Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer infected with ZeroAccess rootkit


  • This topic is locked This topic is locked
22 replies to this topic

#1 lalalee

lalalee

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 02:29 PM

Steps I already took:

http://www.bleepingcomputer.com/forums/t/496577/taskengexe-is-this-a-virus/

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16476  BrowserJavaVersion: 10.5.0
Run by owner at 15:18:25 on 2013-05-31
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3998.1615 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\conime.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\vssvc.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
uURLSearchHooks: {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - <orphaned>
uURLSearchHooks: {3bbd3c14-4c16-4989-8366-95bc9179779d} - <orphaned>
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0552.0\msneshellx.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
uRun: [AIM] C:\Program Files (x86)\AIM\aim.exe -cnetwait.odl
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
uRun: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler
uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
mRun: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
mRun: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
mRun: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
mRun: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
mRun: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
mRun: [Microsoft Default Manager] "c:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-System: WallpaperStyle = 2
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: WallpaperStyle = 2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\PROGRA~2\AIM\aim.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect125.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{E6ED8E5C-1D5D-4765-A102-705EA993D00D} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [SmartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\h6ywjiz7.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-04-28 18:28; chineseperakun@gmail.com; C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\h6ywjiz7.default\extensions\chineseperakun@gmail.com
FF - ExtSQL: !HIDDEN! 2010-07-02 13:38; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-5-31 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-5-31 189936]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-4-21 1025808]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-4-21 378432]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-3-2 89600]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-4-21 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-4-21 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-4-21 46808]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-3-18 30520]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-6-1 365952]
R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2009-2-4 296320]
R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2009-2-24 116104]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-6-1 222512]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-12-30 68608]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2008-6-4 129536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\System32\drivers\ssadadb.sys [2011-5-13 36328]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-2-25 137056]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-10-25 89920]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2013-05-16 00:38:49 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-16 00:38:49 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-05-09 08:59:07 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-05-09 08:59:07 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys
2013-05-09 08:59:07 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys
2013-05-09 08:59:07 378432 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2013-05-09 08:59:07 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:59:06 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys
2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
2013-05-09 08:58:11 287840 ----a-w- C:\Windows\System32\aswBoot.exe
2013-04-04 18:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-01 23:58:38 72702784 ----a-w- C:\Windows\System32\mrt.exe
2013-03-11 13:33:42 4691304 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-03-09 04:16:35 85504 ----a-w- C:\Windows\System32\csrsrv.dll
2013-03-09 01:48:36 75264 ----a-w- C:\Windows\System32\smss.exe
2013-03-08 04:18:52 451072 ----a-w- C:\Windows\System32\winsrv.dll
2013-03-08 04:17:12 2425344 ----a-w- C:\Windows\System32\mstscax.dll
2013-03-08 03:52:22 2067968 ----a-w- C:\Windows\SysWow64\mstscax.dll
2013-03-05 01:57:37 2774016 ----a-w- C:\Windows\System32\win32k.sys
2013-03-03 19:13:14 1513320 ----a-w- C:\Windows\System32\drivers\ntfs.sys
.
============= FINISH: 15:19:03.74 ===============
 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 31 May 2013 - 03:22 PM

Hello lalalee,

  •  

     

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

 

Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.


To enter System Recovery Options by using Windows installation disc:


  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64)  and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


 


Edited by fireman4it, 31 May 2013 - 03:23 PM.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 03:32 PM

Hi fireman4it and thanks for replying to me :)

