ok
16:09:05.0562 4868 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
16:09:05.0562 4868 C:\Windows\System32\drivers\raspptp.sys - ok
16:09:05.0571 4868 [ 5B6C11DE7E839C05248CED8825470FEF ] C:\Windows\System32\drivers\pcouffin.sys
16:09:05.0571 4868 C:\Windows\System32\drivers\pcouffin.sys - ok
16:09:05.0575 4868 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
16:09:05.0575 4868 C:\Windows\System32\drivers\rassstp.sys - ok
16:09:05.0582 4868 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
16:09:05.0582 4868 C:\Windows\System32\drivers\termdd.sys - ok
16:09:05.0589 4868 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
16:09:05.0589 4868 C:\Windows\System32\drivers\ks.sys - ok
16:09:05.0596 4868 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
16:09:05.0596 4868 C:\Windows\System32\drivers\swenum.sys - ok
16:09:05.0603 4868 [ E5D4133F37219DBCFE102BC61072589D ] C:\Windows\System32\drivers\circlass.sys
16:09:05.0603 4868 C:\Windows\System32\drivers\circlass.sys - ok
16:09:05.0610 4868 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
16:09:05.0610 4868 C:\Windows\System32\drivers\mssmbios.sys - ok
16:09:05.0619 4868 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
16:09:05.0619 4868 C:\Windows\System32\drivers\umbus.sys - ok
16:09:05.0626 4868 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
16:09:05.0626 4868 C:\Windows\System32\drivers\usbhub.sys - ok
16:09:05.0634 4868 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
16:09:05.0634 4868 C:\Windows\System32\drivers\ndproxy.sys - ok
16:09:05.0640 4868 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
16:09:05.0640 4868 C:\Windows\System32\drivers\drmk.sys - ok
16:09:05.0648 4868 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
16:09:05.0648 4868 C:\Windows\System32\drivers\portcls.sys - ok
16:09:05.0655 4868 [ 21CC262AB5F42F7A6B91DC7304C2F267 ] C:\Windows\System32\drivers\stwrt.sys
16:09:05.0655 4868 C:\Windows\System32\drivers\stwrt.sys - ok
16:09:05.0663 4868 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] C:\Windows\System32\drivers\IntcHdmi.sys
16:09:05.0663 4868 C:\Windows\System32\drivers\IntcHdmi.sys - ok
16:09:05.0669 4868 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
16:09:05.0669 4868 C:\Windows\System32\drivers\hidclass.sys - ok
16:09:05.0676 4868 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
16:09:05.0676 4868 C:\Windows\System32\drivers\hidparse.sys - ok
16:09:05.0684 4868 [ D8DF3722D5E961BAA1292AA2F12827E2 ] C:\Windows\System32\drivers\hidir.sys
16:09:05.0684 4868 C:\Windows\System32\drivers\hidir.sys - ok
16:09:05.0690 4868 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
16:09:05.0690 4868 C:\Windows\System32\drivers\kbdhid.sys - ok
16:09:05.0698 4868 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
16:09:05.0698 4868 C:\Windows\System32\drivers\mouhid.sys - ok
16:09:05.0705 4868 [ E64FE039C7B35CCDC0FFF05DB544EE58 ] C:\Windows\System32\drivers\RTSTOR.sys
16:09:05.0705 4868 C:\Windows\System32\drivers\RTSTOR.sys - ok
16:09:05.0712 4868 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
16:09:05.0712 4868 C:\Windows\System32\drivers\usbccgp.sys - ok
16:09:05.0719 4868 [ E67998E8F14CB0627A769F6530BCB352 ] C:\Windows\System32\drivers\usbvideo.sys
16:09:05.0719 4868 C:\Windows\System32\drivers\usbvideo.sys - ok
16:09:05.0726 4868 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys
16:09:05.0726 4868 C:\Windows\System32\drivers\aswSnx.sys - ok
16:09:05.0734 4868 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
16:09:05.0734 4868 C:\Windows\System32\drivers\fs_rec.sys - ok
16:09:05.0741 4868 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
16:09:05.0741 4868 C:\Windows\System32\drivers\beep.sys - ok
16:09:05.0749 4868 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
16:09:05.0749 4868 C:\Windows\System32\drivers\null.sys - ok
16:09:05.0756 4868 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
16:09:05.0756 4868 C:\Windows\System32\drivers\vga.sys - ok
16:09:05.0764 4868 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
16:09:05.0764 4868 C:\Windows\System32\drivers\videoprt.sys - ok
16:09:05.0770 4868 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
16:09:05.0770 4868 C:\Windows\System32\drivers\RDPCDD.sys - ok
16:09:05.0778 4868 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
16:09:05.0778 4868 C:\Windows\System32\drivers\RDPENCDD.sys - ok
16:09:05.0784 4868 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
16:09:05.0785 4868 C:\Windows\System32\drivers\msfs.sys - ok
16:09:05.0792 4868 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
16:09:05.0792 4868 C:\Windows\System32\drivers\npfs.sys - ok
16:09:05.0799 4868 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
16:09:05.0799 4868 C:\Windows\System32\drivers\rasacd.sys - ok
16:09:05.0805 4868 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
16:09:05.0805 4868 C:\Windows\System32\drivers\tdx.sys - ok
16:09:05.0813 4868 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys
16:09:05.0813 4868 C:\Windows\System32\drivers\aswTdi.sys - ok
16:09:05.0819 4868 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
16:09:05.0819 4868 C:\Windows\System32\drivers\smb.sys - ok
16:09:05.0827 4868 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
16:09:05.0827 4868 C:\Windows\System32\drivers\afd.sys - ok
16:09:05.0834 4868 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\Windows\System32\drivers\aswRdr.sys
16:09:05.0835 4868 C:\Windows\System32\drivers\aswRdr.sys - ok
16:09:05.0842 4868 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys
16:09:05.0842 4868 C:\Windows\System32\drivers\ws2ifsl.sys - ok
16:09:05.0848 4868 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
16:09:05.0849 4868 C:\Windows\System32\drivers\netbios.sys - ok
16:09:05.0855 4868 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
16:09:05.0855 4868 C:\Windows\System32\drivers\pacer.sys - ok
16:09:05.0863 4868 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
16:09:05.0863 4868 C:\Windows\System32\drivers\wanarp.sys - ok
16:09:05.0869 4868 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
16:09:05.0869 4868 C:\Windows\System32\drivers\nsiproxy.sys - ok
16:09:05.0877 4868 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
16:09:05.0877 4868 C:\Windows\System32\drivers\rdbss.sys - ok
16:09:05.0884 4868 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
16:09:05.0884 4868 C:\Windows\System32\drivers\dfsc.sys - ok
16:09:05.0891 4868 [ 67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys
16:09:05.0891 4868 C:\Windows\System32\drivers\aswSP.sys - ok
16:09:05.0898 4868 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
16:09:05.0898 4868 C:\Windows\System32\ntdll.dll - ok
16:09:05.0905 4868 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe
16:09:05.0905 4868 C:\Windows\System32\smss.exe - ok
16:09:05.0912 4868 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
16:09:05.0912 4868 C:\Windows\System32\autochk.exe - ok
16:09:05.0918 4868 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
16:09:05.0918 4868 C:\Windows\System32\normaliz.dll - ok
16:09:05.0926 4868 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
16:09:05.0926 4868 C:\Windows\System32\urlmon.dll - ok
16:09:05.0932 4868 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
16:09:05.0932 4868 C:\Windows\System32\kernel32.dll - ok
16:09:05.0941 4868 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
16:09:05.0941 4868 C:\Windows\System32\imagehlp.dll - ok
16:09:05.0947 4868 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
16:09:05.0947 4868 C:\Windows\System32\nsi.dll - ok
16:09:05.0954 4868 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll
16:09:05.0954 4868 C:\Windows\System32\shlwapi.dll - ok
16:09:05.0961 4868 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
16:09:05.0961 4868 C:\Windows\System32\msvcrt.dll - ok
16:09:05.0968 4868 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
16:09:05.0969 4868 C:\Windows\System32\Wldap32.dll - ok
16:09:05.0976 4868 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
16:09:05.0976 4868 C:\Windows\System32\comdlg32.dll - ok
16:09:05.0983 4868 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
16:09:05.0983 4868 C:\Windows\System32\shell32.dll - ok
16:09:05.0991 4868 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
16:09:05.0991 4868 C:\Windows\System32\rpcrt4.dll - ok
16:09:05.0997 4868 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
16:09:05.0997 4868 C:\Windows\System32\usp10.dll - ok
16:09:06.0004 4868 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
16:09:06.0004 4868 C:\Windows\System32\lpk.dll - ok
16:09:06.0011 4868 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
16:09:06.0011 4868 C:\Windows\System32\ole32.dll - ok
16:09:06.0018 4868 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
16:09:06.0018 4868 C:\Windows\System32\iertutil.dll - ok
16:09:06.0025 4868 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
16:09:06.0025 4868 C:\Windows\System32\advapi32.dll - ok
16:09:06.0032 4868 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
16:09:06.0032 4868 C:\Windows\System32\imm32.dll - ok
16:09:06.0039 4868 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
16:09:06.0039 4868 C:\Windows\System32\setupapi.dll - ok
16:09:06.0046 4868 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
16:09:06.0046 4868 C:\Windows\System32\oleaut32.dll - ok
16:09:06.0054 4868 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
16:09:06.0054 4868 C:\Windows\System32\user32.dll - ok
16:09:06.0060 4868 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
16:09:06.0060 4868 C:\Windows\System32\ws2_32.dll - ok
16:09:06.0068 4868 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
16:09:06.0068 4868 C:\Windows\System32\msctf.dll - ok
16:09:06.0074 4868 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
16:09:06.0074 4868 C:\Windows\System32\wininet.dll - ok
16:09:06.0078 4868 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
16:09:06.0078 4868 C:\Windows\System32\clbcatq.dll - ok
16:09:06.0086 4868 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
16:09:06.0086 4868 C:\Windows\System32\gdi32.dll - ok
16:09:06.0092 4868 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
16:09:06.0092 4868 C:\Windows\System32\comctl32.dll - ok
16:09:06.0099 4868 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
16:09:06.0100 4868 C:\Windows\System32\psapi.dll - ok
16:09:06.0106 4868 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
16:09:06.0106 4868 C:\Windows\System32\drivers\dxapi.sys - ok
16:09:06.0113 4868 [ F167606EC2C01D804FC72F8F84E73E19 ] C:\Windows\System32\win32k.sys
16:09:06.0113 4868 C:\Windows\System32\win32k.sys - ok
16:09:06.0121 4868 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll
16:09:06.0121 4868 C:\Windows\System32\csrsrv.dll - ok
16:09:06.0128 4868 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
16:09:06.0128 4868 C:\Windows\System32\csrss.exe - ok
16:09:06.0135 4868 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
16:09:06.0135 4868 C:\Windows\System32\basesrv.dll - ok
16:09:06.0142 4868 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll
16:09:06.0142 4868 C:\Windows\System32\winsrv.dll - ok
16:09:06.0150 4868 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
16:09:06.0150 4868 C:\Windows\System32\drivers\monitor.sys - ok
16:09:06.0157 4868 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
16:09:06.0157 4868 C:\Windows\System32\tsddd.dll - ok
16:09:06.0164 4868 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
16:09:06.0164 4868 C:\Windows\System32\secur32.dll - ok
16:09:06.0172 4868 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
16:09:06.0172 4868 C:\Windows\System32\userenv.dll - ok
16:09:06.0179 4868 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
16:09:06.0179 4868 C:\Windows\System32\wininit.exe - ok
16:09:06.0186 4868 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
16:09:06.0186 4868 C:\Windows\System32\KBDUS.DLL - ok
16:09:06.0193 4868 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
16:09:06.0193 4868 C:\Windows\System32\WlS0WndH.dll - ok
16:09:06.0201 4868 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
16:09:06.0201 4868 C:\Windows\System32\sxs.dll - ok
16:09:06.0207 4868 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
16:09:06.0207 4868 C:\Windows\System32\cdd.dll - ok
16:09:06.0216 4868 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
16:09:06.0216 4868 C:\Windows\System32\apphelp.dll - ok
16:09:06.0222 4868 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
16:09:06.0222 4868 C:\Windows\System32\lsass.exe - ok
16:09:06.0230 4868 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
16:09:06.0230 4868 C:\Windows\System32\services.exe - ok
16:09:06.0237 4868 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
16:09:06.0237 4868 C:\Windows\System32\lsasrv.dll - ok
16:09:06.0244 4868 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
16:09:06.0245 4868 C:\Windows\System32\lsm.exe - ok
16:09:06.0250 4868 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
16:09:06.0250 4868 C:\Windows\System32\scesrv.dll - ok
16:09:06.0257 4868 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
16:09:06.0257 4868 C:\Windows\System32\sysntfy.dll - ok
16:09:06.0264 4868 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
16:09:06.0264 4868 C:\Windows\System32\wmsgapi.dll - ok
16:09:06.0271 4868 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
16:09:06.0271 4868 C:\Windows\System32\samsrv.dll - ok
16:09:06.0278 4868 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
16:09:06.0278 4868 C:\Windows\System32\cryptdll.dll - ok
16:09:06.0285 4868 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
16:09:06.0285 4868 C:\Windows\System32\dnsapi.dll - ok
16:09:06.0294 4868 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
16:09:06.0294 4868 C:\Windows\System32\netapi32.dll - ok
16:09:06.0300 4868 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
16:09:06.0300 4868 C:\Windows\System32\crypt32.dll - ok
16:09:06.0307 4868 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
16:09:06.0307 4868 C:\Windows\System32\feclient.dll - ok
16:09:06.0314 4868 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
16:09:06.0314 4868 C:\Windows\System32\mpr.dll - ok
16:09:06.0321 4868 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
16:09:06.0321 4868 C:\Windows\System32\msasn1.dll - ok
16:09:06.0330 4868 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
16:09:06.0330 4868 C:\Windows\System32\ntdsapi.dll - ok
16:09:06.0335 4868 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
16:09:06.0335 4868 C:\Windows\System32\samlib.dll - ok
16:09:06.0345 4868 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
16:09:06.0346 4868 C:\Windows\System32\authz.dll - ok
16:09:06.0353 4868 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
16:09:06.0353 4868 C:\Windows\System32\ncobjapi.dll - ok
16:09:06.0360 4868 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
16:09:06.0360 4868 C:\Windows\System32\SLC.dll - ok
16:09:06.0366 4868 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
16:09:06.0366 4868 C:\Windows\System32\IPHLPAPI.DLL - ok
16:09:06.0374 4868 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
16:09:06.0374 4868 C:\Windows\System32\wevtapi.dll - ok
16:09:06.0380 4868 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
16:09:06.0380 4868 C:\Windows\System32\dhcpcsvc.dll - ok
16:09:06.0387 4868 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
16:09:06.0387 4868 C:\Windows\System32\aelupsvc.dll - ok
16:09:06.0394 4868 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
16:09:06.0394 4868 C:\Windows\System32\alg.exe - ok
16:09:06.0401 4868 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
16:09:06.0401 4868 C:\Windows\System32\cngaudit.dll - ok
16:09:06.0409 4868 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
16:09:06.0409 4868 C:\Windows\System32\dhcpcsvc6.dll - ok
16:09:06.0415 4868 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
16:09:06.0415 4868 C:\Windows\System32\winnsi.dll - ok
16:09:06.0422 4868 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
16:09:06.0422 4868 C:\Windows\System32\appinfo.dll - ok
16:09:06.0429 4868 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll
16:09:06.0429 4868 C:\Windows\System32\ncrypt.dll - ok
16:09:06.0438 4868 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
16:09:06.0438 4868 C:\Windows\System32\rascfg.dll - ok
16:09:06.0444 4868 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
16:09:06.0444 4868 C:\Windows\System32\bcrypt.dll - ok
16:09:06.0450 4868 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
16:09:06.0450 4868 C:\Windows\System32\audiosrv.dll - ok
16:09:06.0457 4868 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
16:09:06.0458 4868 C:\Windows\System32\credssp.dll - ok
16:09:06.0464 4868 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
16:09:06.0464 4868 C:\Windows\System32\BFE.DLL - ok
16:09:06.0471 4868 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
16:09:06.0472 4868 C:\Windows\System32\msprivs.dll - ok
16:09:06.0478 4868 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
16:09:06.0478 4868 C:\Windows\System32\kerberos.dll - ok
16:09:06.0486 4868 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
16:09:06.0486 4868 C:\Windows\System32\qmgr.dll - ok
16:09:06.0493 4868 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
16:09:06.0493 4868 C:\Windows\System32\winlogon.exe - ok
16:09:06.0501 4868 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
16:09:06.0501 4868 C:\Windows\System32\WSHTCPIP.DLL - ok
16:09:06.0507 4868 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
16:09:06.0507 4868 C:\Windows\System32\browser.dll - ok
16:09:06.0513 4868 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
16:09:06.0513 4868 C:\Windows\System32\certprop.dll - ok
16:09:06.0521 4868 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
16:09:06.0521 4868 C:\Windows\System32\winsta.dll - ok
16:09:06.0527 4868 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
16:09:06.0527 4868 C:\Windows\System32\wship6.dll - ok
16:09:06.0534 4868 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
16:09:06.0534 4868 C:\Windows\System32\wshqos.dll - ok
16:09:06.0541 4868 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
16:09:06.0541 4868 C:\Windows\System32\NapiNSP.dll - ok
16:09:06.0547 4868 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
16:09:06.0547 4868 C:\Windows\System32\nlasvc.dll - ok
16:09:06.0556 4868 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
16:09:06.0556 4868 C:\Windows\System32\pnrpnsp.dll - ok
16:09:06.0563 4868 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
16:09:06.0563 4868 C:\Windows\System32\mswsock.dll - ok
16:09:06.0570 4868 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
16:09:06.0570 4868 C:\Windows\System32\comres.dll - ok
16:09:06.0576 4868 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
16:09:06.0576 4868 C:\Windows\System32\msv1_0.dll - ok
16:09:06.0584 4868 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
16:09:06.0585 4868 C:\Windows\System32\netlogon.dll - ok
16:09:06.0591 4868 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
16:09:06.0591 4868 C:\Windows\System32\cryptsvc.dll - ok
16:09:06.0598 4868 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
16:09:06.0599 4868 C:\Windows\System32\winbrand.dll - ok
16:09:06.0605 4868 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
16:09:06.0605 4868 C:\Windows\System32\dfsrres.dll - ok
16:09:06.0613 4868 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
16:09:06.0613 4868 C:\Windows\System32\dot3svc.dll - ok
16:09:06.0621 4868 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
16:09:06.0621 4868 C:\Windows\System32\oleres.dll - ok
16:09:06.0628 4868 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
16:09:06.0628 4868 C:\Windows\System32\schannel.dll - ok
16:09:06.0636 4868 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
16:09:06.0636 4868 C:\Windows\System32\wdigest.dll - ok
16:09:06.0643 4868 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
16:09:06.0643 4868 C:\Windows\System32\dps.dll - ok
16:09:06.0650 4868 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
16:09:06.0650 4868 C:\Windows\System32\rsaenh.dll - ok
16:09:06.0656 4868 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
16:09:06.0656 4868 C:\Windows\System32\TSpkg.dll - ok
16:09:06.0664 4868 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe
16:09:06.0664 4868 C:\Windows\ehome\ehrecvr.exe - ok
16:09:06.0671 4868 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
16:09:06.0671 4868 C:\Windows\System32\eapsvc.dll - ok
16:09:06.0680 4868 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
16:09:06.0681 4868 C:\Windows\System32\gpapi.dll - ok
16:09:06.0686 4868 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
16:09:06.0686 4868 C:\Windows\ehome\ehsched.exe - ok
16:09:06.0695 4868 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll
16:09:06.0695 4868 C:\Windows\ehome\ehstart.dll - ok
16:09:06.0703 4868 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
16:09:06.0703 4868 C:\Windows\System32\emdmgmt.dll - ok
16:09:06.0710 4868 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
16:09:06.0710 4868 C:\Windows\System32\wevtsvc.dll - ok
16:09:06.0717 4868 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
16:09:06.0717 4868 C:\Windows\System32\fdPHost.dll - ok
16:09:06.0724 4868 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
16:09:06.0726 4868 C:\Windows\System32\FDResPub.dll - ok
16:09:06.0732 4868 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
16:09:06.0732 4868 C:\Windows\System32\FntCache.dll - ok
16:09:06.0738 4868 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
16:09:06.0738 4868 C:\Windows\System32\PresentationHost.exe - ok
16:09:06.0746 4868 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
16:09:06.0746 4868 C:\Windows\System32\hidserv.dll - ok
16:09:06.0753 4868 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
16:09:06.0753 4868 C:\Windows\System32\KMSVC.DLL - ok
16:09:06.0760 4868 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
16:09:06.0760 4868 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
16:09:06.0767 4868 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
16:09:06.0767 4868 C:\Windows\System32\IKEEXT.DLL - ok
16:09:06.0775 4868 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
16:09:06.0775 4868 C:\Windows\System32\IPBusEnum.dll - ok
16:09:06.0783 4868 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
16:09:06.0784 4868 C:\Windows\System32\iphlpsvc.dll - ok
16:09:06.0790 4868 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
16:09:06.0790 4868 C:\Windows\System32\keyiso.dll - ok
16:09:06.0797 4868 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
16:09:06.0797 4868 C:\Windows\System32\srvsvc.dll - ok
16:09:06.0804 4868 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
16:09:06.0804 4868 C:\Windows\System32\wkssvc.dll - ok
16:09:06.0811 4868 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll
16:09:06.0811 4868 C:\Windows\ehome\ehres.dll - ok
16:09:06.0817 4868 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
16:09:06.0817 4868 C:\Windows\System32\lltdres.dll - ok
16:09:06.0825 4868 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
16:09:06.0825 4868 C:\Windows\System32\lmhsvc.dll - ok
16:09:06.0831 4868 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
16:09:06.0831 4868 C:\Windows\System32\FirewallAPI.dll - ok
16:09:06.0835 4868 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
16:09:06.0835 4868 C:\Windows\System32\mmcss.dll - ok
16:09:06.0843 4868 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
16:09:06.0843 4868 C:\Windows\System32\iscsidsc.dll - ok
16:09:06.0849 4868 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
16:09:06.0849 4868 C:\Windows\System32\msimsg.dll - ok
16:09:06.0857 4868 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
16:09:06.0857 4868 C:\Windows\System32\QAGENTRT.DLL - ok
16:09:06.0864 4868 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
16:09:06.0865 4868 C:\Windows\System32\netman.dll - ok
16:09:06.0872 4868 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
16:09:06.0872 4868 C:\Windows\System32\netprof.dll - ok
16:09:06.0880 4868 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
16:09:06.0880 4868 C:\Windows\System32\nsisvc.dll - ok
16:09:06.0886 4868 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
16:09:06.0886 4868 C:\Windows\System32\p2psvc.dll - ok
16:09:06.0894 4868 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
16:09:06.0894 4868 C:\Windows\System32\pcasvc.dll - ok
16:09:06.0900 4868 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
16:09:06.0900 4868 C:\Windows\System32\pla.dll - ok
16:09:06.0907 4868 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
16:09:06.0908 4868 C:\Windows\System32\umpnpmgr.dll - ok
16:09:06.0914 4868 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
16:09:06.0914 4868 C:\Windows\System32\polstore.dll - ok
16:09:06.0922 4868 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
16:09:06.0922 4868 C:\Windows\System32\profsvc.dll - ok
16:09:06.0928 4868 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
16:09:06.0928 4868 C:\Windows\System32\psbase.dll - ok
16:09:06.0936 4868 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
16:09:06.0936 4868 C:\Windows\System32\qwave.dll - ok
16:09:06.0942 4868 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
16:09:06.0942 4868 C:\Windows\System32\drivers\qwavedrv.sys - ok
16:09:06.0949 4868 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
16:09:06.0949 4868 C:\Windows\System32\rasauto.dll - ok
16:09:06.0956 4868 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
16:09:06.0956 4868 C:\Windows\System32\rasmans.dll - ok
16:09:06.0963 4868 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
16:09:06.0963 4868 C:\Windows\System32\sstpsvc.dll - ok
16:09:06.0970 4868 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
16:09:06.0970 4868 C:\Windows\System32\mprdim.dll - ok
16:09:06.0977 4868 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
16:09:06.0977 4868 C:\Windows\System32\regsvc.dll - ok
16:09:06.0984 4868 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
16:09:06.0984 4868 C:\Windows\System32\Locator.exe - ok
16:09:06.0991 4868 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
16:09:06.0991 4868 C:\Windows\System32\SCardSvr.dll - ok
16:09:06.0998 4868 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
16:09:06.0998 4868 C:\Windows\System32\schedsvc.dll - ok
16:09:07.0005 4868 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
16:09:07.0005 4868 C:\Windows\System32\sdrsvc.dll - ok
16:09:07.0012 4868 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
16:09:07.0012 4868 C:\Windows\System32\seclogon.dll - ok
16:09:07.0019 4868 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
16:09:07.0019 4868 C:\Windows\System32\Sens.dll - ok
16:09:07.0026 4868 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
16:09:07.0026 4868 C:\Windows\System32\ipnathlp.dll - ok
16:09:07.0033 4868 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
16:09:07.0033 4868 C:\Windows\System32\SessEnv.dll - ok
16:09:07.0040 4868 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
16:09:07.0040 4868 C:\Windows\System32\shsvcs.dll - ok
16:09:07.0046 4868 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
16:09:07.0047 4868 C:\Windows\System32\SLsvc.exe - ok
16:09:07.0056 4868 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
16:09:07.0057 4868 C:\Windows\System32\SLUINotify.dll - ok
16:09:07.0065 4868 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
16:09:07.0065 4868 C:\Windows\System32\snmptrap.exe - ok
16:09:07.0072 4868 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
16:09:07.0072 4868 C:\Windows\System32\tcpipcfg.dll - ok
16:09:07.0078 4868 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
16:09:07.0078 4868 C:\Windows\System32\spoolsv.exe - ok
16:09:07.0083 4868 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
16:09:07.0083 4868 C:\Windows\System32\ssdpsrv.dll - ok
16:09:07.0090 4868 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
16:09:07.0090 4868 C:\Windows\System32\wiaservc.dll - ok
16:09:07.0098 4868 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
16:09:07.0098 4868 C:\Windows\System32\swprv.dll - ok
16:09:07.0104 4868 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
16:09:07.0105 4868 C:\Windows\System32\sysmain.dll - ok
16:09:07.0111 4868 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
16:09:07.0111 4868 C:\Windows\System32\TabSvc.dll - ok
16:09:07.0118 4868 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
16:09:07.0119 4868 C:\Windows\System32\tapisrv.dll - ok
16:09:07.0125 4868 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
16:09:07.0125 4868 C:\Windows\System32\tbssvc.dll - ok
16:09:07.0132 4868 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
16:09:07.0132 4868 C:\Windows\System32\termsrv.dll - ok
16:09:07.0139 4868 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
16:09:07.0139 4868 C:\Windows\System32\trkwks.dll - ok
16:09:07.0146 4868 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
16:09:07.0146 4868 C:\Windows\servicing\TrustedInstaller.exe - ok
16:09:07.0154 4868 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
16:09:07.0154 4868 C:\Windows\System32\UI0Detect.exe - ok
16:09:07.0160 4868 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
16:09:07.0160 4868 C:\Windows\System32\upnphost.dll - ok
16:09:07.0168 4868 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
16:09:07.0168 4868 C:\Windows\System32\dwm.exe - ok
16:09:07.0175 4868 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
16:09:07.0175 4868 C:\Windows\System32\vds.exe - ok
16:09:07.0182 4868 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
16:09:07.0182 4868 C:\Windows\System32\VSSVC.exe - ok
16:09:07.0188 4868 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
16:09:07.0188 4868 C:\Windows\System32\w32time.dll - ok
16:09:07.0196 4868 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
16:09:07.0196 4868 C:\Windows\System32\wcncsvc.dll - ok
16:09:07.0202 4868 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
16:09:07.0202 4868 C:\Windows\System32\drivers\Wdf01000.sys - ok
16:09:07.0209 4868 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
16:09:07.0209 4868 C:\Windows\System32\WcsPlugInService.dll - ok
16:09:07.0216 4868 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
16:09:07.0216 4868 C:\Windows\System32\wdi.dll - ok
16:09:07.0223 4868 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
16:09:07.0223 4868 C:\Windows\System32\WebClnt.dll - ok
16:09:07.0230 4868 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
16:09:07.0230 4868 C:\Windows\System32\wecsvc.dll - ok
16:09:07.0237 4868 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
16:09:07.0237 4868 C:\Windows\System32\wercplsupport.dll - ok
16:09:07.0245 4868 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
16:09:07.0245 4868 C:\Windows\System32\wersvc.dll - ok
16:09:07.0251 4868 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
16:09:07.0251 4868 C:\Windows\System32\winhttp.dll - ok
16:09:07.0258 4868 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
16:09:07.0258 4868 C:\Windows\System32\wbem\WMIsvc.dll - ok
16:09:07.0265 4868 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
16:09:07.0265 4868 C:\Windows\System32\WsmSvc.dll - ok
16:09:07.0272 4868 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
16:09:07.0272 4868 C:\Windows\System32\wbem\WmiApSrv.exe - ok
16:09:07.0279 4868 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
16:09:07.0280 4868 C:\Windows\System32\wlansvc.dll - ok
16:09:07.0286 4868 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
16:09:07.0286 4868 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
16:09:07.0294 4868 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
16:09:07.0294 4868 C:\Windows\System32\wpcsvc.dll - ok
16:09:07.0301 4868 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:09:07.0301 4868 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
16:09:07.0308 4868 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
16:09:07.0308 4868 C:\Windows\System32\wpdbusenum.dll - ok
16:09:07.0315 4868 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
16:09:07.0315 4868 C:\Windows\System32\wscsvc.dll - ok
16:09:07.0323 4868 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
16:09:07.0323 4868 C:\Windows\System32\SearchIndexer.exe - ok
16:09:07.0330 4868 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
16:09:07.0330 4868 C:\Windows\System32\wuaueng.dll - ok
16:09:07.0333 4868 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
16:09:07.0333 4868 C:\Windows\System32\drivers\WUDFPf.sys - ok
16:09:07.0342 4868 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
16:09:07.0342 4868 C:\Windows\System32\WUDFSvc.dll - ok
16:09:07.0348 4868 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
16:09:07.0348 4868 C:\Windows\System32\scecli.dll - ok
16:09:07.0355 4868 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
16:09:07.0356 4868 C:\Windows\System32\ntmarta.dll - ok
16:09:07.0364 4868 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
16:09:07.0365 4868 C:\Windows\System32\svchost.exe - ok
16:09:07.0372 4868 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
16:09:07.0372 4868 C:\Windows\System32\powrprof.dll - ok
16:09:07.0380 4868 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
16:09:07.0380 4868 C:\Windows\System32\drivers\luafv.sys - ok
16:09:07.0387 4868 [ DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys
16:09:07.0387 4868 C:\Windows\System32\drivers\aswFsBlk.sys - ok
16:09:07.0394 4868 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys
16:09:07.0394 4868 C:\Windows\System32\drivers\aswMonFlt.sys - ok
16:09:07.0401 4868 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
16:09:07.0401 4868 C:\Windows\System32\rpcss.dll - ok
16:09:07.0409 4868 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
16:09:07.0409 4868 C:\Windows\System32\version.dll - ok
16:09:07.0415 4868 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
16:09:07.0415 4868 C:\Windows\System32\LogonUI.exe - ok
16:09:07.0423 4868 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
16:09:07.0423 4868 C:\Windows\System32\authui.dll - ok
16:09:07.0430 4868 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
16:09:07.0430 4868 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
16:09:07.0438 4868 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
16:09:07.0438 4868 C:\Windows\System32\msimg32.dll - ok
16:09:07.0444 4868 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
16:09:07.0444 4868 C:\Windows\System32\uxtheme.dll - ok
16:09:07.0452 4868 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
16:09:07.0452 4868 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
16:09:07.0459 4868 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
16:09:07.0459 4868 C:\Windows\System32\MMDevAPI.dll - ok
16:09:07.0466 4868 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
16:09:07.0466 4868 C:\Windows\System32\wtsapi32.dll - ok
16:09:07.0479 4868 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
16:09:07.0479 4868 C:\Windows\System32\duser.dll - ok
16:09:07.0484 4868 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
16:09:07.0485 4868 C:\Windows\System32\xmllite.dll - ok
16:09:07.0492 4868 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
16:09:07.0492 4868 C:\Windows\System32\wintrust.dll - ok
16:09:07.0498 4868 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
16:09:07.0499 4868 C:\Windows\System32\avrt.dll - ok
16:09:07.0506 4868 [ EC9C5F6C0F58446545D839BC11A3692B ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe

#10 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 05:31 PM

bleepingcomputer told me that my post was too long and to shorten it, so here is the other half of TDSSKiller and aswMBR logs.