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2013 01
Ran by SYSTEM on 31-05-2013 16:48:29
Running from F:\
Windows Vista ™ Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [247808 2008-12-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [915000 2009-01-08] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce\n. ATTENTION! ====> ZeroAccess
HKLM-x32\...\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [1148200 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [1328424 2009-02-13] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [185640 2009-02-13] (CyberLink)
HKLM-x32\...\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [203872 2009-02-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-02-10] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start [206392 2009-02-17] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] "c:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [224616 2009-02-06] (Microsoft Corp.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [484408 2009-01-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKU\Default\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1644088 2009-05-08] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1644088 2009-05-08] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
HKU\owner\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY [1644088 2009-05-08] (Hewlett-Packard)
HKU\owner\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\owner\...\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\owner\...\Run: [AIM] C:\Program Files (x86)\AIM\aim.exe -cnetwait.odl [x]
HKU\owner\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\owner\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKU\owner\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]
HKU\owner\...\Run: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler [x]
HKU\owner\...\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\owner\...\Policies\system: [WallpaperStyle] 2
AppInit_DLLs:    [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2008-08-26] (Agere Systems)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2009-03-09] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
S2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-02-04] ()
S2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-02-24] ()
S3 msiserver; %systemroot%\system32\msiexec /V [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [59144 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-31 16:48 - 2013-05-31 16:48 - 00000000 ____D C:\FRST
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\My Documents\Attach.txt
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\Documents\Attach.txt
2013-05-31 11:20 - 2013-05-31 11:20 - 00010668 ____A C:\Users\owner\Desktop\attach.txt
2013-05-31 11:20 - 2013-05-31 11:19 - 00020617 ____A C:\Users\owner\Desktop\dds.txt
2013-05-31 11:17 - 2013-05-31 11:17 - 00688992 ____R (Swearware) C:\Users\owner\Downloads\dds.com
2013-05-31 10:45 - 2013-05-31 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:45 - 2013-05-31 11:09 - 00000000 ____D C:\ProgramData\Application Data\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:44 - 2013-05-31 10:44 - 13169742 ____A C:\Users\owner\Downloads\mbar-1.06.0.1003.zip
2013-05-31 10:44 - 2013-05-31 10:44 - 00000000 ____D C:\Users\owner\Downloads\mbar-1.06.0.1003
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-31 10:37 - 2013-04-04 10:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-31 10:36 - 2013-05-31 10:36 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\owner\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-31 10:35 - 2013-05-31 10:35 - 00006376 ____A C:\Users\owner\Desktop\FSS.txt
2013-05-31 10:34 - 2013-05-31 10:35 - 00355651 ____A (Farbar) C:\Users\owner\Downloads\FSS.exe
2013-05-31 10:27 - 2013-05-31 10:27 - 00890839 ____A C:\Users\owner\Downloads\SecurityCheck.exe
2013-05-31 06:28 - 2013-05-09 00:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-31 06:28 - 2013-05-09 00:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-30 08:11 - 2013-05-30 08:11 - 609254165 ____A C:\Windows\MEMORY.DMP
2013-05-30 08:11 - 2013-05-30 08:11 - 00274520 ____A C:\Windows\Minidump\Mini053013-01.dmp
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\My Documents\grrr.wma
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\Documents\grrr.wma
2013-05-27 12:13 - 2013-05-27 12:41 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript (1)
2013-05-27 12:13 - 2013-05-27 12:13 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript (1).zip
2013-05-21 12:56 - 2013-05-20 15:03 - 302378269 ____A C:\Users\owner\My Documents\video-2013-05-20-18-52-13.mp4
2013-05-21 12:56 - 2013-05-20 15:03 - 302378269 ____A C:\Users\owner\Documents\video-2013-05-20-18-52-13.mp4
2013-05-21 12:56 - 2013-05-20 12:27 - 509771523 ____A C:\Users\owner\My Documents\video-2013-05-20-16-07-41.mp4
2013-05-21 12:56 - 2013-05-20 12:27 - 509771523 ____A C:\Users\owner\Documents\video-2013-05-20-16-07-41.mp4
2013-05-21 12:56 - 2013-03-28 19:08 - 40328936 ____A C:\Users\owner\My Documents\video-2013-03-28-23-06-36.mp4
2013-05-21 12:56 - 2013-03-28 19:08 - 40328936 ____A C:\Users\owner\Documents\video-2013-03-28-23-06-36.mp4
2013-05-21 12:55 - 2013-05-20 15:28 - 434296755 ____A C:\Users\owner\My Documents\video-2013-05-20-19-11-29.mp4
2013-05-21 12:55 - 2013-05-20 15:28 - 434296755 ____A C:\Users\owner\Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\Application Data\HPSSUPPLY
2013-05-13 18:49 - 2013-05-13 19:29 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript
2013-05-13 18:49 - 2013-05-13 18:49 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript.zip
2013-05-06 16:54 - 2013-05-06 19:26 - 00040960 ____H C:\Users\owner\My Documents\~WRL0003.tmp
2013-05-06 16:54 - 2013-05-06 19:26 - 00040960 ____H C:\Users\owner\Documents\~WRL0003.tmp
2013-05-06 16:54 - 2013-05-06 17:40 - 00032768 ____H C:\Users\owner\My Documents\~WRL0002.tmp
2013-05-06 16:54 - 2013-05-06 17:40 - 00032768 ____H C:\Users\owner\Documents\~WRL0002.tmp
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\My Documents\posty.txt
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\Documents\posty.txt
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\Public\CyberLink
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2013-05-01 13:41 - 2013-05-01 13:43 - 183489104 ____A C:\Users\owner\Downloads\Community.S02E07.HDTV.XviD-LOL.avi
2013-05-01 13:38 - 2013-05-01 13:40 - 183493828 ____A C:\Users\owner\Downloads\Community.S02E06.HDTV.XviD-LOL.avi
2013-05-01 13:31 - 2013-05-01 13:34 - 183467836 ____A C:\Users\owner\Downloads\Community.S02E05.HDTV.XviD-LOL.avi
2013-05-01 13:28 - 2013-05-01 13:30 - 183481104 ____A C:\Users\owner\Downloads\Community.S02E04.HDTV.XviD-LOL.avi
2013-05-01 13:25 - 2013-05-01 13:27 - 183483694 ____A C:\Users\owner\Downloads\Community.S02E03.HDTV.XviD-LOL.avi
2013-05-01 13:20 - 2013-05-01 13:22 - 183545856 ____A C:\Users\owner\Downloads\Community.S02E02.HDTV.XviD-LOL.avi
2013-05-01 13:16 - 2013-05-01 13:19 - 183712388 ____A C:\Users\owner\Downloads\Community.S02E01.Anthropology.101.HDTV.XviD-FQM.avi
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\My Documents\chinesestudy.txt
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\Documents\chinesestudy.txt