16:09:07.0506 4868 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe - ok
16:09:07.0513 4868 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
16:09:07.0513 4868 C:\Windows\System32\cabinet.dll - ok
16:09:07.0520 4868 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
16:09:07.0520 4868 C:\Windows\System32\dsound.dll - ok
16:09:07.0527 4868 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
16:09:07.0527 4868 C:\Windows\System32\winmm.dll - ok
16:09:07.0534 4868 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
16:09:07.0534 4868 C:\Windows\System32\adtschema.dll - ok
16:09:07.0541 4868 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
16:09:07.0541 4868 C:\Windows\System32\oleacc.dll - ok
16:09:07.0550 4868 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
16:09:07.0550 4868 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
16:09:07.0557 4868 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
16:09:07.0557 4868 C:\Windows\System32\drivers\fltMgr.sys - ok
16:09:07.0564 4868 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
16:09:07.0564 4868 C:\Windows\System32\ci.dll - ok
16:09:07.0572 4868 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
16:09:07.0572 4868 C:\Windows\System32\rasplap.dll - ok
16:09:07.0580 4868 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
16:09:07.0581 4868 C:\Windows\System32\rasapi32.dll - ok
16:09:07.0585 4868 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
16:09:07.0585 4868 C:\Windows\System32\rasman.dll - ok
16:09:07.0591 4868 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
16:09:07.0591 4868 C:\Windows\System32\tapi32.dll - ok
16:09:07.0599 4868 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
16:09:07.0599 4868 C:\Windows\System32\rtutils.dll - ok
16:09:07.0606 4868 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
16:09:07.0606 4868 C:\Windows\System32\WinSCard.dll - ok
16:09:07.0613 4868 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
16:09:07.0613 4868 C:\Windows\System32\shgina.dll - ok
16:09:07.0620 4868 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
16:09:07.0620 4868 C:\Windows\System32\propsys.dll - ok
16:09:07.0627 4868 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
16:09:07.0629 4868 C:\Windows\System32\shacct.dll - ok
16:09:07.0634 4868 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
16:09:07.0634 4868 C:\Windows\System32\PSHED.DLL - ok
16:09:07.0641 4868 [ C0B99FBF71B69D802578A6CEF72D8A97 ] C:\Windows\System32\stapi32.dll
16:09:07.0641 4868 C:\Windows\System32\stapi32.dll - ok
16:09:07.0648 4868 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
16:09:07.0649 4868 C:\Windows\System32\audiodg.exe - ok
16:09:07.0655 4868 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
16:09:07.0655 4868 C:\Windows\System32\ksuser.dll - ok
16:09:07.0662 4868 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
16:09:07.0662 4868 C:\Windows\System32\wdmaud.drv - ok
16:09:07.0668 4868 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
16:09:07.0669 4868 C:\Windows\System32\AudioEng.dll - ok
16:09:07.0675 4868 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
16:09:07.0675 4868 C:\Windows\System32\AudioSes.dll - ok
16:09:07.0683 4868 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
16:09:07.0683 4868 C:\Windows\System32\msacm32.dll - ok
16:09:07.0689 4868 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
16:09:07.0689 4868 C:\Windows\System32\msacm32.drv - ok
16:09:07.0697 4868 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
16:09:07.0697 4868 C:\Windows\System32\midimap.dll - ok
16:09:07.0706 4868 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
16:09:07.0706 4868 C:\Windows\System32\AUDIOKSE.dll - ok
16:09:07.0714 4868 [ 29EF86DA2A157EBCE90608F3D110DBD3 ] C:\Windows\System32\stapo.dll
16:09:07.0714 4868 C:\Windows\System32\stapo.dll - ok
16:09:07.0721 4868 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
16:09:07.0721 4868 C:\Windows\System32\gpsvc.dll - ok
16:09:07.0729 4868 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
16:09:07.0729 4868 C:\Windows\System32\WMALFXGFXDSP.dll - ok
16:09:07.0735 4868 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
16:09:07.0735 4868 C:\Windows\System32\nlaapi.dll - ok
16:09:07.0742 4868 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
16:09:07.0742 4868 C:\Windows\System32\atl.dll - ok
16:09:07.0749 4868 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
16:09:07.0749 4868 C:\Windows\System32\mfplat.dll - ok
16:09:07.0758 4868 [ AB4BC1F10FF8273D4B54DAC4DE4B7AA4 ] C:\Windows\System32\aestaren.dll
16:09:07.0758 4868 C:\Windows\System32\aestaren.dll - ok
16:09:07.0765 4868 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
16:09:07.0765 4868 C:\Windows\System32\drivers\spsys.sys - ok
16:09:07.0773 4868 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
16:09:07.0773 4868 C:\Windows\System32\es.dll - ok
16:09:07.0781 4868 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
16:09:07.0781 4868 C:\Windows\System32\WindowsCodecs.dll - ok
16:09:07.0788 4868 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] C:\Windows\System32\hpservice.exe
16:09:07.0788 4868 C:\Windows\System32\hpservice.exe - ok
16:09:07.0795 4868 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll
16:09:07.0795 4868 C:\Windows\System32\mfc42u.dll - ok
16:09:07.0802 4868 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
16:09:07.0802 4868 C:\Windows\System32\odbc32.dll - ok
16:09:07.0809 4868 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
16:09:07.0809 4868 C:\Windows\System32\hid.dll - ok
16:09:07.0816 4868 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
16:09:07.0817 4868 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
16:09:07.0825 4868 [ A9CF92FE53BE6CC03D428410269798C1 ] C:\Windows\System32\accelerometerdll.DLL
16:09:07.0825 4868 C:\Windows\System32\accelerometerdll.DLL - ok
16:09:07.0833 4868 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
16:09:07.0833 4868 C:\Windows\System32\odbcint.dll - ok
16:09:07.0839 4868 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
16:09:07.0839 4868 C:\Windows\System32\uxsms.dll - ok
16:09:07.0845 4868 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
16:09:07.0846 4868 C:\Windows\System32\WUDFPlatform.dll - ok
16:09:07.0853 4868 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
16:09:07.0853 4868 C:\Windows\System32\drivers\lltdio.sys - ok
16:09:07.0860 4868 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys
16:09:07.0860 4868 C:\Windows\System32\drivers\nwifi.sys - ok
16:09:07.0867 4868 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
16:09:07.0867 4868 C:\Windows\System32\drivers\ndisuio.sys - ok
16:09:07.0875 4868 [ 3DE33BCE4A930EDF57BD1F742823BCD8 ] C:\Windows\System32\drivers\pnarp.sys
16:09:07.0875 4868 C:\Windows\System32\drivers\pnarp.sys - ok
16:09:07.0882 4868 [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC ] C:\Windows\System32\drivers\purendis.sys
16:09:07.0882 4868 C:\Windows\System32\drivers\purendis.sys - ok
16:09:07.0890 4868 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
16:09:07.0891 4868 C:\Windows\System32\drivers\rspndr.sys - ok
16:09:07.0897 4868 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
16:09:07.0898 4868 C:\Windows\System32\dnsrslvr.dll - ok
16:09:07.0905 4868 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll
16:09:07.0905 4868 C:\Windows\System32\eapphost.dll - ok
16:09:07.0912 4868 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
16:09:07.0912 4868 C:\Windows\System32\rastls.dll - ok
16:09:07.0919 4868 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
16:09:07.0919 4868 C:\Windows\System32\raschap.dll - ok
16:09:07.0926 4868 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
16:09:07.0926 4868 C:\Windows\System32\umb.dll - ok
16:09:07.0932 4868 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll
16:09:07.0932 4868 C:\Windows\System32\wlanmsm.dll - ok
16:09:07.0940 4868 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll
16:09:07.0940 4868 C:\Windows\System32\wlansec.dll - ok
16:09:07.0946 4868 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
16:09:07.0946 4868 C:\Windows\System32\onex.dll - ok
16:09:07.0954 4868 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
16:09:07.0954 4868 C:\Windows\System32\eappprxy.dll - ok
16:09:07.0960 4868 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
16:09:07.0960 4868 C:\Windows\System32\eappcfg.dll - ok
16:09:07.0967 4868 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll
16:09:07.0968 4868 C:\Windows\System32\wlgpclnt.dll - ok
16:09:07.0974 4868 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
16:09:07.0974 4868 C:\Windows\System32\l2gpstore.dll - ok
16:09:07.0981 4868 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
16:09:07.0981 4868 C:\Windows\System32\wlanutil.dll - ok
16:09:07.0989 4868 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll
16:09:07.0989 4868 C:\Windows\System32\msxml6.dll - ok
16:09:07.0996 4868 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:09:07.0996 4868 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
16:09:08.0004 4868 [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\Windows\System32\wlanext.exe
16:09:08.0004 4868 C:\Windows\System32\wlanext.exe - ok
16:09:08.0011 4868 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
16:09:08.0012 4868 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
16:09:08.0020 4868 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
16:09:08.0020 4868 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
16:09:08.0028 4868 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
16:09:08.0028 4868 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
16:09:08.0036 4868 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
16:09:08.0036 4868 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
16:09:08.0043 4868 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
16:09:08.0043 4868 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
16:09:08.0051 4868 [ F9AD9703CF0F9B8BC0924C21D220777E ] C:\Windows\System32\bcmihvsrv.dll
16:09:08.0051 4868 C:\Windows\System32\bcmihvsrv.dll - ok
16:09:08.0058 4868 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
16:09:08.0058 4868 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
16:09:08.0066 4868 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
16:09:08.0067 4868 C:\Windows\System32\wsock32.dll - ok
16:09:08.0073 4868 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
16:09:08.0073 4868 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
16:09:08.0081 4868 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
16:09:08.0081 4868 C:\Windows\System32\dbghelp.dll - ok
16:09:08.0088 4868 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
16:09:08.0088 4868 C:\Windows\System32\wlanapi.dll - ok
16:09:08.0092 4868 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
16:09:08.0092 4868 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
16:09:08.0100 4868 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
16:09:08.0100 4868 C:\Windows\System32\cscapi.dll - ok
16:09:08.0107 4868 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
16:09:08.0107 4868 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
16:09:08.0114 4868 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
16:09:08.0115 4868 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
16:09:08.0121 4868 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
16:09:08.0122 4868 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
16:09:08.0129 4868 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
16:09:08.0129 4868 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
16:09:08.0136 4868 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
16:09:08.0136 4868 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
16:09:08.0144 4868 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
16:09:08.0144 4868 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
16:09:08.0151 4868 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
16:09:08.0151 4868 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
16:09:08.0158 4868 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
16:09:08.0158 4868 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
16:09:08.0166 4868 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
16:09:08.0166 4868 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
16:09:08.0172 4868 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
16:09:08.0172 4868 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
16:09:08.0180 4868 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
16:09:08.0180 4868 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
16:09:08.0187 4868 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
16:09:08.0187 4868 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
16:09:08.0195 4868 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
16:09:08.0195 4868 C:\Windows\System32\ktmw32.dll - ok
16:09:08.0201 4868 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll
16:09:08.0201 4868 C:\Windows\System32\wscisvif.dll - ok
16:09:08.0209 4868 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
16:09:08.0209 4868 C:\Windows\System32\wscapi.dll - ok
16:09:08.0215 4868 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
16:09:08.0215 4868 C:\Windows\System32\wiarpc.dll - ok
16:09:08.0221 4868 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
16:09:08.0221 4868 C:\Windows\System32\taskcomp.dll - ok
16:09:08.0230 4868 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys
16:09:08.0230 4868 C:\Windows\System32\drivers\http.sys - ok
16:09:08.0237 4868 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswEngin.dll
16:09:08.0237 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswEngin.dll - ok
16:09:08.0244 4868 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
16:09:08.0244 4868 C:\Windows\System32\spoolss.dll - ok
16:09:08.0251 4868 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnOS.dll
16:09:08.0251 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnOS.dll - ok
16:09:08.0259 4868 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
16:09:08.0259 4868 C:\Windows\System32\drivers\srvnet.sys - ok
16:09:08.0265 4868 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
16:09:08.0265 4868 C:\Windows\System32\FWPUCLNT.DLL - ok
16:09:08.0273 4868 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnIS.dll
16:09:08.0273 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnIS.dll - ok
16:09:08.0280 4868 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
16:09:08.0280 4868 C:\Windows\System32\drivers\bowser.sys - ok
16:09:08.0287 4868 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
16:09:08.0287 4868 C:\Windows\System32\drivers\mpsdrv.sys - ok
16:09:08.0294 4868 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
16:09:08.0294 4868 C:\Windows\System32\MPSSVC.dll - ok
16:09:08.0301 4868 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
16:09:08.0301 4868 C:\Windows\System32\netcfgx.dll - ok
16:09:08.0308 4868 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
16:09:08.0308 4868 C:\Windows\System32\drivers\mrxdav.sys - ok
16:09:08.0315 4868 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
16:09:08.0315 4868 C:\Windows\System32\drivers\mrxsmb.sys - ok
16:09:08.0322 4868 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
16:09:08.0323 4868 C:\Windows\System32\drivers\mrxsmb10.sys - ok
16:09:08.0330 4868 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
16:09:08.0330 4868 C:\Windows\System32\drivers\mrxsmb20.sys - ok
16:09:08.0338 4868 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnBS.dll
16:09:08.0338 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnBS.dll - ok
16:09:08.0342 4868 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
16:09:08.0343 4868 C:\Windows\System32\drivers\srv2.sys - ok
16:09:08.0349 4868 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswScan.dll
16:09:08.0349 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswScan.dll - ok
16:09:08.0357 4868 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswRep.dll
16:09:08.0357 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswRep.dll - ok
16:09:08.0364 4868 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
16:09:08.0364 4868 C:\Windows\System32\drivers\srv.sys - ok
16:09:08.0372 4868 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswFiDb.dll
16:09:08.0372 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswFiDb.dll - ok
16:09:08.0379 4868 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
16:09:08.0379 4868 C:\Windows\System32\netmsg.dll - ok
16:09:08.0386 4868 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
16:09:08.0386 4868 C:\Windows\System32\sscore.dll - ok
16:09:08.0393 4868 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
16:09:08.0393 4868 C:\Windows\System32\clusapi.dll - ok
16:09:08.0401 4868 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
16:09:08.0401 4868 C:\Windows\System32\wfapigp.dll - ok
16:09:08.0408 4868 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
16:09:08.0408 4868 C:\Windows\System32\mscms.dll - ok
16:09:08.0414 4868 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
16:09:08.0415 4868 C:\Windows\System32\activeds.dll - ok
16:09:08.0422 4868 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
16:09:08.0422 4868 C:\Windows\System32\adsldpc.dll - ok
16:09:08.0428 4868 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
16:09:08.0429 4868 C:\Windows\System32\credui.dll - ok
16:09:08.0436 4868 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
16:09:08.0436 4868 C:\Windows\System32\WsmRes.dll - ok
16:09:08.0442 4868 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
16:09:08.0442 4868 C:\Windows\System32\resutils.dll - ok
16:09:08.0449 4868 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
16:09:08.0449 4868 C:\Windows\System32\plasrv.exe - ok
16:09:08.0457 4868 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
16:09:08.0457 4868 C:\Windows\System32\drivers\parport.sys - ok
16:09:08.0464 4868 [ 04B45D3FCC16E91EDAA3DA0DA740FCC8 ] C:\Program Files\AVAST Software\Avast\defs\12122101\algo.dll
16:09:08.0464 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\algo.dll - ok
16:09:08.0473 4868 [ 3B1B2EE9DF189F6BBB080BF393D1B2EE ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
16:09:08.0473 4868 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe - ok
16:09:08.0480 4868 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:09:08.0480 4868 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
16:09:08.0488 4868 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
16:09:08.0488 4868 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
16:09:08.0495 4868 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
16:09:08.0495 4868 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
16:09:08.0503 4868 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
16:09:08.0503 4868 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
16:09:08.0510 4868 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
16:09:08.0510 4868 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
16:09:08.0518 4868 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
16:09:08.0518 4868 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
16:09:08.0525 4868 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
16:09:08.0525 4868 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
16:09:08.0535 4868 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
16:09:08.0535 4868 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
16:09:08.0543 4868 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
16:09:08.0543 4868 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
16:09:08.0552 4868 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
16:09:08.0552 4868 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
16:09:08.0559 4868 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
16:09:08.0559 4868 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
16:09:08.0568 4868 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
16:09:08.0568 4868 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
16:09:08.0575 4868 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
16:09:08.0575 4868 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
16:09:08.0584 4868 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
16:09:08.0585 4868 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
16:09:08.0589 4868 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
16:09:08.0589 4868 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
16:09:08.0598 4868 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
16:09:08.0598 4868 C:\Windows\System32\dnssd.dll - ok
16:09:08.0605 4868 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
16:09:08.0606 4868 C:\Program Files\Bonjour\mDNSResponder.exe - ok
16:09:08.0613 4868 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
16:09:08.0613 4868 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
16:09:08.0620 4868 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
16:09:08.0620 4868 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
16:09:08.0628 4868 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
16:09:08.0628 4868 C:\Windows\System32\wdscore.dll - ok
16:09:08.0635 4868 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
16:09:08.0635 4868 C:\Windows\System32\vssapi.dll - ok
16:09:08.0641 4868 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll
16:09:08.0641 4868 C:\Windows\System32\fltLib.dll - ok
16:09:08.0649 4868 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
16:09:08.0649 4868 C:\Windows\System32\taskschd.dll - ok
16:09:08.0656 4868 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
16:09:08.0656 4868 C:\Windows\System32\WSDApi.dll - ok
16:09:08.0664 4868 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll
16:09:08.0664 4868 C:\Windows\System32\httpapi.dll - ok
16:09:08.0670 4868 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
16:09:08.0670 4868 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
16:09:08.0678 4868 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
16:09:08.0678 4868 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
16:09:08.0685 4868 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
16:09:08.0685 4868 C:\Windows\System32\fundisc.dll - ok
16:09:08.0692 4868 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
16:09:08.0692 4868 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
16:09:08.0700 4868 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
16:09:08.0700 4868 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
16:09:08.0708 4868 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
16:09:08.0708 4868 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
16:09:08.0716 4868 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
16:09:08.0716 4868 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
16:09:08.0722 4868 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
16:09:08.0722 4868 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
16:09:08.0730 4868 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
16:09:08.0730 4868 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
16:09:08.0737 4868 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
16:09:08.0737 4868 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
16:09:08.0745 4868 [ CB686F44BF955EA02520710A56874FA4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
16:09:08.0745 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
16:09:08.0753 4868 [ EE4C7A4CF2316701FFDE90F404520265 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
16:09:08.0753 4868 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
16:09:08.0760 4868 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
16:09:08.0760 4868 C:\Windows\System32\diagperf.dll - ok
16:09:08.0767 4868 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
16:09:08.0767 4868 C:\Windows\System32\msxml3.dll - ok
16:09:08.0774 4868 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
16:09:08.0774 4868 C:\Windows\System32\winspool.drv - ok
16:09:08.0781 4868 [ 974EE55B9A17D606A783ADD021AA65AD ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
16:09:08.0781 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
16:09:08.0789 4868 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12122101\ArPot.dll
16:09:08.0789 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\ArPot.dll - ok
16:09:08.0796 4868 [ CFB58C9A53B56892817C3519E32C4502 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
16:09:08.0796 4868 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
16:09:08.0803 4868 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
16:09:08.0805 4868 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
16:09:08.0817 4868 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
16:09:08.0817 4868 C:\Windows\System32\vsstrace.dll - ok
16:09:08.0824 4868 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
16:09:08.0824 4868 C:\Windows\System32\cryptnet.dll - ok
16:09:08.0831 4868 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
16:09:08.0831 4868 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
16:09:08.0839 4868 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
16:09:08.0839 4868 C:\Windows\System32\pnpts.dll - ok
16:09:08.0845 4868 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
16:09:08.0845 4868 C:\Windows\System32\SensApi.dll - ok
16:09:08.0853 4868 [ AC31C3FC0B28F54F4873C5136BE525F8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
16:09:08.0853 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
16:09:08.0860 4868 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
16:09:08.0860 4868 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
16:09:08.0867 4868 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
16:09:08.0867 4868 C:\Windows\System32\wbem\wbemprox.dll - ok
16:09:08.0875 4868 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
16:09:08.0875 4868 C:\Windows\System32\wbemcomn.dll - ok
16:09:08.0882 4868 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
16:09:08.0882 4868 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
16:09:08.0890 4868 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
16:09:08.0890 4868 C:\Windows\System32\drivers\PEAuth.sys - ok
16:09:08.0896 4868 [ 2969D26EEE289BE7422AA46FC55F4E38 ] C:\Windows\System32\HPZinw12.dll
16:09:08.0896 4868 C:\Windows\System32\HPZinw12.dll - ok
16:09:08.0904 4868 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
16:09:08.0904 4868 C:\Windows\System32\ncsi.dll - ok
16:09:08.0912 4868 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
16:09:08.0912 4868 C:\Windows\System32\cfgmgr32.dll - ok
16:09:08.0920 4868 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
16:09:08.0920 4868 C:\Windows\System32\ssdpapi.dll - ok
16:09:08.0927 4868 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12122101\exts.dll
16:09:08.0927 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\exts.dll - ok
16:09:08.0936 4868 [ BAFC9706BDF425A02B66468AB2605C59 ] C:\Windows\System32\HPZipm12.dll
16:09:08.0936 4868 C:\Windows\System32\HPZipm12.dll - ok
16:09:08.0947 4868 [ 6803B69C14696CC4907C5F77FBB04A14 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
16:09:08.0947 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
16:09:08.0955 4868 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
16:09:08.0955 4868 C:\Windows\System32\IPSECSVC.DLL - ok
16:09:08.0961 4868 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
16:09:08.0961 4868 C:\Windows\System32\winrnr.dll - ok
16:09:08.0969 4868 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
16:09:08.0969 4868 C:\Program Files\Bonjour\mdnsNSP.dll - ok
16:09:08.0975 4868 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
16:09:08.0975 4868 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
16:09:08.0982 4868 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
16:09:08.0983 4868 C:\Windows\System32\rasadhlp.dll - ok
16:09:08.0989 4868 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
16:09:08.0989 4868 C:\Windows\System32\dllhost.exe - ok
16:09:08.0998 4868 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
16:09:08.0998 4868 C:\Windows\System32\security.dll - ok
16:09:09.0004 4868 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
16:09:09.0004 4868 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
16:09:09.0011 4868 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswAR.dll
16:09:09.0011 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswAR.dll - ok
16:09:09.0019 4868 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
16:09:09.0019 4868 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
16:09:09.0026 4868 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswRawFS.dll
16:09:09.0026 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aswRawFS.dll - ok
16:09:09.0034 4868 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
16:09:09.0034 4868 C:\Windows\System32\shfolder.dll - ok
16:09:09.0040 4868 [ BE551442445B13E114EB67F0E2216F89 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
16:09:09.0040 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
16:09:09.0048 4868 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
16:09:09.0048 4868 C:\Windows\System32\shimeng.dll - ok
16:09:09.0055 4868 [ 95A0B86B9F1D27B613830864341A8252 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
16:09:09.0055 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe - ok
16:09:09.0061 4868 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
16:09:09.0061 4868 C:\Windows\System32\FwRemoteSvr.dll - ok
16:09:09.0069 4868 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
16:09:09.0069 4868 C:\Windows\System32\mfc42.dll - ok
16:09:09.0075 4868 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
16:09:09.0075 4868 C:\Windows\System32\msvcp60.dll - ok
16:09:09.0083 4868 [ B9570481A1BABCC4A9E941C553596077 ] C:\Windows\SMINST\BLService.exe
16:09:09.0083 4868 C:\Windows\SMINST\BLService.exe - ok
16:09:09.0089 4868 [ BA3DE6760CC3C158666C23631203456A ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll
16:09:09.0090 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
16:09:09.0094 4868 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
16:09:09.0094 4868 C:\Windows\System32\oledlg.dll - ok
16:09:09.0101 4868 [ 443AC12BCAC09A14DD5D665A2278565F ] C:\Windows\SMINST\STDisks.dll
16:09:09.0101 4868 C:\Windows\SMINST\STDisks.dll - ok
16:09:09.0108 4868 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll
16:09:09.0108 4868 C:\Windows\System32\msdmo.dll - ok
16:09:09.0116 4868 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
16:09:09.0116 4868 C:\Windows\System32\taskeng.exe - ok
16:09:09.0122 4868 [ C45E8D6B795AA8D1DAA889ECFD83708E ] C:\Windows\SMINST\CSTError.dll
16:09:09.0122 4868 C:\Windows\SMINST\CSTError.dll - ok
16:09:09.0131 4868 [ A80F29D1DB2321C937D65DCA0EE4E032 ] C:\Windows\SMINST\STString.dll
16:09:09.0131 4868 C:\Windows\SMINST\STString.dll - ok
16:09:09.0137 4868 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll
16:09:09.0137 4868 C:\Windows\System32\devenum.dll - ok
16:09:09.0145 4868 [ 487611EF7C7D4D31BFE18B890F4DFF85 ] C:\Windows\SMINST\STVdsDisks.dll
16:09:09.0145 4868 C:\Windows\SMINST\STVdsDisks.dll - ok
16:09:09.0152 4868 [ E98444D0CB6459A750FB594B31194F7C ] C:\Windows\SMINST\STSystems.dll
16:09:09.0152 4868 C:\Windows\SMINST\STSystems.dll - ok
16:09:09.0159 4868 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
16:09:09.0159 4868 C:\Windows\System32\localspl.dll - ok
16:09:09.0167 4868 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll
16:09:09.0167 4868 C:\Windows\System32\avicap32.dll - ok
16:09:09.0173 4868 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
16:09:09.0175 4868 C:\Windows\System32\msvfw32.dll - ok
16:09:09.0181 4868 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
16:09:09.0181 4868 C:\Windows\System32\sfc.dll - ok
16:09:09.0187 4868 [ F2DC53CF413BF5AE7491C4D2A188D022 ] C:\Windows\SMINST\STWmiM.dll
16:09:09.0187 4868 C:\Windows\SMINST\STWmiM.dll - ok
16:09:09.0196 4868 [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\System32\vfwwdm32.dll
16:09:09.0196 4868 C:\Windows\System32\vfwwdm32.dll - ok
16:09:09.0202 4868 [ 74EF6DE3D8953ADF663CA892B22E5AD6 ] C:\Windows\System32\apdfprintmon.dll
16:09:09.0202 4868 C:\Windows\System32\apdfprintmon.dll - ok
16:09:09.0210 4868 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
16:09:09.0210 4868 C:\Windows\System32\TSChannel.dll - ok
16:09:09.0217 4868 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
16:09:09.0217 4868 C:\Windows\AppPatch\AcGenral.dll - ok
16:09:09.0225 4868 [ 462FA0377835A305836580A3D00D0446 ] C:\Windows\System32\hpz3l5mu.dll
16:09:09.0225 4868 C:\Windows\System32\hpz3l5mu.dll - ok
16:09:09.0232 4868 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
16:09:09.0232 4868 C:\Windows\System32\AtBroker.exe - ok
16:09:09.0239 4868 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
16:09:09.0239 4868 C:\Windows\System32\msonpmon.dll - ok
16:09:09.0247 4868 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
16:09:09.0247 4868 C:\Windows\System32\HotStartUserAgent.dll - ok
16:09:09.0254 4868 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
16:09:09.0254 4868 C:\Windows\System32\msi.dll - ok
16:09:09.0261 4868 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
16:09:09.0261 4868 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
16:09:09.0268 4868 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
16:09:09.0268 4868 C:\Windows\System32\sfc_os.dll - ok
16:09:09.0276 4868 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
16:09:09.0276 4868 C:\Windows\System32\PlaySndSrv.dll - ok
16:09:09.0283 4868 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
16:09:09.0283 4868 C:\Windows\System32\tcpmon.dll - ok
16:09:09.0290 4868 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
16:09:09.0290 4868 C:\Windows\System32\userinit.exe - ok
16:09:09.0297 4868 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
16:09:09.0297 4868 C:\Windows\System32\MsCtfMonitor.dll - ok
16:09:09.0304 4868 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
16:09:09.0304 4868 C:\Windows\System32\msutb.dll - ok
16:09:09.0311 4868 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
16:09:09.0311 4868 C:\Windows\System32\dwmapi.dll - ok
16:09:09.0322 4868 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
16:09:09.0322 4868 C:\Windows\System32\snmpapi.dll - ok
16:09:09.0326 4868 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
16:09:09.0327 4868 C:\Windows\System32\wsnmp32.dll - ok
16:09:09.0333 4868 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
16:09:09.0333 4868 C:\Windows\System32\TMM.dll - ok
16:09:09.0340 4868 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
16:09:09.0341 4868 C:\Windows\System32\drivers\secdrv.sys - ok
16:09:09.0344 4868 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
16:09:09.0345 4868 C:\Windows\System32\d3d9.dll - ok
16:09:09.0351 4868 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
16:09:09.0351 4868 C:\Windows\System32\tcpmib.dll - ok
16:09:09.0358 4868 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
16:09:09.0358 4868 C:\Windows\System32\mgmtapi.dll - ok
16:09:09.0365 4868 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
16:09:09.0365 4868 C:\Windows\System32\dwmredir.dll - ok
16:09:09.0372 4868 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
16:09:09.0372 4868 C:\Windows\System32\usbmon.dll - ok
16:09:09.0379 4868 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
16:09:09.0379 4868 C:\Windows\System32\d3d8thk.dll - ok
16:09:09.0386 4868 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
16:09:09.0386 4868 C:\Windows\System32\milcore.dll - ok
16:09:09.0392 4868 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
16:09:09.0393 4868 C:\Windows\System32\WSDMon.dll - ok
16:09:09.0399 4868 [ 4436588C55BBCA0D617A82DDE767B792 ] C:\Windows\System32\vdsldr.exe
16:09:09.0399 4868 C:\Windows\System32\vdsldr.exe - ok
16:09:09.0406 4868 [ 27C03E086B8794D1F4032A4F99EE3E22 ] C:\Windows\System32\igdumdx32.dll
16:09:09.0407 4868 C:\Windows\System32\igdumdx32.dll - ok
16:09:09.0414 4868 [ FE7742C93F6904A9B08BC6749C039CE9 ] C:\Windows\System32\vdsutil.dll
16:09:09.0414 4868 C:\Windows\System32\vdsutil.dll - ok
16:09:09.0423 4868 [ 0A584EAAF70A171E919D8CE592407E94 ] C:\Windows\System32\vds_ps.dll
16:09:09.0423 4868 C:\Windows\System32\vds_ps.dll - ok
16:09:09.0429 4868 [ 7198BBFBE46C0070257278C536386687 ] C:\Program Files\Secunia\PSI\psia.exe
16:09:09.0429 4868 C:\Program Files\Secunia\PSI\psia.exe - ok
16:09:09.0437 4868 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\System32\jscript.dll
16:09:09.0437 4868 C:\Windows\System32\jscript.dll - ok
16:09:09.0443 4868 [ 5CAD3305D45EE45685910D2B2A030AFB ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5mu.dll
16:09:09.0444 4868 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5mu.dll - ok
16:09:09.0451 4868 [ D2FCA567F9BE87E29B9A9FA32FFE79CA ] C:\Program Files\Secunia\PSI\sua.exe
16:09:09.0451 4868 C:\Program Files\Secunia\PSI\sua.exe - ok
16:09:09.0458 4868 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
16:09:09.0458 4868 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
16:09:09.0465 4868 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
16:09:09.0466 4868 C:\Windows\System32\drivers\tcpipreg.sys - ok
16:09:09.0474 4868 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
16:09:09.0474 4868 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
16:09:09.0480 4868 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
16:09:09.0480 4868 C:\Windows\System32\wiatrace.dll - ok
16:09:09.0488 4868 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
16:09:09.0488 4868 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
16:09:09.0494 4868 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
16:09:09.0494 4868 C:\Windows\System32\icaapi.dll - ok
16:09:09.0502 4868 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
16:09:09.0502 4868 C:\Windows\System32\wbem\WinMgmtR.dll - ok
16:09:09.0508 4868 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
16:09:09.0509 4868 C:\Windows\System32\win32spl.dll - ok
16:09:09.0516 4868 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
16:09:09.0516 4868 C:\Windows\System32\wsdchngr.dll - ok
16:09:09.0523 4868 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
16:09:09.0523 4868 C:\Windows\System32\netrap.dll - ok
16:09:09.0530 4868 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
16:09:09.0530 4868 C:\Windows\System32\printcom.dll - ok
16:09:09.0537 4868 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
16:09:09.0537 4868 C:\Windows\System32\inetpp.dll - ok
16:09:09.0543 4868 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
16:09:09.0543 4868 C:\Windows\System32\tquery.dll - ok
16:09:09.0551 4868 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
16:09:09.0551 4868 C:\Windows\System32\PortableDeviceApi.dll - ok
16:09:09.0558 4868 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
16:09:09.0558 4868 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
16:09:09.0566 4868 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
16:09:09.0566 4868 C:\Windows\System32\mssrch.dll - ok
16:09:09.0572 4868 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
16:09:09.0572 4868 C:\Windows\System32\netprofm.dll - ok
16:09:09.0580 4868 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
16:09:09.0580 4868 C:\Windows\System32\msidle.dll - ok
16:09:09.0586 4868 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
16:09:09.0586 4868 C:\Windows\System32\sqmapi.dll - ok
16:09:09.0593 4868 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
16:09:09.0593 4868 C:\Windows\System32\Query.dll - ok
16:09:09.0598 4868 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
16:09:09.0598 4868 C:\Windows\System32\npmproxy.dll - ok
16:09:09.0604 4868 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
16:09:09.0605 4868 C:\Windows\System32\hnetcfg.dll - ok
16:09:09.0613 4868 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
16:09:09.0613 4868 C:\Windows\System32\wbem\wbemcore.dll - ok
16:09:09.0620 4868 [ CD569FA91EC6F59D045C19D0D3850F44 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
16:09:09.0620 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe - ok
16:09:09.0627 4868 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
16:09:09.0627 4868 C:\Windows\System32\ieframe.dll - ok
16:09:09.0635 4868 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
16:09:09.0635 4868 C:\Windows\System32\en-US\tquery.dll.mui - ok
16:09:09.0643 4868 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
16:09:09.0643 4868 C:\Windows\explorer.exe - ok
16:09:09.0650 4868 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
16:09:09.0650 4868 C:\Windows\System32\wbem\esscli.dll - ok
16:09:09.0656 4868 [ 238C3965DD2E6D2C59D79A3125CE8A0A ] C:\Windows\System32\igdumd32.dll
16:09:09.0656 4868 C:\Windows\System32\igdumd32.dll - ok
16:09:09.0664 4868 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
16:09:09.0664 4868 C:\Windows\System32\wbem\fastprox.dll - ok
16:09:09.0672 4868 [ D4C7C8129B2EDCF1AF96A643A11ED5EE ] C:\Windows\System32\igfxTMM.dll
16:09:09.0672 4868 C:\Windows\System32\igfxTMM.dll - ok
16:09:09.0679 4868 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
16:09:09.0679 4868 C:\Windows\System32\wbem\wbemsvc.dll - ok
16:09:09.0686 4868 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
16:09:09.0686 4868 C:\Windows\System32\wbem\wmiutils.dll - ok
16:09:09.0693 4868 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
16:09:09.0693 4868 C:\Windows\System32\wbem\repdrvfs.dll - ok
16:09:09.0700 4868 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
16:09:09.0700 4868 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
16:09:09.0707 4868 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
16:09:09.0707 4868 C:\Windows\System32\uDWM.dll - ok
16:09:09.0714 4868 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
16:09:09.0714 4868 C:\Windows\System32\shdocvw.dll - ok
16:09:09.0721 4868 [ 75C1CA5B61414748CE9BCF3C7A52C39F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
16:09:09.0721 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll - ok
16:09:09.0730 4868 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
16:09:09.0730 4868 C:\Windows\System32\wbem\wbemess.dll - ok
16:09:09.0737 4868 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
16:09:09.0737 4868 C:\Windows\System32\esent.dll - ok
16:09:09.0745 4868 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
16:09:09.0745 4868 C:\Windows\System32\p2pcollab.dll - ok
16:09:09.0751 4868 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
16:09:09.0752 4868 C:\Windows\System32\browseui.dll - ok
16:09:09.0760 4868 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
16:09:09.0760 4868 C:\Windows\System32\msscb.dll - ok
16:09:09.0766 4868 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
16:09:09.0766 4868 C:\Windows\System32\QAGENT.DLL - ok
16:09:09.0774 4868 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe
16:09:09.0774 4868 C:\Windows\System32\wermgr.exe - ok
16:09:09.0781 4868 [ 1F174A1BF0B7718ECB8D1821AD1D3166 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll
16:09:09.0781 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll - ok
16:09:09.0788 4868 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
16:09:09.0788 4868 C:\Windows\System32\rastapi.dll - ok
16:09:09.0795 4868 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
16:09:09.0795 4868 C:\Windows\System32\QUTIL.DLL - ok
16:09:09.0802 4868 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
16:09:09.0802 4868 C:\Windows\System32\unimdm.tsp - ok
16:09:09.0809 4868 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
16:09:09.0810 4868 C:\Windows\System32\uniplat.dll - ok
16:09:09.0817 4868 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
16:09:09.0817 4868 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
16:09:09.0826 4868 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
16:09:09.0826 4868 C:\Windows\System32\wer.dll - ok
16:09:09.0832 4868 [ 54E18ADDC60A2054CF99B2E847A6D378 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll
16:09:09.0832 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll - ok
16:09:09.0840 4868 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
16:09:09.0840 4868 C:\Windows\System32\EhStorShell.dll - ok
16:09:09.0846 4868 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
16:09:09.0846 4868 C:\Windows\System32\kmddsp.tsp - ok
16:09:09.0852 4868 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
16:09:09.0852 4868 C:\Windows\System32\ndptsp.tsp - ok
16:09:09.0858 4868 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
16:09:09.0858 4868 C:\Windows\System32\hidphone.tsp - ok
16:09:09.0864 4868 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
16:09:09.0864 4868 C:\Windows\System32\rasppp.dll - ok
16:09:09.0872 4868 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
16:09:09.0872 4868 C:\Windows\System32\mprapi.dll - ok
16:09:09.0879 4868 [ 6BCBED73231F5D30B92DEE591B6679E9 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
16:09:09.0879 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll - ok
16:09:09.0886 4868 [ FCC3E0BD8F0BB1F9751F58BC76CB9E47 ] C:\Program Files\Google\Drive\googledrivesync32.dll
16:09:09.0886 4868 C:\Program Files\Google\Drive\googledrivesync32.dll - ok
16:09:09.0893 4868 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe
16:09:09.0893 4868 C:\Windows\System32\wercon.exe - ok
16:09:09.0900 4868 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
16:09:09.0900 4868 C:\Windows\System32\rasqec.dll - ok
16:09:09.0907 4868 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
16:09:09.0907 4868 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
16:09:09.0914 4868 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
16:09:09.0915 4868 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
16:09:09.0927 4868 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
16:09:09.0927 4868 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
16:09:09.0933 4868 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
16:09:09.0933 4868 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
16:09:09.0940 4868 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
16:09:09.0940 4868 C:\Windows\System32\imageres.dll - ok
16:09:09.0946 4868 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
16:09:09.0946 4868 C:\Windows\System32\cryptui.dll - ok
16:09:09.0954 4868 [ B80933A7E3D63277A23F9882BF839DB5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
16:09:09.0954 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll - ok
16:09:09.0961 4868 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
16:09:09.0961 4868 C:\Windows\System32\netshell.dll - ok
16:09:09.0968 4868 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
16:09:09.0969 4868 C:\Windows\System32\IconCodecService.dll - ok
16:09:09.0975 4868 [ DE35EFF35C9EB0B381709CF979537E2A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll
16:09:09.0975 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll - ok
16:09:09.0983 4868 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
16:09:09.0984 4868 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
16:09:09.0990 4868 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
16:09:09.0990 4868 C:\Windows\System32\wbem\cimwin32.dll - ok
16:09:09.0997 4868 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
16:09:09.0998 4868 C:\Windows\System32\framedynos.dll - ok
16:09:10.0005 4868 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
16:09:10.0005 4868 C:\Windows\System32\wmi.dll - ok
16:09:10.0011 4868 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
16:09:10.0012 4868 C:\Windows\System32\upnp.dll - ok
16:09:10.0020 4868 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
16:09:10.0020 4868 C:\Program Files\Windows Calendar\WinCal.exe - ok
16:09:10.0027 4868 [ E01A3A0B77F1C01F0C1289AC29114AEE ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll
16:09:10.0027 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll - ok
16:09:10.0034 4868 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
16:09:10.0034 4868 C:\Windows\System32\dot3api.dll - ok
16:09:10.0041 4868 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
16:09:10.0041 4868 C:\Windows\System32\wlanhlp.dll - ok
16:09:10.0048 4868 [ 9E816AEEDB04745C3F3D74DDE90BD79A ] C:\Windows\System32\igfxdev.dll
16:09:10.0048 4868 C:\Windows\System32\igfxdev.dll - ok
16:09:10.0055 4868 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\Windows\System32\PresentationSettings.exe
16:09:10.0055 4868 C:\Windows\System32\PresentationSettings.exe - ok
16:09:10.0062 4868 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
16:09:10.0062 4868 C:\Windows\System32\dimsjob.dll - ok
16:09:10.0070 4868 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
16:09:10.0070 4868 C:\Windows\System32\pautoenr.dll - ok
16:09:10.0078 4868 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
16:09:10.0078 4868 C:\Windows\System32\certcli.dll - ok
16:09:10.0084 4868 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
16:09:10.0084 4868 C:\Windows\System32\CertEnroll.dll - ok
16:09:10.0090 4868 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
16:09:10.0090 4868 C:\Windows\System32\wbem\NCProv.dll - ok
16:09:10.0098 4868 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
16:09:10.0098 4868 C:\Windows\System32\wbem\wbemcons.dll - ok
16:09:10.0102 4868 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
16:09:10.0102 4868 C:\Windows\System32\SearchProtocolHost.exe - ok
16:09:10.0109 4868 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
16:09:10.0109 4868 C:\Windows\System32\msshooks.dll - ok
16:09:10.0117 4868 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
16:09:10.0117 4868 C:\Windows\System32\mssvp.dll - ok
16:09:10.0123 4868 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
16:09:10.0123 4868 C:\Windows\System32\mapi32.dll - ok
16:09:10.0131 4868 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
16:09:10.0131 4868 C:\Windows\System32\mssph.dll - ok
16:09:10.0138 4868 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
16:09:10.0138 4868 C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL - ok
16:09:10.0145 4868 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll
16:09:10.0145 4868 C:\Windows\System32\msfeeds.dll - ok
16:09:10.0153 4868 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
16:09:10.0153 4868 C:\Windows\System32\SearchFilterHost.exe - ok
16:09:10.0163 4868 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
16:09:10.0164 4868 C:\Windows\System32\mssprxy.dll - ok
16:09:10.0170 4868 [ 7C0FC379D4B066C2D2189792DED0E4AA ] C:\Windows\System32\xmlfilter.dll
16:09:10.0170 4868 C:\Windows\System32\xmlfilter.dll - ok
16:09:10.0177 4868 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
16:09:10.0177 4868 C:\Windows\System32\ntshrui.dll - ok
16:09:10.0184 4868 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
16:09:10.0184 4868 C:\Windows\System32\pcadm.dll - ok
16:09:10.0192 4868 [ CE0FCEC4D4D860F36D972759B11EAF0F ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
16:09:10.0192 4868 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
16:09:10.0200 4868 [ 4439563F1ABFAC3C191B28D97B00578D ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
16:09:10.0200 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
16:09:10.0208 4868 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll
16:09:10.0209 4868 C:\Windows\System32\wbem\wmipcima.dll - ok
16:09:10.0215 4868 [ 86596778315062303F4F69B70D6E54B4 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
16:09:10.0215 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
16:09:10.0223 4868 [ 304160DEB2D59721E38D807A99C74298 ] C:\Windows\System32\osuninst.dll
16:09:10.0223 4868 C:\Windows\System32\osuninst.dll - ok
16:09:10.0231 4868 [ BB44CEE22800862E666974E7B14A1111 ] C:\Windows\System32\uexfat.dll
16:09:10.0231 4868 C:\Windows\System32\uexfat.dll - ok
16:09:10.0239 4868 [ 347B2194CF9AF418DBCB2DB4023CAFA6 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
16:09:10.0240 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
16:09:10.0247 4868 [ 5C9541EFCE477BFCFFD0EF9B1A175457 ] C:\Windows\System32\ulib.dll
16:09:10.0247 4868 C:\Windows\System32\ulib.dll - ok
16:09:10.0254 4868 [ EE3ECC1BC7CFE6B121291F85CA1831C4 ] C:\Windows\System32\ifsutil.dll
16:09:10.0254 4868 C:\Windows\System32\ifsutil.dll - ok
16:09:10.0261 4868 [ 6E2C2D1A925AEFDA224534A96109DEED ] C:\Windows\System32\uudf.dll
16:09:10.0261 4868 C:\Windows\System32\uudf.dll - ok
16:09:10.0268 4868 [ D30A7946B3207C9DBE40361E3B083716 ] C:\Windows\System32\untfs.dll
16:09:10.0268 4868 C:\Windows\System32\untfs.dll - ok
16:09:10.0276 4868 [ 127AAAB0D465F5A4375E570750A5D562 ] C:\Windows\System32\ufat.dll
16:09:10.0276 4868 C:\Windows\System32\ufat.dll - ok
16:09:10.0282 4868 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
16:09:10.0282 4868 C:\Windows\System32\actxprxy.dll - ok
16:09:10.0291 4868 [ 68886FE98B9DAAD197828AB065AA8AE1 ] C:\Windows\System32\fmifs.dll
16:09:10.0291 4868 C:\Windows\System32\fmifs.dll - ok
16:09:10.0301 4868 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
16:09:10.0301 4868 C:\Windows\System32\runonce.exe - ok
16:09:10.0306 4868 [ 759CAC5C047B3DE16E2A59351527DBB3 ] C:\Windows\System32\vdsdyn.dll
16:09:10.0307 4868 C:\Windows\System32\vdsdyn.dll - ok
16:09:10.0313 4868 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
16:09:10.0313 4868 C:\Windows\System32\cmd.exe - ok
16:09:10.0320 4868 [ B5AF921AAFF91AE3A47AA58CD2E1439F ] C:\Windows\System32\vdsbas.dll
16:09:10.0320 4868 C:\Windows\System32\vdsbas.dll - ok
16:09:10.0327 4868 [ C524572771BF4F2432D00D681721C599 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
16:09:10.0327 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
16:09:10.0335 4868 [ E5B77F198B009EC598645B1A46F89301 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
16:09:10.0335 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
16:09:10.0343 4868 [ 5F6359756DBCC901276BC2B62460FA64 ] C:\Windows\System32\quartz.dll
16:09:10.0343 4868 C:\Windows\System32\quartz.dll - ok
16:09:10.0349 4868 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
16:09:10.0349 4868 C:\Windows\System32\dxva2.dll - ok
16:09:10.0354 4868 [ 9F4C8DA21AC626BFB92DD9C7C6FF7F23 ] C:\Windows\System32\hbaapi.dll
16:09:10.0354 4868 C:\Windows\System32\hbaapi.dll - ok
16:09:10.0360 4868 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\Windows\System32\qcap.dll
16:09:10.0360 4868 C:\Windows\System32\qcap.dll - ok
16:09:10.0367 4868 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\System32\ksproxy.ax
16:09:10.0367 4868 C:\Windows\System32\ksproxy.ax - ok
16:09:10.0374 4868 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
16:09:10.0374 4868 C:\Windows\System32\dssenh.dll - ok
16:09:10.0381 4868 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\System32\vidcap.ax
16:09:10.0381 4868 C:\Windows\System32\vidcap.ax - ok
16:09:10.0388 4868 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\Windows\System32\Kswdmcap.ax
16:09:10.0388 4868 C:\Windows\System32\Kswdmcap.ax - ok
16:09:10.0394 4868 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\Windows\System32\drivers\mspqm.sys
16:09:10.0395 4868 C:\Windows\System32\drivers\mspqm.sys - ok
16:09:10.0403 4868 [ 0576C771DC0A20C49C3BA08D9013AB61 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
16:09:10.0403 4868 C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
16:09:10.0410 4868 [ 22A59AEE016116DC19971B6151F8D158 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
16:09:10.0410 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
16:09:10.0418 4868 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
16:09:10.0418 4868 C:\Windows\System32\wbem\wmiprov.dll - ok
16:09:10.0425 4868 [ 00A94903C257A40324CB671D148782C4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
16:09:10.0425 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
16:09:10.0434 4868 [ D24DFD16A1E2A76034DF5AA18125C35D ] C:\Windows\System32\drivers\psi_mf.sys
16:09:10.0434 4868 C:\Windows\System32\drivers\psi_mf.sys - ok
16:09:10.0442 4868 [ 83797EBD8DB0FA55FF651B2393876DEE ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
16:09:10.0442 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
16:09:10.0450 4868 [ 6E1AC019C8FD1997BF5A17DA93627510 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
16:09:10.0450 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