==================== One Month Modified Files and Folders =======

2013-05-31 16:48 - 2013-05-31 16:48 - 00000000 ____D C:\FRST
2013-05-31 12:45 - 2010-07-02 10:30 - 01700376 ____A C:\Windows\WindowsUpdate.log
2013-05-31 12:45 - 2009-05-31 20:33 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-05-31 12:45 - 2006-11-02 07:42 - 00032574 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-31 12:45 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-31 12:45 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-31 12:45 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-31 12:38 - 2012-12-24 08:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-31 12:30 - 2006-11-02 04:46 - 00703388 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\My Documents\Attach.txt
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\Documents\Attach.txt
2013-05-31 11:20 - 2013-05-31 11:20 - 00010668 ____A C:\Users\owner\Desktop\attach.txt
2013-05-31 11:19 - 2013-05-31 11:20 - 00020617 ____A C:\Users\owner\Desktop\dds.txt
2013-05-31 11:17 - 2013-05-31 11:17 - 00688992 ____R (Swearware) C:\Users\owner\Downloads\dds.com
2013-05-31 11:09 - 2013-05-31 10:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-05-31 11:09 - 2013-05-31 10:45 - 00000000 ____D C:\ProgramData\Application Data\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:44 - 2013-05-31 10:44 - 13169742 ____A C:\Users\owner\Downloads\mbar-1.06.0.1003.zip
2013-05-31 10:44 - 2013-05-31 10:44 - 00000000 ____D C:\Users\owner\Downloads\mbar-1.06.0.1003
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-31 10:36 - 2013-05-31 10:36 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\owner\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-31 10:35 - 2013-05-31 10:35 - 00006376 ____A C:\Users\owner\Desktop\FSS.txt
2013-05-31 10:35 - 2013-05-31 10:34 - 00355651 ____A (Farbar) C:\Users\owner\Downloads\FSS.exe
2013-05-31 10:27 - 2013-05-31 10:27 - 00890839 ____A C:\Users\owner\Downloads\SecurityCheck.exe
2013-05-31 10:03 - 2011-06-24 12:45 - 00000334 ____A C:\Windows\Tasks\HPCeeScheduleForowner.job
2013-05-31 10:02 - 2010-07-02 08:18 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-05-31 06:28 - 2010-07-02 08:58 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-30 11:39 - 2012-12-13 05:35 - 00000000 ____D C:\Users\owner\AppData\Roaming\Audacity
2013-05-30 08:11 - 2013-05-30 08:11 - 609254165 ____A C:\Windows\MEMORY.DMP
2013-05-30 08:11 - 2013-05-30 08:11 - 00274520 ____A C:\Windows\Minidump\Mini053013-01.dmp
2013-05-30 08:11 - 2011-05-02 16:39 - 00000000 ____D C:\Windows\Minidump
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\My Documents\grrr.wma
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\Documents\grrr.wma
2013-05-27 12:41 - 2013-05-27 12:13 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript (1)
2013-05-27 12:13 - 2013-05-27 12:13 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript (1).zip
2013-05-25 08:06 - 2012-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\Application Data\HPSSUPPLY
2013-05-20 15:28 - 2013-05-21 12:55 - 434296755 ____A C:\Users\owner\My Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 15:28 - 2013-05-21 12:55 - 434296755 ____A C:\Users\owner\Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 15:03 - 2013-05-21 12:56 - 302378269 ____A C:\Users\owner\My Documents\video-2013-05-20-18-52-13.mp4