16:09:10.0456 4868 [ DD348DA5669282C80A3DE4D8991DB717 ] C:\Windows\System32\iscsium.dll
16:09:10.0456 4868 C:\Windows\System32\iscsium.dll - ok
16:09:10.0463 4868 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
16:09:10.0463 4868 C:\Windows\System32\drivers\cdfs.sys - ok
16:09:10.0471 4868 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
16:09:10.0471 4868 C:\Windows\System32\NaturalLanguage6.dll - ok
16:09:10.0478 4868 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Brandrea\AppData\Local\temp\D5A1666A-4554-4B12-8AC2-42A583814059.exe
16:09:10.0478 4868 C:\Users\Brandrea\AppData\Local\temp\D5A1666A-4554-4B12-8AC2-42A583814059.exe - ok
16:09:10.0486 4868 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
16:09:10.0486 4868 C:\Windows\System32\NlsData0009.dll - ok
16:09:10.0492 4868 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
16:09:10.0492 4868 C:\Windows\System32\NlsLexicons0009.dll - ok
16:09:10.0500 4868 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
16:09:10.0500 4868 C:\Windows\System32\ie4uinit.exe - ok
16:09:10.0506 4868 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
16:09:10.0506 4868 C:\Windows\System32\iedkcs32.dll - ok
16:09:10.0514 4868 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
16:09:10.0514 4868 C:\Windows\System32\timedate.cpl - ok
16:09:10.0520 4868 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
16:09:10.0521 4868 C:\Windows\System32\msshsq.dll - ok
16:09:10.0527 4868 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
16:09:10.0527 4868 C:\Windows\System32\networkexplorer.dll - ok
16:09:10.0535 4868 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
16:09:10.0535 4868 C:\Windows\System32\linkinfo.dll - ok
16:09:10.0541 4868 [ 88155D3D23CA8A1DFB1F45EE3E4C8DF8 ] C:\Program Files\uTorrent\uTorrent.exe
16:09:10.0541 4868 C:\Program Files\uTorrent\uTorrent.exe - ok
16:09:10.0549 4868 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
16:09:10.0549 4868 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
16:09:10.0556 4868 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
16:09:10.0557 4868 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
16:09:10.0564 4868 [ 3A9B8F990FD35252F20A3804AB9792CF ] C:\Windows\System32\hkcmd.exe
16:09:10.0564 4868 C:\Windows\System32\hkcmd.exe - ok
16:09:10.0570 4868 [ A3DA90B10DA9DD521D8969C6232ED85B ] C:\Windows\System32\igfxpers.exe
16:09:10.0570 4868 C:\Windows\System32\igfxpers.exe - ok
16:09:10.0578 4868 [ 83F71A2FBA72D692DF9B23E2323B2895 ] C:\Windows\System32\igfxsrvc.exe
16:09:10.0578 4868 C:\Windows\System32\igfxsrvc.exe - ok
16:09:10.0584 4868 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
16:09:10.0585 4868 C:\Windows\System32\msiltcfg.dll - ok
16:09:10.0591 4868 [ B669ADB56ABE22BA2B69A96D6CEE8508 ] C:\Windows\System32\hccutils.dll
16:09:10.0591 4868 C:\Windows\System32\hccutils.dll - ok
16:09:10.0599 4868 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
16:09:10.0599 4868 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
16:09:10.0602 4868 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
16:09:10.0603 4868 C:\Windows\System32\thumbcache.dll - ok
16:09:10.0610 4868 [ 720C8EE22B359ED438BDA19F6F603345 ] C:\Windows\System32\igfxsrvc.dll
16:09:10.0610 4868 C:\Windows\System32\igfxsrvc.dll - ok
16:09:10.0617 4868 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
16:09:10.0617 4868 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
16:09:10.0626 4868 [ 4ABAD35E39673AE5A90B3FC0D0D155F6 ] C:\Program Files\Pure Networks\Network Magic\nmspce2.dll
16:09:10.0627 4868 C:\Program Files\Pure Networks\Network Magic\nmspce2.dll - ok
16:09:10.0632 4868 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
16:09:10.0632 4868 C:\Windows\System32\riched20.dll - ok
16:09:10.0639 4868 [ 1454EF54C3B92FC2636DE1D421A119E7 ] C:\Program Files\Pure Networks\Network Magic\nmrsrc.dll
16:09:10.0639 4868 C:\Program Files\Pure Networks\Network Magic\nmrsrc.dll - ok
16:09:10.0647 4868 [ C0BA1E3A4EB73DD5A104C8C9ABC972B6 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
16:09:10.0647 4868 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
16:09:10.0654 4868 [ 093119ED29313016E0BF42A9EC424F29 ] C:\Program Files\Google\Drive\googledrivesync.exe
16:09:10.0654 4868 C:\Program Files\Google\Drive\googledrivesync.exe - ok
16:09:10.0662 4868 [ 276AC7BAE1F596A3A1D4B6D43AEF099C ] C:\Users\Brandrea\Documents\Brett\uTorrent.exe
16:09:10.0662 4868 C:\Users\Brandrea\Documents\Brett\uTorrent.exe - ok
16:09:10.0669 4868 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
16:09:10.0669 4868 C:\Windows\System32\ExplorerFrame.dll - ok
16:09:10.0676 4868 [ 13CC964E280C9A15636ACBE5C4E5A575 ] C:\Windows\System32\igfxrenu.lrc
16:09:10.0676 4868 C:\Windows\System32\igfxrenu.lrc - ok
16:09:10.0683 4868 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files\Mozilla Firefox\firefox.exe
16:09:10.0683 4868 C:\Program Files\Mozilla Firefox\firefox.exe - ok
16:09:10.0697 4868 [ 544C1EF07AEC178A83538A251A72CE13 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
16:09:10.0697 4868 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe - ok
16:09:10.0708 4868 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Users\Brandrea\Desktop\aswMBR.exe
16:09:10.0708 4868 C:\Users\Brandrea\Desktop\aswMBR.exe - ok
16:09:10.0713 4868 [ 130203D3313A0323DC333B941C3AA87A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll
16:09:10.0713 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll - ok
16:09:10.0720 4868 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Brandrea\Desktop\tdsskiller.exe
16:09:10.0720 4868 C:\Users\Brandrea\Desktop\tdsskiller.exe - ok
16:09:10.0728 4868 [ 4FB92AE36BC59614EE99341C44314AC8 ] C:\Windows\System32\SynCOM.dll
16:09:10.0728 4868 C:\Windows\System32\SynCOM.dll - ok
16:09:10.0735 4868 [ 8CB896C573FD15AE8B13180DA53E93D2 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
16:09:10.0735 4868 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
16:09:10.0743 4868 [ 93448A62310905579B9D4C5B6DA26433 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll
16:09:10.0744 4868 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll - ok
16:09:10.0752 4868 [ 7FC2BD5163B16D02F71BE06F3547B11D ] C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
16:09:10.0752 4868 C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe - ok
16:09:10.0760 4868 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\87525902.sys
16:09:10.0760 4868 C:\Windows\System32\drivers\87525902.sys - ok
16:09:10.0767 4868 [ 0D286C0FE561D1A7EB30E83A0FF305B2 ] C:\Program Files\Internet Explorer\iexplore.exe
16:09:10.0767 4868 C:\Program Files\Internet Explorer\iexplore.exe - ok
16:09:10.0775 4868 [ D50FDAD1E57AA60F1973CFC77D905F0E ] C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
16:09:10.0775 4868 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - ok
16:09:10.0783 4868 [ 314C76642049DD4E9B964BC333A620B1 ] C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
16:09:10.0783 4868 C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe - ok
16:09:10.0791 4868 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe
16:09:10.0791 4868 C:\Program Files\Windows Media Player\wmplayer.exe - ok
16:09:10.0798 4868 [ 3333E2EBD9F29ACA7FFB301EBB515C89 ] C:\Users\Brandrea\Desktop\RogueKiller.exe
16:09:10.0798 4868 C:\Users\Brandrea\Desktop\RogueKiller.exe - ok
16:09:10.0805 4868 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
16:09:10.0806 4868 C:\Windows\System32\control.exe - ok
16:09:10.0813 4868 [ 73BFDC88C6EF9715CDF57134A438837A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
16:09:10.0813 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe - ok
16:09:10.0821 4868 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
16:09:10.0821 4868 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
16:09:10.0828 4868 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
16:09:10.0828 4868 C:\Program Files\Windows Mail\WinMail.exe - ok
16:09:10.0836 4868 [ 45D2E47073134976D2F1DD4BF8582B14 ] C:\Program Files\Pure Networks\Network Magic\nmapp.exe
16:09:10.0836 4868 C:\Program Files\Pure Networks\Network Magic\nmapp.exe - ok
16:09:10.0842 4868 [ 8B968045D75783A09592C3105F2865DA ] C:\Users\Brandrea\Desktop\dds.scr
16:09:10.0842 4868 C:\Users\Brandrea\Desktop\dds.scr - ok
16:09:10.0851 4868 [ 4370B7BDCAC7F69E49446ECFE7F9A157 ] C:\Users\Brandrea\Desktop\adwcleaner.exe
16:09:10.0851 4868 C:\Users\Brandrea\Desktop\adwcleaner.exe - ok
16:09:10.0858 4868 [ DE0A514C82AFEF567CDA47CA571E5433 ] C:\Windows\System32\SynTPAPI.dll
16:09:10.0858 4868 C:\Windows\System32\SynTPAPI.dll - ok
16:09:10.0864 4868 [ 4C61FC5FF08B9B9537FCF4A413CCE8DB ] C:\Program Files\WinRAR\WinRAR.exe
16:09:10.0864 4868 C:\Program Files\WinRAR\WinRAR.exe - ok
16:09:10.0873 4868 [ C0992AA77C76FB4CA429CD2C046662F5 ] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
16:09:10.0874 4868 C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe - ok
16:09:10.0880 4868 [ 31F3CF74759BE9196408EEBFE9E93626 ] C:\Users\Brandrea\Desktop\SecurityCheck.exe
16:09:10.0880 4868 C:\Users\Brandrea\Desktop\SecurityCheck.exe - ok
16:09:10.0888 4868 [ B7B5C8312516528B8BB3F1CDC635F122 ] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
16:09:10.0889 4868 C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll - ok
16:09:10.0896 4868 [ 68A03B3D7D1E90AB884508A5DCE3CA1D ] C:\Users\Brandrea\Pictures\Flickr Uploadr\Flickr Uploadr.exe
16:09:10.0896 4868 C:\Users\Brandrea\Pictures\Flickr Uploadr\Flickr Uploadr.exe - ok
16:09:10.0905 4868 [ 9146F21288AB749C4C729343F5F285A1 ] C:\Users\Brandrea\Desktop\Defogger.exe
16:09:10.0905 4868 C:\Users\Brandrea\Desktop\Defogger.exe - ok
16:09:10.0911 4868 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:09:10.0911 4868 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
16:09:10.0919 4868 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
16:09:10.0919 4868 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
16:09:10.0927 4868 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
16:09:10.0927 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - ok
16:09:10.0935 4868 [ 1CB8EBEA0A09238A85C509B33DE32937 ] C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
16:09:10.0935 4868 C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe - ok
16:09:10.0942 4868 [ DC8DFA6D71DAF85D3F23D49A4B4B0BD2 ] C:\Program Files\iTunes\iTunes.exe
16:09:10.0942 4868 C:\Program Files\iTunes\iTunes.exe - ok
16:09:10.0950 4868 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe
16:09:10.0951 4868 C:\Windows\System32\notepad.exe - ok
16:09:10.0957 4868 [ 923959DFBC11A66B88762485EA23D411 ] C:\Users\Brandrea\Desktop\ComboFix.exe
16:09:10.0957 4868 C:\Users\Brandrea\Desktop\ComboFix.exe - ok
16:09:10.0965 4868 [ 45C045C6813E17639E8D86469FD1C759 ] C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
16:09:10.0965 4868 C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll - ok
16:09:10.0972 4868 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files\QuickTime\QTTask.exe
16:09:10.0972 4868 C:\Program Files\QuickTime\QTTask.exe - ok
16:09:10.0979 4868 [ 850396EE31B36FCC9507AF10036EFBAE ] C:\Windows\Installer\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}\iTunesIco.exe
16:09:10.0979 4868 C:\Windows\Installer\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}\iTunesIco.exe - ok
16:09:10.0987 4868 [ CECFD47F993E63999AB1F4074BB88AC5 ] C:\Program Files\Secunia\PSI\psi.exe
16:09:10.0987 4868 C:\Program Files\Secunia\PSI\psi.exe - ok
16:09:10.0994 4868 [ 15A28F66868195F2C313CCC0F019C0D4 ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
16:09:10.0994 4868 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
16:09:11.0002 4868 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\Windows\System32\accessibilitycpl.dll
16:09:11.0002 4868 C:\Windows\System32\accessibilitycpl.dll - ok
16:09:11.0009 4868 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
16:09:11.0009 4868 C:\Windows\System32\stobject.dll - ok
16:09:11.0017 4868 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
16:09:11.0017 4868 C:\Windows\System32\batmeter.dll - ok
16:09:11.0024 4868 [ 5EF55A674761BF3A9AD90919A96F6FE0 ] C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
16:09:11.0024 4868 C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe - ok
16:09:11.0032 4868 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe
16:09:11.0032 4868 C:\Windows\System32\Magnify.exe - ok
16:09:11.0038 4868 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe
16:09:11.0038 4868 C:\Windows\System32\Narrator.exe - ok
16:09:11.0047 4868 [ 8728A91948AC0FE779BDF47BC551BAF5 ] C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
16:09:11.0047 4868 C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - ok
16:09:11.0053 4868 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe
16:09:11.0054 4868 C:\Windows\System32\osk.exe - ok
16:09:11.0061 4868 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
16:09:11.0062 4868 C:\Windows\System32\SndVolSSO.dll - ok
16:09:11.0068 4868 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll
16:09:11.0068 4868 C:\Windows\ehome\ehSSO.dll - ok
16:09:11.0075 4868 [ 7D0508F876D5A69C1C12BAEC845F4967 ] C:\ProgramData\Boxtools\Boxofttoolbox.exe
16:09:11.0075 4868 C:\ProgramData\Boxtools\Boxofttoolbox.exe - ok
16:09:11.0083 4868 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
16:09:11.0083 4868 C:\Windows\System32\pnidui.dll - ok
16:09:11.0090 4868 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
16:09:11.0090 4868 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
16:09:11.0098 4868 [ 6D796D59977EB52B33B966EAB9C73E6A ] C:\Program Files\Microsoft Works\MSWorks.exe
16:09:11.0098 4868 C:\Program Files\Microsoft Works\MSWorks.exe - ok
16:09:11.0102 4868 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll
16:09:11.0102 4868 C:\Windows\System32\fdProxy.dll - ok
16:09:11.0109 4868 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll
16:09:11.0109 4868 C:\Windows\System32\fdWSD.dll - ok
16:09:11.0116 4868 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
16:09:11.0116 4868 C:\Windows\System32\rasdlg.dll - ok
16:09:11.0122 4868 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
16:09:11.0122 4868 C:\Windows\System32\mlang.dll - ok
16:09:11.0130 4868 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll
16:09:11.0130 4868 C:\Windows\System32\fdSSDP.dll - ok
16:09:11.0137 4868 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Program Files\Microsoft Works\wksdb.exe
16:09:11.0137 4868 C:\Program Files\Microsoft Works\wksdb.exe - ok
16:09:11.0144 4868 [ 1E3A88803D8BD6A244BE4F049699F9D0 ] C:\ProgramData\Boxtools\Uninstall.exe
16:09:11.0145 4868 C:\ProgramData\Boxtools\Uninstall.exe - ok
16:09:11.0151 4868 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
16:09:11.0152 4868 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
16:09:11.0159 4868 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
16:09:11.0159 4868 C:\Windows\System32\AltTab.dll - ok
16:09:11.0165 4868 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
16:09:11.0165 4868 C:\Windows\System32\WPDShServiceObj.dll - ok
16:09:11.0172 4868 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
16:09:11.0172 4868 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
16:09:11.0179 4868 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
16:09:11.0180 4868 C:\Windows\System32\PortableDeviceTypes.dll - ok
16:09:11.0186 4868 [ BDB74DFFEB1DD3608E99B5B838CFAA91 ] C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe
16:09:11.0186 4868 C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe - ok
16:09:11.0194 4868 [ 45D2E47073134976D2F1DD4BF8582B14 ] C:\Windows\Installer\{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}\NmApp.exe
16:09:11.0195 4868 C:\Windows\Installer\{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}\NmApp.exe - ok
16:09:11.0201 4868 [ AD75FA737061370FA410C5AE06D7D324 ] C:\Program Files\CyberLink\Power2Go\Power2Go.exe
16:09:11.0202 4868 C:\Program Files\CyberLink\Power2Go\Power2Go.exe - ok
16:09:11.0209 4868 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
16:09:11.0209 4868 C:\Windows\System32\srchadmin.dll - ok
16:09:11.0216 4868 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
16:09:11.0216 4868 C:\Windows\System32\webcheck.dll - ok
16:09:11.0223 4868 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
16:09:11.0223 4868 C:\Windows\System32\SyncCenter.dll - ok
16:09:11.0229 4868 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll
16:09:11.0229 4868 C:\Windows\System32\wmpmde.dll - ok
16:09:11.0236 4868 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
16:09:11.0236 4868 C:\Windows\System32\imapi2.dll - ok
16:09:11.0244 4868 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\quickenfc\WizLink.exe
16:09:11.0244 4868 C:\Program Files\Online Services\quickenfc\WizLink.exe - ok
16:09:11.0250 4868 [ 5DB08DBBA056A98E20D46D4FA48EFDEB ] C:\Program Files\CyberLink\PowerDirector\PDR.exe
16:09:11.0251 4868 C:\Program Files\CyberLink\PowerDirector\PDR.exe - ok
16:09:11.0258 4868 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll
16:09:11.0258 4868 C:\Windows\System32\mf.dll - ok
16:09:11.0265 4868 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll
16:09:11.0265 4868 C:\Windows\System32\evr.dll - ok
16:09:11.0273 4868 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll
16:09:11.0273 4868 C:\Windows\System32\wmdrmsdk.dll - ok
16:09:11.0280 4868 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll
16:09:11.0281 4868 C:\Windows\System32\wmp.dll - ok
16:09:11.0288 4868 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
16:09:11.0288 4868 C:\Windows\System32\bthprops.cpl - ok
16:09:11.0295 4868 [ 91928A35ADD81A78EFA7678FFBF47FDB ] C:\Program Files\Ghostscript\gs8.71\bin\gswin32.exe
16:09:11.0295 4868 C:\Program Files\Ghostscript\gs8.71\bin\gswin32.exe - ok
16:09:11.0302 4868 [ 401334D01976E029250265022D2DBF42 ] C:\Program Files\HP\QuickPlay\QP.exe
16:09:11.0302 4868 C:\Program Files\HP\QuickPlay\QP.exe - ok
16:09:11.0310 4868 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
16:09:11.0310 4868 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
16:09:11.0317 4868 [ B0B576926100EB0E176952BD18749571 ] C:\Program Files\HP\QuickPlay\QPManager.exe
16:09:11.0317 4868 C:\Program Files\HP\QuickPlay\QPManager.exe - ok
16:09:11.0325 4868 [ 6DA7C93AB37B4A204BFCAE9FA07FF48D ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
16:09:11.0325 4868 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
16:09:11.0332 4868 [ BA83A6531273C8841FB7082F2393E46F ] C:\Windows\Installer\{56BED62F-278A-407B-8BCD-E645EC96D2ED}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
16:09:11.0332 4868 C:\Windows\Installer\{56BED62F-278A-407B-8BCD-E645EC96D2ED}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe - ok
16:09:11.0339 4868 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
16:09:11.0339 4868 C:\Windows\System32\wuapp.exe - ok
16:09:11.0345 4868 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
16:09:11.0346 4868 C:\Windows\System32\wucltux.dll - ok
16:09:11.0354 4868 [ 95743737B31850B590DE4803952F5E1A ] C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
16:09:11.0354 4868 C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe - ok
16:09:11.0361 4868 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
16:09:11.0361 4868 C:\Program Files\Windows Mail\wab.exe - ok
16:09:11.0368 4868 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
16:09:11.0368 4868 C:\Program Files\Windows Defender\MSASCui.exe - ok
16:09:11.0375 4868 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
16:09:11.0375 4868 C:\Program Files\Movie Maker\DVDMaker.exe - ok
16:09:11.0383 4868 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL
16:09:11.0383 4868 C:\Windows\System32\wmploc.DLL - ok
16:09:11.0389 4868 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
16:09:11.0389 4868 C:\Windows\ehome\ehshell.exe - ok
16:09:11.0396 4868 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
16:09:11.0396 4868 C:\Windows\System32\wmpps.dll - ok
16:09:11.0403 4868 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
16:09:11.0403 4868 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
16:09:11.0410 4868 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
16:09:11.0410 4868 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
16:09:11.0418 4868 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
16:09:11.0418 4868 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
16:09:11.0424 4868 [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe
16:09:11.0424 4868 C:\Windows\System32\calc.exe - ok
16:09:11.0431 4868 [ 338104E0E18307CD65604FE317B5FB8D ] C:\Windows\System32\mblctr.exe
16:09:11.0431 4868 C:\Windows\System32\mblctr.exe - ok
16:09:11.0438 4868 [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\Windows\System32\NetProj.exe
16:09:11.0438 4868 C:\Windows\System32\NetProj.exe - ok
16:09:11.0445 4868 [ A577868F76CEE16D6A82625FD55F379A ] C:\Windows\System32\NetProjW.dll
16:09:11.0445 4868 C:\Windows\System32\NetProjW.dll - ok
16:09:11.0453 4868 [ 694AF8B27C9A0A99399E02CE977F986B ] C:\Windows\System32\mspaint.exe
16:09:11.0453 4868 C:\Windows\System32\mspaint.exe - ok
16:09:11.0460 4868 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
16:09:11.0460 4868 C:\Program Files\Windows Sidebar\sidebar.exe - ok
16:09:11.0468 4868 [ E80DB295132C5EF0C623935422BD0FC7 ] C:\Windows\System32\SnippingTool.exe
16:09:11.0468 4868 C:\Windows\System32\SnippingTool.exe - ok
16:09:11.0477 4868 [ 248F33A6C2380757BC1E20E34D9E827B ] C:\Windows\System32\SoundRecorder.exe
16:09:11.0477 4868 C:\Windows\System32\SoundRecorder.exe - ok
16:09:11.0485 4868 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe
16:09:11.0485 4868 C:\Windows\System32\mobsync.exe - ok
16:09:11.0491 4868 [ 16FC5B430123238E522B18E63C257AF8 ] C:\Windows\System32\oobefldr.dll
16:09:11.0491 4868 C:\Windows\System32\oobefldr.dll - ok
16:09:11.0499 4868 [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
16:09:11.0499 4868 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
16:09:11.0505 4868 [ 105A4D87C8DCF2CF5DB042830B203E5F ] C:\Windows\Speech\Common\sapisvr.exe
16:09:11.0505 4868 C:\Windows\Speech\Common\sapisvr.exe - ok
16:09:11.0513 4868 [ 9AD8AEAAB3EB89277AF1DDF31B14F90F ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
16:09:11.0513 4868 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
16:09:11.0520 4868 [ 8D07F0687318214A3CEF62EA1048D101 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
16:09:11.0520 4868 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe - ok
16:09:11.0528 4868 [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\Windows\System32\sdclt.exe
16:09:11.0528 4868 C:\Windows\System32\sdclt.exe - ok
16:09:11.0536 4868 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe
16:09:11.0536 4868 C:\Windows\System32\charmap.exe - ok
16:09:11.0544 4868 [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\Windows\System32\dfrgui.exe
16:09:11.0544 4868 C:\Windows\System32\dfrgui.exe - ok
16:09:11.0550 4868 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe
16:09:11.0550 4868 C:\Windows\System32\cleanmgr.exe - ok
16:09:11.0557 4868 [ FBF628702A408977FEB0845D48F4F154 ] C:\Windows\System32\migwiz\migwiz.exe
16:09:11.0557 4868 C:\Windows\System32\migwiz\migwiz.exe - ok
16:09:11.0564 4868 [ D3D1CE8FF30786D50272DA3085149904 ] C:\Windows\System32\msinfo32.exe
16:09:11.0564 4868 C:\Windows\System32\msinfo32.exe - ok
16:09:11.0571 4868 [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\Windows\System32\rstrui.exe
16:09:11.0571 4868 C:\Windows\System32\rstrui.exe - ok
16:09:11.0578 4868 [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\Windows\System32\miguiresource.dll
16:09:11.0578 4868 C:\Windows\System32\miguiresource.dll - ok
16:09:11.0585 4868 [ C9B520028498E5DA23651619F8A556D4 ] C:\Windows\System32\StikyNot.exe
16:09:11.0585 4868 C:\Windows\System32\StikyNot.exe - ok
16:09:11.0592 4868 [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
16:09:11.0592 4868 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok
16:09:11.0599 4868 [ 0CC3F7AD4476FFDCA5A49E1A877214DE ] C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe
16:09:11.0600 4868 C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe - ok
16:09:11.0606 4868 [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe
16:09:11.0606 4868 C:\Program Files\Windows Journal\Journal.exe - ok
16:09:11.0611 4868 [ 36B6F71B6D7D280302B348145DB05A9F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
16:09:11.0612 4868 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
16:09:11.0618 4868 [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
16:09:11.0618 4868 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
16:09:11.0626 4868 [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
16:09:11.0626 4868 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
16:09:11.0632 4868 [ 2CB350B72FEA6FB5A010099A4444B636 ] C:\Windows\System32\mycomput.dll
16:09:11.0633 4868 C:\Windows\System32\mycomput.dll - ok
16:09:11.0639 4868 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe
16:09:11.0639 4868 C:\Windows\System32\odbcad32.exe - ok
16:09:11.0647 4868 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe
16:09:11.0647 4868 C:\Windows\System32\iscsicpl.exe - ok
16:09:11.0653 4868 [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\Windows\System32\iscsicpl.dll
16:09:11.0653 4868 C:\Windows\System32\iscsicpl.dll - ok
16:09:11.0663 4868 [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\Windows\System32\MdSched.exe
16:09:11.0663 4868 C:\Windows\System32\MdSched.exe - ok
16:09:11.0669 4868 [ 1959E5AAEE0D988C10F19CEC7DFF2242 ] C:\Windows\System32\wdc.dll
16:09:11.0669 4868 C:\Windows\System32\wdc.dll - ok
16:09:11.0677 4868 [ 90438B514A5AC6A23602484A907E20A7 ] C:\Windows\System32\filemgmt.dll
16:09:11.0677 4868 C:\Windows\System32\filemgmt.dll - ok
16:09:11.0683 4868 [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\Windows\System32\msconfig.exe
16:09:11.0683 4868 C:\Windows\System32\msconfig.exe - ok
16:09:11.0690 4868 [ 0ADED25D371AE14665CE514E413988E7 ] C:\Windows\System32\AuthFWGP.dll
16:09:11.0690 4868 C:\Windows\System32\AuthFWGP.dll - ok
16:09:11.0697 4868 [ ABD6C47E9F40A69982F89D9F522CED82 ] C:\Program Files\CHM To PDF\CHM To PDF Converter PRO.exe
16:09:11.0697 4868 C:\Program Files\CHM To PDF\CHM To PDF Converter PRO.exe - ok
16:09:11.0705 4868 [ 3B161E0C1D8F3253640D57B45FAC96DA ] C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
16:09:11.0705 4868 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe - ok
16:09:11.0712 4868 [ 1B14EEC9BC9A4A920CAEEF2ECCA46E71 ] C:\Program Files\CHM To PDF\unins000.exe
16:09:11.0712 4868 C:\Program Files\CHM To PDF\unins000.exe - ok
16:09:11.0718 4868 [ E08435A8B3169529D9FDD064EFB30A4A ] C:\Program Files\Defraggler\Defraggler.exe
16:09:11.0718 4868 C:\Program Files\Defraggler\Defraggler.exe - ok
16:09:11.0726 4868 [ DC758FF5C5A8154F6908A678F0573997 ] C:\Program Files\Defraggler\uninst.exe
16:09:11.0726 4868 C:\Program Files\Defraggler\uninst.exe - ok
16:09:11.0733 4868 [ F398AE050ADEAE5893DEC9E9DDFFEAB7 ] C:\Program Files\DjVu to PDF\DjVuToPDF.exe
16:09:11.0733 4868 C:\Program Files\DjVu to PDF\DjVuToPDF.exe - ok
16:09:11.0740 4868 [ EA352D2F2ADAE7F5656208E23E4194CC ] C:\Program Files\DjVu to PDF\unins000.exe
16:09:11.0740 4868 C:\Program Files\DjVu to PDF\unins000.exe - ok
16:09:11.0747 4868 [ 2D58C4DB17233DD97D36B2006D3BE093 ] C:\Program Files\Exact Audio Copy\EAC.exe
16:09:11.0747 4868 C:\Program Files\Exact Audio Copy\EAC.exe - ok
16:09:11.0756 4868 [ 4E6D2205EBE1E2EE5AC9661D4F058E62 ] C:\Program Files\Exact Audio Copy\uninst.exe
16:09:11.0756 4868 C:\Program Files\Exact Audio Copy\uninst.exe - ok
16:09:11.0764 4868 [ 626F198768F67A0FEB3AD909E638F551 ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
16:09:11.0764 4868 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
16:09:11.0772 4868 [ 554BF617B3BBE4F2F73BF201B05438DE ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
16:09:11.0772 4868 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok
16:09:11.0779 4868 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
16:09:11.0779 4868 C:\Windows\System32\rundll32.exe - ok
16:09:11.0786 4868 [ ABFECFB91A29EE4B3FEFC4FD2E3308B8 ] C:\Program Files\ffdshow\ffdshow.ax
16:09:11.0786 4868 C:\Program Files\ffdshow\ffdshow.ax - ok
16:09:11.0793 4868 [ 8B0AABC54DAFD4CCC9621377989A5C95 ] C:\Program Files\ffdshow\makeAVIS.exe
16:09:11.0793 4868 C:\Program Files\ffdshow\makeAVIS.exe - ok
16:09:11.0800 4868 [ 1D20C22F71EB0F701B230DCE3327A484 ] C:\Program Files\ffdshow\unins000.exe
16:09:11.0800 4868 C:\Program Files\ffdshow\unins000.exe - ok
16:09:11.0809 4868 [ 61954E06628943E568C73F70988CB2B1 ] C:\Program Files\Foxit Software\Foxit Reader\unins000.exe
16:09:11.0809 4868 C:\Program Files\Foxit Software\Foxit Reader\unins000.exe - ok
16:09:11.0819 4868 [ 56292FDBEF6889DBC0C55169A335ECE3 ] C:\Program Files\Google\Chrome\Application\chrome.exe
16:09:11.0819 4868 C:\Program Files\Google\Chrome\Application\chrome.exe - ok
16:09:11.0826 4868 [ 79E76DFB12DE84A5DC3F677F6DF172E5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxthl.dll
16:09:11.0826 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxthl.dll - ok
16:09:11.0833 4868 [ 2234C900D762B73F15DF017467BA5A86 ] C:\Program Files\Pure Networks\Network Magic\nmapplb.dll
16:09:11.0834 4868 C:\Program Files\Pure Networks\Network Magic\nmapplb.dll - ok
16:09:11.0841 4868 [ C1512684E90E9B6A6E9255605CF1A83D ] C:\Program Files\Google\Chrome\Application\17.0.963.79\Installer\setup.exe
16:09:11.0841 4868 C:\Program Files\Google\Chrome\Application\17.0.963.79\Installer\setup.exe - ok
16:09:11.0848 4868 [ 077ECA52D67877AE174481F03846F555 ] C:\Program Files\Hewlett-Packard\HP Battery Check\HPBC.exe
16:09:11.0848 4868 C:\Program Files\Hewlett-Packard\HP Battery Check\HPBC.exe - ok
16:09:11.0856 4868 [ 0D98D342D5D0482DB1BCCB179B74C1C5 ] C:\Windows\Installer\{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}\NewShortcut3.1AAA2B88_1AC4_48A8_BD29_EFBA85C2472A.exe
16:09:11.0856 4868 C:\Windows\Installer\{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}\NewShortcut3.1AAA2B88_1AC4_48A8_BD29_EFBA85C2472A.exe - ok
16:09:11.0860 4868 [ 14E73802ED187AACEEB09295DCB113FD ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC.exe
16:09:11.0860 4868 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC.exe - ok
16:09:11.0868 4868 [ 5E478F2DD004E170339365A2BAAB3297 ] C:\Program Files\Hewlett-Packard\HP System Information\HPSI.exe
16:09:11.0868 4868 C:\Program Files\Hewlett-Packard\HP System Information\HPSI.exe - ok
16:09:11.0875 4868 [ 91B52BA56A4F4F33D203BB6CD77C911D ] C:\Program Files\HP\HP Software Update\hpwucli.exe
16:09:11.0876 4868 C:\Program Files\HP\HP Software Update\hpwucli.exe - ok
16:09:11.0883 4868 [ 026EE593459C9A2EC280A8FDB378E5A1 ] C:\Windows\Installer\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe
16:09:11.0883 4868 C:\Windows\Installer\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe - ok
16:09:11.0890 4868 [ 313E3140014EF6A432792FA42040488B ] C:\Program Files\HP\Digital Imaging\hpqSSupply.exe
16:09:11.0890 4868 C:\Program Files\HP\Digital Imaging\hpqSSupply.exe - ok
16:09:11.0898 4868 [ 4A307E58F649D5DCB43B89C3AFD3A879 ] C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
16:09:11.0898 4868 C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe - ok
16:09:11.0904 4868 [ 5F4C61A65B444D6EB88A4EAB3C0A62B5 ] C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
16:09:11.0905 4868 C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe - ok
16:09:11.0911 4868 [ A36D8EF3D05E838E55F4900B6891FF22 ] C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe
16:09:11.0911 4868 C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe - ok
16:09:11.0919 4868 [ 00B936FD8CA57BB037C8C6A7FB890A3E ] C:\Program Files\HTML Help Workshop\flash.exe
16:09:11.0919 4868 C:\Program Files\HTML Help Workshop\flash.exe - ok
16:09:11.0925 4868 [ EF01CDD3801B0FC357FC2AB9ABE0093A ] C:\Program Files\HTML Help Workshop\hhw.exe
16:09:11.0926 4868 C:\Program Files\HTML Help Workshop\hhw.exe - ok
16:09:11.0933 4868 [ EF6807C50ED8C9C5E0330B73DE908EED ] C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe
16:09:11.0934 4868 C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe - ok
16:09:11.0940 4868 [ D2B6CE5D9C68B513B2F9251E63BAF226 ] C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe
16:09:11.0941 4868 C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe - ok
16:09:11.0948 4868 [ EBACE0B24B2FF493C7BF57A3072E328C ] C:\Program Files\Common Files\Apple\Internet Services\PhotoStream.exe
16:09:11.0948 4868 C:\Program Files\Common Files\Apple\Internet Services\PhotoStream.exe - ok
16:09:11.0956 4868 [ CA925B1E8FB4B27811C04F5CA79E0EC6 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe
16:09:11.0956 4868 C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe - ok
16:09:11.0965 4868 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\Windows\System32\brcpl.dll
16:09:11.0965 4868 C:\Windows\System32\brcpl.dll - ok
16:09:11.0972 4868 [ 3141224EEBA075BC085175E60CD14782 ] C:\Windows\System32\msra.exe
16:09:11.0972 4868 C:\Windows\System32\msra.exe - ok
16:09:11.0979 4868 [ FACE86ABDF4CE94989A9DA4849498EC7 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
16:09:11.0979 4868 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
16:09:11.0987 4868 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
16:09:11.0987 4868 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok
16:09:11.0995 4868 [ 08457294C7E98C5D3E5EE8CDC25FA537 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
16:09:11.0995 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - ok
16:09:12.0003 4868 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
16:09:12.0003 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok
16:09:12.0010 4868 [ BFE69C991171F6527B5BF625ED048471 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
16:09:12.0010 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe - ok
16:09:12.0018 4868 [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
16:09:12.0018 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - ok
16:09:12.0025 4868 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
16:09:12.0026 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - ok
16:09:12.0034 4868 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
16:09:12.0034 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - ok
16:09:12.0042 4868 [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
16:09:12.0042 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - ok
16:09:12.0052 4868 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
16:09:12.0052 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - ok
16:09:12.0059 4868 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
16:09:12.0060 4868 C:\Windows\System32\ntlanman.dll - ok
16:09:12.0066 4868 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
16:09:12.0066 4868 C:\Windows\System32\drprov.dll - ok
16:09:12.0073 4868 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
16:09:12.0073 4868 C:\Windows\System32\davclnt.dll - ok
16:09:12.0080 4868 [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
16:09:12.0081 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - ok
16:09:12.0087 4868 [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
16:09:12.0087 4868 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - ok
16:09:12.0096 4868 [ 29431C7A28278A9EBF4FEF38DB61D86B ] C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe
16:09:12.0096 4868 C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe - ok
16:09:12.0103 4868 [ EFC376FDA886DF2652B34D153D019F0C ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
16:09:12.0103 4868 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - ok
16:09:12.0111 4868 [ 206EE4B42D11585EB53C47FB69F69E54 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
16:09:12.0111 4868 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe - ok
16:09:12.0116 4868 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
16:09:12.0116 4868 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe - ok
16:09:12.0123 4868 [ 528DA0632ACC3EC0DABF0EE8F1DD5C20 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
16:09:12.0123 4868 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe - ok
16:09:12.0131 4868 [ 08BC7211E4E06A47CAC85D5A73D006E2 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
16:09:12.0131 4868 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe - ok
16:09:12.0138 4868 [ 5C373483418D410C75BD3E53FEEC9070 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
16:09:12.0140 4868 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe - ok
16:09:12.0146 4868 [ 4FA0547E4BDC29FA6D2CB531333DE61F ] C:\Program Files\Exact Audio Copy\Monkey's Audio\Monkey's Audio.exe
16:09:12.0146 4868 C:\Program Files\Exact Audio Copy\Monkey's Audio\Monkey's Audio.exe - ok
16:09:12.0153 4868 [ AAB2B61C443E12D88B6E50A149C288E2 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\muveeapp.exe
16:09:12.0153 4868 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\muveeapp.exe - ok
16:09:12.0161 4868 [ 3B3E34D3A42E64050CDD74231C569F97 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchHelp.exe
16:09:12.0162 4868 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchHelp.exe - ok
16:09:12.0169 4868 [ 2CCC156E3BF4B24AEA25A03EE3A214FA ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchFlash.exe
16:09:12.0169 4868 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchFlash.exe - ok
16:09:12.0177 4868 [ 9A9D0547DAC7410BE22874C14476E19D ] C:\Program Files\NBCE Review\program\NBCE.exe
16:09:12.0177 4868 C:\Program Files\NBCE Review\program\NBCE.exe - ok
16:09:12.0184 4868 [ 21EBAA7BE77D847A7DB45D1F9F6F5467 ] C:\Program Files\Hewlett-Packard\HP TCS\HPTCS.exe
16:09:12.0184 4868 C:\Program Files\Hewlett-Packard\HP TCS\HPTCS.exe - ok
16:09:12.0192 4868 [ 6D50A184B15AE4ED0A29ACD7697FD48A ] C:\Program Files\Hewlett-Packard\HP TCS\GetOnlinePillar.dll
16:09:12.0192 4868 C:\Program Files\Hewlett-Packard\HP TCS\GetOnlinePillar.dll - ok
16:09:12.0199 4868 [ 928DA6D3AA629966F0DB510EFDF67340 ] C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe
16:09:12.0199 4868 C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe - ok
16:09:12.0206 4868 [ E952C981228FFF5C014CFB7C6D82EE65 ] C:\Program Files\Online Services\MSN90\msnsusii.exe
16:09:12.0206 4868 C:\Program Files\Online Services\MSN90\msnsusii.exe - ok
16:09:12.0213 4868 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
16:09:12.0213 4868 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
16:09:12.0221 4868 [ D960AB4131A0568ED12C6BCEDA95F618 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxt.dll
16:09:12.0222 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxt.dll - ok
16:09:12.0228 4868 [ 707A19FFC158ABA45F1CA94CB470A1C5 ] C:\Program Files\Online Services\MSN90\LaunchMsn.exe
16:09:12.0229 4868 C:\Program Files\Online Services\MSN90\LaunchMsn.exe - ok
16:09:12.0235 4868 [ F824AB6B4F32CDA2F1750D3D9F5318B7 ] C:\Windows\System32\Firewall.cpl
16:09:12.0235 4868 C:\Windows\System32\Firewall.cpl - ok
16:09:12.0243 4868 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe
16:09:12.0243 4868 C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe - ok
16:09:12.0250 4868 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe
16:09:12.0250 4868 C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe - ok
16:09:12.0258 4868 [ C559672F31ABE6BA7277DD73C4502238 ] C:\Windows\System32\msiexec.exe
16:09:12.0258 4868 C:\Windows\System32\msiexec.exe - ok
16:09:12.0264 4868 [ 018D92164AB9D2C77D444A44648CAE63 ] C:\Windows\SMINST\CD Creator.exe
16:09:12.0264 4868 C:\Windows\SMINST\CD Creator.exe - ok
16:09:12.0272 4868 [ D90AAB4F2D7ABAF15E258C3F2D22B960 ] C:\Windows\SMINST\Restore7.exe
16:09:12.0272 4868 C:\Windows\SMINST\Restore7.exe - ok
16:09:12.0279 4868 [ 087309DEC72C1FE35973D47BDA9B43F6 ] C:\Program Files\SpywareBlaster\spywareblaster.exe
16:09:12.0279 4868 C:\Program Files\SpywareBlaster\spywareblaster.exe - ok
16:09:12.0287 4868 [ EF7138738A42E668D74B0C38C559EB2A ] C:\Program Files\SpywareBlaster\sbautoupdate.exe
16:09:12.0287 4868 C:\Program Files\SpywareBlaster\sbautoupdate.exe - ok
16:09:12.0296 4868 [ 8640B31939B8768A1D91874576194A37 ] C:\Users\Brandrea\Documents\Brett\3\ConvertXtoDvd.exe
16:09:12.0296 4868 C:\Users\Brandrea\Documents\Brett\3\ConvertXtoDvd.exe - ok
16:09:12.0302 4868 [ 544C6B590324B2400C08B9A1A24EA88F ] C:\Users\Brandrea\Documents\Brett\3\unins000.exe
16:09:12.0302 4868 C:\Users\Brandrea\Documents\Brett\3\unins000.exe - ok
16:09:12.0310 4868 [ 918F785EE5ABC3E77A7B518E2070011E ] C:\Program Files\WinX_DVD_Ripper_Platinum\unins000.exe
16:09:12.0310 4868 C:\Program Files\WinX_DVD_Ripper_Platinum\unins000.exe - ok
16:09:12.0317 4868 [ 162A702C8662F007553F6A1DF9A23353 ] C:\Program Files\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinum.exe
16:09:12.0318 4868 C:\Program Files\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinum.exe - ok
16:09:12.0326 4868 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
16:09:12.0326 4868 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
16:09:12.0333 4868 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
16:09:12.0333 4868 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
16:09:12.0341 4868 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
16:09:12.0341 4868 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
16:09:12.0349 4868 [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
16:09:12.0349 4868 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
16:09:12.0355 4868 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
16:09:12.0355 4868 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
16:09:12.0363 4868 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
16:09:12.0363 4868 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
16:09:12.0368 4868 [ CF514CE8A21808ABD84CE8F307B02BDD ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmctxtPS.dll
16:09:12.0368 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmctxtPS.dll - ok
16:09:12.0376 4868 [ 9A75518600FBA10980EE94267CA98489 ] C:\Windows\System32\gameux.dll
16:09:12.0376 4868 C:\Windows\System32\gameux.dll - ok
16:09:12.0384 4868 [ 644579C375F63692FC313A09BE7EFB27 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll
16:09:12.0384 4868 C:\Program Files\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll - ok
16:09:12.0391 4868 [ C1377779618CF33AFCEF5299309DBEF6 ] C:\Windows\System32\Macromed\Flash\Flash10x.ocx
16:09:12.0391 4868 C:\Windows\System32\Macromed\Flash\Flash10x.ocx - ok
16:09:12.0399 4868 [ 28343BE55C4481EE797559BCE8CCCBAD ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
16:09:12.0399 4868 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
16:09:12.0406 4868 [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ] C:\Windows\System32\consent.exe
16:09:12.0406 4868 C:\Windows\System32\consent.exe - ok
16:09:12.0414 4868 [ 0691B1AD2E55BAA71B14E13439D55E2E ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll
16:09:12.0414 4868 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll - ok
16:09:12.0422 4868 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12122101\uiext.dll
16:09:12.0422 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\uiext.dll - ok
16:09:12.0430 4868 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
16:09:12.0430 4868 C:\Windows\System32\mshtml.dll - ok
16:09:12.0436 4868 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll
16:09:12.0436 4868 C:\Windows\System32\msimtf.dll - ok
16:09:12.0443 4868 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
16:09:12.0443 4868 C:\Windows\System32\msls31.dll - ok
16:09:12.0451 4868 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
16:09:12.0451 4868 C:\Windows\System32\d2d1.dll - ok
16:09:12.0457 4868 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
16:09:12.0458 4868 C:\Windows\System32\DWrite.dll - ok
16:09:12.0466 4868 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
16:09:12.0466 4868 C:\Windows\System32\dxgi.dll - ok
16:09:12.0473 4868 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
16:09:12.0473 4868 C:\Windows\System32\d3d10_1.dll - ok
16:09:12.0482 4868 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
16:09:12.0482 4868 C:\Windows\System32\d3d10_1core.dll - ok
16:09:12.0489 4868 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll
16:09:12.0489 4868 C:\Windows\System32\d3d10warp.dll - ok
16:09:12.0497 4868 [ 8FFDEB99EAC611D617016F2174D48FC6 ] C:\Windows\System32\inetcomm.dll
16:09:12.0497 4868 C:\Windows\System32\inetcomm.dll - ok
16:09:12.0504 4868 [ 214460565D2AC0BC124D14B785ADAE06 ] C:\Windows\System32\msoert2.dll
16:09:12.0504 4868 C:\Windows\System32\msoert2.dll - ok
16:09:12.0511 4868 [ 64B0D18454E65B61B39D3704A9C8EA4D ] C:\Windows\System32\INETRES.dll
16:09:12.0511 4868 C:\Windows\System32\INETRES.dll - ok
16:09:12.0518 4868 [ 30F3D3E322C5339004415D7BC8BF246E ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\python26.dll
16:09:12.0518 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\python26.dll - ok
16:09:12.0525 4868 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:09:12.0525 4868 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
16:09:12.0533 4868 [ 526D928D13E0E141C01BA3799FD8338B ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32api.pyd
16:09:12.0533 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32api.pyd - ok
16:09:12.0540 4868 [ ABC5DCAC962AE8AF7AF214DD0D6D4FF6 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pywintypes26.dll
16:09:12.0540 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pywintypes26.dll - ok
16:09:12.0548 4868 [ 65EE7A7C20134DED91485AEF23C882D4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pythoncom26.dll
16:09:12.0548 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pythoncom26.dll - ok
16:09:12.0555 4868 [ A78890BF2712D6E472788711FB60113B ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32com.shell.shell.pyd
16:09:12.0555 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32com.shell.shell.pyd - ok
16:09:12.0563 4868 [ 2931B1A98FA187834F7E39A598B947E1 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_socket.pyd
16:09:12.0563 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_socket.pyd - ok
16:09:12.0570 4868 [ 234CF1A2306CD5645011A298F0D3584A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ssl.pyd
16:09:12.0570 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ssl.pyd - ok
16:09:12.0578 4868 [ DAFA56C9092C7CC163CD85A246E5A674 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._core_.pyd
16:09:12.0578 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._core_.pyd - ok
16:09:12.0585 4868 [ 9E6AD2917D6FD7730FF37B50F7053183 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_vc.dll
16:09:12.0585 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_vc.dll - ok
16:09:12.0592 4868 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
16:09:12.0593 4868 C:\Windows\System32\msvcr100_clr0400.dll - ok
16:09:12.0601 4868 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
16:09:12.0601 4868 C:\Windows\System32\mscoree.dll - ok
16:09:12.0609 4868 [ 29CD1F3E9148FCD542DEC355A41776AF ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_net_vc.dll
16:09:12.0609 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_net_vc.dll - ok
16:09:12.0615 4868 [ 2B9A6B7B7A3997C12841A5D869F022A4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_core_vc.dll
16:09:12.0615 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_core_vc.dll - ok
16:09:12.0619 4868 [ FF13BC0EAD656E2DE88BD245BA3D2BF7 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_adv_vc.dll
16:09:12.0620 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_adv_vc.dll - ok
16:09:12.0628 4868 [ 86AEF2219E35F086AB78BA9FBC0FA1E7 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._gdi_.pyd
16:09:12.0628 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._gdi_.pyd - ok
16:09:12.0635 4868 [ 6CB0403BDFB83F114F6EBFBD1163B220 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._windows_.pyd
16:09:12.0635 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._windows_.pyd - ok
16:09:12.0642 4868 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
16:09:12.0643 4868 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
16:09:12.0649 4868 [ 699EFC4D6FE0A2FE24D7049608F2D543 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_html_vc.dll
16:09:12.0649 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_html_vc.dll - ok
16:09:12.0657 4868 [ 09B6A5A2F9EAD10D50E3AEA7934E6DE4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._controls_.pyd
16:09:12.0657 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._controls_.pyd - ok
16:09:12.0665 4868 [ 03B6D87D79E269526AA2B1370DE65675 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._misc_.pyd
16:09:12.0665 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._misc_.pyd - ok
16:09:12.0678 4868 [ 78B16D439F3562552AEB38D352F00567 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_hashlib.pyd
16:09:12.0678 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_hashlib.pyd - ok
16:09:12.0684 4868 [ 15DE81EC02716D08B17EBF5AFC2190B8 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pysqlite2._sqlite.pyd
16:09:12.0685 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pysqlite2._sqlite.pyd - ok
16:09:12.0692 4868 [ 8DC2EB39AF2A01C5C28E50685F5B78A5 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ctypes.pyd
16:09:12.0692 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ctypes.pyd - ok
16:09:12.0699 4868 [ 94CD8007843957C9A499F3B4ECBAF0D8 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32file.pyd
16:09:12.0699 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32file.pyd - ok
16:09:12.0708 4868 [ E282EA80BE94B90E656A475EFCAC89C2 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32event.pyd
16:09:12.0708 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32event.pyd - ok
16:09:12.0715 4868 [ 37FAE00D4F6DEC20EFAFC157C4B3499A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_elementtree.pyd
16:09:12.0715 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_elementtree.pyd - ok
16:09:12.0723 4868 [ DF495F31AA306DBFEC3E7CDBB2711CF1 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pyexpat.pyd
16:09:12.0723 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pyexpat.pyd - ok
16:09:12.0730 4868 [ A294A77B4271CE24BC830F8CA376E018 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32inet.pyd
16:09:12.0730 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32inet.pyd - ok
16:09:12.0738 4868 [ 7106BE04428936372FB6D826956A12D4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._wizard.pyd
16:09:12.0738 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._wizard.pyd - ok
16:09:12.0745 4868 [ BA3C226B01FF615107659411AE01E3B0 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\unicodedata.pyd
16:09:12.0745 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\unicodedata.pyd - ok
16:09:12.0752 4868 [ 3A4F66ADDDF413DCD1C714B2BEBAF98A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._html2.pyd
16:09:12.0752 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._html2.pyd - ok
16:09:12.0760 4868 [ 3D01C7F884349A6170A1E0D3CF812333 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_webview_vc.dll
16:09:12.0760 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_webview_vc.dll - ok
16:09:12.0770 4868 [ 3C1E19C2E71967311F2D7B2790D18615 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32security.pyd
16:09:12.0770 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32security.pyd - ok
16:09:12.0777 4868 [ 61A4E2E48CD692390EC964F0F1BBEFE2 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32pdh.pyd
16:09:12.0777 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32pdh.pyd - ok
16:09:12.0786 4868 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll
16:09:12.0786 4868 C:\Windows\System32\pdh.dll - ok
16:09:12.0792 4868 [ 417EABEB28130AAFDB51689ABADFB501 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\windows._cacheinvalidation.pyd
16:09:12.0792 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\windows._cacheinvalidation.pyd - ok
16:09:12.0800 4868 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
16:09:12.0800 4868 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
16:09:12.0807 4868 [ 3C303C9D3EA9C64742931CAC0E351910 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\select.pyd
16:09:12.0807 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\select.pyd - ok
16:09:12.0814 4868 [ 6EC174E577B7AB75B3A1A9858B2DB261 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32crypt.pyd
16:09:12.0814 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32crypt.pyd - ok
16:09:12.0822 4868 [ 5BF6BA38B703DF5BBE18358A3188C929 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32process.pyd
16:09:12.0822 4868 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32process.pyd - ok
16:09:12.0830 4868 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
16:09:12.0855 4868 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
16:09:12.0859 4868 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
16:09:12.0859 4868 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok
16:09:12.0867 4868 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
16:09:12.0867 4868 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
16:09:12.0872 4868 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
16:09:12.0872 4868 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok
16:09:12.0879 4868 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
16:09:12.0879 4868 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok
16:09:12.0887 4868 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
16:09:12.0887 4868 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok
16:09:12.0895 4868 [ 8AD53763BB3A4091D7731DE368BCB575 ] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
16:09:12.0895 4868 C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
16:09:12.0902 4868 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
16:09:12.0902 4868 C:\Windows\System32\msdtckrm.dll - ok
16:09:12.0909 4868 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
16:09:12.0909 4868 C:\Windows\System32\wuapi.dll - ok
16:09:12.0916 4868 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll
16:09:12.0916 4868 C:\Windows\System32\wscproxystub.dll - ok
16:09:12.0923 4868 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
16:09:12.0923 4868 C:\Windows\System32\wups.dll - ok
16:09:12.0930 4868 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
16:09:12.0930 4868 C:\Windows\System32\mspatcha.dll - ok
16:09:12.0936 4868 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
16:09:12.0937 4868 C:\Windows\System32\wups2.dll - ok
16:09:12.0943 4868 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe
16:09:12.0943 4868 C:\Windows\System32\wbem\WMIADAP.exe - ok
16:09:12.0951 4868 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll
16:09:12.0951 4868 C:\Windows\System32\loadperf.dll - ok
16:09:12.0958 4868 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aspColl.dll
16:09:12.0958 4868 C:\Program Files\AVAST Software\Avast\defs\12122101\aspColl.dll - ok
16:09:12.0965 4868 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe
16:09:12.0965 4868 C:\Windows\System32\wuauclt.exe - ok
16:09:12.0970 4868 ============================================================
16:09:12.0970 4868 Scan finished
16:09:12.0970 4868 ============================================================
16:09:12.0986 4860 Detected object count: 7
16:09:12.0986 4860 Actual detected object count: 7
16:16:28.0035 4860 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0035 4860 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0035 4860 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0035 4860 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0035 4860 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0035 4860 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0035 4860 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0035 4860 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0035 4860 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0035 4860 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0050 4860 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:16:28.0050 4860 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:16:28.0050 4860 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
16:16:28.0050 4860 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
16:17:05.0506 0400 Deinitialize success