2013-05-20 15:03 - 2013-05-21 12:56 - 302378269 ____A C:\Users\owner\Documents\video-2013-05-20-18-52-13.mp4
2013-05-20 12:27 - 2013-05-21 12:56 - 509771523 ____A C:\Users\owner\My Documents\video-2013-05-20-16-07-41.mp4
2013-05-20 12:27 - 2013-05-21 12:56 - 509771523 ____A C:\Users\owner\Documents\video-2013-05-20-16-07-41.mp4
2013-05-17 19:09 - 2012-07-31 06:56 - 00000000 ____D C:\Users\owner\My Documents\School
2013-05-17 19:09 - 2012-07-31 06:56 - 00000000 ____D C:\Users\owner\Documents\School
2013-05-15 16:38 - 2012-04-29 10:29 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 16:38 - 2011-06-13 13:32 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-13 19:29 - 2013-05-13 18:49 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript
2013-05-13 18:49 - 2013-05-13 18:49 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript.zip
2013-05-09 00:59 - 2013-05-31 06:28 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 00:59 - 2013-05-31 06:28 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00059144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 00:58 - 2011-04-21 08:45 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 00:58 - 2011-04-21 08:45 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-06 19:26 - 2013-05-06 16:54 - 00040960 ____H C:\Users\owner\My Documents\~WRL0003.tmp
2013-05-06 19:26 - 2013-05-06 16:54 - 00040960 ____H C:\Users\owner\Documents\~WRL0003.tmp
2013-05-06 17:40 - 2013-05-06 16:54 - 00032768 ____H C:\Users\owner\My Documents\~WRL0002.tmp
2013-05-06 17:40 - 2013-05-06 16:54 - 00032768 ____H C:\Users\owner\Documents\~WRL0002.tmp
2013-05-05 11:43 - 2010-07-05 15:36 - 00000680 ____A C:\Users\owner\AppData\Local\d3d9caps.dat
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\My Documents\posty.txt
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\Documents\posty.txt
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\Public\CyberLink
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2013-05-02 07:18 - 2009-05-31 21:56 - 00000000 ____D C:\ProgramData\CyberLink
2013-05-02 07:18 - 2009-05-31 21:56 - 00000000 ____D C:\ProgramData\Application Data\CyberLink
2013-05-02 07:15 - 2010-07-26 10:41 - 00026112 ____A C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-02 04:56 - 2012-10-31 06:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-01 13:43 - 2013-05-01 13:41 - 183489104 ____A C:\Users\owner\Downloads\Community.S02E07.HDTV.XviD-LOL.avi
2013-05-01 13:40 - 2013-05-01 13:38 - 183493828 ____A C:\Users\owner\Downloads\Community.S02E06.HDTV.XviD-LOL.avi
2013-05-01 13:34 - 2013-05-01 13:31 - 183467836 ____A C:\Users\owner\Downloads\Community.S02E05.HDTV.XviD-LOL.avi
2013-05-01 13:30 - 2013-05-01 13:28 - 183481104 ____A C:\Users\owner\Downloads\Community.S02E04.HDTV.XviD-LOL.avi
2013-05-01 13:27 - 2013-05-01 13:25 - 183483694 ____A C:\Users\owner\Downloads\Community.S02E03.HDTV.XviD-LOL.avi
2013-05-01 13:22 - 2013-05-01 13:20 - 183545856 ____A C:\Users\owner\Downloads\Community.S02E02.HDTV.XviD-LOL.avi
2013-05-01 13:19 - 2013-05-01 13:16 - 183712388 ____A C:\Users\owner\Downloads\Community.S02E01.Anthropology.101.HDTV.XviD-FQM.avi
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\My Documents\chinesestudy.txt
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\Documents\chinesestudy.txt