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-21 16:18:00
-----------------------------
16:18:00.258 OS Version: Windows 6.0.6002 Service Pack 2
16:18:00.259 Number of processors: 2 586 0xF0D
16:18:00.260 ComputerName: BRANDREA-PC UserName: Brandrea
16:18:11.619 Initialize success
16:18:11.964 AVAST engine defs: 12122101
16:18:30.306 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:18:30.311 Disk 0 Vendor: WDC_WD32 13.0 Size: 305245MB BusType: 3
16:18:30.324 Disk 0 MBR read successfully
16:18:30.329 Disk 0 MBR scan
16:18:30.336 Disk 0 unknown MBR code
16:18:30.341 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 294732 MB offset 63
16:18:30.381 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10509 MB offset 603613184
16:18:30.392 Disk 0 scanning sectors +625135616
16:18:30.451 Disk 0 scanning C:\Windows\system32\drivers
16:18:37.804 Service scanning
16:18:56.012 Modules scanning
16:19:02.184 Disk 0 trace - called modules:
16:19:02.230 ntkrnlpa.exe CLASSPNP.SYS disk.sys hpdskflt.sys hal.dll iaStor.sys
16:19:02.578 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x87f15748]
16:19:02.589 3 CLASSPNP.SYS[832488b3] -> nt!IofCallDriver -> [0x87f15d48]
16:19:02.597 5 hpdskflt.sys[8c1b4f05] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86d11028]
16:19:04.199 AVAST engine scan C:\Windows
16:19:09.425 AVAST engine scan C:\Windows\system32
16:21:32.643 AVAST engine scan C:\Windows\system32\drivers
16:21:49.644 AVAST engine scan C:\Users\Brandrea
16:26:03.757 Disk 0 MBR has been saved successfully to "C:\Users\Brandrea\Desktop\MBR.dat"
16:26:03.773 The log file has been saved successfully to "C:\Users\Brandrea\Desktop\aswMBR.txt"

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 21 December 2012 - 06:53 PM

Hello


I want you to run TDSSKiller again and when you get to this part -

16:16:28.0050 4860 \Device\Harddisk0\DR0 ( TDSS File System )
16:16:28.0050 4860 \Device\Harddisk0\DR0 ( TDSS File System )



I want you to select DELETE
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 09:15 PM

That worked. After selecting delete though, avast popped up stating that it stopped a rootkit (TDSSKiller)and that it quarantined the threat.


18:01:54.0173 5844 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:01:54.0727 5844 ============================================================
18:01:54.0727 5844 Current date / time: 2012/12/21 18:01:54.0727
18:01:54.0727 5844 SystemInfo:
18:01:54.0727 5844
18:01:54.0727 5844 OS Version: 6.0.6002 ServicePack: 2.0
18:01:54.0727 5844 Product type: Workstation
18:01:54.0727 5844 ComputerName: BRANDREA-PC
18:01:54.0728 5844 UserName: Brandrea
18:01:54.0728 5844 Windows directory: C:\Windows
18:01:54.0728 5844 System windows directory: C:\Windows
18:01:54.0728 5844 Processor architecture: Intel x86
18:01:54.0728 5844 Number of processors: 2
18:01:54.0728 5844 Page size: 0x1000
18:01:54.0728 5844 Boot type: Normal boot
18:01:54.0728 5844 ============================================================
18:01:54.0968 5844 BG loaded
18:01:55.0338 5844 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:01:55.0341 5844 ============================================================
18:01:55.0342 5844 \Device\Harddisk0\DR0:
18:01:55.0348 5844 MBR partitions:
18:01:55.0348 5844 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23FA67C1
18:01:55.0348 5844 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23FA6800, BlocksNum 0x1486800
18:01:55.0348 5844 ============================================================
18:01:55.0376 5844 C: <-> \Device\Harddisk0\DR0\Partition1
18:01:55.0528 5844 D: <-> \Device\Harddisk0\DR0\Partition2
18:01:55.0528 5844 ============================================================
18:01:55.0528 5844 Initialize success
18:01:55.0528 5844 ============================================================
18:02:16.0239 5108 ============================================================
18:02:16.0239 5108 Scan started
18:02:16.0239 5108 Mode: Manual; SigCheck; TDLFS;
18:02:16.0239 5108 ============================================================
18:02:16.0954 5108 ================ Scan system memory ========================
18:02:16.0954 5108 System memory - ok
18:02:16.0954 5108 ================ Scan services =============================
18:02:17.0352 5108 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:02:17.0492 5108 Accelerometer - ok
18:02:17.0602 5108 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:02:17.0625 5108 ACPI - ok
18:02:17.0691 5108 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:02:17.0716 5108 adp94xx - ok
18:02:17.0750 5108 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:02:17.0770 5108 adpahci - ok
18:02:17.0802 5108 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:02:17.0819 5108 adpu160m - ok
18:02:17.0866 5108 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:02:17.0883 5108 adpu320 - ok
18:02:17.0935 5108 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:02:17.0974 5108 AeLookupSvc - ok
18:02:18.0172 5108 [ 3B1B2EE9DF189F6BBB080BF393D1B2EE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe
18:02:18.0190 5108 AESTFilters - ok
18:02:18.0273 5108 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:02:18.0298 5108 AFD - ok
18:02:18.0395 5108 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:02:18.0414 5108 agp440 - ok
18:02:18.0428 5108 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:02:18.0447 5108 aic78xx - ok
18:02:18.0509 5108 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:02:18.0544 5108 ALG - ok
18:02:18.0616 5108 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
18:02:18.0635 5108 aliide - ok
18:02:18.0704 5108 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:02:18.0723 5108 amdagp - ok
18:02:18.0825 5108 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
18:02:18.0843 5108 amdide - ok
18:02:18.0885 5108 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:02:18.0920 5108 AmdK7 - ok
18:02:18.0979 5108 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:02:19.0023 5108 AmdK8 - ok
18:02:19.0106 5108 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:02:19.0132 5108 Appinfo - ok
18:02:19.0360 5108 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:02:19.0390 5108 Apple Mobile Device - ok
18:02:19.0514 5108 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
18:02:19.0545 5108 arc - ok
18:02:19.0581 5108 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:02:19.0613 5108 arcsas - ok
18:02:19.0659 5108 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:02:19.0696 5108 aswFsBlk - ok
18:02:19.0752 5108 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:02:19.0779 5108 aswMonFlt - ok
18:02:19.0873 5108 [ 7C9F0A2AB17D52261A9252A2EB320884 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
18:02:19.0899 5108 aswRdr - ok
18:02:20.0083 5108 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:02:20.0138 5108 aswSnx - ok
18:02:20.0342 5108 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:02:20.0382 5108 aswSP - ok
18:02:20.0535 5108 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:02:20.0561 5108 aswTdi - ok
18:02:20.0603 5108 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:02:20.0658 5108 AsyncMac - ok
18:02:20.0758 5108 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:02:20.0789 5108 atapi - ok
18:02:20.0884 5108 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:02:20.0936 5108 AudioEndpointBuilder - ok
18:02:20.0995 5108 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:02:21.0048 5108 Audiosrv - ok
18:02:21.0120 5108 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:02:21.0147 5108 avast! Antivirus - ok
18:02:21.0362 5108 [ 34A0A6386256080F52C74076C6157026 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
18:02:21.0463 5108 BCM43XV - ok
18:02:21.0562 5108 [ 34A0A6386256080F52C74076C6157026 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
18:02:21.0651 5108 BCM43XX - ok
18:02:21.0705 5108 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:02:21.0762 5108 Beep - ok
18:02:21.0817 5108 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:02:21.0904 5108 BFE - ok
18:02:22.0007 5108 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
18:02:22.0127 5108 BITS - ok
18:02:22.0156 5108 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:02:22.0211 5108 blbdrive - ok
18:02:22.0427 5108 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:02:22.0464 5108 Bonjour Service - ok
18:02:22.0646 5108 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:02:22.0679 5108 bowser - ok
18:02:22.0745 5108 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:02:22.0791 5108 BrFiltLo - ok
18:02:22.0866 5108 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:02:22.0910 5108 BrFiltUp - ok
18:02:22.0950 5108 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:02:23.0006 5108 Browser - ok
18:02:23.0053 5108 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:02:23.0147 5108 Brserid - ok
18:02:23.0242 5108 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:02:23.0336 5108 BrSerWdm - ok
18:02:23.0405 5108 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:02:23.0498 5108 BrUsbMdm - ok
18:02:23.0607 5108 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:02:23.0655 5108 BrUsbSer - ok
18:02:23.0694 5108 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:02:23.0743 5108 BTHMODEM - ok
18:02:23.0840 5108 catchme - ok
18:02:23.0858 5108 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:02:23.0889 5108 cdfs - ok
18:02:23.0932 5108 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:02:23.0962 5108 cdrom - ok
18:02:24.0052 5108 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:02:24.0082 5108 CertPropSvc - ok
18:02:24.0208 5108 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:02:24.0247 5108 circlass - ok
18:02:24.0391 5108 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:02:24.0422 5108 CLFS - ok
18:02:24.0633 5108 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:02:24.0662 5108 clr_optimization_v2.0.50727_32 - ok
18:02:24.0875 5108 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:02:24.0905 5108 clr_optimization_v4.0.30319_32 - ok
18:02:24.0967 5108 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:02:25.0023 5108 CmBatt - ok
18:02:25.0108 5108 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:02:25.0137 5108 cmdide - ok
18:02:25.0244 5108 [ A94146208170D78906C93EE39CEBDD9F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:02:25.0261 5108 Com4QLBEx - ok
18:02:25.0282 5108 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:02:25.0298 5108 Compbatt - ok
18:02:25.0305 5108 COMSysApp - ok
18:02:25.0314 5108 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:02:25.0330 5108 crcdisk - ok
18:02:25.0350 5108 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:02:25.0381 5108 Crusoe - ok
18:02:25.0466 5108 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:02:25.0486 5108 CryptSvc - ok
18:02:25.0577 5108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:02:25.0614 5108 DcomLaunch - ok
18:02:25.0645 5108 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:02:25.0667 5108 DfsC - ok
18:02:25.0832 5108 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:02:25.0938 5108 DFSR - ok
18:02:26.0036 5108 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:02:26.0078 5108 Dhcp - ok
18:02:26.0122 5108 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:02:26.0147 5108 disk - ok
18:02:26.0214 5108 DM150Drv - ok
18:02:26.0261 5108 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:02:26.0288 5108 Dnscache - ok
18:02:26.0421 5108 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:02:26.0460 5108 dot3svc - ok
18:02:26.0538 5108 [ 4F59C172C094E1A1D46463A8DC061CBD ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:02:26.0584 5108 dot4 - ok
18:02:26.0663 5108 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:02:26.0706 5108 Dot4Print - ok
18:02:26.0750 5108 [ A84D8A9006B1AE515CC7B6B3586C295A ] Dot4Scan C:\Windows\system32\DRIVERS\Dot4Scan.sys
18:02:26.0803 5108 Dot4Scan - ok
18:02:26.0875 5108 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:02:26.0918 5108 dot4usb - ok
18:02:26.0978 5108 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:02:27.0024 5108 DPS - ok
18:02:27.0137 5108 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:02:27.0172 5108 drmkaud - ok
18:02:27.0242 5108 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:02:27.0309 5108 DXGKrnl - ok
18:02:27.0354 5108 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:02:27.0399 5108 E1G60 - ok
18:02:27.0453 5108 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:02:27.0490 5108 EapHost - ok
18:02:27.0541 5108 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:02:27.0570 5108 Ecache - ok
18:02:27.0698 5108 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:02:27.0729 5108 ehRecvr - ok
18:02:27.0736 5108 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:02:27.0763 5108 ehSched - ok
18:02:27.0773 5108 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:02:27.0796 5108 ehstart - ok
18:02:27.0839 5108 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:02:27.0863 5108 elxstor - ok
18:02:28.0014 5108 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:02:28.0042 5108 EMDMgmt - ok
18:02:28.0121 5108 [ 4CD6B056C5FD9E97C06FE74C81479517 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
18:02:28.0137 5108 enecir - ok
18:02:28.0160 5108 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:02:28.0189 5108 ErrDev - ok
18:02:28.0316 5108 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:02:28.0350 5108 EventSystem - ok
18:02:28.0446 5108 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:02:28.0468 5108 exfat - ok
18:02:28.0559 5108 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:02:28.0596 5108 fastfat - ok
18:02:28.0645 5108 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:02:28.0687 5108 fdc - ok
18:02:28.0803 5108 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:02:28.0849 5108 fdPHost - ok
18:02:28.0856 5108 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:02:28.0928 5108 FDResPub - ok
18:02:29.0003 5108 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:02:29.0019 5108 FileInfo - ok
18:02:29.0026 5108 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:02:29.0057 5108 Filetrace - ok
18:02:29.0086 5108 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:02:29.0116 5108 flpydisk - ok
18:02:29.0223 5108 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:02:29.0244 5108 FltMgr - ok
18:02:29.0333 5108 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
18:02:29.0383 5108 FontCache - ok
18:02:29.0591 5108 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:02:29.0608 5108 FontCache3.0.0.0 - ok
18:02:29.0776 5108 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:02:29.0801 5108 Fs_Rec - ok
18:02:29.0945 5108 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:02:29.0969 5108 gagp30kx - ok
18:02:30.0007 5108 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:02:30.0025 5108 GEARAspiWDM - ok
18:02:30.0207 5108 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:02:30.0268 5108 gpsvc - ok
18:02:30.0414 5108 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:02:30.0435 5108 gupdate - ok
18:02:30.0442 5108 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:02:30.0462 5108 gupdatem - ok
18:02:30.0556 5108 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:02:30.0642 5108 HdAudAddService - ok
18:02:30.0767 5108 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:02:30.0835 5108 HDAudBus - ok
18:02:30.0890 5108 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:02:30.0939 5108 HidBth - ok
18:02:31.0003 5108 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:02:31.0053 5108 HidIr - ok
18:02:31.0202 5108 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
18:02:31.0225 5108 hidserv - ok
18:02:31.0283 5108 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:02:31.0343 5108 HidUsb - ok
18:02:31.0386 5108 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:02:31.0432 5108 hkmsvc - ok
18:02:31.0544 5108 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
18:02:31.0554 5108 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
18:02:31.0554 5108 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
18:02:31.0636 5108 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:02:31.0658 5108 HpCISSs - ok
18:02:31.0707 5108 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:02:31.0742 5108 hpdskflt - ok
18:02:31.0947 5108 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:02:31.0961 5108 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
18:02:31.0961 5108 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
18:02:32.0045 5108 [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:02:32.0055 5108 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
18:02:32.0055 5108 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
18:02:32.0170 5108 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:02:32.0185 5108 HpqKbFiltr - ok
18:02:32.0302 5108 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
18:02:32.0316 5108 HpqRemHid - ok
18:02:32.0688 5108 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:02:32.0704 5108 hpqwmiex - ok
18:02:32.0798 5108 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
18:02:32.0816 5108 hpsrv - ok
18:02:32.0915 5108 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:02:32.0964 5108 HSFHWAZL - ok
18:02:33.0075 5108 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
18:02:33.0181 5108 HSF_DPV - ok
18:02:33.0300 5108 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:02:33.0427 5108 HTTP - ok
18:02:33.0520 5108 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:02:33.0543 5108 i2omp - ok
18:02:33.0604 5108 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:02:33.0671 5108 i8042prt - ok
18:02:33.0753 5108 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:02:33.0853 5108 IAANTMON - ok
18:02:33.0935 5108 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:02:33.0960 5108 iaStor - ok
18:02:34.0046 5108 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:02:34.0076 5108 iaStorV - ok
18:02:34.0267 5108 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:02:34.0278 5108 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:02:34.0278 5108 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:02:34.0476 5108 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:02:34.0570 5108 idsvc - ok
18:02:34.0956 5108 [ 6FB1858D1F0923D122B0331865695041 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:02:35.0205 5108 igfx - ok
18:02:35.0244 5108 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:02:35.0274 5108 iirsp - ok
18:02:35.0406 5108 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:02:35.0478 5108 IKEEXT - ok
18:02:35.0620 5108 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:02:35.0650 5108 IntcHdmiAddService - ok
18:02:35.0685 5108 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
18:02:35.0714 5108 intelide - ok
18:02:35.0740 5108 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:02:35.0770 5108 intelppm - ok
18:02:35.0837 5108 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:02:35.0870 5108 IPBusEnum - ok
18:02:35.0945 5108 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:02:35.0995 5108 IpFilterDriver - ok
18:02:36.0125 5108 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:02:36.0151 5108 iphlpsvc - ok
18:02:36.0157 5108 IpInIp - ok
18:02:36.0291 5108 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:02:36.0326 5108 IPMIDRV - ok
18:02:36.0356 5108 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:02:36.0392 5108 IPNAT - ok
18:02:36.0456 5108 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:02:36.0508 5108 iPod Service - ok
18:02:36.0561 5108 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:02:36.0605 5108 IRENUM - ok
18:02:36.0691 5108 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:02:36.0714 5108 isapnp - ok
18:02:36.0790 5108 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:02:36.0819 5108 iScsiPrt - ok
18:02:36.0847 5108 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:02:36.0869 5108 iteatapi - ok
18:02:36.0890 5108 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:02:36.0911 5108 iteraid - ok
18:02:36.0951 5108 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:02:36.0968 5108 kbdclass - ok
18:02:37.0052 5108 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:02:37.0097 5108 kbdhid - ok
18:02:37.0247 5108 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:02:37.0267 5108 KeyIso - ok
18:02:37.0668 5108 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:02:37.0706 5108 KSecDD - ok
18:02:37.0774 5108 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:02:37.0841 5108 KtmRm - ok
18:02:37.0961 5108 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
18:02:38.0012 5108 LanmanServer - ok
18:02:38.0104 5108 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:02:38.0161 5108 LanmanWorkstation - ok
18:02:38.0274 5108 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:02:38.0330 5108 lltdio - ok
18:02:38.0459 5108 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:02:38.0522 5108 lltdsvc - ok
18:02:38.0560 5108 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:02:38.0657 5108 lmhosts - ok
18:02:38.0718 5108 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:02:38.0752 5108 LSI_FC - ok
18:02:38.0765 5108 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:02:38.0797 5108 LSI_SAS - ok
18:02:38.0884 5108 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:02:38.0917 5108 LSI_SCSI - ok
18:02:38.0927 5108 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:02:39.0012 5108 luafv - ok
18:02:39.0407 5108 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:02:39.0443 5108 Mcx2Svc - ok
18:02:39.0516 5108 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
18:02:39.0546 5108 megasas - ok
18:02:39.0712 5108 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:02:39.0795 5108 MegaSR - ok
18:02:40.0008 5108 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:02:40.0036 5108 Microsoft Office Groove Audit Service - ok
18:02:40.0141 5108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:02:40.0202 5108 MMCSS - ok
18:02:40.0292 5108 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:02:40.0349 5108 Modem - ok
18:02:40.0419 5108 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:02:40.0475 5108 monitor - ok
18:02:40.0517 5108 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:02:40.0546 5108 mouclass - ok
18:02:40.0637 5108 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:02:40.0693 5108 mouhid - ok
18:02:40.0765 5108 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:02:40.0781 5108 MountMgr - ok
18:02:40.0975 5108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:02:40.0992 5108 MozillaMaintenance - ok
18:02:41.0019 5108 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
18:02:41.0038 5108 mpio - ok
18:02:41.0098 5108 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:02:41.0124 5108 mpsdrv - ok
18:02:41.0251 5108 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:02:41.0294 5108 MpsSvc - ok
18:02:41.0342 5108 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:02:41.0363 5108 Mraid35x - ok
18:02:41.0422 5108 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:02:41.0443 5108 MRxDAV - ok
18:02:41.0475 5108 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:02:41.0494 5108 mrxsmb - ok
18:02:41.0554 5108 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:02:41.0576 5108 mrxsmb10 - ok
18:02:41.0623 5108 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:02:41.0642 5108 mrxsmb20 - ok
18:02:41.0715 5108 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
18:02:41.0731 5108 msahci - ok
18:02:41.0749 5108 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:02:41.0775 5108 msdsm - ok
18:02:41.0793 5108 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:02:41.0826 5108 MSDTC - ok
18:02:41.0893 5108 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:02:41.0923 5108 Msfs - ok
18:02:41.0976 5108 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:02:41.0992 5108 msisadrv - ok
18:02:42.0105 5108 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:02:42.0147 5108 MSiSCSI - ok
18:02:42.0179 5108 msiserver - ok
18:02:42.0195 5108 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:02:42.0229 5108 MSKSSRV - ok
18:02:42.0280 5108 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:02:42.0313 5108 MSPCLOCK - ok
18:02:42.0339 5108 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:02:42.0372 5108 MSPQM - ok
18:02:42.0416 5108 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:02:42.0436 5108 MsRPC - ok
18:02:42.0498 5108 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:02:42.0514 5108 mssmbios - ok
18:02:42.0592 5108 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:02:42.0626 5108 MSTEE - ok
18:02:42.0763 5108 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:02:42.0799 5108 Mup - ok
18:02:42.0941 5108 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:02:42.0990 5108 napagent - ok
18:02:43.0165 5108 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:02:43.0186 5108 NativeWifiP - ok
18:02:43.0268 5108 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:02:43.0295 5108 NDIS - ok
18:02:43.0383 5108 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:02:43.0408 5108 NdisTapi - ok
18:02:43.0467 5108 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:02:43.0497 5108 Ndisuio - ok
18:02:43.0535 5108 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:02:43.0565 5108 NdisWan - ok
18:02:43.0636 5108 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:02:43.0666 5108 NDProxy - ok
18:02:43.0751 5108 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:02:43.0760 5108 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:02:43.0761 5108 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:02:43.0856 5108 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:02:43.0901 5108 NetBIOS - ok
18:02:43.0923 5108 netbt - ok
18:02:43.0940 5108 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:02:43.0969 5108 Netlogon - ok
18:02:44.0241 5108 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:02:44.0307 5108 Netman - ok
18:02:44.0392 5108 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:02:44.0471 5108 netprofm - ok
18:02:44.0716 5108 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:02:44.0732 5108 NetTcpPortSharing - ok
18:02:44.0867 5108 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:02:44.0884 5108 nfrd960 - ok
18:02:45.0139 5108 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:02:45.0180 5108 NlaSvc - ok
18:02:45.0455 5108 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
18:02:45.0485 5108 nmservice - ok
18:02:45.0526 5108 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:02:45.0573 5108 Npfs - ok
18:02:45.0632 5108 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:02:45.0671 5108 nsi - ok
18:02:45.0868 5108 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:02:45.0911 5108 nsiproxy - ok
18:02:46.0057 5108 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:02:46.0155 5108 Ntfs - ok
18:02:46.0212 5108 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:02:46.0304 5108 ntrigdigi - ok
18:02:46.0453 5108 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:02:46.0508 5108 Null - ok
18:02:46.0597 5108 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
18:02:46.0734 5108 NVENETFD - ok
18:02:46.0804 5108 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:02:46.0822 5108 nvraid - ok
18:02:46.0829 5108 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:02:46.0847 5108 nvstor - ok
18:02:46.0882 5108 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:02:46.0901 5108 nv_agp - ok
18:02:46.0907 5108 NwlnkFlt - ok
18:02:46.0915 5108 NwlnkFwd - ok
18:02:47.0026 5108 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:02:47.0052 5108 odserv - ok
18:02:47.0124 5108 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:02:47.0160 5108 ohci1394 - ok
18:02:47.0269 5108 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:02:47.0288 5108 ose - ok
18:02:47.0487 5108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:02:47.0541 5108 p2pimsvc - ok
18:02:47.0556 5108 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:02:47.0686 5108 p2psvc - ok
18:02:47.0721 5108 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:02:47.0793 5108 Parport - ok
18:02:48.0035 5108 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:02:48.0053 5108 partmgr - ok
18:02:48.0152 5108 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:02:48.0210 5108 Parvdm - ok
18:02:48.0312 5108 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:02:48.0351 5108 PcaSvc - ok
18:02:48.0540 5108 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:02:48.0569 5108 pci - ok
18:02:48.0596 5108 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
18:02:48.0618 5108 pciide - ok
18:02:48.0678 5108 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:02:48.0704 5108 pcmcia - ok
18:02:48.0787 5108 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
18:02:48.0810 5108 pcouffin - ok
18:02:48.0851 5108 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:02:48.0946 5108 PEAUTH - ok
18:02:49.0134 5108 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:02:49.0326 5108 pla - ok
18:02:49.0388 5108 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:02:49.0427 5108 PlugPlay - ok
18:02:49.0542 5108 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:02:49.0582 5108 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:02:49.0582 5108 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:02:49.0629 5108 [ 3DE33BCE4A930EDF57BD1F742823BCD8 ] pnarp C:\Windows\system32\DRIVERS\pnarp.sys
18:02:49.0647 5108 pnarp - ok
18:02:49.0811 5108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:02:50.0256 5108 PNRPAutoReg - ok
18:02:50.0399 5108 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:02:50.0754 5108 PNRPsvc - ok
18:02:50.0818 5108 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:02:50.0857 5108 PolicyAgent - ok
18:02:50.0952 5108 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:02:50.0983 5108 PptpMiniport - ok
18:02:51.0048 5108 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
18:02:51.0078 5108 Processor - ok
18:02:51.0145 5108 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:02:51.0182 5108 ProfSvc - ok
18:02:51.0222 5108 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:02:51.0245 5108 ProtectedStorage - ok
18:02:51.0338 5108 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:02:51.0367 5108 PSched - ok
18:02:51.0477 5108 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
18:02:51.0490 5108 PSI - ok
18:02:51.0530 5108 [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC ] purendis C:\Windows\system32\DRIVERS\purendis.sys
18:02:51.0543 5108 purendis - ok
18:02:51.0642 5108 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:02:51.0767 5108 ql2300 - ok
18:02:51.0776 5108 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:02:51.0794 5108 ql40xx - ok
18:02:51.0947 5108 [ 6803B69C14696CC4907C5F77FBB04A14 ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
18:02:51.0967 5108 QPCapSvc - ok
18:02:52.0037 5108 [ 95A0B86B9F1D27B613830864341A8252 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
18:02:52.0059 5108 QPSched - ok
18:02:52.0107 5108 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:02:52.0184 5108 QWAVE - ok
18:02:52.0282 5108 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:02:52.0640 5108 QWAVEdrv - ok
18:02:52.0657 5108 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:02:53.0312 5108 RasAcd - ok
18:02:53.0342 5108 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:02:53.0377 5108 RasAuto - ok
18:02:53.0466 5108 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:02:53.0500 5108 Rasl2tp - ok
18:02:53.0536 5108 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:02:53.0872 5108 RasMan - ok
18:02:53.0921 5108 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:02:53.0946 5108 RasPppoe - ok
18:02:53.0967 5108 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:02:53.0987 5108 RasSstp - ok
18:02:54.0028 5108 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:02:54.0061 5108 rdbss - ok
18:02:54.0102 5108 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:02:54.0137 5108 RDPCDD - ok
18:02:54.0340 5108 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:02:54.0390 5108 rdpdr - ok
18:02:54.0415 5108 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:02:54.0490 5108 RDPENCDD - ok
18:02:54.0656 5108 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:02:54.0693 5108 RDPWD - ok
18:02:54.0897 5108 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
18:02:54.0931 5108 Recovery Service for Windows - ok
18:02:55.0003 5108 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:02:55.0065 5108 RemoteAccess - ok
18:02:55.0151 5108 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:02:55.0205 5108 RemoteRegistry - ok
18:02:55.0412 5108 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:02:55.0442 5108 RichVideo - ok
18:02:55.0452 5108 RimUsb - ok
18:02:55.0541 5108 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
18:02:55.0569 5108 RimVSerPort - ok
18:02:55.0693 5108 [ 75E8A6BFA7374ABA833AE92BF41AE4E6 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
18:02:55.0751 5108 ROOTMODEM - ok
18:02:55.0825 5108 RoxLiveShare9 - ok
18:02:55.0988 5108 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:02:56.0024 5108 RpcLocator - ok
18:02:56.0320 5108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:02:56.0422 5108 RpcSs - ok
18:02:56.0441 5108 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:02:56.0500 5108 rspndr - ok
18:02:56.0561 5108 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
18:02:56.0588 5108 RTL8169 - ok
18:02:56.0641 5108 [ E64FE039C7B35CCDC0FFF05DB544EE58 ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
18:02:56.0658 5108 RTSTOR - ok
18:02:56.0670 5108 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:02:56.0690 5108 SamSs - ok
18:02:56.0787 5108 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:02:56.0803 5108 sbp2port - ok
18:02:56.0852 5108 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:02:56.0881 5108 SCardSvr - ok
18:02:57.0017 5108 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:02:57.0069 5108 Schedule - ok
18:02:57.0116 5108 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:02:57.0145 5108 SCPolicySvc - ok
18:02:57.0215 5108 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:02:57.0258 5108 sdbus - ok
18:02:57.0379 5108 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:02:57.0412 5108 SDRSVC - ok
18:02:57.0571 5108 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:02:57.0662 5108 secdrv - ok
18:02:57.0732 5108 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:02:57.0796 5108 seclogon - ok
18:02:58.0186 5108 [ 7198BBFBE46C0070257278C536386687 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
18:02:58.0303 5108 Secunia PSI Agent - ok
18:02:58.0358 5108 [ D2FCA567F9BE87E29B9A9FA32FFE79CA ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
18:02:58.0394 5108 Secunia Update Agent - ok
18:02:58.0461 5108 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
18:02:58.0525 5108 SENS - ok
18:02:58.0718 5108 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:02:58.0811 5108 Serenum - ok
18:02:58.0872 5108 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:02:58.0922 5108 Serial - ok
18:02:59.0070 5108 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:02:59.0115 5108 sermouse - ok
18:02:59.0306 5108 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:02:59.0347 5108 SessionEnv - ok
18:02:59.0406 5108 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:02:59.0435 5108 sffdisk - ok
18:02:59.0471 5108 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:02:59.0505 5108 sffp_mmc - ok
18:02:59.0603 5108 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:02:59.0640 5108 sffp_sd - ok
18:02:59.0779 5108 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:02:59.0849 5108 sfloppy - ok
18:02:59.0913 5108 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:02:59.0965 5108 SharedAccess - ok
18:03:00.0044 5108 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:03:00.0082 5108 ShellHWDetection - ok
18:03:00.0513 5108 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:03:00.0545 5108 sisagp - ok
18:03:00.0681 5108 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:03:00.0713 5108 SiSRaid2 - ok
18:03:00.0924 5108 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:03:00.0972 5108 SiSRaid4 - ok
18:03:01.0611 5108 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:03:01.0932 5108 slsvc - ok
18:03:02.0025 5108 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:03:02.0066 5108 SLUINotify - ok
18:03:02.0272 5108 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:03:02.0319 5108 Smb - ok
18:03:02.0585 5108 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:03:02.0623 5108 SNMPTRAP - ok
18:03:02.0775 5108 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:03:02.0805 5108 spldr - ok
18:03:02.0972 5108 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:03:03.0015 5108 Spooler - ok
18:03:03.0066 5108 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:03:03.0089 5108 srv - ok
18:03:03.0171 5108 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:03:03.0192 5108 srv2 - ok
18:03:03.0299 5108 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:03:03.0318 5108 srvnet - ok
18:03:03.0573 5108 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:03:03.0614 5108 SSDPSRV - ok
18:03:03.0682 5108 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:03:03.0710 5108 SstpSvc - ok
18:03:04.0086 5108 [ EC9C5F6C0F58446545D839BC11A3692B ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
18:03:04.0118 5108 STacSV - ok
18:03:04.0245 5108 [ 21CC262AB5F42F7A6B91DC7304C2F267 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
18:03:04.0284 5108 STHDA - ok
18:03:04.0368 5108 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:03:04.0429 5108 stisvc - ok
18:03:04.0551 5108 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:03:04.0581 5108 swenum - ok
18:03:04.0672 5108 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:03:04.0808 5108 swprv - ok
18:03:04.0855 5108 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:03:04.0885 5108 Symc8xx - ok
18:03:04.0933 5108 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:03:04.0961 5108 Sym_hi - ok
18:03:05.0006 5108 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:03:05.0036 5108 Sym_u3 - ok
18:03:05.0196 5108 [ 067CB9D745407A8C1B26E89A6A2CE152 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:03:05.0228 5108 SynTP - ok
18:03:05.0534 5108 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:03:05.0652 5108 SysMain - ok
18:03:05.0776 5108 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:03:05.0819 5108 TabletInputService - ok
18:03:05.0935 5108 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:03:05.0994 5108 TapiSrv - ok
18:03:06.0023 5108 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:03:06.0059 5108 TBS - ok
18:03:06.0179 5108 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:03:06.0317 5108 Tcpip - ok
18:03:06.0440 5108 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:03:06.0512 5108 Tcpip6 - ok
18:03:06.0591 5108 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:03:06.0612 5108 tcpipreg - ok
18:03:06.0662 5108 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:03:06.0698 5108 TDPIPE - ok
18:03:06.0841 5108 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:03:06.0885 5108 TDTCP - ok
18:03:06.0994 5108 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:03:07.0030 5108 tdx - ok
18:03:07.0365 5108 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:03:07.0383 5108 TermDD - ok
18:03:07.0543 5108 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:03:07.0583 5108 TermService - ok
18:03:07.0626 5108 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:03:07.0654 5108 Themes - ok
18:03:07.0691 5108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:03:07.0729 5108 THREADORDER - ok
18:03:07.0855 5108 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:03:07.0922 5108 TrkWks - ok
18:03:08.0140 5108 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:03:08.0175 5108 TrustedInstaller - ok
18:03:08.0346 5108 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:03:08.0390 5108 tssecsrv - ok
18:03:08.0468 5108 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:03:08.0504 5108 tunmp - ok
18:03:08.0560 5108 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:03:08.0579 5108 tunnel - ok
18:03:08.0640 5108 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:03:08.0657 5108 uagp35 - ok
18:03:08.0740 5108 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:03:08.0770 5108 udfs - ok
18:03:08.0815 5108 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:03:08.0853 5108 UI0Detect - ok
18:03:08.0907 5108 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:03:08.0954 5108 uliagpkx - ok
18:03:09.0005 5108 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:03:09.0030 5108 uliahci - ok
18:03:09.0273 5108 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:03:09.0298 5108 UlSata - ok
18:03:09.0307 5108 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:03:09.0332 5108 ulsata2 - ok
18:03:09.0382 5108 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:03:09.0425 5108 umbus - ok
18:03:09.0506 5108 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:03:09.0558 5108 upnphost - ok
18:03:09.0612 5108 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:03:09.0638 5108 USBAAPL - ok
18:03:10.0111 5108 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:03:10.0158 5108 usbccgp - ok
18:03:10.0529 5108 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:03:10.0623 5108 usbcir - ok
18:03:10.0814 5108 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:03:10.0839 5108 usbehci - ok
18:03:11.0083 5108 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:03:11.0117 5108 usbhub - ok
18:03:11.0197 5108 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:03:11.0235 5108 usbohci - ok
18:03:11.0367 5108 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:03:11.0410 5108 usbprint - ok
18:03:11.0475 5108 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:03:11.0511 5108 usbscan - ok
18:03:11.0813 5108 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:03:11.0861 5108 USBSTOR - ok
18:03:11.0965 5108 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:03:12.0011 5108 usbuhci - ok
18:03:12.0062 5108 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:03:12.0122 5108 usbvideo - ok
18:03:12.0158 5108 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:03:12.0211 5108 UxSms - ok
18:03:12.0619 5108 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:03:12.0723 5108 vds - ok
18:03:12.0799 5108 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:03:12.0856 5108 vga - ok
18:03:13.0203 5108 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:03:13.0286 5108 VgaSave - ok
18:03:13.0527 5108 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:03:13.0558 5108 viaagp - ok
18:03:13.0744 5108 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:03:13.0844 5108 ViaC7 - ok
18:03:13.0958 5108 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
18:03:13.0988 5108 viaide - ok
18:03:14.0027 5108 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:03:14.0058 5108 volmgr - ok
18:03:14.0095 5108 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:03:14.0139 5108 volmgrx - ok
18:03:14.0562 5108 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:03:14.0600 5108 volsnap - ok
18:03:14.0664 5108 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:03:14.0698 5108 vsmraid - ok
18:03:14.0797 5108 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:03:15.0008 5108 VSS - ok
18:03:15.0118 5108 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:03:15.0178 5108 W32Time - ok
18:03:15.0239 5108 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:03:15.0288 5108 WacomPen - ok
18:03:15.0311 5108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:03:15.0369 5108 Wanarp - ok
18:03:15.0379 5108 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:03:15.0404 5108 Wanarpv6 - ok
18:03:15.0506 5108 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:03:15.0602 5108 wcncsvc - ok
18:03:15.0782 5108 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:03:15.0895 5108 WcsPlugInService - ok
18:03:16.0030 5108 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
18:03:16.0053 5108 Wd - ok
18:03:16.0188 5108 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
18:03:16.0209 5108 WDC_SAM - ok
18:03:16.0454 5108 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:03:16.0508 5108 Wdf01000 - ok
18:03:16.0598 5108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:03:16.0663 5108 WdiServiceHost - ok
18:03:16.0671 5108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:03:16.0733 5108 WdiSystemHost - ok
18:03:16.0983 5108 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:03:17.0010 5108 WebClient - ok
18:03:17.0177 5108 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:03:17.0241 5108 Wecsvc - ok
18:03:17.0261 5108 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:03:17.0297 5108 wercplsupport - ok
18:03:17.0422 5108 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:03:17.0463 5108 WerSvc - ok
18:03:17.0631 5108 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
18:03:17.0705 5108 winachsf - ok
18:03:17.0825 5108 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:03:17.0853 5108 WinDefend - ok
18:03:17.0864 5108 WinHttpAutoProxySvc - ok
18:03:18.0291 5108 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:03:18.0341 5108 Winmgmt - ok
18:03:18.0911 5108 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
18:03:19.0088 5108 WinRM - ok
18:03:19.0919 5108 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:03:20.0068 5108 Wlansvc - ok
18:03:20.0189 5108 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:03:20.0235 5108 WmiAcpi - ok
18:03:20.0578 5108 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:03:20.0627 5108 wmiApSrv - ok
18:03:21.0263 5108 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:03:21.0339 5108 WMPNetworkSvc - ok
18:03:21.0424 5108 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:03:21.0500 5108 WPCSvc - ok
18:03:21.0572 5108 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:03:21.0616 5108 WPDBusEnum - ok
18:03:22.0011 5108 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:03:22.0045 5108 WpdUsb - ok
18:03:22.0832 5108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:03:22.0896 5108 WPFFontCache_v0400 - ok
18:03:22.0941 5108 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:03:22.0997 5108 ws2ifsl - ok
18:03:23.0148 5108 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
18:03:23.0201 5108 wscsvc - ok
18:03:23.0207 5108 WSearch - ok
18:03:23.0585 5108 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:03:23.0817 5108 wuauserv - ok
18:03:23.0918 5108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:03:23.0981 5108 WudfPf - ok
18:03:24.0305 5108 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:03:24.0343 5108 WUDFRd - ok
18:03:24.0412 5108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:03:24.0541 5108 wudfsvc - ok
18:03:24.0617 5108 ================ Scan global ===============================
18:03:24.0645 5108 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:03:24.0690 5108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:03:24.0790 5108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:03:24.0920 5108 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:03:24.0932 5108 [Global] - ok
18:03:24.0933 5108 ================ Scan MBR ==================================
18:03:25.0037 5108 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
18:03:25.0895 5108 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:03:25.0895 5108 \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:03:25.0896 5108 ================ Scan VBR ==================================
18:03:26.0438 5108 [ F2B3419B2CC238556B1AE6FA32B7B6B9 ] \Device\Harddisk0\DR0\Partition1
18:03:26.0440 5108 \Device\Harddisk0\DR0\Partition1 - ok
18:03:26.0620 5108 [ 34C03B622213E2E4C4B06BBBB6C6A821 ] \Device\Harddisk0\DR0\Partition2
18:03:26.0622 5108 \Device\Harddisk0\DR0\Partition2 - ok
18:03:26.0623 5108 ================ Scan active images ========================
18:03:26.0627 5108 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
18:03:26.0627 5108 C:\Windows\System32\drivers\crashdmp.sys - ok
18:03:26.0635 5108 [ DB0CC620B27A928D968C1A1E9CD9CB87 ] C:\Windows\System32\drivers\iaStor.sys
18:03:26.0635 5108 C:\Windows\System32\drivers\iaStor.sys - ok
18:03:26.0644 5108 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
18:03:26.0644 5108 C:\Windows\System32\drivers\tunnel.sys - ok
18:03:26.0652 5108 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
18:03:26.0653 5108 C:\Windows\System32\drivers\intelppm.sys - ok
18:03:26.0662 5108 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
18:03:26.0662 5108 C:\Windows\System32\drivers\TUNMP.SYS - ok
18:03:26.0670 5108 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys
18:03:26.0671 5108 C:\Windows\System32\drivers\CmBatt.sys - ok
18:03:26.0680 5108 [ 6FB1858D1F0923D122B0331865695041 ] C:\Windows\System32\drivers\igdkmd32.sys
18:03:26.0680 5108 C:\Windows\System32\drivers\igdkmd32.sys - ok
18:03:26.0688 5108 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
18:03:26.0688 5108 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:03:26.0697 5108 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
18:03:26.0697 5108 C:\Windows\System32\drivers\watchdog.sys - ok
18:03:26.0707 5108 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
18:03:26.0707 5108 C:\Windows\System32\drivers\usbport.sys - ok
18:03:26.0715 5108 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
18:03:26.0715 5108 C:\Windows\System32\drivers\usbehci.sys - ok
18:03:26.0724 5108 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
18:03:26.0724 5108 C:\Windows\System32\drivers\usbuhci.sys - ok
18:03:26.0731 5108 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
18:03:26.0732 5108 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:03:26.0739 5108 [ 34A0A6386256080F52C74076C6157026 ] C:\Windows\System32\drivers\BCMWL6.SYS
18:03:26.0739 5108 C:\Windows\System32\drivers\BCMWL6.SYS - ok
18:03:26.0746 5108 [ 7157E70A90CCE49DEB8885D23A073A39 ] C:\Windows\System32\drivers\Rtlh86.sys
18:03:26.0746 5108 C:\Windows\System32\drivers\Rtlh86.sys - ok
18:03:26.0753 5108 [ 35956140E686D53BF676CF0C778880FC ] C:\Windows\System32\drivers\HpqKbFiltr.sys
18:03:26.0753 5108 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
18:03:26.0761 5108 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
18:03:26.0761 5108 C:\Windows\System32\drivers\i8042prt.sys - ok
18:03:26.0768 5108 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
18:03:26.0768 5108 C:\Windows\System32\drivers\kbdclass.sys - ok
18:03:26.0775 5108 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
18:03:26.0775 5108 C:\Windows\System32\drivers\mouclass.sys - ok
18:03:26.0782 5108 [ 067CB9D745407A8C1B26E89A6A2CE152 ] C:\Windows\System32\drivers\SynTP.sys
18:03:26.0782 5108 C:\Windows\System32\drivers\SynTP.sys - ok
18:03:26.0790 5108 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
18:03:26.0790 5108 C:\Windows\System32\drivers\usbd.sys - ok
18:03:26.0797 5108 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
18:03:26.0797 5108 C:\Windows\System32\drivers\cdrom.sys - ok
18:03:26.0800 5108 [ 4CD6B056C5FD9E97C06FE74C81479517 ] C:\Windows\System32\drivers\enecir.sys
18:03:26.0800 5108 C:\Windows\System32\drivers\enecir.sys - ok
18:03:26.0808 5108 [ 3B10711AD8656C097E0D16A41B29C54C ] C:\Windows\System32\drivers\Accelerometer.sys
18:03:26.0808 5108 C:\Windows\System32\drivers\Accelerometer.sys - ok
18:03:26.0815 5108 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:03:26.0815 5108 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:03:26.0823 5108 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\Windows\System32\drivers\wmiacpi.sys
18:03:26.0823 5108 C:\Windows\System32\drivers\wmiacpi.sys - ok
18:03:26.0830 5108 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
18:03:26.0830 5108 C:\Windows\System32\drivers\tdi.sys - ok
18:03:26.0837 5108 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
18:03:26.0838 5108 C:\Windows\System32\drivers\msiscsi.sys - ok
18:03:26.0844 5108 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
18:03:26.0844 5108 C:\Windows\System32\drivers\ndistapi.sys - ok
18:03:26.0851 5108 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
18:03:26.0851 5108 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:03:26.0858 5108 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
18:03:26.0859 5108 C:\Windows\System32\drivers\ndiswan.sys - ok
18:03:26.0865 5108 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
18:03:26.0865 5108 C:\Windows\System32\drivers\raspppoe.sys - ok
18:03:26.0873 5108 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
18:03:26.0873 5108 C:\Windows\System32\drivers\raspptp.sys - ok
18:03:26.0880 5108 [ 5B6C11DE7E839C05248CED8825470FEF ] C:\Windows\System32\drivers\pcouffin.sys
18:03:26.0880 5108 C:\Windows\System32\drivers\pcouffin.sys - ok
18:03:26.0888 5108 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
18:03:26.0888 5108 C:\Windows\System32\drivers\rassstp.sys - ok
18:03:26.0894 5108 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
18:03:26.0894 5108 C:\Windows\System32\drivers\termdd.sys - ok
18:03:26.0902 5108 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
18:03:26.0902 5108 C:\Windows\System32\drivers\ks.sys - ok
18:03:26.0909 5108 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
18:03:26.0909 5108 C:\Windows\System32\drivers\swenum.sys - ok
18:03:26.0917 5108 [ E5D4133F37219DBCFE102BC61072589D ] C:\Windows\System32\drivers\circlass.sys
18:03:26.0917 5108 C:\Windows\System32\drivers\circlass.sys - ok
18:03:26.0923 5108 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
18:03:26.0924 5108 C:\Windows\System32\drivers\mssmbios.sys - ok
18:03:26.0932 5108 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
18:03:26.0932 5108 C:\Windows\System32\drivers\umbus.sys - ok
18:03:26.0938 5108 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
18:03:26.0938 5108 C:\Windows\System32\drivers\usbhub.sys - ok
18:03:26.0945 5108 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
18:03:26.0945 5108 C:\Windows\System32\drivers\ndproxy.sys - ok
18:03:26.0952 5108 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
18:03:26.0953 5108 C:\Windows\System32\drivers\drmk.sys - ok
18:03:26.0959 5108 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
18:03:26.0959 5108 C:\Windows\System32\drivers\portcls.sys - ok
18:03:26.0967 5108 [ 21CC262AB5F42F7A6B91DC7304C2F267 ] C:\Windows\System32\drivers\stwrt.sys
18:03:26.0967 5108 C:\Windows\System32\drivers\stwrt.sys - ok
18:03:26.0974 5108 [ AB8B0206BCDFF0ED03CEC500FA03A32A ] C:\Windows\System32\drivers\IntcHdmi.sys
18:03:26.0974 5108 C:\Windows\System32\drivers\IntcHdmi.sys - ok
18:03:26.0982 5108 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
18:03:26.0982 5108 C:\Windows\System32\drivers\hidclass.sys - ok
18:03:26.0988 5108 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
18:03:26.0989 5108 C:\Windows\System32\drivers\hidparse.sys - ok
18:03:26.0998 5108 [ D8DF3722D5E961BAA1292AA2F12827E2 ] C:\Windows\System32\drivers\hidir.sys
18:03:26.0998 5108 C:\Windows\System32\drivers\hidir.sys - ok
18:03:27.0005 5108 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
18:03:27.0005 5108 C:\Windows\System32\drivers\kbdhid.sys - ok
18:03:27.0012 5108 [ 93B8D4869E12CFBE663915502900876F ] C:\Windows\System32\drivers\mouhid.sys
18:03:27.0012 5108 C:\Windows\System32\drivers\mouhid.sys - ok
18:03:27.0020 5108 [ E64FE039C7B35CCDC0FFF05DB544EE58 ] C:\Windows\System32\drivers\RTSTOR.sys
18:03:27.0020 5108 C:\Windows\System32\drivers\RTSTOR.sys - ok
18:03:27.0026 5108 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
18:03:27.0026 5108 C:\Windows\System32\drivers\usbccgp.sys - ok
18:03:27.0035 5108 [ E67998E8F14CB0627A769F6530BCB352 ] C:\Windows\System32\drivers\usbvideo.sys
18:03:27.0035 5108 C:\Windows\System32\drivers\usbvideo.sys - ok
18:03:27.0041 5108 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\Windows\System32\drivers\aswSnx.sys
18:03:27.0042 5108 C:\Windows\System32\drivers\aswSnx.sys - ok
18:03:27.0049 5108 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
18:03:27.0049 5108 C:\Windows\System32\drivers\fs_rec.sys - ok
18:03:27.0053 5108 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
18:03:27.0053 5108 C:\Windows\System32\drivers\beep.sys - ok
18:03:27.0061 5108 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
18:03:27.0061 5108 C:\Windows\System32\drivers\null.sys - ok
18:03:27.0068 5108 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
18:03:27.0068 5108 C:\Windows\System32\drivers\vga.sys - ok
18:03:27.0074 5108 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
18:03:27.0074 5108 C:\Windows\System32\drivers\videoprt.sys - ok
18:03:27.0082 5108 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
18:03:27.0082 5108 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:03:27.0089 5108 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
18:03:27.0089 5108 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:03:27.0097 5108 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
18:03:27.0097 5108 C:\Windows\System32\drivers\msfs.sys - ok
18:03:27.0103 5108 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
18:03:27.0103 5108 C:\Windows\System32\drivers\npfs.sys - ok
18:03:27.0111 5108 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
18:03:27.0111 5108 C:\Windows\System32\drivers\rasacd.sys - ok
18:03:27.0117 5108 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
18:03:27.0118 5108 C:\Windows\System32\drivers\tdx.sys - ok
18:03:27.0125 5108 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\Windows\System32\drivers\aswTdi.sys
18:03:27.0125 5108 C:\Windows\System32\drivers\aswTdi.sys - ok
18:03:27.0132 5108 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
18:03:27.0132 5108 C:\Windows\System32\drivers\smb.sys - ok
18:03:27.0139 5108 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
18:03:27.0139 5108 C:\Windows\System32\drivers\afd.sys - ok
18:03:27.0146 5108 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\Windows\System32\drivers\aswRdr.sys
18:03:27.0146 5108 C:\Windows\System32\drivers\aswRdr.sys - ok
18:03:27.0153 5108 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys
18:03:27.0153 5108 C:\Windows\System32\drivers\ws2ifsl.sys - ok
18:03:27.0161 5108 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
18:03:27.0161 5108 C:\Windows\System32\drivers\netbios.sys - ok
18:03:27.0168 5108 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
18:03:27.0168 5108 C:\Windows\System32\drivers\pacer.sys - ok
18:03:27.0175 5108 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
18:03:27.0175 5108 C:\Windows\System32\drivers\wanarp.sys - ok
18:03:27.0182 5108 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
18:03:27.0182 5108 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:03:27.0189 5108 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
18:03:27.0189 5108 C:\Windows\System32\drivers\rdbss.sys - ok
18:03:27.0196 5108 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
18:03:27.0196 5108 C:\Windows\System32\drivers\dfsc.sys - ok
18:03:27.0203 5108 [ 67B558895695545FB0568B7541F3BCA7 ] C:\Windows\System32\drivers\aswSP.sys
18:03:27.0203 5108 C:\Windows\System32\drivers\aswSP.sys - ok
18:03:27.0210 5108 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
18:03:27.0211 5108 C:\Windows\System32\ntdll.dll - ok
18:03:27.0217 5108 [ 98AF15A94CD6AC37248E72E5FE789B35 ] C:\Windows\System32\smss.exe
18:03:27.0217 5108 C:\Windows\System32\smss.exe - ok
18:03:27.0225 5108 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
18:03:27.0225 5108 C:\Windows\System32\autochk.exe - ok
18:03:27.0232 5108 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
18:03:27.0232 5108 C:\Windows\System32\normaliz.dll - ok
18:03:27.0239 5108 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
18:03:27.0239 5108 C:\Windows\System32\urlmon.dll - ok
18:03:27.0246 5108 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
18:03:27.0246 5108 C:\Windows\System32\kernel32.dll - ok
18:03:27.0252 5108 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
18:03:27.0252 5108 C:\Windows\System32\imagehlp.dll - ok
18:03:27.0260 5108 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
18:03:27.0260 5108 C:\Windows\System32\nsi.dll - ok
18:03:27.0267 5108 [ 9176285122B7B849FEC2AA1B72A8F7A8 ] C:\Windows\System32\shlwapi.dll
18:03:27.0267 5108 C:\Windows\System32\shlwapi.dll - ok
18:03:27.0274 5108 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
18:03:27.0274 5108 C:\Windows\System32\msvcrt.dll - ok
18:03:27.0281 5108 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
18:03:27.0281 5108 C:\Windows\System32\Wldap32.dll - ok
18:03:27.0289 5108 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
18:03:27.0289 5108 C:\Windows\System32\comdlg32.dll - ok
18:03:27.0295 5108 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
18:03:27.0295 5108 C:\Windows\System32\shell32.dll - ok
18:03:27.0302 5108 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
18:03:27.0303 5108 C:\Windows\System32\rpcrt4.dll - ok
18:03:27.0310 5108 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
18:03:27.0310 5108 C:\Windows\System32\usp10.dll - ok
18:03:27.0317 5108 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
18:03:27.0317 5108 C:\Windows\System32\lpk.dll - ok
18:03:27.0327 5108 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
18:03:27.0327 5108 C:\Windows\System32\ole32.dll - ok
18:03:27.0334 5108 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
18:03:27.0334 5108 C:\Windows\System32\iertutil.dll - ok
18:03:27.0341 5108 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
18:03:27.0341 5108 C:\Windows\System32\advapi32.dll - ok
18:03:27.0348 5108 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
18:03:27.0348 5108 C:\Windows\System32\imm32.dll - ok
18:03:27.0355 5108 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
18:03:27.0355 5108 C:\Windows\System32\setupapi.dll - ok
18:03:27.0362 5108 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
18:03:27.0362 5108 C:\Windows\System32\oleaut32.dll - ok
18:03:27.0370 5108 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
18:03:27.0370 5108 C:\Windows\System32\user32.dll - ok
18:03:27.0377 5108 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
18:03:27.0377 5108 C:\Windows\System32\ws2_32.dll - ok
18:03:27.0384 5108 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
18:03:27.0384 5108 C:\Windows\System32\msctf.dll - ok
18:03:27.0391 5108 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
18:03:27.0391 5108 C:\Windows\System32\wininet.dll - ok
18:03:27.0398 5108 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
18:03:27.0398 5108 C:\Windows\System32\clbcatq.dll - ok
18:03:27.0405 5108 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
18:03:27.0405 5108 C:\Windows\System32\gdi32.dll - ok
18:03:27.0412 5108 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
18:03:27.0412 5108 C:\Windows\System32\comctl32.dll - ok
18:03:27.0420 5108 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
18:03:27.0420 5108 C:\Windows\System32\psapi.dll - ok
18:03:27.0426 5108 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
18:03:27.0426 5108 C:\Windows\System32\drivers\dxapi.sys - ok
18:03:27.0434 5108 [ F167606EC2C01D804FC72F8F84E73E19 ] C:\Windows\System32\win32k.sys
18:03:27.0434 5108 C:\Windows\System32\win32k.sys - ok
18:03:27.0440 5108 [ 187076DD5D8D4D5D23079D0741195EAD ] C:\Windows\System32\csrsrv.dll
18:03:27.0440 5108 C:\Windows\System32\csrsrv.dll - ok
18:03:27.0447 5108 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
18:03:27.0447 5108 C:\Windows\System32\csrss.exe - ok
18:03:27.0454 5108 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
18:03:27.0454 5108 C:\Windows\System32\basesrv.dll - ok
18:03:27.0461 5108 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\System32\winsrv.dll
18:03:27.0461 5108 C:\Windows\System32\winsrv.dll - ok
18:03:27.0468 5108 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
18:03:27.0468 5108 C:\Windows\System32\drivers\monitor.sys - ok
18:03:27.0475 5108 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
18:03:27.0475 5108 C:\Windows\System32\tsddd.dll - ok
18:03:27.0483 5108 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
18:03:27.0483 5108 C:\Windows\System32\secur32.dll - ok
18:03:27.0489 5108 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
18:03:27.0489 5108 C:\Windows\System32\userenv.dll - ok
18:03:27.0497 5108 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
18:03:27.0497 5108 C:\Windows\System32\wininit.exe - ok
18:03:27.0505 5108 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
18:03:27.0505 5108 C:\Windows\System32\KBDUS.DLL - ok
18:03:27.0512 5108 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
18:03:27.0512 5108 C:\Windows\System32\WlS0WndH.dll - ok
18:03:27.0519 5108 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
18:03:27.0519 5108 C:\Windows\System32\sxs.dll - ok
18:03:27.0526 5108 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
18:03:27.0526 5108 C:\Windows\System32\cdd.dll - ok
18:03:27.0533 5108 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
18:03:27.0534 5108 C:\Windows\System32\apphelp.dll - ok
18:03:27.0540 5108 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
18:03:27.0540 5108 C:\Windows\System32\lsass.exe - ok
18:03:27.0548 5108 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
18:03:27.0548 5108 C:\Windows\System32\services.exe - ok
18:03:27.0554 5108 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
18:03:27.0555 5108 C:\Windows\System32\lsasrv.dll - ok
18:03:27.0558 5108 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
18:03:27.0558 5108 C:\Windows\System32\lsm.exe - ok
18:03:27.0566 5108 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
18:03:27.0566 5108 C:\Windows\System32\scesrv.dll - ok
18:03:27.0572 5108 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
18:03:27.0572 5108 C:\Windows\System32\sysntfy.dll - ok
18:03:27.0580 5108 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
18:03:27.0580 5108 C:\Windows\System32\wmsgapi.dll - ok
18:03:27.0586 5108 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
18:03:27.0586 5108 C:\Windows\System32\samsrv.dll - ok
18:03:27.0593 5108 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
18:03:27.0593 5108 C:\Windows\System32\cryptdll.dll - ok
18:03:27.0600 5108 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
18:03:27.0600 5108 C:\Windows\System32\dnsapi.dll - ok
18:03:27.0609 5108 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
18:03:27.0609 5108 C:\Windows\System32\netapi32.dll - ok
18:03:27.0615 5108 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
18:03:27.0615 5108 C:\Windows\System32\crypt32.dll - ok
18:03:27.0621 5108 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
18:03:27.0621 5108 C:\Windows\System32\feclient.dll - ok
18:03:27.0629 5108 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
18:03:27.0629 5108 C:\Windows\System32\mpr.dll - ok
18:03:27.0635 5108 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
18:03:27.0635 5108 C:\Windows\System32\msasn1.dll - ok
18:03:27.0643 5108 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
18:03:27.0643 5108 C:\Windows\System32\ntdsapi.dll - ok
18:03:27.0649 5108 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
18:03:27.0650 5108 C:\Windows\System32\samlib.dll - ok
18:03:27.0656 5108 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
18:03:27.0657 5108 C:\Windows\System32\authz.dll - ok
18:03:27.0664 5108 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
18:03:27.0664 5108 C:\Windows\System32\ncobjapi.dll - ok
18:03:27.0671 5108 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
18:03:27.0671 5108 C:\Windows\System32\SLC.dll - ok
18:03:27.0678 5108 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
18:03:27.0678 5108 C:\Windows\System32\IPHLPAPI.DLL - ok
18:03:27.0685 5108 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
18:03:27.0685 5108 C:\Windows\System32\wevtapi.dll - ok
18:03:27.0692 5108 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
18:03:27.0693 5108 C:\Windows\System32\dhcpcsvc.dll - ok
18:03:27.0699 5108 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
18:03:27.0699 5108 C:\Windows\System32\aelupsvc.dll - ok
18:03:27.0706 5108 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
18:03:27.0706 5108 C:\Windows\System32\alg.exe - ok
18:03:27.0713 5108 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
18:03:27.0713 5108 C:\Windows\System32\cngaudit.dll - ok
18:03:27.0720 5108 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
18:03:27.0720 5108 C:\Windows\System32\dhcpcsvc6.dll - ok
18:03:27.0728 5108 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
18:03:27.0728 5108 C:\Windows\System32\winnsi.dll - ok
18:03:27.0734 5108 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
18:03:27.0734 5108 C:\Windows\System32\appinfo.dll - ok
18:03:27.0742 5108 [ 188CC19108B0EBD6332D6628D4EDE469 ] C:\Windows\System32\ncrypt.dll
18:03:27.0742 5108 C:\Windows\System32\ncrypt.dll - ok
18:03:27.0748 5108 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
18:03:27.0749 5108 C:\Windows\System32\rascfg.dll - ok
18:03:27.0756 5108 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
18:03:27.0756 5108 C:\Windows\System32\bcrypt.dll - ok
18:03:27.0763 5108 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
18:03:27.0763 5108 C:\Windows\System32\audiosrv.dll - ok
18:03:27.0770 5108 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
18:03:27.0770 5108 C:\Windows\System32\credssp.dll - ok
18:03:27.0777 5108 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
18:03:27.0777 5108 C:\Windows\System32\BFE.DLL - ok
18:03:27.0784 5108 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
18:03:27.0784 5108 C:\Windows\System32\msprivs.dll - ok
18:03:27.0791 5108 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
18:03:27.0791 5108 C:\Windows\System32\kerberos.dll - ok
18:03:27.0798 5108 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
18:03:27.0798 5108 C:\Windows\System32\qmgr.dll - ok
18:03:27.0805 5108 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
18:03:27.0805 5108 C:\Windows\System32\winlogon.exe - ok
18:03:27.0809 5108 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
18:03:27.0809 5108 C:\Windows\System32\WSHTCPIP.DLL - ok
18:03:27.0816 5108 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
18:03:27.0816 5108 C:\Windows\System32\browser.dll - ok
18:03:27.0824 5108 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
18:03:27.0824 5108 C:\Windows\System32\certprop.dll - ok
18:03:27.0830 5108 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
18:03:27.0830 5108 C:\Windows\System32\winsta.dll - ok
18:03:27.0838 5108 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
18:03:27.0838 5108 C:\Windows\System32\wship6.dll - ok
18:03:27.0844 5108 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
18:03:27.0844 5108 C:\Windows\System32\wshqos.dll - ok
18:03:27.0852 5108 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
18:03:27.0852 5108 C:\Windows\System32\NapiNSP.dll - ok
18:03:27.0858 5108 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
18:03:27.0858 5108 C:\Windows\System32\nlasvc.dll - ok
18:03:27.0865 5108 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
18:03:27.0865 5108 C:\Windows\System32\pnrpnsp.dll - ok
18:03:27.0873 5108 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
18:03:27.0873 5108 C:\Windows\System32\mswsock.dll - ok
18:03:27.0879 5108 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
18:03:27.0879 5108 C:\Windows\System32\comres.dll - ok
18:03:27.0887 5108 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
18:03:27.0887 5108 C:\Windows\System32\msv1_0.dll - ok
18:03:27.0893 5108 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
18:03:27.0893 5108 C:\Windows\System32\netlogon.dll - ok
18:03:27.0901 5108 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
18:03:27.0901 5108 C:\Windows\System32\cryptsvc.dll - ok
18:03:27.0908 5108 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
18:03:27.0908 5108 C:\Windows\System32\winbrand.dll - ok
18:03:27.0915 5108 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
18:03:27.0915 5108 C:\Windows\System32\dfsrres.dll - ok
18:03:27.0922 5108 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
18:03:27.0922 5108 C:\Windows\System32\dot3svc.dll - ok
18:03:27.0929 5108 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
18:03:27.0929 5108 C:\Windows\System32\oleres.dll - ok
18:03:27.0936 5108 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
18:03:27.0937 5108 C:\Windows\System32\schannel.dll - ok
18:03:27.0943 5108 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
18:03:27.0943 5108 C:\Windows\System32\wdigest.dll - ok
18:03:27.0951 5108 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
18:03:27.0951 5108 C:\Windows\System32\dps.dll - ok
18:03:27.0957 5108 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
18:03:27.0957 5108 C:\Windows\System32\rsaenh.dll - ok
18:03:27.0964 5108 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
18:03:27.0965 5108 C:\Windows\System32\TSpkg.dll - ok
18:03:27.0971 5108 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe
18:03:27.0971 5108 C:\Windows\ehome\ehrecvr.exe - ok
18:03:27.0978 5108 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
18:03:27.0978 5108 C:\Windows\System32\eapsvc.dll - ok
18:03:27.0985 5108 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
18:03:27.0986 5108 C:\Windows\System32\gpapi.dll - ok
18:03:27.0992 5108 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
18:03:27.0992 5108 C:\Windows\ehome\ehsched.exe - ok
18:03:27.0999 5108 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll
18:03:28.0000 5108 C:\Windows\ehome\ehstart.dll - ok
18:03:28.0006 5108 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
18:03:28.0006 5108 C:\Windows\System32\emdmgmt.dll - ok
18:03:28.0016 5108 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
18:03:28.0016 5108 C:\Windows\System32\wevtsvc.dll - ok
18:03:28.0022 5108 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
18:03:28.0022 5108 C:\Windows\System32\fdPHost.dll - ok
18:03:28.0030 5108 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
18:03:28.0030 5108 C:\Windows\System32\FDResPub.dll - ok
18:03:28.0036 5108 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
18:03:28.0037 5108 C:\Windows\System32\FntCache.dll - ok
18:03:28.0044 5108 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
18:03:28.0044 5108 C:\Windows\System32\PresentationHost.exe - ok
18:03:28.0051 5108 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
18:03:28.0051 5108 C:\Windows\System32\hidserv.dll - ok
18:03:28.0058 5108 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
18:03:28.0058 5108 C:\Windows\System32\KMSVC.DLL - ok
18:03:28.0062 5108 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
18:03:28.0063 5108 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
18:03:28.0070 5108 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
18:03:28.0070 5108 C:\Windows\System32\IKEEXT.DLL - ok
18:03:28.0077 5108 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
18:03:28.0077 5108 C:\Windows\System32\IPBusEnum.dll - ok
18:03:28.0084 5108 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
18:03:28.0084 5108 C:\Windows\System32\iphlpsvc.dll - ok
18:03:28.0091 5108 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
18:03:28.0091 5108 C:\Windows\System32\keyiso.dll - ok
18:03:28.0098 5108 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
18:03:28.0098 5108 C:\Windows\System32\srvsvc.dll - ok
18:03:28.0105 5108 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
18:03:28.0105 5108 C:\Windows\System32\wkssvc.dll - ok
18:03:28.0112 5108 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll
18:03:28.0112 5108 C:\Windows\ehome\ehres.dll - ok
18:03:28.0119 5108 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
18:03:28.0119 5108 C:\Windows\System32\lltdres.dll - ok
18:03:28.0127 5108 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
18:03:28.0127 5108 C:\Windows\System32\lmhsvc.dll - ok
18:03:28.0133 5108 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
18:03:28.0133 5108 C:\Windows\System32\FirewallAPI.dll - ok
18:03:28.0140 5108 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
18:03:28.0141 5108 C:\Windows\System32\mmcss.dll - ok
18:03:28.0148 5108 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
18:03:28.0148 5108 C:\Windows\System32\iscsidsc.dll - ok
18:03:28.0154 5108 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
18:03:28.0154 5108 C:\Windows\System32\msimsg.dll - ok
18:03:28.0162 5108 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
18:03:28.0162 5108 C:\Windows\System32\QAGENTRT.DLL - ok
18:03:28.0168 5108 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
18:03:28.0168 5108 C:\Windows\System32\netman.dll - ok
18:03:28.0176 5108 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
18:03:28.0176 5108 C:\Windows\System32\netprof.dll - ok
18:03:28.0182 5108 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
18:03:28.0182 5108 C:\Windows\System32\nsisvc.dll - ok
18:03:28.0189 5108 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
18:03:28.0190 5108 C:\Windows\System32\p2psvc.dll - ok
18:03:28.0198 5108 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
18:03:28.0198 5108 C:\Windows\System32\pcasvc.dll - ok
18:03:28.0205 5108 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
18:03:28.0205 5108 C:\Windows\System32\pla.dll - ok
18:03:28.0213 5108 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
18:03:28.0213 5108 C:\Windows\System32\umpnpmgr.dll - ok
18:03:28.0220 5108 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
18:03:28.0220 5108 C:\Windows\System32\polstore.dll - ok
18:03:28.0228 5108 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
18:03:28.0228 5108 C:\Windows\System32\profsvc.dll - ok
18:03:28.0234 5108 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
18:03:28.0234 5108 C:\Windows\System32\psbase.dll - ok
18:03:28.0242 5108 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
18:03:28.0242 5108 C:\Windows\System32\qwave.dll - ok
18:03:28.0248 5108 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
18:03:28.0248 5108 C:\Windows\System32\drivers\qwavedrv.sys - ok
18:03:28.0256 5108 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
18:03:28.0256 5108 C:\Windows\System32\rasauto.dll - ok
18:03:28.0263 5108 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
18:03:28.0263 5108 C:\Windows\System32\rasmans.dll - ok
18:03:28.0270 5108 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
18:03:28.0270 5108 C:\Windows\System32\sstpsvc.dll - ok
18:03:28.0277 5108 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
18:03:28.0277 5108 C:\Windows\System32\mprdim.dll - ok
18:03:28.0283 5108 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
18:03:28.0283 5108 C:\Windows\System32\regsvc.dll - ok
18:03:28.0291 5108 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
18:03:28.0291 5108 C:\Windows\System32\Locator.exe - ok
18:03:28.0298 5108 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
18:03:28.0298 5108 C:\Windows\System32\SCardSvr.dll - ok
18:03:28.0305 5108 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
18:03:28.0305 5108 C:\Windows\System32\schedsvc.dll - ok
18:03:28.0312 5108 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
18:03:28.0312 5108 C:\Windows\System32\sdrsvc.dll - ok
18:03:28.0318 5108 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
18:03:28.0318 5108 C:\Windows\System32\seclogon.dll - ok
18:03:28.0324 5108 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
18:03:28.0324 5108 C:\Windows\System32\Sens.dll - ok
18:03:28.0333 5108 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
18:03:28.0333 5108 C:\Windows\System32\ipnathlp.dll - ok
18:03:28.0341 5108 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
18:03:28.0341 5108 C:\Windows\System32\SessEnv.dll - ok
18:03:28.0347 5108 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
18:03:28.0347 5108 C:\Windows\System32\shsvcs.dll - ok
18:03:28.0355 5108 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
18:03:28.0355 5108 C:\Windows\System32\SLsvc.exe - ok
18:03:28.0361 5108 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
18:03:28.0361 5108 C:\Windows\System32\SLUINotify.dll - ok
18:03:28.0369 5108 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
18:03:28.0369 5108 C:\Windows\System32\snmptrap.exe - ok
18:03:28.0376 5108 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
18:03:28.0376 5108 C:\Windows\System32\tcpipcfg.dll - ok
18:03:28.0384 5108 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
18:03:28.0384 5108 C:\Windows\System32\spoolsv.exe - ok
18:03:28.0390 5108 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
18:03:28.0391 5108 C:\Windows\System32\ssdpsrv.dll - ok
18:03:28.0397 5108 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
18:03:28.0397 5108 C:\Windows\System32\wiaservc.dll - ok
18:03:28.0404 5108 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
18:03:28.0405 5108 C:\Windows\System32\swprv.dll - ok
18:03:28.0411 5108 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
18:03:28.0411 5108 C:\Windows\System32\sysmain.dll - ok
18:03:28.0418 5108 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
18:03:28.0419 5108 C:\Windows\System32\TabSvc.dll - ok
18:03:28.0425 5108 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
18:03:28.0425 5108 C:\Windows\System32\tapisrv.dll - ok
18:03:28.0433 5108 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
18:03:28.0433 5108 C:\Windows\System32\tbssvc.dll - ok
18:03:28.0439 5108 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
18:03:28.0439 5108 C:\Windows\System32\termsrv.dll - ok
18:03:28.0446 5108 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
18:03:28.0447 5108 C:\Windows\System32\trkwks.dll - ok
18:03:28.0453 5108 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
18:03:28.0454 5108 C:\Windows\servicing\TrustedInstaller.exe - ok
18:03:28.0460 5108 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
18:03:28.0460 5108 C:\Windows\System32\UI0Detect.exe - ok
18:03:28.0468 5108 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
18:03:28.0468 5108 C:\Windows\System32\upnphost.dll - ok
18:03:28.0475 5108 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
18:03:28.0475 5108 C:\Windows\System32\dwm.exe - ok
18:03:28.0482 5108 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
18:03:28.0482 5108 C:\Windows\System32\vds.exe - ok
18:03:28.0489 5108 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
18:03:28.0489 5108 C:\Windows\System32\VSSVC.exe - ok
18:03:28.0496 5108 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
18:03:28.0496 5108 C:\Windows\System32\w32time.dll - ok
18:03:28.0503 5108 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
18:03:28.0503 5108 C:\Windows\System32\wcncsvc.dll - ok
18:03:28.0511 5108 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
18:03:28.0511 5108 C:\Windows\System32\drivers\Wdf01000.sys - ok
18:03:28.0520 5108 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
18:03:28.0520 5108 C:\Windows\System32\WcsPlugInService.dll - ok
18:03:28.0525 5108 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
18:03:28.0525 5108 C:\Windows\System32\wdi.dll - ok
18:03:28.0532 5108 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
18:03:28.0532 5108 C:\Windows\System32\WebClnt.dll - ok
18:03:28.0539 5108 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
18:03:28.0539 5108 C:\Windows\System32\wecsvc.dll - ok
18:03:28.0546 5108 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
18:03:28.0547 5108 C:\Windows\System32\wercplsupport.dll - ok
18:03:28.0553 5108 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
18:03:28.0553 5108 C:\Windows\System32\wersvc.dll - ok
18:03:28.0561 5108 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
18:03:28.0561 5108 C:\Windows\System32\winhttp.dll - ok
18:03:28.0564 5108 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
18:03:28.0565 5108 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:03:28.0571 5108 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
18:03:28.0571 5108 C:\Windows\System32\WsmSvc.dll - ok
18:03:28.0579 5108 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
18:03:28.0579 5108 C:\Windows\System32\wbem\WmiApSrv.exe - ok
18:03:28.0586 5108 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
18:03:28.0586 5108 C:\Windows\System32\wlansvc.dll - ok
18:03:28.0593 5108 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:03:28.0593 5108 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:03:28.0600 5108 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
18:03:28.0600 5108 C:\Windows\System32\wpcsvc.dll - ok
18:03:28.0607 5108 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:03:28.0608 5108 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
18:03:28.0615 5108 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
18:03:28.0615 5108 C:\Windows\System32\wpdbusenum.dll - ok
18:03:28.0621 5108 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
18:03:28.0621 5108 C:\Windows\System32\wscsvc.dll - ok
18:03:28.0629 5108 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
18:03:28.0629 5108 C:\Windows\System32\SearchIndexer.exe - ok
18:03:28.0635 5108 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
18:03:28.0635 5108 C:\Windows\System32\wuaueng.dll - ok
18:03:28.0643 5108 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
18:03:28.0643 5108 C:\Windows\System32\drivers\WUDFPf.sys - ok
18:03:28.0650 5108 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
18:03:28.0650 5108 C:\Windows\System32\WUDFSvc.dll - ok
18:03:28.0657 5108 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
18:03:28.0657 5108 C:\Windows\System32\scecli.dll - ok
18:03:28.0664 5108 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
18:03:28.0664 5108 C:\Windows\System32\ntmarta.dll - ok
18:03:28.0672 5108 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
18:03:28.0672 5108 C:\Windows\System32\svchost.exe - ok
18:03:28.0678 5108 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
18:03:28.0678 5108 C:\Windows\System32\powrprof.dll - ok
18:03:28.0685 5108 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
18:03:28.0685 5108 C:\Windows\System32\drivers\luafv.sys - ok
18:03:28.0693 5108 [ DE6ED95AEF259979B2830450072A627B ] C:\Windows\System32\drivers\aswFsBlk.sys
18:03:28.0693 5108 C:\Windows\System32\drivers\aswFsBlk.sys - ok
18:03:28.0699 5108 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] C:\Windows\System32\drivers\aswMonFlt.sys
18:03:28.0699 5108 C:\Windows\System32\drivers\aswMonFlt.sys - ok
18:03:28.0707 5108 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
18:03:28.0707 5108 C:\Windows\System32\rpcss.dll - ok
18:03:28.0714 5108 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
18:03:28.0714 5108 C:\Windows\System32\version.dll - ok
18:03:28.0721 5108 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
18:03:28.0721 5108 C:\Windows\System32\LogonUI.exe - ok
18:03:28.0728 5108 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
18:03:28.0728 5108 C:\Windows\System32\authui.dll - ok
18:03:28.0735 5108 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
18:03:28.0735 5108 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
18:03:28.0743 5108 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
18:03:28.0743 5108 C:\Windows\System32\msimg32.dll - ok
18:03:28.0749 5108 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
18:03:28.0750 5108 C:\Windows\System32\uxtheme.dll - ok
18:03:28.0757 5108 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
18:03:28.0758 5108 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
18:03:28.0765 5108 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
18:03:28.0765 5108 C:\Windows\System32\MMDevAPI.dll - ok
18:03:28.0772 5108 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
18:03:28.0772 5108 C:\Windows\System32\wtsapi32.dll - ok
18:03:28.0779 5108 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
18:03:28.0779 5108 C:\Windows\System32\duser.dll - ok
18:03:28.0786 5108 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
18:03:28.0786 5108 C:\Windows\System32\xmllite.dll - ok
18:03:28.0793 5108 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
18:03:28.0793 5108 C:\Windows\System32\wintrust.dll - ok
18:03:28.0800 5108 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
18:03:28.0800 5108 C:\Windows\System32\avrt.dll - ok
18:03:28.0808 5108 [ EC9C5F6C0F58446545D839BC11A3692B ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe
18:03:28.0808 5108 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe - ok
18:03:28.0814 5108 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
18:03:28.0814 5108 C:\Windows\System32\cabinet.dll - ok
18:03:28.0819 5108 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
18:03:28.0819 5108 C:\Windows\System32\dsound.dll - ok
18:03:28.0826 5108 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
18:03:28.0826 5108 C:\Windows\System32\winmm.dll - ok
18:03:28.0833 5108 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
18:03:28.0833 5108 C:\Windows\System32\adtschema.dll - ok
18:03:28.0840 5108 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
18:03:28.0840 5108 C:\Windows\System32\oleacc.dll - ok
18:03:28.0849 5108 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:03:28.0849 5108 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:03:28.0855 5108 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
18:03:28.0855 5108 C:\Windows\System32\drivers\fltMgr.sys - ok
18:03:28.0861 5108 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
18:03:28.0861 5108 C:\Windows\System32\ci.dll - ok
18:03:28.0869 5108 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
18:03:28.0869 5108 C:\Windows\System32\rasplap.dll - ok
18:03:28.0875 5108 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
18:03:28.0876 5108 C:\Windows\System32\rasapi32.dll - ok
18:03:28.0883 5108 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
18:03:28.0883 5108 C:\Windows\System32\rasman.dll - ok
18:03:28.0890 5108 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
18:03:28.0890 5108 C:\Windows\System32\tapi32.dll - ok
18:03:28.0896 5108 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
18:03:28.0897 5108 C:\Windows\System32\rtutils.dll - ok
18:03:28.0904 5108 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
18:03:28.0904 5108 C:\Windows\System32\WinSCard.dll - ok
18:03:28.0910 5108 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
18:03:28.0911 5108 C:\Windows\System32\shgina.dll - ok
18:03:28.0918 5108 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
18:03:28.0918 5108 C:\Windows\System32\propsys.dll - ok
18:03:28.0925 5108 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
18:03:28.0925 5108 C:\Windows\System32\shacct.dll - ok
18:03:28.0932 5108 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
18:03:28.0932 5108 C:\Windows\System32\PSHED.DLL - ok
18:03:28.0939 5108 [ C0B99FBF71B69D802578A6CEF72D8A97 ] C:\Windows\System32\stapi32.dll
18:03:28.0939 5108 C:\Windows\System32\stapi32.dll - ok
18:03:28.0946 5108 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
18:03:28.0946 5108 C:\Windows\System32\audiodg.exe - ok
18:03:28.0953 5108 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
18:03:28.0953 5108 C:\Windows\System32\ksuser.dll - ok
18:03:28.0960 5108 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
18:03:28.0960 5108 C:\Windows\System32\wdmaud.drv - ok
18:03:28.0968 5108 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
18:03:28.0968 5108 C:\Windows\System32\AudioEng.dll - ok
18:03:28.0974 5108 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
18:03:28.0974 5108 C:\Windows\System32\AudioSes.dll - ok
18:03:28.0982 5108 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
18:03:28.0982 5108 C:\Windows\System32\msacm32.dll - ok
18:03:28.0989 5108 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
18:03:28.0989 5108 C:\Windows\System32\msacm32.drv - ok
18:03:28.0996 5108 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
18:03:28.0996 5108 C:\Windows\System32\midimap.dll - ok
18:03:29.0003 5108 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
18:03:29.0003 5108 C:\Windows\System32\AUDIOKSE.dll - ok
18:03:29.0010 5108 [ 29EF86DA2A157EBCE90608F3D110DBD3 ] C:\Windows\System32\stapo.dll
18:03:29.0010 5108 C:\Windows\System32\stapo.dll - ok
18:03:29.0017 5108 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
18:03:29.0017 5108 C:\Windows\System32\gpsvc.dll - ok
18:03:29.0026 5108 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
18:03:29.0026 5108 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:03:29.0033 5108 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
18:03:29.0034 5108 C:\Windows\System32\nlaapi.dll - ok
18:03:29.0040 5108 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
18:03:29.0040 5108 C:\Windows\System32\atl.dll - ok
18:03:29.0048 5108 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
18:03:29.0048 5108 C:\Windows\System32\mfplat.dll - ok
18:03:29.0054 5108 [ AB4BC1F10FF8273D4B54DAC4DE4B7AA4 ] C:\Windows\System32\aestaren.dll
18:03:29.0054 5108 C:\Windows\System32\aestaren.dll - ok
18:03:29.0062 5108 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
18:03:29.0062 5108 C:\Windows\System32\drivers\spsys.sys - ok
18:03:29.0066 5108 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
18:03:29.0066 5108 C:\Windows\System32\es.dll - ok
18:03:29.0073 5108 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
18:03:29.0073 5108 C:\Windows\System32\WindowsCodecs.dll - ok
18:03:29.0080 5108 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] C:\Windows\System32\hpservice.exe
18:03:29.0081 5108 C:\Windows\System32\hpservice.exe - ok
18:03:29.0087 5108 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll
18:03:29.0087 5108 C:\Windows\System32\mfc42u.dll - ok
18:03:29.0094 5108 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
18:03:29.0094 5108 C:\Windows\System32\odbc32.dll - ok
18:03:29.0101 5108 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
18:03:29.0101 5108 C:\Windows\System32\hid.dll - ok
18:03:29.0108 5108 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
18:03:29.0109 5108 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
18:03:29.0116 5108 [ A9CF92FE53BE6CC03D428410269798C1 ] C:\Windows\System32\accelerometerdll.DLL
18:03:29.0116 5108 C:\Windows\System32\accelerometerdll.DLL - ok
18:03:29.0122 5108 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
18:03:29.0123 5108 C:\Windows\System32\odbcint.dll - ok
18:03:29.0130 5108 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
18:03:29.0130 5108 C:\Windows\System32\uxsms.dll - ok
18:03:29.0136 5108 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
18:03:29.0136 5108 C:\Windows\System32\WUDFPlatform.dll - ok
18:03:29.0144 5108 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
18:03:29.0144 5108 C:\Windows\System32\drivers\lltdio.sys - ok
18:03:29.0151 5108 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys
18:03:29.0151 5108 C:\Windows\System32\drivers\nwifi.sys - ok
18:03:29.0158 5108 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
18:03:29.0159 5108 C:\Windows\System32\drivers\ndisuio.sys - ok
18:03:29.0165 5108 [ 3DE33BCE4A930EDF57BD1F742823BCD8 ] C:\Windows\System32\drivers\pnarp.sys
18:03:29.0165 5108 C:\Windows\System32\drivers\pnarp.sys - ok
18:03:29.0173 5108 [ 53EFA6066E7FFAA1AD91C7FB40FFD2EC ] C:\Windows\System32\drivers\purendis.sys
18:03:29.0173 5108 C:\Windows\System32\drivers\purendis.sys - ok
18:03:29.0180 5108 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
18:03:29.0180 5108 C:\Windows\System32\drivers\rspndr.sys - ok
18:03:29.0188 5108 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
18:03:29.0188 5108 C:\Windows\System32\dnsrslvr.dll - ok
18:03:29.0194 5108 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll
18:03:29.0194 5108 C:\Windows\System32\eapphost.dll - ok
18:03:29.0201 5108 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
18:03:29.0201 5108 C:\Windows\System32\rastls.dll - ok
18:03:29.0208 5108 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
18:03:29.0208 5108 C:\Windows\System32\raschap.dll - ok
18:03:29.0214 5108 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
18:03:29.0215 5108 C:\Windows\System32\umb.dll - ok
18:03:29.0222 5108 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll
18:03:29.0222 5108 C:\Windows\System32\wlanmsm.dll - ok
18:03:29.0229 5108 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll
18:03:29.0229 5108 C:\Windows\System32\wlansec.dll - ok
18:03:29.0236 5108 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
18:03:29.0237 5108 C:\Windows\System32\onex.dll - ok
18:03:29.0243 5108 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
18:03:29.0244 5108 C:\Windows\System32\eappprxy.dll - ok
18:03:29.0250 5108 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
18:03:29.0250 5108 C:\Windows\System32\eappcfg.dll - ok
18:03:29.0258 5108 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll
18:03:29.0258 5108 C:\Windows\System32\wlgpclnt.dll - ok
18:03:29.0264 5108 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
18:03:29.0264 5108 C:\Windows\System32\l2gpstore.dll - ok
18:03:29.0272 5108 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
18:03:29.0272 5108 C:\Windows\System32\wlanutil.dll - ok
18:03:29.0279 5108 [ 024528E25BBE8768536861EA09BE1672 ] C:\Windows\System32\msxml6.dll
18:03:29.0279 5108 C:\Windows\System32\msxml6.dll - ok
18:03:29.0287 5108 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:03:29.0287 5108 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
18:03:29.0293 5108 [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\Windows\System32\wlanext.exe
18:03:29.0293 5108 C:\Windows\System32\wlanext.exe - ok
18:03:29.0301 5108 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
18:03:29.0301 5108 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
18:03:29.0308 5108 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
18:03:29.0308 5108 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
18:03:29.0315 5108 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
18:03:29.0315 5108 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
18:03:29.0320 5108 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
18:03:29.0320 5108 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
18:03:29.0328 5108 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
18:03:29.0328 5108 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
18:03:29.0336 5108 [ F9AD9703CF0F9B8BC0924C21D220777E ] C:\Windows\System32\bcmihvsrv.dll
18:03:29.0336 5108 C:\Windows\System32\bcmihvsrv.dll - ok
18:03:29.0343 5108 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
18:03:29.0343 5108 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
18:03:29.0352 5108 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
18:03:29.0352 5108 C:\Windows\System32\wsock32.dll - ok
18:03:29.0359 5108 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
18:03:29.0359 5108 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
18:03:29.0367 5108 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
18:03:29.0367 5108 C:\Windows\System32\dbghelp.dll - ok
18:03:29.0374 5108 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
18:03:29.0374 5108 C:\Windows\System32\wlanapi.dll - ok
18:03:29.0381 5108 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
18:03:29.0381 5108 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
18:03:29.0388 5108 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
18:03:29.0388 5108 C:\Windows\System32\cscapi.dll - ok
18:03:29.0395 5108 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
18:03:29.0395 5108 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
18:03:29.0403 5108 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
18:03:29.0403 5108 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
18:03:29.0410 5108 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
18:03:29.0410 5108 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
18:03:29.0418 5108 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
18:03:29.0418 5108 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
18:03:29.0424 5108 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
18:03:29.0425 5108 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
18:03:29.0432 5108 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
18:03:29.0433 5108 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
18:03:29.0439 5108 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
18:03:29.0439 5108 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
18:03:29.0447 5108 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
18:03:29.0447 5108 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
18:03:29.0454 5108 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
18:03:29.0454 5108 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
18:03:29.0462 5108 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
18:03:29.0462 5108 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
18:03:29.0469 5108 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
18:03:29.0469 5108 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
18:03:29.0476 5108 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
18:03:29.0476 5108 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
18:03:29.0484 5108 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
18:03:29.0484 5108 C:\Windows\System32\ktmw32.dll - ok
18:03:29.0490 5108 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll
18:03:29.0490 5108 C:\Windows\System32\wscisvif.dll - ok
18:03:29.0498 5108 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
18:03:29.0498 5108 C:\Windows\System32\wscapi.dll - ok
18:03:29.0504 5108 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
18:03:29.0504 5108 C:\Windows\System32\wiarpc.dll - ok
18:03:29.0511 5108 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
18:03:29.0512 5108 C:\Windows\System32\taskcomp.dll - ok
18:03:29.0518 5108 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys
18:03:29.0519 5108 C:\Windows\System32\drivers\http.sys - ok
18:03:29.0526 5108 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswEngin.dll
18:03:29.0526 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswEngin.dll - ok
18:03:29.0534 5108 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
18:03:29.0534 5108 C:\Windows\System32\spoolss.dll - ok
18:03:29.0542 5108 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnOS.dll
18:03:29.0542 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnOS.dll - ok
18:03:29.0549 5108 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
18:03:29.0549 5108 C:\Windows\System32\drivers\srvnet.sys - ok
18:03:29.0556 5108 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
18:03:29.0556 5108 C:\Windows\System32\FWPUCLNT.DLL - ok
18:03:29.0564 5108 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnIS.dll
18:03:29.0564 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnIS.dll - ok
18:03:29.0571 5108 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
18:03:29.0571 5108 C:\Windows\System32\drivers\bowser.sys - ok
18:03:29.0575 5108 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
18:03:29.0575 5108 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:03:29.0582 5108 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
18:03:29.0582 5108 C:\Windows\System32\MPSSVC.dll - ok
18:03:29.0589 5108 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
18:03:29.0589 5108 C:\Windows\System32\netcfgx.dll - ok
18:03:29.0597 5108 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
18:03:29.0597 5108 C:\Windows\System32\drivers\mrxdav.sys - ok
18:03:29.0603 5108 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
18:03:29.0603 5108 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:03:29.0611 5108 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
18:03:29.0611 5108 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:03:29.0618 5108 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
18:03:29.0618 5108 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:03:29.0626 5108 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnBS.dll
18:03:29.0626 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswCmnBS.dll - ok
18:03:29.0633 5108 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
18:03:29.0633 5108 C:\Windows\System32\drivers\srv2.sys - ok
18:03:29.0640 5108 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswScan.dll
18:03:29.0640 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswScan.dll - ok
18:03:29.0647 5108 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswRep.dll
18:03:29.0648 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswRep.dll - ok
18:03:29.0655 5108 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
18:03:29.0655 5108 C:\Windows\System32\drivers\srv.sys - ok
18:03:29.0663 5108 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswFiDb.dll
18:03:29.0663 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswFiDb.dll - ok
18:03:29.0671 5108 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
18:03:29.0671 5108 C:\Windows\System32\netmsg.dll - ok
18:03:29.0677 5108 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
18:03:29.0677 5108 C:\Windows\System32\sscore.dll - ok
18:03:29.0684 5108 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
18:03:29.0684 5108 C:\Windows\System32\clusapi.dll - ok
18:03:29.0691 5108 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
18:03:29.0691 5108 C:\Windows\System32\wfapigp.dll - ok
18:03:29.0698 5108 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
18:03:29.0698 5108 C:\Windows\System32\mscms.dll - ok
18:03:29.0705 5108 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
18:03:29.0705 5108 C:\Windows\System32\activeds.dll - ok
18:03:29.0712 5108 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
18:03:29.0712 5108 C:\Windows\System32\adsldpc.dll - ok
18:03:29.0719 5108 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
18:03:29.0719 5108 C:\Windows\System32\credui.dll - ok
18:03:29.0726 5108 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
18:03:29.0726 5108 C:\Windows\System32\WsmRes.dll - ok
18:03:29.0732 5108 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
18:03:29.0732 5108 C:\Windows\System32\resutils.dll - ok
18:03:29.0740 5108 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
18:03:29.0740 5108 C:\Windows\System32\plasrv.exe - ok
18:03:29.0746 5108 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
18:03:29.0747 5108 C:\Windows\System32\drivers\parport.sys - ok
18:03:29.0754 5108 [ 04B45D3FCC16E91EDAA3DA0DA740FCC8 ] C:\Program Files\AVAST Software\Avast\defs\12122101\algo.dll
18:03:29.0755 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\algo.dll - ok
18:03:29.0762 5108 [ 3B1B2EE9DF189F6BBB080BF393D1B2EE ] C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe
18:03:29.0762 5108 C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe - ok
18:03:29.0770 5108 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:03:29.0770 5108 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:03:29.0777 5108 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:03:29.0777 5108 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:03:29.0785 5108 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:03:29.0785 5108 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:03:29.0792 5108 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:03:29.0792 5108 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:03:29.0800 5108 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:03:29.0800 5108 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:03:29.0808 5108 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:03:29.0808 5108 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:03:29.0816 5108 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
18:03:29.0816 5108 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
18:03:29.0823 5108 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:03:29.0824 5108 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:03:29.0828 5108 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
18:03:29.0828 5108 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
18:03:29.0836 5108 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
18:03:29.0836 5108 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:03:29.0843 5108 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
18:03:29.0843 5108 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:03:29.0851 5108 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
18:03:29.0852 5108 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:03:29.0859 5108 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
18:03:29.0859 5108 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:03:29.0867 5108 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
18:03:29.0867 5108 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:03:29.0874 5108 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:03:29.0874 5108 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:03:29.0882 5108 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
18:03:29.0882 5108 C:\Windows\System32\dnssd.dll - ok
18:03:29.0889 5108 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
18:03:29.0889 5108 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:03:29.0896 5108 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:03:29.0896 5108 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:03:29.0904 5108 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
18:03:29.0904 5108 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:03:29.0912 5108 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
18:03:29.0912 5108 C:\Windows\System32\wdscore.dll - ok
18:03:29.0919 5108 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
18:03:29.0919 5108 C:\Windows\System32\vssapi.dll - ok
18:03:29.0925 5108 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll
18:03:29.0925 5108 C:\Windows\System32\fltLib.dll - ok
18:03:29.0933 5108 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
18:03:29.0933 5108 C:\Windows\System32\taskschd.dll - ok
18:03:29.0939 5108 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
18:03:29.0939 5108 C:\Windows\System32\WSDApi.dll - ok
18:03:29.0947 5108 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll
18:03:29.0947 5108 C:\Windows\System32\httpapi.dll - ok
18:03:29.0954 5108 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:03:29.0954 5108 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:03:29.0961 5108 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
18:03:29.0961 5108 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
18:03:29.0969 5108 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
18:03:29.0969 5108 C:\Windows\System32\fundisc.dll - ok
18:03:29.0976 5108 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
18:03:29.0976 5108 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
18:03:29.0984 5108 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
18:03:29.0984 5108 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
18:03:29.0991 5108 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
18:03:29.0991 5108 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
18:03:29.0999 5108 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
18:03:29.0999 5108 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
18:03:30.0005 5108 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
18:03:30.0006 5108 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
18:03:30.0014 5108 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
18:03:30.0014 5108 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
18:03:30.0021 5108 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
18:03:30.0021 5108 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
18:03:30.0029 5108 [ CB686F44BF955EA02520710A56874FA4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
18:03:30.0029 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
18:03:30.0036 5108 [ EE4C7A4CF2316701FFDE90F404520265 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:03:30.0036 5108 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
18:03:30.0045 5108 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
18:03:30.0045 5108 C:\Windows\System32\diagperf.dll - ok
18:03:30.0052 5108 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
18:03:30.0052 5108 C:\Windows\System32\msxml3.dll - ok
18:03:30.0059 5108 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
18:03:30.0060 5108 C:\Windows\System32\winspool.drv - ok
18:03:30.0066 5108 [ 974EE55B9A17D606A783ADD021AA65AD ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
18:03:30.0066 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
18:03:30.0074 5108 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12122101\ArPot.dll
18:03:30.0074 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\ArPot.dll - ok
18:03:30.0079 5108 [ CFB58C9A53B56892817C3519E32C4502 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
18:03:30.0079 5108 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
18:03:30.0086 5108 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
18:03:30.0086 5108 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:03:30.0094 5108 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
18:03:30.0094 5108 C:\Windows\System32\vsstrace.dll - ok
18:03:30.0101 5108 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
18:03:30.0101 5108 C:\Windows\System32\cryptnet.dll - ok
18:03:30.0109 5108 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
18:03:30.0110 5108 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:03:30.0116 5108 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
18:03:30.0116 5108 C:\Windows\System32\pnpts.dll - ok
18:03:30.0123 5108 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
18:03:30.0124 5108 C:\Windows\System32\SensApi.dll - ok
18:03:30.0131 5108 [ AC31C3FC0B28F54F4873C5136BE525F8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
18:03:30.0131 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
18:03:30.0138 5108 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
18:03:30.0138 5108 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
18:03:30.0145 5108 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
18:03:30.0145 5108 C:\Windows\System32\wbem\wbemprox.dll - ok
18:03:30.0152 5108 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
18:03:30.0152 5108 C:\Windows\System32\wbemcomn.dll - ok
18:03:30.0160 5108 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
18:03:30.0160 5108 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
18:03:30.0167 5108 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
18:03:30.0167 5108 C:\Windows\System32\drivers\PEAuth.sys - ok
18:03:30.0174 5108 [ 2969D26EEE289BE7422AA46FC55F4E38 ] C:\Windows\System32\HPZinw12.dll
18:03:30.0175 5108 C:\Windows\System32\HPZinw12.dll - ok
18:03:30.0181 5108 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
18:03:30.0181 5108 C:\Windows\System32\ncsi.dll - ok
18:03:30.0188 5108 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
18:03:30.0188 5108 C:\Windows\System32\cfgmgr32.dll - ok
18:03:30.0195 5108 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
18:03:30.0195 5108 C:\Windows\System32\ssdpapi.dll - ok
18:03:30.0203 5108 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12122101\exts.dll
18:03:30.0203 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\exts.dll - ok
18:03:30.0210 5108 [ BAFC9706BDF425A02B66468AB2605C59 ] C:\Windows\System32\HPZipm12.dll
18:03:30.0210 5108 C:\Windows\System32\HPZipm12.dll - ok
18:03:30.0217 5108 [ 6803B69C14696CC4907C5F77FBB04A14 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
18:03:30.0217 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
18:03:30.0225 5108 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
18:03:30.0225 5108 C:\Windows\System32\IPSECSVC.DLL - ok
18:03:30.0232 5108 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
18:03:30.0232 5108 C:\Windows\System32\winrnr.dll - ok
18:03:30.0239 5108 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:03:30.0239 5108 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:03:30.0246 5108 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
18:03:30.0246 5108 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
18:03:30.0254 5108 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
18:03:30.0254 5108 C:\Windows\System32\rasadhlp.dll - ok
18:03:30.0260 5108 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
18:03:30.0260 5108 C:\Windows\System32\dllhost.exe - ok
18:03:30.0267 5108 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
18:03:30.0268 5108 C:\Windows\System32\security.dll - ok
18:03:30.0275 5108 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
18:03:30.0275 5108 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
18:03:30.0283 5108 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswAR.dll
18:03:30.0283 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswAR.dll - ok
18:03:30.0290 5108 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
18:03:30.0290 5108 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
18:03:30.0297 5108 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12122101\aswRawFS.dll
18:03:30.0297 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aswRawFS.dll - ok
18:03:30.0304 5108 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
18:03:30.0304 5108 C:\Windows\System32\shfolder.dll - ok
18:03:30.0311 5108 [ BE551442445B13E114EB67F0E2216F89 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
18:03:30.0311 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
18:03:30.0319 5108 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
18:03:30.0319 5108 C:\Windows\System32\shimeng.dll - ok
18:03:30.0326 5108 [ 95A0B86B9F1D27B613830864341A8252 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
18:03:30.0326 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe - ok
18:03:30.0332 5108 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
18:03:30.0332 5108 C:\Windows\System32\FwRemoteSvr.dll - ok
18:03:30.0338 5108 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
18:03:30.0338 5108 C:\Windows\System32\mfc42.dll - ok
18:03:30.0344 5108 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll

18:03:30.0344 5108 C:\Windows\System32\msvcp60.dll - ok
18:03:30.0352 5108 [ B9570481A1BABCC4A9E941C553596077 ] C:\Windows\SMINST\BLService.exe
18:03:30.0352 5108 C:\Windows\SMINST\BLService.exe - ok
18:03:30.0360 5108 [ BA3DE6760CC3C158666C23631203456A ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll
18:03:30.0360 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
18:03:30.0369 5108 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
18:03:30.0369 5108 C:\Windows\System32\oledlg.dll - ok
18:03:30.0375 5108 [ 443AC12BCAC09A14DD5D665A2278565F ] C:\Windows\SMINST\STDisks.dll
18:03:30.0375 5108 C:\Windows\SMINST\STDisks.dll - ok
18:03:30.0383 5108 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll
18:03:30.0383 5108 C:\Windows\System32\msdmo.dll - ok
18:03:30.0390 5108 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
18:03:30.0390 5108 C:\Windows\System32\taskeng.exe - ok
18:03:30.0397 5108 [ C45E8D6B795AA8D1DAA889ECFD83708E ] C:\Windows\SMINST\CSTError.dll
18:03:30.0397 5108 C:\Windows\SMINST\CSTError.dll - ok
18:03:30.0404 5108 [ A80F29D1DB2321C937D65DCA0EE4E032 ] C:\Windows\SMINST\STString.dll
18:03:30.0404 5108 C:\Windows\SMINST\STString.dll - ok
18:03:30.0412 5108 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll
18:03:30.0412 5108 C:\Windows\System32\devenum.dll - ok
18:03:30.0418 5108 [ 487611EF7C7D4D31BFE18B890F4DFF85 ] C:\Windows\SMINST\STVdsDisks.dll
18:03:30.0418 5108 C:\Windows\SMINST\STVdsDisks.dll - ok
18:03:30.0424 5108 [ E98444D0CB6459A750FB594B31194F7C ] C:\Windows\SMINST\STSystems.dll
18:03:30.0425 5108 C:\Windows\SMINST\STSystems.dll - ok
18:03:30.0432 5108 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
18:03:30.0432 5108 C:\Windows\System32\localspl.dll - ok
18:03:30.0439 5108 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll
18:03:30.0439 5108 C:\Windows\System32\avicap32.dll - ok
18:03:30.0446 5108 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
18:03:30.0447 5108 C:\Windows\System32\msvfw32.dll - ok
18:03:30.0453 5108 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
18:03:30.0453 5108 C:\Windows\System32\sfc.dll - ok
18:03:30.0460 5108 [ F2DC53CF413BF5AE7491C4D2A188D022 ] C:\Windows\SMINST\STWmiM.dll
18:03:30.0460 5108 C:\Windows\SMINST\STWmiM.dll - ok
18:03:30.0467 5108 [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\System32\vfwwdm32.dll
18:03:30.0467 5108 C:\Windows\System32\vfwwdm32.dll - ok
18:03:30.0474 5108 [ 74EF6DE3D8953ADF663CA892B22E5AD6 ] C:\Windows\System32\apdfprintmon.dll
18:03:30.0474 5108 C:\Windows\System32\apdfprintmon.dll - ok
18:03:30.0482 5108 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
18:03:30.0482 5108 C:\Windows\System32\TSChannel.dll - ok
18:03:30.0488 5108 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
18:03:30.0488 5108 C:\Windows\AppPatch\AcGenral.dll - ok
18:03:30.0496 5108 [ 462FA0377835A305836580A3D00D0446 ] C:\Windows\System32\hpz3l5mu.dll
18:03:30.0496 5108 C:\Windows\System32\hpz3l5mu.dll - ok
18:03:30.0502 5108 [ 3CD1B69551236977918E60F9543C89A2 ] C:\Windows\System32\AtBroker.exe
18:03:30.0503 5108 C:\Windows\System32\AtBroker.exe - ok
18:03:30.0510 5108 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
18:03:30.0510 5108 C:\Windows\System32\msonpmon.dll - ok
18:03:30.0517 5108 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
18:03:30.0517 5108 C:\Windows\System32\HotStartUserAgent.dll - ok
18:03:30.0524 5108 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
18:03:30.0524 5108 C:\Windows\System32\msi.dll - ok
18:03:30.0531 5108 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
18:03:30.0531 5108 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
18:03:30.0538 5108 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
18:03:30.0538 5108 C:\Windows\System32\sfc_os.dll - ok
18:03:30.0546 5108 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
18:03:30.0546 5108 C:\Windows\System32\PlaySndSrv.dll - ok
18:03:30.0553 5108 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
18:03:30.0553 5108 C:\Windows\System32\tcpmon.dll - ok
18:03:30.0561 5108 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
18:03:30.0561 5108 C:\Windows\System32\userinit.exe - ok
18:03:30.0567 5108 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
18:03:30.0567 5108 C:\Windows\System32\MsCtfMonitor.dll - ok
18:03:30.0575 5108 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
18:03:30.0575 5108 C:\Windows\System32\msutb.dll - ok
18:03:30.0579 5108 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
18:03:30.0579 5108 C:\Windows\System32\dwmapi.dll - ok
18:03:30.0586 5108 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
18:03:30.0586 5108 C:\Windows\System32\snmpapi.dll - ok
18:03:30.0594 5108 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
18:03:30.0594 5108 C:\Windows\System32\wsnmp32.dll - ok
18:03:30.0600 5108 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
18:03:30.0600 5108 C:\Windows\System32\TMM.dll - ok
18:03:30.0608 5108 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
18:03:30.0608 5108 C:\Windows\System32\drivers\secdrv.sys - ok
18:03:30.0614 5108 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
18:03:30.0614 5108 C:\Windows\System32\d3d9.dll - ok
18:03:30.0622 5108 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
18:03:30.0622 5108 C:\Windows\System32\tcpmib.dll - ok
18:03:30.0628 5108 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
18:03:30.0629 5108 C:\Windows\System32\mgmtapi.dll - ok
18:03:30.0635 5108 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
18:03:30.0635 5108 C:\Windows\System32\dwmredir.dll - ok
18:03:30.0643 5108 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
18:03:30.0643 5108 C:\Windows\System32\usbmon.dll - ok
18:03:30.0649 5108 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
18:03:30.0649 5108 C:\Windows\System32\d3d8thk.dll - ok
18:03:30.0657 5108 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
18:03:30.0657 5108 C:\Windows\System32\milcore.dll - ok
18:03:30.0663 5108 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
18:03:30.0664 5108 C:\Windows\System32\WSDMon.dll - ok
18:03:30.0671 5108 [ 4436588C55BBCA0D617A82DDE767B792 ] C:\Windows\System32\vdsldr.exe
18:03:30.0671 5108 C:\Windows\System32\vdsldr.exe - ok
18:03:30.0678 5108 [ 27C03E086B8794D1F4032A4F99EE3E22 ] C:\Windows\System32\igdumdx32.dll
18:03:30.0678 5108 C:\Windows\System32\igdumdx32.dll - ok
18:03:30.0684 5108 [ FE7742C93F6904A9B08BC6749C039CE9 ] C:\Windows\System32\vdsutil.dll
18:03:30.0684 5108 C:\Windows\System32\vdsutil.dll - ok
18:03:30.0692 5108 [ 0A584EAAF70A171E919D8CE592407E94 ] C:\Windows\System32\vds_ps.dll
18:03:30.0692 5108 C:\Windows\System32\vds_ps.dll - ok
18:03:30.0699 5108 [ 7198BBFBE46C0070257278C536386687 ] C:\Program Files\Secunia\PSI\psia.exe
18:03:30.0699 5108 C:\Program Files\Secunia\PSI\psia.exe - ok
18:03:30.0706 5108 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\System32\jscript.dll
18:03:30.0706 5108 C:\Windows\System32\jscript.dll - ok
18:03:30.0713 5108 [ 5CAD3305D45EE45685910D2B2A030AFB ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5mu.dll
18:03:30.0713 5108 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5mu.dll - ok
18:03:30.0721 5108 [ D2FCA567F9BE87E29B9A9FA32FFE79CA ] C:\Program Files\Secunia\PSI\sua.exe
18:03:30.0721 5108 C:\Program Files\Secunia\PSI\sua.exe - ok
18:03:30.0728 5108 [ 801DECF3A583C270E5C398FCD082E3DD ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
18:03:30.0728 5108 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
18:03:30.0736 5108 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\Windows\System32\drivers\tcpipreg.sys
18:03:30.0736 5108 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:03:30.0743 5108 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
18:03:30.0743 5108 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
18:03:30.0750 5108 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
18:03:30.0750 5108 C:\Windows\System32\wiatrace.dll - ok
18:03:30.0758 5108 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
18:03:30.0758 5108 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
18:03:30.0764 5108 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
18:03:30.0764 5108 C:\Windows\System32\icaapi.dll - ok
18:03:30.0772 5108 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
18:03:30.0772 5108 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:03:30.0779 5108 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
18:03:30.0779 5108 C:\Windows\System32\win32spl.dll - ok
18:03:30.0786 5108 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
18:03:30.0787 5108 C:\Windows\System32\wsdchngr.dll - ok
18:03:30.0793 5108 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
18:03:30.0793 5108 C:\Windows\System32\netrap.dll - ok
18:03:30.0800 5108 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
18:03:30.0801 5108 C:\Windows\System32\printcom.dll - ok
18:03:30.0807 5108 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
18:03:30.0807 5108 C:\Windows\System32\inetpp.dll - ok
18:03:30.0814 5108 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
18:03:30.0814 5108 C:\Windows\System32\tquery.dll - ok
18:03:30.0821 5108 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
18:03:30.0821 5108 C:\Windows\System32\PortableDeviceApi.dll - ok
18:03:30.0828 5108 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:03:30.0828 5108 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:03:30.0833 5108 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
18:03:30.0833 5108 C:\Windows\System32\mssrch.dll - ok
18:03:30.0840 5108 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
18:03:30.0840 5108 C:\Windows\System32\netprofm.dll - ok
18:03:30.0847 5108 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
18:03:30.0847 5108 C:\Windows\System32\msidle.dll - ok
18:03:30.0854 5108 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
18:03:30.0854 5108 C:\Windows\System32\sqmapi.dll - ok
18:03:30.0861 5108 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
18:03:30.0861 5108 C:\Windows\System32\Query.dll - ok
18:03:30.0868 5108 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
18:03:30.0868 5108 C:\Windows\System32\npmproxy.dll - ok
18:03:30.0875 5108 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
18:03:30.0875 5108 C:\Windows\System32\hnetcfg.dll - ok
18:03:30.0882 5108 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
18:03:30.0882 5108 C:\Windows\System32\wbem\wbemcore.dll - ok
18:03:30.0889 5108 [ CD569FA91EC6F59D045C19D0D3850F44 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
18:03:30.0889 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe - ok
18:03:30.0897 5108 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
18:03:30.0897 5108 C:\Windows\System32\ieframe.dll - ok
18:03:30.0904 5108 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
18:03:30.0904 5108 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:03:30.0911 5108 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
18:03:30.0911 5108 C:\Windows\explorer.exe - ok
18:03:30.0918 5108 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
18:03:30.0918 5108 C:\Windows\System32\wbem\esscli.dll - ok
18:03:30.0925 5108 [ 238C3965DD2E6D2C59D79A3125CE8A0A ] C:\Windows\System32\igdumd32.dll
18:03:30.0925 5108 C:\Windows\System32\igdumd32.dll - ok
18:03:30.0932 5108 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
18:03:30.0932 5108 C:\Windows\System32\wbem\fastprox.dll - ok
18:03:30.0939 5108 [ D4C7C8129B2EDCF1AF96A643A11ED5EE ] C:\Windows\System32\igfxTMM.dll
18:03:30.0939 5108 C:\Windows\System32\igfxTMM.dll - ok
18:03:30.0947 5108 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
18:03:30.0947 5108 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:03:30.0953 5108 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
18:03:30.0953 5108 C:\Windows\System32\wbem\wmiutils.dll - ok
18:03:30.0961 5108 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
18:03:30.0961 5108 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:03:30.0968 5108 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:03:30.0968 5108 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:03:30.0976 5108 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
18:03:30.0976 5108 C:\Windows\System32\uDWM.dll - ok
18:03:30.0982 5108 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
18:03:30.0982 5108 C:\Windows\System32\shdocvw.dll - ok
18:03:30.0989 5108 [ 75C1CA5B61414748CE9BCF3C7A52C39F ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll
18:03:30.0989 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvclb.dll - ok
18:03:30.0997 5108 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
18:03:30.0997 5108 C:\Windows\System32\wbem\wbemess.dll - ok
18:03:31.0003 5108 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
18:03:31.0004 5108 C:\Windows\System32\esent.dll - ok
18:03:31.0011 5108 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
18:03:31.0011 5108 C:\Windows\System32\p2pcollab.dll - ok
18:03:31.0018 5108 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
18:03:31.0018 5108 C:\Windows\System32\browseui.dll - ok
18:03:31.0025 5108 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
18:03:31.0025 5108 C:\Windows\System32\msscb.dll - ok
18:03:31.0032 5108 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
18:03:31.0032 5108 C:\Windows\System32\QAGENT.DLL - ok
18:03:31.0040 5108 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe
18:03:31.0040 5108 C:\Windows\System32\wermgr.exe - ok
18:03:31.0046 5108 [ 1F174A1BF0B7718ECB8D1821AD1D3166 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll
18:03:31.0046 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmagnt.dll - ok
18:03:31.0054 5108 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
18:03:31.0054 5108 C:\Windows\System32\rastapi.dll - ok
18:03:31.0063 5108 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
18:03:31.0063 5108 C:\Windows\System32\QUTIL.DLL - ok
18:03:31.0069 5108 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
18:03:31.0069 5108 C:\Windows\System32\unimdm.tsp - ok
18:03:31.0077 5108 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
18:03:31.0077 5108 C:\Windows\System32\uniplat.dll - ok
18:03:31.0083 5108 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
18:03:31.0084 5108 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
18:03:31.0088 5108 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
18:03:31.0088 5108 C:\Windows\System32\wer.dll - ok
18:03:31.0095 5108 [ 54E18ADDC60A2054CF99B2E847A6D378 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll
18:03:31.0096 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmcore.dll - ok
18:03:31.0102 5108 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
18:03:31.0103 5108 C:\Windows\System32\EhStorShell.dll - ok
18:03:31.0110 5108 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
18:03:31.0110 5108 C:\Windows\System32\kmddsp.tsp - ok
18:03:31.0117 5108 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
18:03:31.0117 5108 C:\Windows\System32\ndptsp.tsp - ok
18:03:31.0124 5108 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
18:03:31.0124 5108 C:\Windows\System32\hidphone.tsp - ok
18:03:31.0131 5108 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
18:03:31.0131 5108 C:\Windows\System32\rasppp.dll - ok
18:03:31.0138 5108 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
18:03:31.0138 5108 C:\Windows\System32\mprapi.dll - ok
18:03:31.0145 5108 [ 6BCBED73231F5D30B92DEE591B6679E9 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
18:03:31.0145 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll - ok
18:03:31.0152 5108 [ FCC3E0BD8F0BB1F9751F58BC76CB9E47 ] C:\Program Files\Google\Drive\googledrivesync32.dll
18:03:31.0153 5108 C:\Program Files\Google\Drive\googledrivesync32.dll - ok
18:03:31.0160 5108 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe
18:03:31.0160 5108 C:\Windows\System32\wercon.exe - ok
18:03:31.0166 5108 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
18:03:31.0166 5108 C:\Windows\System32\rasqec.dll - ok
18:03:31.0174 5108 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
18:03:31.0174 5108 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
18:03:31.0181 5108 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
18:03:31.0181 5108 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
18:03:31.0189 5108 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
18:03:31.0189 5108 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
18:03:31.0196 5108 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
18:03:31.0197 5108 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
18:03:31.0205 5108 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
18:03:31.0205 5108 C:\Windows\System32\imageres.dll - ok
18:03:31.0211 5108 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
18:03:31.0211 5108 C:\Windows\System32\cryptui.dll - ok
18:03:31.0219 5108 [ B80933A7E3D63277A23F9882BF839DB5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
18:03:31.0219 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll - ok
18:03:31.0226 5108 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
18:03:31.0226 5108 C:\Windows\System32\netshell.dll - ok
18:03:31.0233 5108 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
18:03:31.0233 5108 C:\Windows\System32\IconCodecService.dll - ok
18:03:31.0241 5108 [ DE35EFF35C9EB0B381709CF979537E2A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll
18:03:31.0241 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmrasv.dll - ok
18:03:31.0248 5108 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:03:31.0248 5108 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:03:31.0256 5108 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
18:03:31.0256 5108 C:\Windows\System32\wbem\cimwin32.dll - ok
18:03:31.0262 5108 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
18:03:31.0262 5108 C:\Windows\System32\framedynos.dll - ok
18:03:31.0270 5108 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
18:03:31.0270 5108 C:\Windows\System32\wmi.dll - ok
18:03:31.0277 5108 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
18:03:31.0277 5108 C:\Windows\System32\upnp.dll - ok
18:03:31.0284 5108 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
18:03:31.0284 5108 C:\Program Files\Windows Calendar\WinCal.exe - ok
18:03:31.0291 5108 [ E01A3A0B77F1C01F0C1289AC29114AEE ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll
18:03:31.0291 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmcorePS.dll - ok
18:03:31.0299 5108 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
18:03:31.0299 5108 C:\Windows\System32\dot3api.dll - ok
18:03:31.0306 5108 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
18:03:31.0306 5108 C:\Windows\System32\wlanhlp.dll - ok
18:03:31.0312 5108 [ 9E816AEEDB04745C3F3D74DDE90BD79A ] C:\Windows\System32\igfxdev.dll
18:03:31.0312 5108 C:\Windows\System32\igfxdev.dll - ok
18:03:31.0320 5108 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\Windows\System32\PresentationSettings.exe
18:03:31.0320 5108 C:\Windows\System32\PresentationSettings.exe - ok
18:03:31.0327 5108 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
18:03:31.0327 5108 C:\Windows\System32\dimsjob.dll - ok
18:03:31.0335 5108 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
18:03:31.0336 5108 C:\Windows\System32\pautoenr.dll - ok
18:03:31.0339 5108 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
18:03:31.0340 5108 C:\Windows\System32\certcli.dll - ok
18:03:31.0347 5108 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
18:03:31.0347 5108 C:\Windows\System32\CertEnroll.dll - ok
18:03:31.0354 5108 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
18:03:31.0354 5108 C:\Windows\System32\wbem\NCProv.dll - ok
18:03:31.0361 5108 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
18:03:31.0361 5108 C:\Windows\System32\wbem\wbemcons.dll - ok
18:03:31.0369 5108 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
18:03:31.0369 5108 C:\Windows\System32\SearchProtocolHost.exe - ok
18:03:31.0377 5108 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
18:03:31.0377 5108 C:\Windows\System32\msshooks.dll - ok
18:03:31.0385 5108 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
18:03:31.0385 5108 C:\Windows\System32\mssvp.dll - ok
18:03:31.0391 5108 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
18:03:31.0391 5108 C:\Windows\System32\mapi32.dll - ok
18:03:31.0399 5108 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
18:03:31.0399 5108 C:\Windows\System32\mssph.dll - ok
18:03:31.0406 5108 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
18:03:31.0406 5108 C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL - ok
18:03:31.0413 5108 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll
18:03:31.0413 5108 C:\Windows\System32\msfeeds.dll - ok
18:03:31.0420 5108 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
18:03:31.0420 5108 C:\Windows\System32\SearchFilterHost.exe - ok
18:03:31.0427 5108 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
18:03:31.0428 5108 C:\Windows\System32\mssprxy.dll - ok
18:03:31.0435 5108 [ 7C0FC379D4B066C2D2189792DED0E4AA ] C:\Windows\System32\xmlfilter.dll
18:03:31.0435 5108 C:\Windows\System32\xmlfilter.dll - ok
18:03:31.0441 5108 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
18:03:31.0441 5108 C:\Windows\System32\ntshrui.dll - ok
18:03:31.0449 5108 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
18:03:31.0449 5108 C:\Windows\System32\pcadm.dll - ok
18:03:31.0456 5108 [ CE0FCEC4D4D860F36D972759B11EAF0F ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:03:31.0456 5108 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
18:03:31.0464 5108 [ 4439563F1ABFAC3C191B28D97B00578D ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
18:03:31.0464 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
18:03:31.0471 5108 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll
18:03:31.0471 5108 C:\Windows\System32\wbem\wmipcima.dll - ok
18:03:31.0478 5108 [ 86596778315062303F4F69B70D6E54B4 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
18:03:31.0479 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
18:03:31.0485 5108 [ 304160DEB2D59721E38D807A99C74298 ] C:\Windows\System32\osuninst.dll
18:03:31.0486 5108 C:\Windows\System32\osuninst.dll - ok
18:03:31.0493 5108 [ BB44CEE22800862E666974E7B14A1111 ] C:\Windows\System32\uexfat.dll
18:03:31.0493 5108 C:\Windows\System32\uexfat.dll - ok
18:03:31.0500 5108 [ 347B2194CF9AF418DBCB2DB4023CAFA6 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
18:03:31.0500 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
18:03:31.0507 5108 [ 5C9541EFCE477BFCFFD0EF9B1A175457 ] C:\Windows\System32\ulib.dll
18:03:31.0507 5108 C:\Windows\System32\ulib.dll - ok
18:03:31.0514 5108 [ EE3ECC1BC7CFE6B121291F85CA1831C4 ] C:\Windows\System32\ifsutil.dll
18:03:31.0514 5108 C:\Windows\System32\ifsutil.dll - ok
18:03:31.0521 5108 [ 6E2C2D1A925AEFDA224534A96109DEED ] C:\Windows\System32\uudf.dll
18:03:31.0521 5108 C:\Windows\System32\uudf.dll - ok
18:03:31.0528 5108 [ D30A7946B3207C9DBE40361E3B083716 ] C:\Windows\System32\untfs.dll
18:03:31.0528 5108 C:\Windows\System32\untfs.dll - ok
18:03:31.0535 5108 [ 127AAAB0D465F5A4375E570750A5D562 ] C:\Windows\System32\ufat.dll
18:03:31.0535 5108 C:\Windows\System32\ufat.dll - ok
18:03:31.0542 5108 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
18:03:31.0543 5108 C:\Windows\System32\actxprxy.dll - ok
18:03:31.0549 5108 [ 68886FE98B9DAAD197828AB065AA8AE1 ] C:\Windows\System32\fmifs.dll
18:03:31.0549 5108 C:\Windows\System32\fmifs.dll - ok
18:03:31.0556 5108 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\System32\runonce.exe
18:03:31.0556 5108 C:\Windows\System32\runonce.exe - ok
18:03:31.0565 5108 [ 759CAC5C047B3DE16E2A59351527DBB3 ] C:\Windows\System32\vdsdyn.dll
18:03:31.0565 5108 C:\Windows\System32\vdsdyn.dll - ok
18:03:31.0572 5108 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
18:03:31.0572 5108 C:\Windows\System32\cmd.exe - ok
18:03:31.0579 5108 [ B5AF921AAFF91AE3A47AA58CD2E1439F ] C:\Windows\System32\vdsbas.dll
18:03:31.0579 5108 C:\Windows\System32\vdsbas.dll - ok
18:03:31.0586 5108 [ C524572771BF4F2432D00D681721C599 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
18:03:31.0586 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
18:03:31.0591 5108 [ E5B77F198B009EC598645B1A46F89301 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
18:03:31.0591 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
18:03:31.0598 5108 [ 5F6359756DBCC901276BC2B62460FA64 ] C:\Windows\System32\quartz.dll
18:03:31.0598 5108 C:\Windows\System32\quartz.dll - ok
18:03:31.0605 5108 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
18:03:31.0605 5108 C:\Windows\System32\dxva2.dll - ok
18:03:31.0612 5108 [ 9F4C8DA21AC626BFB92DD9C7C6FF7F23 ] C:\Windows\System32\hbaapi.dll
18:03:31.0612 5108 C:\Windows\System32\hbaapi.dll - ok
18:03:31.0618 5108 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\Windows\System32\qcap.dll
18:03:31.0618 5108 C:\Windows\System32\qcap.dll - ok
18:03:31.0626 5108 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\System32\ksproxy.ax
18:03:31.0626 5108 C:\Windows\System32\ksproxy.ax - ok
18:03:31.0633 5108 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
18:03:31.0633 5108 C:\Windows\System32\dssenh.dll - ok
18:03:31.0640 5108 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\System32\vidcap.ax
18:03:31.0640 5108 C:\Windows\System32\vidcap.ax - ok
18:03:31.0647 5108 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\Windows\System32\Kswdmcap.ax
18:03:31.0647 5108 C:\Windows\System32\Kswdmcap.ax - ok
18:03:31.0654 5108 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\Windows\System32\drivers\mspqm.sys
18:03:31.0655 5108 C:\Windows\System32\drivers\mspqm.sys - ok
18:03:31.0661 5108 [ 0576C771DC0A20C49C3BA08D9013AB61 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
18:03:31.0661 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
18:03:31.0669 5108 [ 22A59AEE016116DC19971B6151F8D158 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
18:03:31.0669 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
18:03:31.0676 5108 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
18:03:31.0676 5108 C:\Windows\System32\wbem\wmiprov.dll - ok
18:03:31.0683 5108 [ 00A94903C257A40324CB671D148782C4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
18:03:31.0684 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
18:03:31.0691 5108 [ D24DFD16A1E2A76034DF5AA18125C35D ] C:\Windows\System32\drivers\psi_mf.sys
18:03:31.0691 5108 C:\Windows\System32\drivers\psi_mf.sys - ok
18:03:31.0698 5108 [ 83797EBD8DB0FA55FF651B2393876DEE ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
18:03:31.0698 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
18:03:31.0706 5108 [ 6E1AC019C8FD1997BF5A17DA93627510 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
18:03:31.0706 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
18:03:31.0713 5108 [ DD348DA5669282C80A3DE4D8991DB717 ] C:\Windows\System32\iscsium.dll
18:03:31.0713 5108 C:\Windows\System32\iscsium.dll - ok
18:03:31.0721 5108 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
18:03:31.0721 5108 C:\Windows\System32\drivers\cdfs.sys - ok
18:03:31.0728 5108 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
18:03:31.0728 5108 C:\Windows\System32\NaturalLanguage6.dll - ok
18:03:31.0736 5108 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Brandrea\AppData\Local\temp\D5A1666A-4554-4B12-8AC2-42A583814059.exe
18:03:31.0736 5108 C:\Users\Brandrea\AppData\Local\temp\D5A1666A-4554-4B12-8AC2-42A583814059.exe - ok
18:03:31.0743 5108 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
18:03:31.0743 5108 C:\Windows\System32\NlsData0009.dll - ok
18:03:31.0751 5108 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
18:03:31.0751 5108 C:\Windows\System32\NlsLexicons0009.dll - ok
18:03:31.0759 5108 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
18:03:31.0759 5108 C:\Windows\System32\ie4uinit.exe - ok
18:03:31.0767 5108 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
18:03:31.0767 5108 C:\Windows\System32\iedkcs32.dll - ok
18:03:31.0775 5108 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
18:03:31.0775 5108 C:\Windows\System32\timedate.cpl - ok
18:03:31.0782 5108 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
18:03:31.0782 5108 C:\Windows\System32\msshsq.dll - ok
18:03:31.0789 5108 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
18:03:31.0789 5108 C:\Windows\System32\networkexplorer.dll - ok
18:03:31.0796 5108 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
18:03:31.0796 5108 C:\Windows\System32\linkinfo.dll - ok
18:03:31.0804 5108 [ 88155D3D23CA8A1DFB1F45EE3E4C8DF8 ] C:\Program Files\uTorrent\uTorrent.exe
18:03:31.0804 5108 C:\Program Files\uTorrent\uTorrent.exe - ok
18:03:31.0811 5108 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
18:03:31.0811 5108 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
18:03:31.0819 5108 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
18:03:31.0819 5108 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
18:03:31.0825 5108 [ 3A9B8F990FD35252F20A3804AB9792CF ] C:\Windows\System32\hkcmd.exe
18:03:31.0825 5108 C:\Windows\System32\hkcmd.exe - ok
18:03:31.0833 5108 [ A3DA90B10DA9DD521D8969C6232ED85B ] C:\Windows\System32\igfxpers.exe
18:03:31.0833 5108 C:\Windows\System32\igfxpers.exe - ok
18:03:31.0837 5108 [ 83F71A2FBA72D692DF9B23E2323B2895 ] C:\Windows\System32\igfxsrvc.exe
18:03:31.0837 5108 C:\Windows\System32\igfxsrvc.exe - ok
18:03:31.0844 5108 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
18:03:31.0844 5108 C:\Windows\System32\msiltcfg.dll - ok
18:03:31.0852 5108 [ B669ADB56ABE22BA2B69A96D6CEE8508 ] C:\Windows\System32\hccutils.dll
18:03:31.0852 5108 C:\Windows\System32\hccutils.dll - ok
18:03:31.0858 5108 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
18:03:31.0859 5108 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
18:03:31.0866 5108 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
18:03:31.0866 5108 C:\Windows\System32\thumbcache.dll - ok
18:03:31.0873 5108 [ 720C8EE22B359ED438BDA19F6F603345 ] C:\Windows\System32\igfxsrvc.dll
18:03:31.0873 5108 C:\Windows\System32\igfxsrvc.dll - ok
18:03:31.0881 5108 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
18:03:31.0881 5108 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
18:03:31.0888 5108 [ 4ABAD35E39673AE5A90B3FC0D0D155F6 ] C:\Program Files\Pure Networks\Network Magic\nmspce2.dll
18:03:31.0888 5108 C:\Program Files\Pure Networks\Network Magic\nmspce2.dll - ok
18:03:31.0895 5108 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
18:03:31.0896 5108 C:\Windows\System32\riched20.dll - ok
18:03:31.0902 5108 [ 1454EF54C3B92FC2636DE1D421A119E7 ] C:\Program Files\Pure Networks\Network Magic\nmrsrc.dll
18:03:31.0903 5108 C:\Program Files\Pure Networks\Network Magic\nmrsrc.dll - ok
18:03:31.0910 5108 [ C0BA1E3A4EB73DD5A104C8C9ABC972B6 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:03:31.0910 5108 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
18:03:31.0917 5108 [ 093119ED29313016E0BF42A9EC424F29 ] C:\Program Files\Google\Drive\googledrivesync.exe
18:03:31.0917 5108 C:\Program Files\Google\Drive\googledrivesync.exe - ok
18:03:31.0924 5108 [ 276AC7BAE1F596A3A1D4B6D43AEF099C ] C:\Users\Brandrea\Documents\Brett\uTorrent.exe
18:03:31.0924 5108 C:\Users\Brandrea\Documents\Brett\uTorrent.exe - ok
18:03:31.0931 5108 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
18:03:31.0932 5108 C:\Windows\System32\ExplorerFrame.dll - ok
18:03:31.0938 5108 [ 13CC964E280C9A15636ACBE5C4E5A575 ] C:\Windows\System32\igfxrenu.lrc
18:03:31.0938 5108 C:\Windows\System32\igfxrenu.lrc - ok
18:03:31.0946 5108 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files\Mozilla Firefox\firefox.exe
18:03:31.0946 5108 C:\Program Files\Mozilla Firefox\firefox.exe - ok
18:03:31.0953 5108 [ 544C1EF07AEC178A83538A251A72CE13 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
18:03:31.0953 5108 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe - ok
18:03:31.0960 5108 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Users\Brandrea\Desktop\aswMBR.exe
18:03:31.0960 5108 C:\Users\Brandrea\Desktop\aswMBR.exe - ok
18:03:31.0967 5108 [ 130203D3313A0323DC333B941C3AA87A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll
18:03:31.0968 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll - ok
18:03:31.0975 5108 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Brandrea\Desktop\tdsskiller.exe
18:03:31.0976 5108 C:\Users\Brandrea\Desktop\tdsskiller.exe - ok
18:03:31.0982 5108 [ 4FB92AE36BC59614EE99341C44314AC8 ] C:\Windows\System32\SynCOM.dll
18:03:31.0982 5108 C:\Windows\System32\SynCOM.dll - ok
18:03:31.0989 5108 [ 8CB896C573FD15AE8B13180DA53E93D2 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
18:03:31.0989 5108 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
18:03:31.0997 5108 [ 93448A62310905579B9D4C5B6DA26433 ] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll
18:03:31.0997 5108 C:\Program Files\Hewlett-Packard\HP QuickTouch\HPShared.dll - ok
18:03:32.0004 5108 [ 7FC2BD5163B16D02F71BE06F3547B11D ] C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe
18:03:32.0004 5108 C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe - ok
18:03:32.0012 5108 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\87525902.sys
18:03:32.0012 5108 C:\Windows\System32\drivers\87525902.sys - ok
18:03:32.0018 5108 [ 0D286C0FE561D1A7EB30E83A0FF305B2 ] C:\Program Files\Internet Explorer\iexplore.exe
18:03:32.0019 5108 C:\Program Files\Internet Explorer\iexplore.exe - ok
18:03:32.0026 5108 [ D50FDAD1E57AA60F1973CFC77D905F0E ] C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
18:03:32.0027 5108 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - ok
18:03:32.0034 5108 [ 314C76642049DD4E9B964BC333A620B1 ] C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
18:03:32.0034 5108 C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe - ok
18:03:32.0042 5108 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe
18:03:32.0042 5108 C:\Program Files\Windows Media Player\wmplayer.exe - ok
18:03:32.0049 5108 [ 3333E2EBD9F29ACA7FFB301EBB515C89 ] C:\Users\Brandrea\Desktop\RogueKiller.exe
18:03:32.0049 5108 C:\Users\Brandrea\Desktop\RogueKiller.exe - ok
18:03:32.0056 5108 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
18:03:32.0056 5108 C:\Windows\System32\control.exe - ok
18:03:32.0063 5108 [ 73BFDC88C6EF9715CDF57134A438837A ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
18:03:32.0063 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe - ok
18:03:32.0073 5108 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
18:03:32.0073 5108 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
18:03:32.0080 5108 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
18:03:32.0080 5108 C:\Program Files\Windows Mail\WinMail.exe - ok
18:03:32.0087 5108 [ 45D2E47073134976D2F1DD4BF8582B14 ] C:\Program Files\Pure Networks\Network Magic\nmapp.exe
18:03:32.0087 5108 C:\Program Files\Pure Networks\Network Magic\nmapp.exe - ok
18:03:32.0095 5108 [ 8B968045D75783A09592C3105F2865DA ] C:\Users\Brandrea\Desktop\dds.scr
18:03:32.0095 5108 C:\Users\Brandrea\Desktop\dds.scr - ok
18:03:32.0104 5108 [ 4370B7BDCAC7F69E49446ECFE7F9A157 ] C:\Users\Brandrea\Desktop\adwcleaner.exe
18:03:32.0104 5108 C:\Users\Brandrea\Desktop\adwcleaner.exe - ok
18:03:32.0109 5108 [ DE0A514C82AFEF567CDA47CA571E5433 ] C:\Windows\System32\SynTPAPI.dll
18:03:32.0110 5108 C:\Windows\System32\SynTPAPI.dll - ok
18:03:32.0116 5108 [ 4C61FC5FF08B9B9537FCF4A413CCE8DB ] C:\Program Files\WinRAR\WinRAR.exe
18:03:32.0116 5108 C:\Program Files\WinRAR\WinRAR.exe - ok
18:03:32.0124 5108 [ C0992AA77C76FB4CA429CD2C046662F5 ] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
18:03:32.0124 5108 C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe - ok
18:03:32.0132 5108 [ 31F3CF74759BE9196408EEBFE9E93626 ] C:\Users\Brandrea\Desktop\SecurityCheck.exe
18:03:32.0132 5108 C:\Users\Brandrea\Desktop\SecurityCheck.exe - ok
18:03:32.0139 5108 [ B7B5C8312516528B8BB3F1CDC635F122 ] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
18:03:32.0139 5108 C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll - ok
18:03:32.0146 5108 [ 68A03B3D7D1E90AB884508A5DCE3CA1D ] C:\Users\Brandrea\Pictures\Flickr Uploadr\Flickr Uploadr.exe
18:03:32.0146 5108 C:\Users\Brandrea\Pictures\Flickr Uploadr\Flickr Uploadr.exe - ok
18:03:32.0154 5108 [ 9146F21288AB749C4C729343F5F285A1 ] C:\Users\Brandrea\Desktop\Defogger.exe
18:03:32.0154 5108 C:\Users\Brandrea\Desktop\Defogger.exe - ok
18:03:32.0161 5108 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:03:32.0161 5108 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
18:03:32.0169 5108 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
18:03:32.0170 5108 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
18:03:32.0176 5108 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
18:03:32.0176 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - ok
18:03:32.0183 5108 [ 1CB8EBEA0A09238A85C509B33DE32937 ] C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
18:03:32.0183 5108 C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe - ok
18:03:32.0191 5108 [ DC8DFA6D71DAF85D3F23D49A4B4B0BD2 ] C:\Program Files\iTunes\iTunes.exe
18:03:32.0191 5108 C:\Program Files\iTunes\iTunes.exe - ok
18:03:32.0197 5108 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe
18:03:32.0198 5108 C:\Windows\System32\notepad.exe - ok
18:03:32.0205 5108 [ 923959DFBC11A66B88762485EA23D411 ] C:\Users\Brandrea\Desktop\ComboFix.exe
18:03:32.0205 5108 C:\Users\Brandrea\Desktop\ComboFix.exe - ok
18:03:32.0212 5108 [ 45C045C6813E17639E8D86469FD1C759 ] C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
18:03:32.0212 5108 C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll - ok
18:03:32.0220 5108 [ AF43C4F7F3C8BC95DAD95024F96CDC4A ] C:\Program Files\QuickTime\QTTask.exe
18:03:32.0220 5108 C:\Program Files\QuickTime\QTTask.exe - ok
18:03:32.0226 5108 [ 850396EE31B36FCC9507AF10036EFBAE ] C:\Windows\Installer\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}\iTunesIco.exe
18:03:32.0227 5108 C:\Windows\Installer\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}\iTunesIco.exe - ok
18:03:32.0234 5108 [ CECFD47F993E63999AB1F4074BB88AC5 ] C:\Program Files\Secunia\PSI\psi.exe
18:03:32.0234 5108 C:\Program Files\Secunia\PSI\psi.exe - ok
18:03:32.0241 5108 [ 15A28F66868195F2C313CCC0F019C0D4 ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
18:03:32.0241 5108 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
18:03:32.0248 5108 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\Windows\System32\accessibilitycpl.dll
18:03:32.0248 5108 C:\Windows\System32\accessibilitycpl.dll - ok
18:03:32.0255 5108 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
18:03:32.0255 5108 C:\Windows\System32\stobject.dll - ok
18:03:32.0262 5108 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
18:03:32.0262 5108 C:\Windows\System32\batmeter.dll - ok
18:03:32.0270 5108 [ 5EF55A674761BF3A9AD90919A96F6FE0 ] C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe
18:03:32.0270 5108 C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe - ok
18:03:32.0276 5108 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe
18:03:32.0277 5108 C:\Windows\System32\Magnify.exe - ok
18:03:32.0284 5108 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe
18:03:32.0284 5108 C:\Windows\System32\Narrator.exe - ok
18:03:32.0291 5108 [ 8728A91948AC0FE779BDF47BC551BAF5 ] C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
18:03:32.0291 5108 C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - ok
18:03:32.0299 5108 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe
18:03:32.0299 5108 C:\Windows\System32\osk.exe - ok
18:03:32.0305 5108 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
18:03:32.0306 5108 C:\Windows\System32\SndVolSSO.dll - ok
18:03:32.0312 5108 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll
18:03:32.0312 5108 C:\Windows\ehome\ehSSO.dll - ok
18:03:32.0320 5108 [ 7D0508F876D5A69C1C12BAEC845F4967 ] C:\ProgramData\Boxtools\Boxofttoolbox.exe
18:03:32.0320 5108 C:\ProgramData\Boxtools\Boxofttoolbox.exe - ok
18:03:32.0326 5108 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
18:03:32.0326 5108 C:\Windows\System32\pnidui.dll - ok
18:03:32.0335 5108 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
18:03:32.0335 5108 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
18:03:32.0342 5108 [ 6D796D59977EB52B33B966EAB9C73E6A ] C:\Program Files\Microsoft Works\MSWorks.exe
18:03:32.0342 5108 C:\Program Files\Microsoft Works\MSWorks.exe - ok
18:03:32.0347 5108 [ ABAEAEE763E287BDD39094C4165E1F3F ] C:\Windows\System32\fdProxy.dll
18:03:32.0347 5108 C:\Windows\System32\fdProxy.dll - ok
18:03:32.0353 5108 [ 4BAEC13BCAA595639EBB5185278DEFEA ] C:\Windows\System32\fdWSD.dll
18:03:32.0353 5108 C:\Windows\System32\fdWSD.dll - ok
18:03:32.0360 5108 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
18:03:32.0360 5108 C:\Windows\System32\rasdlg.dll - ok
18:03:32.0367 5108 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
18:03:32.0368 5108 C:\Windows\System32\mlang.dll - ok
18:03:32.0374 5108 [ 443C5961CACD4ABC16648874AF06E4A0 ] C:\Windows\System32\fdSSDP.dll
18:03:32.0375 5108 C:\Windows\System32\fdSSDP.dll - ok
18:03:32.0382 5108 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Program Files\Microsoft Works\wksdb.exe
18:03:32.0382 5108 C:\Program Files\Microsoft Works\wksdb.exe - ok
18:03:32.0389 5108 [ 1E3A88803D8BD6A244BE4F049699F9D0 ] C:\ProgramData\Boxtools\Uninstall.exe
18:03:32.0390 5108 C:\ProgramData\Boxtools\Uninstall.exe - ok
18:03:32.0398 5108 [ 35937EAD711207544E219C2A19A78A7D ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:03:32.0398 5108 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:03:32.0405 5108 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
18:03:32.0405 5108 C:\Windows\System32\AltTab.dll - ok
18:03:32.0413 5108 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
18:03:32.0413 5108 C:\Windows\System32\WPDShServiceObj.dll - ok
18:03:32.0419 5108 [ E46A4765F8E6D631C9C9CB0B083602F5 ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:03:32.0419 5108 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:03:32.0427 5108 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
18:03:32.0427 5108 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:03:32.0434 5108 [ BDB74DFFEB1DD3608E99B5B838CFAA91 ] C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe
18:03:32.0434 5108 C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe - ok
18:03:32.0442 5108 [ 45D2E47073134976D2F1DD4BF8582B14 ] C:\Windows\Installer\{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}\NmApp.exe
18:03:32.0442 5108 C:\Windows\Installer\{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}\NmApp.exe - ok
18:03:32.0449 5108 [ AD75FA737061370FA410C5AE06D7D324 ] C:\Program Files\CyberLink\Power2Go\Power2Go.exe
18:03:32.0449 5108 C:\Program Files\CyberLink\Power2Go\Power2Go.exe - ok
18:03:32.0456 5108 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
18:03:32.0456 5108 C:\Windows\System32\srchadmin.dll - ok
18:03:32.0464 5108 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
18:03:32.0464 5108 C:\Windows\System32\webcheck.dll - ok
18:03:32.0471 5108 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
18:03:32.0471 5108 C:\Windows\System32\SyncCenter.dll - ok
18:03:32.0478 5108 [ 648AB74D9C104FB500B6C4EEDC6A8772 ] C:\Windows\System32\wmpmde.dll
18:03:32.0478 5108 C:\Windows\System32\wmpmde.dll - ok
18:03:32.0485 5108 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
18:03:32.0485 5108 C:\Windows\System32\imapi2.dll - ok
18:03:32.0492 5108 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\quickenfc\WizLink.exe
18:03:32.0493 5108 C:\Program Files\Online Services\quickenfc\WizLink.exe - ok
18:03:32.0499 5108 [ 5DB08DBBA056A98E20D46D4FA48EFDEB ] C:\Program Files\CyberLink\PowerDirector\PDR.exe
18:03:32.0499 5108 C:\Program Files\CyberLink\PowerDirector\PDR.exe - ok
18:03:32.0507 5108 [ 67D16247C56C26A4F0D79D1A7F272B8F ] C:\Windows\System32\mf.dll
18:03:32.0507 5108 C:\Windows\System32\mf.dll - ok
18:03:32.0514 5108 [ 2495C4204C63678F8FD5D488CA7DAD26 ] C:\Windows\System32\evr.dll
18:03:32.0514 5108 C:\Windows\System32\evr.dll - ok
18:03:32.0520 5108 [ 4DF10CE50010D70152944B51E03588B0 ] C:\Windows\System32\wmdrmsdk.dll
18:03:32.0522 5108 C:\Windows\System32\wmdrmsdk.dll - ok
18:03:32.0528 5108 [ 015E99A7634B93E8BB0380C70F3D2CC3 ] C:\Windows\System32\wmp.dll
18:03:32.0528 5108 C:\Windows\System32\wmp.dll - ok
18:03:32.0534 5108 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
18:03:32.0535 5108 C:\Windows\System32\bthprops.cpl - ok
18:03:32.0542 5108 [ 91928A35ADD81A78EFA7678FFBF47FDB ] C:\Program Files\Ghostscript\gs8.71\bin\gswin32.exe
18:03:32.0542 5108 C:\Program Files\Ghostscript\gs8.71\bin\gswin32.exe - ok
18:03:32.0549 5108 [ 401334D01976E029250265022D2DBF42 ] C:\Program Files\HP\QuickPlay\QP.exe
18:03:32.0549 5108 C:\Program Files\HP\QuickPlay\QP.exe - ok
18:03:32.0557 5108 [ 5D999BF519415D1C8EE0B97FF6A254DB ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
18:03:32.0557 5108 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
18:03:32.0564 5108 [ B0B576926100EB0E176952BD18749571 ] C:\Program Files\HP\QuickPlay\QPManager.exe
18:03:32.0564 5108 C:\Program Files\HP\QuickPlay\QPManager.exe - ok
18:03:32.0571 5108 [ 6DA7C93AB37B4A204BFCAE9FA07FF48D ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
18:03:32.0571 5108 C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
18:03:32.0580 5108 [ BA83A6531273C8841FB7082F2393E46F ] C:\Windows\Installer\{56BED62F-278A-407B-8BCD-E645EC96D2ED}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
18:03:32.0580 5108 C:\Windows\Installer\{56BED62F-278A-407B-8BCD-E645EC96D2ED}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe - ok
18:03:32.0587 5108 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
18:03:32.0587 5108 C:\Windows\System32\wuapp.exe - ok
18:03:32.0595 5108 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
18:03:32.0595 5108 C:\Windows\System32\wucltux.dll - ok
18:03:32.0599 5108 [ 95743737B31850B590DE4803952F5E1A ] C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe
18:03:32.0599 5108 C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe - ok
18:03:32.0607 5108 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
18:03:32.0607 5108 C:\Program Files\Windows Mail\wab.exe - ok
18:03:32.0614 5108 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
18:03:32.0614 5108 C:\Program Files\Windows Defender\MSASCui.exe - ok
18:03:32.0621 5108 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
18:03:32.0621 5108 C:\Program Files\Movie Maker\DVDMaker.exe - ok
18:03:32.0628 5108 [ 9441A231C0AA0712F7CF3B10D9CFCF76 ] C:\Windows\System32\wmploc.DLL
18:03:32.0628 5108 C:\Windows\System32\wmploc.DLL - ok
18:03:32.0635 5108 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
18:03:32.0635 5108 C:\Windows\ehome\ehshell.exe - ok
18:03:32.0642 5108 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
18:03:32.0642 5108 C:\Windows\System32\wmpps.dll - ok
18:03:32.0649 5108 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
18:03:32.0649 5108 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
18:03:32.0657 5108 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
18:03:32.0657 5108 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
18:03:32.0663 5108 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
18:03:32.0664 5108 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
18:03:32.0671 5108 [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe
18:03:32.0671 5108 C:\Windows\System32\calc.exe - ok
18:03:32.0677 5108 [ 338104E0E18307CD65604FE317B5FB8D ] C:\Windows\System32\mblctr.exe
18:03:32.0678 5108 C:\Windows\System32\mblctr.exe - ok
18:03:32.0685 5108 [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\Windows\System32\NetProj.exe
18:03:32.0685 5108 C:\Windows\System32\NetProj.exe - ok
18:03:32.0692 5108 [ A577868F76CEE16D6A82625FD55F379A ] C:\Windows\System32\NetProjW.dll
18:03:32.0692 5108 C:\Windows\System32\NetProjW.dll - ok
18:03:32.0699 5108 [ 694AF8B27C9A0A99399E02CE977F986B ] C:\Windows\System32\mspaint.exe
18:03:32.0699 5108 C:\Windows\System32\mspaint.exe - ok
18:03:32.0706 5108 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
18:03:32.0706 5108 C:\Program Files\Windows Sidebar\sidebar.exe - ok
18:03:32.0713 5108 [ E80DB295132C5EF0C623935422BD0FC7 ] C:\Windows\System32\SnippingTool.exe
18:03:32.0713 5108 C:\Windows\System32\SnippingTool.exe - ok
18:03:32.0721 5108 [ 248F33A6C2380757BC1E20E34D9E827B ] C:\Windows\System32\SoundRecorder.exe
18:03:32.0721 5108 C:\Windows\System32\SoundRecorder.exe - ok
18:03:32.0727 5108 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe
18:03:32.0727 5108 C:\Windows\System32\mobsync.exe - ok
18:03:32.0735 5108 [ 16FC5B430123238E522B18E63C257AF8 ] C:\Windows\System32\oobefldr.dll
18:03:32.0735 5108 C:\Windows\System32\oobefldr.dll - ok
18:03:32.0742 5108 [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
18:03:32.0742 5108 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
18:03:32.0750 5108 [ 105A4D87C8DCF2CF5DB042830B203E5F ] C:\Windows\Speech\Common\sapisvr.exe
18:03:32.0750 5108 C:\Windows\Speech\Common\sapisvr.exe - ok
18:03:32.0756 5108 [ 9AD8AEAAB3EB89277AF1DDF31B14F90F ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
18:03:32.0757 5108 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
18:03:32.0764 5108 [ 8D07F0687318214A3CEF62EA1048D101 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
18:03:32.0764 5108 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe - ok
18:03:32.0771 5108 [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\Windows\System32\sdclt.exe
18:03:32.0771 5108 C:\Windows\System32\sdclt.exe - ok
18:03:32.0778 5108 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe
18:03:32.0778 5108 C:\Windows\System32\charmap.exe - ok
18:03:32.0785 5108 [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\Windows\System32\dfrgui.exe
18:03:32.0785 5108 C:\Windows\System32\dfrgui.exe - ok
18:03:32.0792 5108 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe
18:03:32.0792 5108 C:\Windows\System32\cleanmgr.exe - ok
18:03:32.0799 5108 [ FBF628702A408977FEB0845D48F4F154 ] C:\Windows\System32\migwiz\migwiz.exe
18:03:32.0799 5108 C:\Windows\System32\migwiz\migwiz.exe - ok
18:03:32.0806 5108 [ D3D1CE8FF30786D50272DA3085149904 ] C:\Windows\System32\msinfo32.exe
18:03:32.0806 5108 C:\Windows\System32\msinfo32.exe - ok
18:03:32.0813 5108 [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\Windows\System32\rstrui.exe
18:03:32.0813 5108 C:\Windows\System32\rstrui.exe - ok
18:03:32.0820 5108 [ B13A8D6F708AA2034A9DE0979F81D890 ] C:\Windows\System32\miguiresource.dll
18:03:32.0820 5108 C:\Windows\System32\miguiresource.dll - ok
18:03:32.0829 5108 [ C9B520028498E5DA23651619F8A556D4 ] C:\Windows\System32\StikyNot.exe
18:03:32.0829 5108 C:\Windows\System32\StikyNot.exe - ok
18:03:32.0835 5108 [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
18:03:32.0835 5108 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok
18:03:32.0842 5108 [ 0CC3F7AD4476FFDCA5A49E1A877214DE ] C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe
18:03:32.0842 5108 C:\Program Files\BillP Studios\WinPatrol\WinPatrolEx.exe - ok
18:03:32.0846 5108 [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe
18:03:32.0846 5108 C:\Program Files\Windows Journal\Journal.exe - ok
18:03:32.0854 5108 [ 36B6F71B6D7D280302B348145DB05A9F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
18:03:32.0854 5108 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
18:03:32.0861 5108 [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
18:03:32.0862 5108 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
18:03:32.0869 5108 [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
18:03:32.0869 5108 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
18:03:32.0876 5108 [ 2CB350B72FEA6FB5A010099A4444B636 ] C:\Windows\System32\mycomput.dll
18:03:32.0876 5108 C:\Windows\System32\mycomput.dll - ok
18:03:32.0884 5108 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe
18:03:32.0884 5108 C:\Windows\System32\odbcad32.exe - ok
18:03:32.0890 5108 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe
18:03:32.0890 5108 C:\Windows\System32\iscsicpl.exe - ok
18:03:32.0898 5108 [ F84D0B1B90404D0A27E86F159FBDAC81 ] C:\Windows\System32\iscsicpl.dll
18:03:32.0898 5108 C:\Windows\System32\iscsicpl.dll - ok
18:03:32.0904 5108 [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\Windows\System32\MdSched.exe
18:03:32.0904 5108 C:\Windows\System32\MdSched.exe - ok
18:03:32.0912 5108 [ 1959E5AAEE0D988C10F19CEC7DFF2242 ] C:\Windows\System32\wdc.dll
18:03:32.0912 5108 C:\Windows\System32\wdc.dll - ok
18:03:32.0919 5108 [ 90438B514A5AC6A23602484A907E20A7 ] C:\Windows\System32\filemgmt.dll
18:03:32.0919 5108 C:\Windows\System32\filemgmt.dll - ok
18:03:32.0930 5108 [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\Windows\System32\msconfig.exe
18:03:32.0930 5108 C:\Windows\System32\msconfig.exe - ok
18:03:32.0935 5108 [ 0ADED25D371AE14665CE514E413988E7 ] C:\Windows\System32\AuthFWGP.dll
18:03:32.0936 5108 C:\Windows\System32\AuthFWGP.dll - ok
18:03:32.0943 5108 [ ABD6C47E9F40A69982F89D9F522CED82 ] C:\Program Files\CHM To PDF\CHM To PDF Converter PRO.exe
18:03:32.0943 5108 C:\Program Files\CHM To PDF\CHM To PDF Converter PRO.exe - ok
18:03:32.0950 5108 [ 3B161E0C1D8F3253640D57B45FAC96DA ] C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
18:03:32.0950 5108 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe - ok
18:03:32.0958 5108 [ 1B14EEC9BC9A4A920CAEEF2ECCA46E71 ] C:\Program Files\CHM To PDF\unins000.exe
18:03:32.0959 5108 C:\Program Files\CHM To PDF\unins000.exe - ok
18:03:32.0965 5108 [ E08435A8B3169529D9FDD064EFB30A4A ] C:\Program Files\Defraggler\Defraggler.exe
18:03:32.0965 5108 C:\Program Files\Defraggler\Defraggler.exe - ok
18:03:32.0972 5108 [ DC758FF5C5A8154F6908A678F0573997 ] C:\Program Files\Defraggler\uninst.exe
18:03:32.0972 5108 C:\Program Files\Defraggler\uninst.exe - ok
18:03:32.0980 5108 [ F398AE050ADEAE5893DEC9E9DDFFEAB7 ] C:\Program Files\DjVu to PDF\DjVuToPDF.exe
18:03:32.0980 5108 C:\Program Files\DjVu to PDF\DjVuToPDF.exe - ok
18:03:32.0986 5108 [ EA352D2F2ADAE7F5656208E23E4194CC ] C:\Program Files\DjVu to PDF\unins000.exe
18:03:32.0987 5108 C:\Program Files\DjVu to PDF\unins000.exe - ok
18:03:32.0994 5108 [ 2D58C4DB17233DD97D36B2006D3BE093 ] C:\Program Files\Exact Audio Copy\EAC.exe
18:03:32.0994 5108 C:\Program Files\Exact Audio Copy\EAC.exe - ok
18:03:33.0001 5108 [ 4E6D2205EBE1E2EE5AC9661D4F058E62 ] C:\Program Files\Exact Audio Copy\uninst.exe
18:03:33.0001 5108 C:\Program Files\Exact Audio Copy\uninst.exe - ok
18:03:33.0009 5108 [ 626F198768F67A0FEB3AD909E638F551 ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
18:03:33.0009 5108 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
18:03:33.0016 5108 [ 554BF617B3BBE4F2F73BF201B05438DE ] C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll
18:03:33.0016 5108 C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll - ok
18:03:33.0023 5108 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
18:03:33.0024 5108 C:\Windows\System32\rundll32.exe - ok
18:03:33.0030 5108 [ ABFECFB91A29EE4B3FEFC4FD2E3308B8 ] C:\Program Files\ffdshow\ffdshow.ax
18:03:33.0030 5108 C:\Program Files\ffdshow\ffdshow.ax - ok
18:03:33.0037 5108 [ 8B0AABC54DAFD4CCC9621377989A5C95 ] C:\Program Files\ffdshow\makeAVIS.exe
18:03:33.0037 5108 C:\Program Files\ffdshow\makeAVIS.exe - ok
18:03:33.0045 5108 [ 1D20C22F71EB0F701B230DCE3327A484 ] C:\Program Files\ffdshow\unins000.exe
18:03:33.0045 5108 C:\Program Files\ffdshow\unins000.exe - ok
18:03:33.0051 5108 [ 61954E06628943E568C73F70988CB2B1 ] C:\Program Files\Foxit Software\Foxit Reader\unins000.exe
18:03:33.0051 5108 C:\Program Files\Foxit Software\Foxit Reader\unins000.exe - ok
18:03:33.0059 5108 [ 56292FDBEF6889DBC0C55169A335ECE3 ] C:\Program Files\Google\Chrome\Application\chrome.exe
18:03:33.0059 5108 C:\Program Files\Google\Chrome\Application\chrome.exe - ok
18:03:33.0066 5108 [ 79E76DFB12DE84A5DC3F677F6DF172E5 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxthl.dll
18:03:33.0066 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxthl.dll - ok
18:03:33.0074 5108 [ 2234C900D762B73F15DF017467BA5A86 ] C:\Program Files\Pure Networks\Network Magic\nmapplb.dll
18:03:33.0074 5108 C:\Program Files\Pure Networks\Network Magic\nmapplb.dll - ok
18:03:33.0082 5108 [ C1512684E90E9B6A6E9255605CF1A83D ] C:\Program Files\Google\Chrome\Application\17.0.963.79\Installer\setup.exe
18:03:33.0082 5108 C:\Program Files\Google\Chrome\Application\17.0.963.79\Installer\setup.exe - ok
18:03:33.0092 5108 [ 077ECA52D67877AE174481F03846F555 ] C:\Program Files\Hewlett-Packard\HP Battery Check\HPBC.exe
18:03:33.0092 5108 C:\Program Files\Hewlett-Packard\HP Battery Check\HPBC.exe - ok
18:03:33.0099 5108 [ 0D98D342D5D0482DB1BCCB179B74C1C5 ] C:\Windows\Installer\{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}\NewShortcut3.1AAA2B88_1AC4_48A8_BD29_EFBA85C2472A.exe
18:03:33.0099 5108 C:\Windows\Installer\{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}\NewShortcut3.1AAA2B88_1AC4_48A8_BD29_EFBA85C2472A.exe - ok
18:03:33.0104 5108 [ 14E73802ED187AACEEB09295DCB113FD ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC.exe
18:03:33.0104 5108 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC.exe - ok
18:03:33.0111 5108 [ 5E478F2DD004E170339365A2BAAB3297 ] C:\Program Files\Hewlett-Packard\HP System Information\HPSI.exe
18:03:33.0111 5108 C:\Program Files\Hewlett-Packard\HP System Information\HPSI.exe - ok
18:03:33.0119 5108 [ 91B52BA56A4F4F33D203BB6CD77C911D ] C:\Program Files\HP\HP Software Update\hpwucli.exe
18:03:33.0119 5108 C:\Program Files\HP\HP Software Update\hpwucli.exe - ok
18:03:33.0126 5108 [ 026EE593459C9A2EC280A8FDB378E5A1 ] C:\Windows\Installer\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe
18:03:33.0126 5108 C:\Windows\Installer\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}\NewShortcut1_47F36D92E58E456DB73C3382737E4C42.exe - ok
18:03:33.0133 5108 [ 313E3140014EF6A432792FA42040488B ] C:\Program Files\HP\Digital Imaging\hpqSSupply.exe
18:03:33.0133 5108 C:\Program Files\HP\Digital Imaging\hpqSSupply.exe - ok
18:03:33.0141 5108 [ 4A307E58F649D5DCB43B89C3AFD3A879 ] C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
18:03:33.0141 5108 C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe - ok
18:03:33.0148 5108 [ 5F4C61A65B444D6EB88A4EAB3C0A62B5 ] C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
18:03:33.0148 5108 C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe - ok
18:03:33.0156 5108 [ A36D8EF3D05E838E55F4900B6891FF22 ] C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe
18:03:33.0156 5108 C:\Program Files\HP\Digital Imaging\{CD0773D5-C18E-495c-B39B-21A96415EDD5}\setup\hpzscr01.exe - ok
18:03:33.0163 5108 [ 00B936FD8CA57BB037C8C6A7FB890A3E ] C:\Program Files\HTML Help Workshop\flash.exe
18:03:33.0163 5108 C:\Program Files\HTML Help Workshop\flash.exe - ok
18:03:33.0171 5108 [ EF01CDD3801B0FC357FC2AB9ABE0093A ] C:\Program Files\HTML Help Workshop\hhw.exe
18:03:33.0171 5108 C:\Program Files\HTML Help Workshop\hhw.exe - ok
18:03:33.0178 5108 [ EF6807C50ED8C9C5E0330B73DE908EED ] C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe
18:03:33.0178 5108 C:\Program Files\Common Files\Apple\Internet Services\iCloudWeb.exe - ok
18:03:33.0186 5108 [ D2B6CE5D9C68B513B2F9251E63BAF226 ] C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe
18:03:33.0186 5108 C:\Program Files\Common Files\Apple\Internet Services\iCloud.exe - ok
18:03:33.0193 5108 [ EBACE0B24B2FF493C7BF57A3072E328C ] C:\Program Files\Common Files\Apple\Internet Services\PhotoStream.exe
18:03:33.0193 5108 C:\Program Files\Common Files\Apple\Internet Services\PhotoStream.exe - ok
18:03:33.0201 5108 [ CA925B1E8FB4B27811C04F5CA79E0EC6 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe
18:03:33.0201 5108 C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe - ok
18:03:33.0207 5108 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\Windows\System32\brcpl.dll
18:03:33.0207 5108 C:\Windows\System32\brcpl.dll - ok
18:03:33.0214 5108 [ 3141224EEBA075BC085175E60CD14782 ] C:\Windows\System32\msra.exe
18:03:33.0214 5108 C:\Windows\System32\msra.exe - ok
18:03:33.0222 5108 [ FACE86ABDF4CE94989A9DA4849498EC7 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
18:03:33.0222 5108 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
18:03:33.0229 5108 [ 3A72D62137659AD7BDEECBB49DD85684 ] C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
18:03:33.0229 5108 C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe - ok
18:03:33.0237 5108 [ 08457294C7E98C5D3E5EE8CDC25FA537 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
18:03:33.0237 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe - ok
18:03:33.0244 5108 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
18:03:33.0244 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - ok
18:03:33.0252 5108 [ BFE69C991171F6527B5BF625ED048471 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
18:03:33.0252 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe - ok
18:03:33.0259 5108 [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
18:03:33.0260 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe - ok
18:03:33.0267 5108 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
18:03:33.0268 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe - ok
18:03:33.0275 5108 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
18:03:33.0275 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe - ok
18:03:33.0283 5108 [ 6CE25A4F4F2F70EBF004C9006C647F32 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
18:03:33.0283 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe - ok
18:03:33.0290 5108 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
18:03:33.0290 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe - ok
18:03:33.0297 5108 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
18:03:33.0298 5108 C:\Windows\System32\ntlanman.dll - ok
18:03:33.0304 5108 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
18:03:33.0304 5108 C:\Windows\System32\drprov.dll - ok
18:03:33.0311 5108 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
18:03:33.0311 5108 C:\Windows\System32\davclnt.dll - ok
18:03:33.0319 5108 [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
18:03:33.0319 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - ok
18:03:33.0326 5108 [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
18:03:33.0326 5108 C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - ok
18:03:33.0334 5108 [ 29431C7A28278A9EBF4FEF38DB61D86B ] C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe
18:03:33.0334 5108 C:\Program Files\Microsoft Silverlight\4.1.10329.0\Silverlight.Configuration.exe - ok
18:03:33.0341 5108 [ EFC376FDA886DF2652B34D153D019F0C ] C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
18:03:33.0341 5108 C:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll - ok
18:03:33.0349 5108 [ 206EE4B42D11585EB53C47FB69F69E54 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe
18:03:33.0349 5108 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksCal.exe - ok
18:03:33.0354 5108 [ 8BC00165083171F8DE760AE39D76D003 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe
18:03:33.0354 5108 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksdb.exe - ok
18:03:33.0361 5108 [ 528DA0632ACC3EC0DABF0EE8F1DD5C20 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe
18:03:33.0362 5108 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksSb.exe - ok
18:03:33.0369 5108 [ 08BC7211E4E06A47CAC85D5A73D006E2 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe
18:03:33.0369 5108 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\wksss.exe - ok
18:03:33.0377 5108 [ 5C373483418D410C75BD3E53FEEC9070 ] C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe
18:03:33.0377 5108 C:\Windows\Installer\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\WksWP.exe - ok
18:03:33.0385 5108 [ 4FA0547E4BDC29FA6D2CB531333DE61F ] C:\Program Files\Exact Audio Copy\Monkey's Audio\Monkey's Audio.exe
18:03:33.0385 5108 C:\Program Files\Exact Audio Copy\Monkey's Audio\Monkey's Audio.exe - ok
18:03:33.0393 5108 [ AAB2B61C443E12D88B6E50A149C288E2 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\muveeapp.exe
18:03:33.0393 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\muveeapp.exe - ok
18:03:33.0400 5108 [ 3B3E34D3A42E64050CDD74231C569F97 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchHelp.exe
18:03:33.0400 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchHelp.exe - ok
18:03:33.0428 5108 [ 2CCC156E3BF4B24AEA25A03EE3A214FA ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchFlash.exe
18:03:33.0428 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\LaunchFlash.exe - ok
18:03:33.0435 5108 [ 9A9D0547DAC7410BE22874C14476E19D ] C:\Program Files\NBCE Review\program\NBCE.exe
18:03:33.0435 5108 C:\Program Files\NBCE Review\program\NBCE.exe - ok
18:03:33.0442 5108 [ 21EBAA7BE77D847A7DB45D1F9F6F5467 ] C:\Program Files\Hewlett-Packard\HP TCS\HPTCS.exe
18:03:33.0442 5108 C:\Program Files\Hewlett-Packard\HP TCS\HPTCS.exe - ok
18:03:33.0449 5108 [ 6D50A184B15AE4ED0A29ACD7697FD48A ] C:\Program Files\Hewlett-Packard\HP TCS\GetOnlinePillar.dll
18:03:33.0449 5108 C:\Program Files\Hewlett-Packard\HP TCS\GetOnlinePillar.dll - ok
18:03:33.0457 5108 [ 928DA6D3AA629966F0DB510EFDF67340 ] C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe
18:03:33.0457 5108 C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe - ok
18:03:33.0464 5108 [ E952C981228FFF5C014CFB7C6D82EE65 ] C:\Program Files\Online Services\MSN90\msnsusii.exe
18:03:33.0464 5108 C:\Program Files\Online Services\MSN90\msnsusii.exe - ok
18:03:33.0471 5108 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
18:03:33.0471 5108 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
18:03:33.0480 5108 [ D960AB4131A0568ED12C6BCEDA95F618 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxt.dll
18:03:33.0480 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxt.dll - ok
18:03:33.0487 5108 [ 707A19FFC158ABA45F1CA94CB470A1C5 ] C:\Program Files\Online Services\MSN90\LaunchMsn.exe
18:03:33.0487 5108 C:\Program Files\Online Services\MSN90\LaunchMsn.exe - ok
18:03:33.0494 5108 [ F824AB6B4F32CDA2F1750D3D9F5318B7 ] C:\Windows\System32\Firewall.cpl
18:03:33.0494 5108 C:\Windows\System32\Firewall.cpl - ok
18:03:33.0501 5108 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe
18:03:33.0501 5108 C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe - ok
18:03:33.0509 5108 [ AC4BE6114FEB2B225D92BAE8D11ACFE4 ] C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe
18:03:33.0510 5108 C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe - ok
18:03:33.0516 5108 [ C559672F31ABE6BA7277DD73C4502238 ] C:\Windows\System32\msiexec.exe
18:03:33.0516 5108 C:\Windows\System32\msiexec.exe - ok
18:03:33.0524 5108 [ 018D92164AB9D2C77D444A44648CAE63 ] C:\Windows\SMINST\CD Creator.exe
18:03:33.0524 5108 C:\Windows\SMINST\CD Creator.exe - ok
18:03:33.0531 5108 [ D90AAB4F2D7ABAF15E258C3F2D22B960 ] C:\Windows\SMINST\Restore7.exe
18:03:33.0531 5108 C:\Windows\SMINST\Restore7.exe - ok
18:03:33.0538 5108 [ 087309DEC72C1FE35973D47BDA9B43F6 ] C:\Program Files\SpywareBlaster\spywareblaster.exe
18:03:33.0538 5108 C:\Program Files\SpywareBlaster\spywareblaster.exe - ok
18:03:33.0545 5108 [ EF7138738A42E668D74B0C38C559EB2A ] C:\Program Files\SpywareBlaster\sbautoupdate.exe
18:03:33.0545 5108 C:\Program Files\SpywareBlaster\sbautoupdate.exe - ok
18:03:33.0552 5108 [ 8640B31939B8768A1D91874576194A37 ] C:\Users\Brandrea\Documents\Brett\3\ConvertXtoDvd.exe
18:03:33.0552 5108 C:\Users\Brandrea\Documents\Brett\3\ConvertXtoDvd.exe - ok
18:03:33.0560 5108 [ 544C6B590324B2400C08B9A1A24EA88F ] C:\Users\Brandrea\Documents\Brett\3\unins000.exe
18:03:33.0560 5108 C:\Users\Brandrea\Documents\Brett\3\unins000.exe - ok
18:03:33.0567 5108 [ 918F785EE5ABC3E77A7B518E2070011E ] C:\Program Files\WinX_DVD_Ripper_Platinum\unins000.exe
18:03:33.0567 5108 C:\Program Files\WinX_DVD_Ripper_Platinum\unins000.exe - ok
18:03:33.0575 5108 [ 162A702C8662F007553F6A1DF9A23353 ] C:\Program Files\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinum.exe
18:03:33.0575 5108 C:\Program Files\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinum.exe - ok
18:03:33.0582 5108 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
18:03:33.0582 5108 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
18:03:33.0590 5108 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
18:03:33.0590 5108 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
18:03:33.0598 5108 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
18:03:33.0598 5108 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
18:03:33.0603 5108 [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
18:03:33.0603 5108 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
18:03:33.0610 5108 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
18:03:33.0610 5108 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
18:03:33.0618 5108 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
18:03:33.0618 5108 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
18:03:33.0626 5108 [ CF514CE8A21808ABD84CE8F307B02BDD ] C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmctxtPS.dll
18:03:33.0626 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\11.2.09195.1.nmctxtPS.dll - ok
18:03:33.0634 5108 [ 9A75518600FBA10980EE94267CA98489 ] C:\Windows\System32\gameux.dll
18:03:33.0634 5108 C:\Windows\System32\gameux.dll - ok
18:03:33.0641 5108 [ 644579C375F63692FC313A09BE7EFB27 ] C:\Program Files\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll
18:03:33.0641 5108 C:\Program Files\Common Files\Pure Networks Shared\Platform\AVManagerUnified.dll - ok
18:03:33.0648 5108 [ C1377779618CF33AFCEF5299309DBEF6 ] C:\Windows\System32\Macromed\Flash\Flash10x.ocx
18:03:33.0648 5108 C:\Windows\System32\Macromed\Flash\Flash10x.ocx - ok
18:03:33.0655 5108 [ 28343BE55C4481EE797559BCE8CCCBAD ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
18:03:33.0656 5108 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
18:03:33.0662 5108 [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ] C:\Windows\System32\consent.exe
18:03:33.0662 5108 C:\Windows\System32\consent.exe - ok
18:03:33.0670 5108 [ 0691B1AD2E55BAA71B14E13439D55E2E ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll
18:03:33.0670 5108 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll - ok
18:03:33.0677 5108 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12122101\uiext.dll
18:03:33.0677 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\uiext.dll - ok
18:03:33.0685 5108 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
18:03:33.0685 5108 C:\Windows\System32\mshtml.dll - ok
18:03:33.0691 5108 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll
18:03:33.0692 5108 C:\Windows\System32\msimtf.dll - ok
18:03:33.0699 5108 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
18:03:33.0699 5108 C:\Windows\System32\msls31.dll - ok
18:03:33.0706 5108 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
18:03:33.0706 5108 C:\Windows\System32\d2d1.dll - ok
18:03:33.0712 5108 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
18:03:33.0712 5108 C:\Windows\System32\DWrite.dll - ok
18:03:33.0720 5108 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
18:03:33.0720 5108 C:\Windows\System32\dxgi.dll - ok
18:03:33.0726 5108 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
18:03:33.0726 5108 C:\Windows\System32\d3d10_1.dll - ok
18:03:33.0734 5108 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
18:03:33.0734 5108 C:\Windows\System32\d3d10_1core.dll - ok
18:03:33.0741 5108 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll
18:03:33.0741 5108 C:\Windows\System32\d3d10warp.dll - ok
18:03:33.0748 5108 [ 8FFDEB99EAC611D617016F2174D48FC6 ] C:\Windows\System32\inetcomm.dll
18:03:33.0749 5108 C:\Windows\System32\inetcomm.dll - ok
18:03:33.0755 5108 [ 214460565D2AC0BC124D14B785ADAE06 ] C:\Windows\System32\msoert2.dll
18:03:33.0755 5108 C:\Windows\System32\msoert2.dll - ok
18:03:33.0762 5108 [ 64B0D18454E65B61B39D3704A9C8EA4D ] C:\Windows\System32\INETRES.dll
18:03:33.0762 5108 C:\Windows\System32\INETRES.dll - ok
18:03:33.0770 5108 [ 30F3D3E322C5339004415D7BC8BF246E ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\python26.dll
18:03:33.0770 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\python26.dll - ok
18:03:33.0777 5108 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:03:33.0777 5108 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
18:03:33.0785 5108 [ 526D928D13E0E141C01BA3799FD8338B ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32api.pyd
18:03:33.0785 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32api.pyd - ok
18:03:33.0792 5108 [ ABC5DCAC962AE8AF7AF214DD0D6D4FF6 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pywintypes26.dll
18:03:33.0792 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pywintypes26.dll - ok
18:03:33.0800 5108 [ 65EE7A7C20134DED91485AEF23C882D4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pythoncom26.dll
18:03:33.0800 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pythoncom26.dll - ok
18:03:33.0807 5108 [ A78890BF2712D6E472788711FB60113B ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32com.shell.shell.pyd
18:03:33.0807 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32com.shell.shell.pyd - ok
18:03:33.0815 5108 [ 2931B1A98FA187834F7E39A598B947E1 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_socket.pyd
18:03:33.0815 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_socket.pyd - ok
18:03:33.0822 5108 [ 234CF1A2306CD5645011A298F0D3584A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ssl.pyd
18:03:33.0822 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ssl.pyd - ok
18:03:33.0830 5108 [ DAFA56C9092C7CC163CD85A246E5A674 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._core_.pyd
18:03:33.0830 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._core_.pyd - ok
18:03:33.0837 5108 [ 9E6AD2917D6FD7730FF37B50F7053183 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_vc.dll
18:03:33.0837 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_vc.dll - ok
18:03:33.0844 5108 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
18:03:33.0844 5108 C:\Windows\System32\msvcr100_clr0400.dll - ok
18:03:33.0851 5108 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
18:03:33.0852 5108 C:\Windows\System32\mscoree.dll - ok
18:03:33.0855 5108 [ 29CD1F3E9148FCD542DEC355A41776AF ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_net_vc.dll
18:03:33.0855 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxbase293u_net_vc.dll - ok
18:03:33.0863 5108 [ 2B9A6B7B7A3997C12841A5D869F022A4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_core_vc.dll
18:03:33.0864 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_core_vc.dll - ok
18:03:33.0871 5108 [ FF13BC0EAD656E2DE88BD245BA3D2BF7 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_adv_vc.dll
18:03:33.0871 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_adv_vc.dll - ok
18:03:33.0879 5108 [ 86AEF2219E35F086AB78BA9FBC0FA1E7 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._gdi_.pyd
18:03:33.0879 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._gdi_.pyd - ok
18:03:33.0886 5108 [ 6CB0403BDFB83F114F6EBFBD1163B220 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._windows_.pyd
18:03:33.0886 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._windows_.pyd - ok
18:03:33.0893 5108 [ 89F9E1984C1CD9E5F4FE39642D886E11 ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
18:03:33.0893 5108 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
18:03:33.0900 5108 [ 699EFC4D6FE0A2FE24D7049608F2D543 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_html_vc.dll
18:03:33.0900 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_html_vc.dll - ok
18:03:33.0908 5108 [ 09B6A5A2F9EAD10D50E3AEA7934E6DE4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._controls_.pyd
18:03:33.0908 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._controls_.pyd - ok
18:03:33.0916 5108 [ 03B6D87D79E269526AA2B1370DE65675 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._misc_.pyd
18:03:33.0916 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._misc_.pyd - ok
18:03:33.0923 5108 [ 78B16D439F3562552AEB38D352F00567 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_hashlib.pyd
18:03:33.0923 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_hashlib.pyd - ok
18:03:33.0931 5108 [ 15DE81EC02716D08B17EBF5AFC2190B8 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pysqlite2._sqlite.pyd
18:03:33.0931 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pysqlite2._sqlite.pyd - ok
18:03:33.0938 5108 [ 8DC2EB39AF2A01C5C28E50685F5B78A5 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ctypes.pyd
18:03:33.0938 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_ctypes.pyd - ok
18:03:33.0946 5108 [ 94CD8007843957C9A499F3B4ECBAF0D8 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32file.pyd
18:03:33.0946 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32file.pyd - ok
18:03:33.0953 5108 [ E282EA80BE94B90E656A475EFCAC89C2 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32event.pyd
18:03:33.0953 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32event.pyd - ok
18:03:33.0961 5108 [ 37FAE00D4F6DEC20EFAFC157C4B3499A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_elementtree.pyd
18:03:33.0961 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\_elementtree.pyd - ok
18:03:33.0968 5108 [ DF495F31AA306DBFEC3E7CDBB2711CF1 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pyexpat.pyd
18:03:33.0968 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\pyexpat.pyd - ok
18:03:33.0976 5108 [ A294A77B4271CE24BC830F8CA376E018 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32inet.pyd
18:03:33.0976 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32inet.pyd - ok
18:03:33.0983 5108 [ 7106BE04428936372FB6D826956A12D4 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._wizard.pyd
18:03:33.0983 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._wizard.pyd - ok
18:03:33.0991 5108 [ BA3C226B01FF615107659411AE01E3B0 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\unicodedata.pyd
18:03:33.0991 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\unicodedata.pyd - ok
18:03:33.0998 5108 [ 3A4F66ADDDF413DCD1C714B2BEBAF98A ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._html2.pyd
18:03:33.0998 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wx._html2.pyd - ok
18:03:34.0006 5108 [ 3D01C7F884349A6170A1E0D3CF812333 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_webview_vc.dll
18:03:34.0006 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\wxmsw293u_webview_vc.dll - ok
18:03:34.0014 5108 [ 3C1E19C2E71967311F2D7B2790D18615 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32security.pyd
18:03:34.0014 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32security.pyd - ok
18:03:34.0021 5108 [ 61A4E2E48CD692390EC964F0F1BBEFE2 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32pdh.pyd
18:03:34.0021 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32pdh.pyd - ok
18:03:34.0028 5108 [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\System32\pdh.dll
18:03:34.0028 5108 C:\Windows\System32\pdh.dll - ok
18:03:34.0037 5108 [ 417EABEB28130AAFDB51689ABADFB501 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\windows._cacheinvalidation.pyd
18:03:34.0037 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\windows._cacheinvalidation.pyd - ok
18:03:34.0044 5108 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:03:34.0044 5108 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:03:34.0051 5108 [ 3C303C9D3EA9C64742931CAC0E351910 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\select.pyd
18:03:34.0051 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\select.pyd - ok
18:03:34.0058 5108 [ 6EC174E577B7AB75B3A1A9858B2DB261 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32crypt.pyd
18:03:34.0059 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32crypt.pyd - ok
18:03:34.0066 5108 [ 5BF6BA38B703DF5BBE18358A3188C929 ] C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32process.pyd
18:03:34.0066 5108 C:\Users\Brandrea\AppData\Local\temp\_MEI24722\win32process.pyd - ok
18:03:34.0074 5108 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
18:03:34.0074 5108 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
18:03:34.0081 5108 [ 143A247AB424D2AB25A94189D10484AA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll
18:03:34.0081 5108 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll - ok
18:03:34.0089 5108 [ 3787A4BC97CE6C630F4B581425223D96 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
18:03:34.0089 5108 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
18:03:34.0096 5108 [ 48F7A3E0B70C815A5AE88BF7736103A9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll
18:03:34.0097 5108 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll - ok
18:03:34.0107 5108 [ F2533BD06936D2A9D9F4FD41CAEAA6E5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll
18:03:34.0107 5108 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll - ok
18:03:34.0111 5108 [ A3DA2901494298675BA64C331CC3E815 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll
18:03:34.0111 5108 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\2633dbf77be293b3a8693b6b062fd787\System.Runtime.Remoting.ni.dll - ok
18:03:34.0119 5108 [ 8AD53763BB3A4091D7731DE368BCB575 ] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
18:03:34.0119 5108 C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
18:03:34.0126 5108 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
18:03:34.0126 5108 C:\Windows\System32\msdtckrm.dll - ok
18:03:34.0134 5108 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
18:03:34.0134 5108 C:\Windows\System32\wuapi.dll - ok
18:03:34.0140 5108 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll
18:03:34.0140 5108 C:\Windows\System32\wscproxystub.dll - ok
18:03:34.0147 5108 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
18:03:34.0147 5108 C:\Windows\System32\wups.dll - ok
18:03:34.0154 5108 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
18:03:34.0154 5108 C:\Windows\System32\mspatcha.dll - ok
18:03:34.0161 5108 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
18:03:34.0161 5108 C:\Windows\System32\wups2.dll - ok
18:03:34.0169 5108 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe
18:03:34.0169 5108 C:\Windows\System32\wbem\WMIADAP.exe - ok
18:03:34.0175 5108 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll
18:03:34.0175 5108 C:\Windows\System32\loadperf.dll - ok
18:03:34.0183 5108 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12122101\aspColl.dll
18:03:34.0183 5108 C:\Program Files\AVAST Software\Avast\defs\12122101\aspColl.dll - ok
18:03:34.0190 5108 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe
18:03:34.0190 5108 C:\Windows\System32\wuauclt.exe - ok
18:03:34.0197 5108 [ DFCE15E59B8AC862B8E3CA6E43FE33F8 ] C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
18:03:34.0197 5108 C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - ok
18:03:34.0205 5108 [ E7D55E121FF1951CB86C7E0DC6A33877 ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
18:03:34.0205 5108 C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
18:03:34.0212 5108 [ 39BC84FB160ADB1191D4883C6CFFBC14 ] C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
18:03:34.0212 5108 C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - ok
18:03:34.0219 5108 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll
18:03:34.0219 5108 C:\Windows\System32\slwga.dll - ok
18:03:34.0226 5108 [ A58374D1A487C3CF98355BA92C0188C0 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll
18:03:34.0226 5108 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\CbsCore.dll - ok
18:03:34.0235 5108 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll
18:03:34.0235 5108 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wdscore.dll - ok
18:03:34.0242 5108 [ 4EBDD20AFC19AAECBA2893D128DD5ECD ] C:\Windows\System32\dpx.dll
18:03:34.0242 5108 C:\Windows\System32\dpx.dll - ok
18:03:34.0249 5108 [ 971B711E37CF2CEDCE57B54384640E54 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll
18:03:34.0250 5108 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wcp.dll - ok
18:03:34.0257 5108 [ 47071DD42F703390B205B33B11DAB65C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll
18:03:34.0257 5108 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\DrUpdate.dll - ok
18:03:34.0265 5108 [ BC8E5F6AAF447364A6F6A00D3F8FAF29 ] C:\Windows\System32\srclient.dll
18:03:34.0265 5108 C:\Windows\System32\srclient.dll - ok
18:03:34.0271 5108 [ 43AEF7355D24090CA7C24C83846BD981 ] C:\Windows\System32\spp.dll
18:03:34.0271 5108 C:\Windows\System32\spp.dll - ok
18:03:34.0279 5108 [ 380E6B396644EDCDFA07E52D7D95EF99 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll
18:03:34.0279 5108 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\wrpint.dll - ok
18:03:34.0286 5108 [ 9F433F65D10043295F42DD015B189426 ] C:\Windows\System32\sxsstore.dll
18:03:34.0287 5108 C:\Windows\System32\sxsstore.dll - ok
18:03:34.0293 5108 [ F6DFDFD5BC950275DE3B285E108CB974 ] C:\Windows\servicing\CbsApi.dll
18:03:34.0293 5108 C:\Windows\servicing\CbsApi.dll - ok
18:03:34.0301 5108 [ 031DA76A5A7DC13F015DD3491394865E ] C:\Windows\System32\advpack.dll
18:03:34.0301 5108 C:\Windows\System32\advpack.dll - ok
18:03:34.0307 5108 [ 801F1E963F7EEFFDA3F9EF89DB3EF133 ] C:\Windows\System32\radardt.dll
18:03:34.0308 5108 C:\Windows\System32\radardt.dll - ok
18:03:34.0315 5108 [ E8B0A9ECB76AAA0C3519E16F34A49858 ] C:\Windows\System32\wsqmcons.exe
18:03:34.0315 5108 C:\Windows\System32\wsqmcons.exe - ok
18:03:34.0322 5108 [ 8A38B5E8493A9D103083B8620AC5F3A1 ] C:\Windows\System32\tdh.dll
18:03:34.0322 5108 C:\Windows\System32\tdh.dll - ok
18:03:34.0329 5108 [ 8EE772032E2FE80A924F3B8DD5082194 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:03:34.0329 5108 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - ok
18:03:34.0337 5108 [ A94146208170D78906C93EE39CEBDD9F ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:03:34.0337 5108 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
18:03:34.0345 5108 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] C:\Windows\System32\dfsr.exe
18:03:34.0345 5108 C:\Windows\System32\dfsr.exe - ok
18:03:34.0352 5108 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:03:34.0352 5108 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe - ok
18:03:34.0359 5108 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
18:03:34.0359 5108 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
18:03:34.0364 5108 [ 6F95324909B502E2651442C1548AB12F ] C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:03:34.0364 5108 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - ok
18:03:34.0372 5108 [ 98477B08E61945F974ED9FDC4CB6BDAB ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:03:34.0372 5108 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe - ok
18:03:34.0381 5108 [ E8A39D41474BE42FD8830CED32932D6C ] C:\Program Files\iPod\bin\iPodService.exe
18:03:34.0381 5108 C:\Program Files\iPod\bin\iPodService.exe - ok
18:03:34.0387 5108 [ 2D5A428872F1442631D0959A34ABFF63 ] C:\Windows\System32\lltdsvc.dll
18:03:34.0387 5108 C:\Windows\System32\lltdsvc.dll - ok
18:03:34.0395 5108 [ AEF9BABB8A506BC4CE0451A64AADED46 ] C:\Windows\System32\Mcx2Svc.dll
18:03:34.0395 5108 C:\Windows\System32\Mcx2Svc.dll - ok
18:03:34.0402 5108 [ 123271BD5237AB991DC5C21FDF8835EB ] C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:03:34.0402 5108 C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe - ok
18:03:34.0409 5108 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:03:34.0410 5108 C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe - ok
18:03:34.0417 5108 [ FD7520CC3A80C5FC8C48852BB24C6DED ] C:\Windows\System32\msdtc.exe
18:03:34.0418 5108 C:\Windows\System32\msdtc.exe - ok
18:03:34.0425 5108 [ 85466C0757A23D9A9AECDC0755203CB2 ] C:\Windows\System32\iscsiexe.dll
18:03:34.0425 5108 C:\Windows\System32\iscsiexe.dll - ok
18:03:34.0432 5108 [ D6C4E4A39A36029AC0813D476FBD0248 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:03:34.0432 5108 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe - ok
18:03:34.0441 5108 [ 785F487A64950F3CB8E9F16253BA3B7B ] C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE
18:03:34.0441 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\ODSERV.EXE - ok
18:03:34.0448 5108 [ 5A432A042DAE460ABE7199B758E8606C ] C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
18:03:34.0448 5108 C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE - ok
18:03:34.0455 5108 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
18:03:34.0455 5108 C:\Program Files\Windows Defender\MpSvc.dll - ok
18:03:34.0463 5108 [ 9400A4BE6F7A1AD44784DDE01FC7FA95 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\msoshext.dll
18:03:34.0463 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\msoshext.dll - ok
18:03:34.0470 5108 [ 8FECD12803558FA84F63B7DDD16D89F1 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll
18:03:34.0470 5108 C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok
18:03:34.0478 5108 [ 938ACF2A4F7FDAFF322FD36F0B14D45A ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
18:03:34.0478 5108 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
18:03:34.0485 5108 [ D6804F089CBB6749E95124E7C4D80900 ] C:\Windows\AppPatch\AcLayers.dll
18:03:34.0485 5108 C:\Windows\AppPatch\AcLayers.dll - ok
18:03:34.0493 5108 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL
18:03:34.0493 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
18:03:34.0500 5108 [ C7D010BD8BCEF2EB3FCA8F7CD3C08D9F ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL
18:03:34.0500 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL - ok
18:03:34.0508 5108 [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL
18:03:34.0508 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok
18:03:34.0515 5108 [ D291FA0A37901E5E5A687813FA2AF2B5 ] C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
18:03:34.0515 5108 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll - ok
18:03:34.0523 5108 [ 11913501760C633AC044A56FFD6A9A2E ] C:\Program Files\Common Files\System\ado\msadox.dll
18:03:34.0523 5108 C:\Program Files\Common Files\System\ado\msadox.dll - ok
18:03:34.0530 5108 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
18:03:34.0530 5108 C:\Windows\System32\msftedit.dll - ok
18:03:34.0537 5108 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll
18:03:34.0537 5108 C:\Windows\System32\wpdshext.dll - ok
18:03:34.0544 5108 [ 67C30FAFA58BD7E02A9DA8BE28512934 ] C:\Windows\System32\audiodev.dll
18:03:34.0544 5108 C:\Windows\System32\audiodev.dll - ok
18:03:34.0551 5108 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL
18:03:34.0551 5108 C:\Windows\System32\WMVCORE.DLL - ok
18:03:34.0558 5108 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL
18:03:34.0559 5108 C:\Windows\System32\WMASF.DLL - ok
18:03:34.0565 5108 [ 9E5C1D19851FAE2ACDBA118AB20D55AC ] C:\Windows\System32\EhStorAPI.dll
18:03:34.0565 5108 C:\Windows\System32\EhStorAPI.dll - ok
18:03:34.0573 5108 [ FC630B6804CE57491B1F7E7F425AA805 ] C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll
18:03:34.0573 5108 C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll - ok
18:03:34.0580 5108 [ 7D80F287AEEDD39C03E118E0EBD3311E ] C:\Windows\System32\zipfldr.dll
18:03:34.0580 5108 C:\Windows\System32\zipfldr.dll - ok
18:03:34.0588 5108 [ BABA8F29C9D46A2094ECD332524B61C5 ] C:\Program Files\WinRAR\RarExt.dll
18:03:34.0588 5108 C:\Program Files\WinRAR\RarExt.dll - ok
18:03:34.0595 5108 [ 95A5497D129D95D12A46F7848AFFE1DB ] C:\Windows\System32\comsvcs.dll
18:03:34.0595 5108 C:\Windows\System32\comsvcs.dll - ok
18:03:34.0602 5108 [ 42B311AED708D3773C5A94F1F92F581E ] C:\Windows\System32\lpremove.exe
18:03:34.0602 5108 C:\Windows\System32\lpremove.exe - ok
18:03:34.0610 5108 [ FBD6B3BB2A40478DF5434A073D571CAE ] C:\Windows\System32\RacAgent.exe
18:03:34.0610 5108 C:\Windows\System32\RacAgent.exe - ok
18:03:34.0614 5108 [ 9EFF12E09FF0EA85D43A3AC1F1EEBCE9 ] C:\Windows\System32\RacEngn.dll
18:03:34.0615 5108 C:\Windows\System32\RacEngn.dll - ok
18:03:34.0622 5108 [ 01FB02762AEF28A55CF21363D3919AB4 ] C:\Windows\System32\lpksetup.exe
18:03:34.0622 5108 C:\Windows\System32\lpksetup.exe - ok
18:03:34.0629 5108 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Windows\temp\asw58AA.tmp
18:03:34.0629 5108 C:\Windows\temp\asw58AA.tmp - ok
18:03:34.0637 5108 [ 00BD755B3EAF9C91711716FC1ECF9392 ] C:\Users\Brandrea\AppData\Local\temp\aswMBR.sys
18:03:34.0637 5108 C:\Users\Brandrea\AppData\Local\temp\aswMBR.sys - ok
18:03:34.0644 5108 [ 6A625B8787098FAFCF0A2480DB53AEA4 ] C:\Program Files\HP\QuickPlay\Kernel\Video\CLMedia.dll
18:03:34.0644 5108 C:\Program Files\HP\QuickPlay\Kernel\Video\CLMedia.dll - ok
18:03:34.0652 5108 [ 5CAA8398B6A769B24880C18DA4185BEC ] C:\Windows\System32\mpg2splt.ax
18:03:34.0652 5108 C:\Windows\System32\mpg2splt.ax - ok
18:03:34.0658 5108 [ 8590BDF8F3B5EACAEEA5559CEC9647BF ] C:\Windows\ehome\ehtrace.dll
18:03:34.0658 5108 C:\Windows\ehome\ehtrace.dll - ok
18:03:34.0665 5108 [ 8DDFDF8A433DC09F92ACA1F3DE4DE067 ] C:\Windows\System32\MediaMetadataHandler.dll
18:03:34.0665 5108 C:\Windows\System32\MediaMetadataHandler.dll - ok
18:03:34.0672 5108 [ 8F960A1A3D9A7B829FD9DCE2689030F6 ] C:\Windows\System32\qedit.dll
18:03:34.0672 5108 C:\Windows\System32\qedit.dll - ok
18:03:34.0679 5108 [ 73AC55EDD9B5AB53F0D3A43E6FD00050 ] C:\Program Files\CyberLink\PowerDirector\PDM1Splter.ax
18:03:34.0679 5108 C:\Program Files\CyberLink\PowerDirector\PDM1Splter.ax - ok
18:03:34.0687 5108 [ D2E83E7BA4AB0FD89CA6D20916EFB7E9 ] C:\Program Files\CyberLink\PowerDirector\msvcp60.dll
18:03:34.0687 5108 C:\Program Files\CyberLink\PowerDirector\msvcp60.dll - ok
18:03:34.0694 5108 [ 8E778D62FF424B9304F77E848BF48DAC ] C:\Program Files\CyberLink\PowerDirector\PDM2Splter.ax
18:03:34.0694 5108 C:\Program Files\CyberLink\PowerDirector\PDM2Splter.ax - ok
18:03:34.0702 5108 [ B034DA94105B60534C96875BAF50C43B ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\VSFilter.dll
18:03:34.0702 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\VSFilter.dll - ok
18:03:34.0709 5108 [ 73E18311CCEE6EBB421292BEC75D84AA ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcspmpeg.ax
18:03:34.0709 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcspmpeg.ax - ok
18:03:34.0718 5108 [ 21274BB70DB6EBD7365EE1C8BB3E855D ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpegin.dll
18:03:34.0718 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpegin.dll - ok
18:03:34.0725 5108 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\msvcr71.dll
18:03:34.0725 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\msvcr71.dll - ok
18:03:34.0733 5108 [ 531F8ED0708BCD3537389C209CBB0A71 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcdsmpeg.ax
18:03:34.0734 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcdsmpeg.ax - ok
18:03:34.0741 5108 [ FF448C17182CB33EBFFB8EA0E05CC75B ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpgdec.dll
18:03:34.0741 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcmpgdec.dll - ok
18:03:34.0749 5108 [ 181C3C83CC18C402B6D1EF3D8B84E989 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcac3dec.dll
18:03:34.0749 5108 C:\Program Files\muvee Technologies\muvee autoProducer 6.1 - SE\mvBurnerDll\mcac3dec.dll - ok
18:03:34.0757 5108 [ 8AEF2782806C82A547A8B1BB273E5C27 ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\FLVSplitter.ax
18:03:34.0757 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\FLVSplitter.ax - ok
18:03:34.0765 5108 [ 707CB15443F8915701C3B0B747C2B799 ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\WavPackDSSplitter.ax
18:03:34.0766 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\WavPackDSSplitter.ax - ok
18:03:34.0772 5108 [ 330E7E99A0911898CD1EF69384220032 ] C:\Windows\System32\MSMPEG2ADEC.DLL
18:03:34.0773 5108 C:\Windows\System32\MSMPEG2ADEC.DLL - ok
18:03:34.0780 5108 [ 937205B9483FE3B4F80DCF681AF8B2DE ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax
18:03:34.0780 5108 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveedsmpeg.ax - ok
18:03:34.0787 5108 [ 55A7A2FDEB8613FE308D44D3F76F3A30 ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll
18:03:34.0787 5108 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempgdec.dll - ok
18:03:34.0795 5108 [ 3D982F46121DF932BEAD9F22DADFBAA9 ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveespmpeg.ax
18:03:34.0795 5108 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveespmpeg.ax - ok
18:03:34.0803 5108 [ 63D8FB6F428A9D0F782E4F687AB6DE02 ] C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempegin.dll
18:03:34.0803 5108 C:\Program Files\Common Files\muvee Technologies\MainConcept2\muveempegin.dll - ok
18:03:34.0811 5108 [ 674FB3D19EC45ABDB40F03659C781F7C ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\splitter.ax
18:03:34.0811 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\splitter.ax - ok
18:03:34.0818 5108 [ A5EE4284DFF89D897AA08898AFC0DEC8 ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\mkzlib.dll
18:03:34.0818 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\mkzlib.dll - ok
18:03:34.0827 5108 [ 4A93524B0DFEEA362DE46B441C7667DC ] C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\mkunicode.dll
18:03:34.0827 5108 C:\Users\Brandrea\Documents\Brett\media player classic\Combined Community Codec Pack\Filters\Haali\mkunicode.dll - ok
18:03:34.0834 5108 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
18:03:34.0834 5108 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
18:03:34.0841 5108 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files\Mozilla Firefox\mozglue.dll
18:03:34.0841 5108 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
18:03:34.0849 5108 [ 4D8CAE21D3617DBC539F0A7ACEB66FAD ] C:\Program Files\Mozilla Firefox\nspr4.dll
18:03:34.0849 5108 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
18:03:34.0856 5108 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
18:03:34.0856 5108 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
18:03:34.0863 5108 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files\Mozilla Firefox\mozjs.dll
18:03:34.0863 5108 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
18:03:34.0867 5108 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files\Mozilla Firefox\plc4.dll
18:03:34.0867 5108 C:\Program Files\Mozilla Firefox\plc4.dll - ok
18:03:34.0874 5108 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files\Mozilla Firefox\plds4.dll
18:03:34.0875 5108 C:\Program Files\Mozilla Firefox\plds4.dll - ok
18:03:34.0882 5108 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files\Mozilla Firefox\nssutil3.dll
18:03:34.0882 5108 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
18:03:34.0889 5108 [ 0206166F245BE09DC9C1550AFB2C0B8D ] C:\Program Files\Mozilla Firefox\nss3.dll
18:03:34.0891 5108 C:\Program Files\Mozilla Firefox\nss3.dll - ok
18:03:34.0896 5108 [ 9F135327116E63D522BFEF39F37CB2E6 ] C:\Program Files\Mozilla Firefox\smime3.dll
18:03:34.0896 5108 C:\Program Files\Mozilla Firefox\smime3.dll - ok
18:03:34.0903 5108 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files\Mozilla Firefox\ssl3.dll
18:03:34.0903 5108 C:\Program Files\Mozilla Firefox\ssl3.dll - ok
18:03:34.0911 5108 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
18:03:34.0911 5108 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
18:03:34.0917 5108 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files\Mozilla Firefox\mozalloc.dll
18:03:34.0918 5108 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
18:03:34.0925 5108 [ A38B82A306CDDA0BB141225F92FC9F85 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
18:03:34.0926 5108 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
18:03:34.0932 5108 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files\Mozilla Firefox\xul.dll
18:03:34.0932 5108 C:\Program Files\Mozilla Firefox\xul.dll - ok
18:03:34.0939 5108 [ 4D774B94671141D491CFCB4CA3650EBF ] C:\Program Files\Mozilla Firefox\xpcom.dll
18:03:34.0940 5108 C:\Program Files\Mozilla Firefox\xpcom.dll - ok
18:03:34.0947 5108 [ 520B9EF148145FDE39E4FB77E0C7FC48 ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
18:03:34.0947 5108 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
18:03:34.0955 5108 [ DD1B8F07C62A4A179FDD265E1C5B2581 ] C:\Windows\System32\igd10umd32.dll
18:03:34.0956 5108 C:\Windows\System32\igd10umd32.dll - ok
18:03:34.0962 5108 [ BFA034AAC103D8A6F591AC9364688339 ] C:\Windows\System32\t2embed.dll
18:03:34.0962 5108 C:\Windows\System32\t2embed.dll - ok
18:03:34.0968 5108 [ 9662E514A77389EB6F7E846DB8B44C4D ] C:\Program Files\Mozilla Firefox\softokn3.dll
18:03:34.0968 5108 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
18:03:34.0976 5108 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
18:03:34.0976 5108 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
18:03:34.0983 5108 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files\Mozilla Firefox\freebl3.dll
18:03:34.0983 5108 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
18:03:34.0990 5108 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files\Mozilla Firefox\nssckbi.dll
18:03:34.0991 5108 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
18:03:34.0997 5108 [ E42BD47C42B9A23B11F6B34A694D59D3 ] C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
18:03:34.0998 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll - ok
18:03:35.0005 5108 [ 5EB6F21D95E728C61BCFC89F899D6BB0 ] C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
18:03:35.0006 5108 C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - ok
18:03:35.0012 5108 [ 1040BD9BF3DDAB7CDA2346F8375480A2 ] C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
18:03:35.0012 5108 C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - ok
18:03:35.0020 5108 [ 2A0DD9961ED969EB10781DBC57EBA9CC ] C:\Program Files\QuickTime\QuickTimePlayer.exe
18:03:35.0020 5108 C:\Program Files\QuickTime\QuickTimePlayer.exe - ok
18:03:35.0027 5108 [ EDEB29C82E4B4671F99D68C9E0ECBD29 ] C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
18:03:35.0027 5108 C:\Program Files\Windows Photo Gallery\PhotoViewer.dll - ok
18:03:35.0036 5108 [ C142445B59C1DABA31F6397A34C42C74 ] C:\Program Files\Mozilla Firefox\plugin-container.exe
18:03:35.0036 5108 C:\Program Files\Mozilla Firefox\plugin-container.exe - ok
18:03:35.0042 5108 [ A944A73CEC5921B871542FE5CC5E03E4 ] C:\Windows\System32\olepro32.dll
18:03:35.0042 5108 C:\Windows\System32\olepro32.dll - ok
18:03:35.0048 5108 [ A6950BA89334D51EC281904781B89BD2 ] C:\Windows\System32\asycfilt.dll
18:03:35.0048 5108 C:\Windows\System32\asycfilt.dll - ok
18:03:35.0056 5108 [ A461158A23759D8D5EA2AC847A1932CA ] C:\Program Files\Foxit Software\Foxit Reader\plugins\docusign_plugin.fpi
18:03:35.0057 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\docusign_plugin.fpi - ok
18:03:35.0064 5108 [ BF99DD2CD12507F90A7B57EE048BA3CA ] C:\Program Files\Foxit Software\Foxit Reader\plugins\facebook_plugin.fpi
18:03:35.0064 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\facebook_plugin.fpi - ok
18:03:35.0072 5108 [ 30F9ED83925FE7766537964A649AF764 ] C:\Program Files\Foxit Software\Foxit Reader\plugins\FRMSPlg.fpi
18:03:35.0072 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\FRMSPlg.fpi - ok
18:03:35.0079 5108 [ CEB1A95EA9E8E19DA8D78E3F1D82861F ] C:\Program Files\Foxit Software\Foxit Reader\plugins\IntegrateWithSP.fpi
18:03:35.0079 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\IntegrateWithSP.fpi - ok
18:03:35.0087 5108 [ C3D0A68E6427F6954C065587983ACB70 ] C:\Program Files\Foxit Software\Foxit Reader\plugins\Speech.fpi
18:03:35.0088 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\Speech.fpi - ok
18:03:35.0095 5108 [ BFD0632BBF45FF11ADD8686A723C110B ] C:\Program Files\Foxit Software\Foxit Reader\plugins\Updater.fpi
18:03:35.0095 5108 C:\Program Files\Foxit Software\Foxit Reader\plugins\Updater.fpi - ok
18:03:35.0103 5108 [ 296408B8842146C5E0C1A15C7F863FC4 ] C:\Windows\System32\Speech\Common\sapi.dll
18:03:35.0103 5108 C:\Windows\System32\Speech\Common\sapi.dll - ok
18:03:35.0109 5108 [ 0B883A187017547784420E0A855604D9 ] C:\Windows\System32\scrnsave.scr
18:03:35.0109 5108 C:\Windows\System32\scrnsave.scr - ok
18:03:35.0114 5108 [ 6C8C001EF62CEFA7E333AF8D0AAED564 ] C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
18:03:35.0114 5108 C:\Program Files\Microsoft Office\Office12\WINWORD.EXE - ok
18:03:35.0123 5108 [ 18A67CD5082F436D28DD8007CC4A46B6 ] C:\Program Files\Microsoft Office\Office12\WWLIB.DLL
18:03:35.0123 5108 C:\Program Files\Microsoft Office\Office12\WWLIB.DLL - ok
18:03:35.0130 5108 [ 2C6E01C2269CD4306AD2BC070A2A68F8 ] C:\Program Files\Microsoft Office\Office12\OART.DLL
18:03:35.0130 5108 C:\Program Files\Microsoft Office\Office12\OART.DLL - ok
18:03:35.0138 5108 [ BEF1EAD605CF791FDBB48ADD71075509 ] C:\Program Files\Microsoft Office\Office12\1033\WWINTL.DLL
18:03:35.0138 5108 C:\Program Files\Microsoft Office\Office12\1033\WWINTL.DLL - ok
18:03:35.0145 5108 [ 8FA9A16022A664F536B616130B2EA866 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
18:03:35.0145 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL - ok
18:03:35.0153 5108 [ 55FE8FAC73A5BFEDDBB507DA2C592FBB ] C:\Windows\System32\spool\drivers\w32x86\3\msonpdrv.dll
18:03:35.0153 5108 C:\Windows\System32\spool\drivers\w32x86\3\msonpdrv.dll - ok
18:03:35.0160 5108 [ 255067890FB0D4666DB013DBDBC86969 ] C:\Windows\System32\spool\drivers\w32x86\3\msonpui.dll
18:03:35.0160 5108 C:\Windows\System32\spool\drivers\w32x86\3\msonpui.dll - ok
18:03:35.0168 5108 [ 1A8B4857F2CAAED89E16B1ED1F24930D ] C:\Program Files\Common Files\microsoft shared\OFFICE12\RICHED20.DLL
18:03:35.0168 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\RICHED20.DLL - ok
18:03:35.0175 5108 [ 53B202ABEE6455406254444303E87BE1 ] C:\Windows\System32\drivers\asyncmac.sys
18:03:35.0175 5108 C:\Windows\System32\drivers\asyncmac.sys - ok
18:03:35.0182 5108 [ DA79517783552B80229705D9720B8E8D ] C:\Program Files\Microsoft Office\Office12\msproof6.dll
18:03:35.0182 5108 C:\Program Files\Microsoft Office\Office12\msproof6.dll - ok
18:03:35.0190 5108 [ C2B290CE6B81520B96377E890F4C021C ] C:\Program Files\Common Files\microsoft shared\PROOF\1033\MSGR3EN.DLL
18:03:35.0190 5108 C:\Program Files\Common Files\microsoft shared\PROOF\1033\MSGR3EN.DLL - ok
18:03:35.0197 5108 [ 00B619569B21ED6FA7885FB49C08D7C9 ] C:\Program Files\Common Files\microsoft shared\Filters\offfiltx.dll
18:03:35.0197 5108 C:\Program Files\Common Files\microsoft shared\Filters\offfiltx.dll - ok
18:03:35.0205 5108 [ 4A1B8AF97E3B0AEF8BE1B8684277200B ] C:\Program Files\Common Files\microsoft shared\OFFICE12\OGL.DLL
18:03:35.0205 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\OGL.DLL - ok
18:03:35.0213 5108 [ 3A9FBA6005BC10EF8D1E61B9FE589505 ] C:\Program Files\Microsoft Office\Office12\NLSDATA0009.DLL
18:03:35.0213 5108 C:\Program Files\Microsoft Office\Office12\NLSDATA0009.DLL - ok
18:03:35.0220 5108 [ 1A514CA70E5FAF1CEC2F51CDAB1367A7 ] C:\Program Files\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll
18:03:35.0220 5108 C:\Program Files\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll - ok
18:03:35.0229 5108 [ 707F023159B541EAD5DD6ADB2E605443 ] C:\Program Files\Microsoft Office\Office12\NLSMODELS0009.dll
18:03:35.0229 5108 C:\Program Files\Microsoft Office\Office12\NLSMODELS0009.dll - ok
18:03:35.0236 5108 [ 1F171553F1138DC0062A71A7D275055A ] C:\Windows\System32\schtasks.exe
18:03:35.0236 5108 C:\Windows\System32\schtasks.exe - ok
18:03:35.0243 5108 [ 247609D2CD28A57BC1FE37FDA48AC0DB ] C:\Windows\System32\PhotoMetadataHandler.dll
18:03:35.0243 5108 C:\Windows\System32\PhotoMetadataHandler.dll - ok
18:03:35.0251 5108 [ 012A965F34414458075EF4F0EDC11536 ] C:\Windows\System32\WindowsCodecsExt.dll
18:03:35.0251 5108 C:\Windows\System32\WindowsCodecsExt.dll - ok
18:03:35.0257 5108 [ 16FEE292E95EDC274385103E6B498019 ] C:\Windows\System32\mstsc.exe
18:03:35.0257 5108 C:\Windows\System32\mstsc.exe - ok
18:03:35.0265 5108 [ 0EF9876FA3041574F4C6E6FA1B646D2A ] C:\Program Files\Microsoft Office\Office12\Moc.exe
18:03:35.0265 5108 C:\Program Files\Microsoft Office\Office12\Moc.exe - ok
18:03:35.0271 5108 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll
18:03:35.0272 5108 C:\Windows\System32\dciman32.dll - ok
18:03:35.0279 5108 [ 77784A2BD5912A4EC6284255865526BC ] C:\Windows\System32\Faultrep.dll
18:03:35.0279 5108 C:\Windows\System32\Faultrep.dll - ok
18:03:35.0286 5108 [ 7BEDD051B53821B040EAD42DB0724848 ] C:\Windows\System32\WerFault.exe
18:03:35.0286 5108 C:\Windows\System32\WerFault.exe - ok
18:03:35.0294 5108 [ 447983959A8CF49C4CC3B65DED69AF28 ] C:\Windows\System32\dbgeng.dll
18:03:35.0294 5108 C:\Windows\System32\dbgeng.dll - ok
18:03:35.0300 5108 [ 0F271A7E6F1233EEC68C0269CFBF0C84 ] C:\Program Files\HP\QuickPlay\Kernel\TV\264be.dll
18:03:35.0300 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\264be.dll - ok
18:03:35.0307 5108 [ 4BF6A12BADDDF4C7B52108A7DA735CCD ] C:\Program Files\HP\QuickPlay\Kernel\TV\264dmmx.dll
18:03:35.0307 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\264dmmx.dll - ok
18:03:35.0314 5108 [ DB551A68E81C9049AE050DC0729F3FED ] C:\Windows\System32\pots.dll
18:03:35.0314 5108 C:\Windows\System32\pots.dll - ok
18:03:35.0321 5108 [ 6859BCFA662881C224B2E652E18FFE63 ] C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse.dll
18:03:35.0321 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse.dll - ok
18:03:35.0329 5108 [ FA6F677FC50CB4BAD99B1746896321A0 ] C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse2.dll
18:03:35.0329 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse2.dll - ok
18:03:35.0336 5108 [ DB60BA8C7C96CC97FAD1597C2A41BF99 ] C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse3.dll
18:03:35.0336 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\264dsse3.dll - ok
18:03:35.0344 5108 [ 6278988552CF43464EA36164D4507B3C ] C:\Program Files\HP\QuickPlay\Kernel\TV\CapInst.exe
18:03:35.0344 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CapInst.exe - ok
18:03:35.0351 5108 [ D680F97D9E5C0CE456BB52D4F918E0AC ] C:\Program Files\HP\QuickPlay\Kernel\TV\CapSetup.dll
18:03:35.0351 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CapSetup.dll - ok
18:03:35.0359 5108 [ AA63E698BA1053C30FF5206C9BD4ECCA ] C:\Program Files\HP\QuickPlay\Kernel\TV\CapUninst.exe
18:03:35.0359 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CapUninst.exe - ok
18:03:35.0366 5108 [ 48229CE8D2C48193145DEB4F13C70CD2 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll
18:03:35.0366 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll - ok
18:03:35.0370 5108 [ 203F45EB82A5CCB696C1E0C7A0F155EC ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuNR.DLL
18:03:35.0370 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuNR.DLL - ok
18:03:35.0379 5108 [ B9CD6BD5A48ED93E5A35E966C69C0AC2 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll
18:03:35.0379 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll - ok
18:03:35.0386 5108 [ 59AA5D2FC7C344F7ED17CB8D91F246D7 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLDirectBurn.dll
18:03:35.0386 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLDirectBurn.dll - ok
18:03:35.0394 5108 [ 192229C9E9A715C1732738B867AF7D76 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLDRM.dll
18:03:35.0394 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLDRM.dll - ok
18:03:35.0400 5108 [ E61EA03657D67906D4FB8B4387B9E81D ] C:\Program Files\HP\QuickPlay\Kernel\TV\clds.dll
18:03:35.0401 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\clds.dll - ok
18:03:35.0408 5108 [ 3E268F153E0506D24454CE89663064A4 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLiEPG2.dll
18:03:35.0408 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLiEPG2.dll - ok
18:03:35.0415 5108 [ 4B321CEE20B0E89C7C3A237C026BE61F ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLMLClient.dll
18:03:35.0415 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLMLClient.dll - ok
18:03:35.0423 5108 [ 81F6031654B7F6905A94BE6837EFBD12 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP1V.dll
18:03:35.0423 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP1V.dll - ok
18:03:35.0431 5108 [ D0CBF8D0C63F402458A46A021121E0A5 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP2V.dll
18:03:35.0431 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP2V.dll - ok
18:03:35.0439 5108 [ D0623BAFF85FD68618A275A395D19BEE ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP4V.dll
18:03:35.0439 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLMP4V.dll - ok
18:03:35.0446 5108 [ 41F7AF54B5F01B5AE13E929486628547 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchedps.dll
18:03:35.0446 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchedps.dll - ok
18:03:35.0453 5108 [ 914F7F1B540918DA5134616A2688C9D3 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
18:03:35.0454 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll - ok
18:03:35.0461 5108 [ D7B50258332FAE600B2B81EF7CEA521A ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLSQLDBRec4.dll
18:03:35.0462 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSQLDBRec4.dll - ok
18:03:35.0468 5108 [ 5ED8723069DFD0D6E99A62BA26B22D68 ] C:\Program Files\HP\QuickPlay\Kernel\TV\clwo.dll
18:03:35.0468 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\clwo.dll - ok
18:03:35.0476 5108 [ 78BEA4B9FA06AF81C9C60DD25A24C061 ] C:\Program Files\HP\QuickPlay\Kernel\TV\dlcllib.dll
18:03:35.0476 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\dlcllib.dll - ok
18:03:35.0483 5108 [ A539549C35BBC5F73E6FDAF40E407B3F ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG1V.dll
18:03:35.0483 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG1V.dll - ok
18:03:35.0491 5108 [ 96F4E3ABC99EB47D373B755E7D5F71A6 ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG1V2.dll
18:03:35.0491 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG1V2.dll - ok
18:03:35.0498 5108 [ A103C368FFA26C3E8E8E9720D6988058 ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG2V.dll
18:03:35.0498 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG2V.dll - ok
18:03:35.0506 5108 [ B914FF2CD91B9A3C84765CA8EE8A019A ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG2V2.dll
18:03:35.0506 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRcMPG2V2.dll - ok
18:03:35.0513 5108 [ F16A269CF6B89588134F4EE72C0713DE ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMREvr.dll
18:03:35.0513 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMREvr.dll - ok
18:03:35.0520 5108 [ 74C5FE6064A4ACE164F12AD37EB87030 ] C:\Program Files\HP\QuickPlay\Kernel\TV\ProxyController.dll
18:03:35.0520 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\ProxyController.dll - ok
18:03:35.0528 5108 [ 23029EEF6713814E2ABF6B639D1BEFC2 ] C:\Program Files\HP\QuickPlay\Kernel\TV\pThreadVC2.dll
18:03:35.0528 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\pThreadVC2.dll - ok
18:03:35.0535 5108 [ BA39F015E8E1F0807E18C80DB2A37D65 ] C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\averapi.dll
18:03:35.0535 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\averapi.dll - ok
18:03:35.0543 5108 [ 3C72E63120D09B11BB1E855676DF3E1F ] C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_C036.dll
18:03:35.0543 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_C036.dll - ok
18:03:35.0550 5108 [ 8BFB0343275FB9067F9D71C3956F113F ] C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_M028.dll
18:03:35.0550 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_M028.dll - ok
18:03:35.0558 5108 [ 04763443CDE59ECC437212970F257A63 ] C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_M104.dll
18:03:35.0558 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\AVerAPI_M104.dll - ok
18:03:35.0565 5108 [ 23B2AF83DF583C6094605A6637DBCFBA ] C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\TV2000API.dll
18:03:35.0565 5108 C:\Program Files\HP\QuickPlay\Kernel\TV\OEMLib\TV2000API.dll - ok
18:03:35.0573 5108 [ 7EA4D54AAF5C0CE7865C494811515826 ] C:\Windows\System32\verifier.dll
18:03:35.0573 5108 C:\Windows\System32\verifier.dll - ok
18:03:35.0579 5108 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] C:\Windows\System32\drivers\acpi.sys
18:03:35.0579 5108 C:\Windows\System32\drivers\acpi.sys - ok
18:03:35.0587 5108 [ BFF675E2153002E5F361C01D97495173 ] C:\Windows\System32\srrstr.dll
18:03:35.0587 5108 C:\Windows\System32\srrstr.dll - ok
18:03:35.0594 5108 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Windows Portable Devices\sqmapi.dll
18:03:35.0594 5108 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
18:03:35.0601 5108 [ F8DE6670A5F7A1676C640925A1112B1E ] C:\Windows\System32\xolehlp.dll
18:03:35.0601 5108 C:\Windows\System32\xolehlp.dll - ok
18:03:35.0608 5108 [ AF25ECAA3D7F85DC13E348A6F79AD40D ] C:\Windows\System32\vss_ps.dll
18:03:35.0608 5108 C:\Windows\System32\vss_ps.dll - ok
18:03:35.0615 5108 [ A36E1A0CB17DDDF6E0BF3CEA4E7A52EC ] C:\Windows\System32\catsrvut.dll
18:03:35.0615 5108 C:\Windows\System32\catsrvut.dll - ok
18:03:35.0619 5108 [ DE3021B382D37122850280B6392397CD ] C:\Windows\System32\mfcsubs.dll
18:03:35.0619 5108 C:\Windows\System32\mfcsubs.dll - ok
18:03:35.0627 5108 [ 169F4763D943FB712948292066318635 ] C:\Windows\System32\catsrv.dll
18:03:35.0627 5108 C:\Windows\System32\catsrv.dll - ok
18:03:35.0636 5108 [ BEC4F017E96705231F2B9DAEA5722D62 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\ALRTINTL.DLL
18:03:35.0636 5108 C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\ALRTINTL.DLL - ok
18:03:35.0643 5108 [ C92D20A6E35E232004D83DC10A78878A ] C:\Program Files\Microsoft Office\Office12\USP10.DLL
18:03:35.0643 5108 C:\Program Files\Microsoft Office\Office12\USP10.DLL - ok
18:03:35.0650 5108 [ 9F8D1BC7F546AEBB30685382A8B3B8D7 ] C:\Windows\System32\mf3216.dll
18:03:35.0651 5108 C:\Windows\System32\mf3216.dll - ok
18:03:35.0657 5108 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Windows\temp\tds6C8A.tmp
18:03:35.0657 5108 C:\Windows\temp\tds6C8A.tmp - ok
18:03:35.0664 5108 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\62456254.sys
18:03:35.0664 5108 C:\Windows\System32\drivers\62456254.sys - ok
18:03:35.0669 5108 ============================================================
18:03:35.0669 5108 Scan finished
18:03:35.0669 5108 ============================================================
18:03:35.0685 5608 Detected object count: 7
18:03:35.0685 5608 Actual detected object count: 7
20:04:36.0104 5608 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0105 5608 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0108 5608 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0108 5608 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0112 5608 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0113 5608 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0113 5608 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0113 5608 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0117 5608 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0117 5608 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0120 5608 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:04:36.0120 5608 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:04:36.0215 5608 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
20:04:36.0219 5608 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
20:04:36.0223 5608 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
20:04:36.0240 5608 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
20:04:36.0413 5608 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
20:04:36.0420 5608 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
20:04:46.0571 5608 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
20:04:46.0769 5608 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
20:04:46.0897 5608 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
20:04:47.0088 5608 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
20:04:47.0342 5608 \Device\Harddisk0\DR0\TDLFS\lsflt7.ver - copied to quarantine
20:04:47.0342 5608 \Device\Harddisk0\DR0\TDLFS - deleted
20:04:47.0343 5608 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
20:09:28.0403 2248 Deinitialize success

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 21 December 2012 - 09:16 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 mantis.toboggan

mantis.toboggan
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa
  • Local time:09:59 AM

Posted 21 December 2012 - 10:37 PM

No problems with combofix. However, it said it found a rootkit and gave me the same address to write down as the first time, which is C:\Documents and Settings\Releaseengineer\Application Data\ntos.exe So I don't know if it didn't actually fix the problem last time or what the deal with that is.

ComboFix 12-12-20.02 - Brandrea 12/21/2012 20:40:03.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3002.2117 [GMT -6:00]
Running from: c:\users\Brandrea\Desktop\ComboFix.exe
Command switches used :: c:\users\Brandrea\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\releaseengineer\Application Data\64dlls.exe
c:\documents and settings\releaseengineer\Application Data\intel64.exe
c:\documents and settings\releaseengineer\Application Data\Kernel32.exe
c:\documents and settings\releaseengineer\Application Data\localsys64.exe
c:\documents and settings\releaseengineer\Application Data\ntos.exe
c:\documents and settings\releaseengineer\Application Data\oembios.exe
c:\documents and settings\releaseengineer\Application Data\sdra64.exe
c:\documents and settings\releaseengineer\Application Data\sdra73.exe
c:\documents and settings\releaseengineer\Application Data\swin32.exe
c:\documents and settings\releaseengineer\Application Data\twex.exe
c:\documents and settings\releaseengineer\Application Data\twext.exe
c:\documents and settings\releaseengineer\Application Data\win32avs.exe
c:\documents and settings\releaseengineer\Application Data\wsnpoema.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-22 to 2012-12-22 )))))))))))))))))))))))))))))))
.
.
2012-12-22 02:49 . 2012-12-22 03:13 -------- d-----w- c:\users\Brandrea\AppData\Local\temp
2012-12-22 02:49 . 2012-12-22 02:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-12-22 02:49 . 2012-12-22 02:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-22 02:04 . 2012-12-22 02:04 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-21 02:00 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 02:00 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2012-12-19 04:58 . 2012-12-19 04:58 -------- d-----w- c:\program files\iPod
2012-12-19 04:58 . 2012-12-19 04:59 -------- d-----w- c:\program files\iTunes
2012-12-19 04:53 . 2012-12-19 04:53 -------- d-----w- c:\program files\Bonjour
2012-12-18 20:44 . 2012-12-18 20:48 -------- d-----w- c:\program files\CHM To PDF
2012-12-18 19:39 . 2012-12-18 19:40 -------- d-----w- c:\users\Brandrea\AppData\Roaming\calibre
2012-12-18 18:29 . 2012-12-18 18:29 -------- d-----w- c:\users\Brandrea\AppData\Roaming\Softland
2012-12-18 00:01 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-18 00:00 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-18 00:00 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-18 00:00 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-18 00:00 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-18 00:00 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2012-12-18 00:00 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-18 00:00 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-18 00:00 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-18 00:00 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-18 00:00 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-15 03:30 . 2012-08-21 11:47 224640 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-12-15 03:30 . 2012-11-02 10:18 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-12-15 03:30 . 2012-11-02 08:26 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-12-15 03:30 . 2012-11-13 01:36 2048000 ----a-w- c:\windows\system32\win32k.sys
2012-12-15 03:30 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-07 18:20 . 2012-08-21 19:01 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-12-02 22:23 . 2012-12-02 22:23 -------- d-----w- c:\program files\LizardTech
2012-12-02 22:18 . 2012-12-02 22:19 -------- d-----w- c:\program files\Ghostscript
2012-12-02 22:15 . 2009-10-09 18:46 488448 ----a-w- c:\windows\system32\apdfprintmon.dll
2012-12-02 22:15 . 2012-12-02 22:15 -------- d-----w- c:\program files\DjVu to PDF
2012-12-02 22:00 . 2012-12-02 22:00 -------- d-----w- c:\users\Brandrea\.swt
2012-12-02 21:48 . 2012-12-02 21:48 -------- d-----w- C:\$APDF
2012-12-02 21:33 . 2012-12-18 20:23 -------- d-----w- c:\users\Brandrea\AppData\Roaming\PrimoPDF
2012-12-02 21:31 . 2011-02-28 22:37 180624 ----a-w- c:\windows\system32\Primomonnt.dll
2012-12-02 21:31 . 2012-12-18 20:44 -------- d-----w- c:\program files\Nitro PDF
2012-12-02 19:36 . 2012-12-02 19:36 -------- d-----w- c:\users\Brandrea\AppData\Local\Xenocode
2012-12-02 19:36 . 2012-12-02 19:36 -------- d-----w- c:\program files\Xenocode
2012-12-02 19:36 . 2009-10-29 17:34 579504 ----a-w- c:\windows\system32\Codejock.SkinFramework.Unicode.v13.2.1.ocx
2012-12-02 19:36 . 2009-10-29 17:34 2381744 ----a-w- c:\windows\system32\Codejock.CommandBars.Unicode.v13.2.1.ocx
2012-12-02 19:20 . 2012-12-02 19:20 -------- d-----w- c:\program files\HTML Help Workshop
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-30 23:51 . 2011-08-28 14:58 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 23:51 . 2011-08-28 14:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 23:51 . 2011-08-28 14:58 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 23:51 . 2011-08-28 14:58 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 23:51 . 2011-08-28 14:58 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 23:51 . 2011-08-28 14:58 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 23:51 . 2011-08-28 14:58 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 23:50 . 2011-08-28 14:58 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-09-30 01:54 . 2011-08-28 14:16 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-28 16:32 . 2012-09-28 16:32 5989776 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-09-28 16:32 . 2012-09-28 16:32 44544 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-09-25 16:19 . 2012-11-16 02:34 75776 ----a-w- c:\windows\system32\synceng.dll
2012-12-06 19:40 . 2012-12-06 19:39 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 20:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 145944]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-05-28 1721640]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-11-02 554288]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2011-05-15 325512]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-11 c:\windows\Tasks\User_Feed_Synchronization-{96BDE39B-23C2-455A-9246-6ABB6E71351A}.job
- c:\windows\system32\msfeedssync.exe [2011-08-26 11:10]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.1.1
FF - ProfilePath -
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-60385658.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-21 21:12
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3584)
c:\program files\Pure Networks\Network Magic\nmrsrc.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe
c:\windows\system32\Hpservice.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Secunia\PSI\PSIA.exe
c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
c:\program files\Secunia\PSI\sua.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\vdsldr.exe
.
**************************************************************************
.
Completion time: 2012-12-21 21:16:17 - machine was rebooted
ComboFix-quarantined-files.txt 2012-12-22 03:16
ComboFix2.txt 2012-12-21 06:33
.
Pre-Run: 63,933,353,984 bytes free
Post-Run: 63,487,164,416 bytes free
.
- - End Of File - - 96EBDE385619595AB5E0C7A00CB43EFE

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:11:59 AM

Posted 21 December 2012 - 10:51 PM

Hello

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

µTorrent
Java™ 6 Update 26
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users