ZeroAccess:
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce\@
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce\L
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce\U

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-04-24 10:00:32
Restore point made on: 2013-04-28 11:22:54
Restore point made on: 2013-04-29 17:03:56
Restore point made on: 2013-05-01 11:05:13
Restore point made on: 2013-05-02 08:50:31
Restore point made on: 2013-05-04 13:10:19
Restore point made on: 2013-05-11 10:30:14
Restore point made on: 2013-05-13 08:02:44
Restore point made on: 2013-05-15 14:04:19
Restore point made on: 2013-05-16 15:49:39
Restore point made on: 2013-05-25 06:55:43
Restore point made on: 2013-05-27 10:36:11
Restore point made on: 2013-05-29 09:20:49

==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3998.02 MB
Available physical RAM: 3294.33 MB
Total Pagefile: 3677 MB
Available Pagefile: 3271.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:286.41 GB) (Free:121.75 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.89 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive f: (USB DISK) (Removable) (Total:3.73 GB) (Free:0.84 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B0196DD2)
Partition 1: (Active) - (Size=286 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 89012D55)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)

Last Boot: 2013-05-31 09:58

==================== End Of Log ============================


Edited by lalalee, 31 May 2013 - 03:59 PM.


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 31 May 2013 - 04:07 PM

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce\n.
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce
2013-05-06 19:26 - 2013-05-06 16:54 - 00040960 ____H C:\Users\owner\My Documents\~WRL0003.tmp
2013-05-06 19:26 - 2013-05-06 16:54 - 00040960 ____H C:\Users\owner\Documents\~WRL0003.tmp
2013-05-06 17:40 - 2013-05-06 16:54 - 00032768 ____H C:\Users\owner\My Documents\~WRL0002.tmp
2013-05-06 17:40 - 2013-05-06 16:54 - 00032768 ____H C:\Users\owner\Documents\~WRL0002.tmp
 

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 04:24 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-05-2013 01
Ran by SYSTEM at 2013-05-31 17:19:28 Run:1
Running from F:\
Boot Mode: Recovery
==============================================

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce => Moved successfully.
C:\Users\owner\My Documents\~WRL0003.tmp => Moved successfully.
C:\Users\owner\Documents\~WRL0003.tmp => File/Directory not found.
C:\Users\owner\My Documents\~WRL0002.tmp => Moved successfully.
C:\Users\owner\Documents\~WRL0002.tmp => File/Directory not found.

==== End of Fixlog ====



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 31 May 2013 - 04:59 PM

Please run Frst as you did the first time and post the log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 05:01 PM

I did. I ran FRST and clicked fix. Should I do it again?



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 31 May 2013 - 05:04 PM

Follow the directions from Post #2 about how to run and post the log.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 05:15 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-05-2013 01
Ran by SYSTEM at 2013-05-31 18:09:01 Run:2
Running from F:\
Boot Mode: Recovery
==============================================

HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
C:\$Recycle.Bin\S-1-5-18\$4cb4cf3237580aa80800be190548f4ce => File/Directory not found.
C:\Users\owner\My Documents\~WRL0003.tmp => File/Directory not found.
C:\Users\owner\Documents\~WRL0003.tmp => File/Directory not found.
C:\Users\owner\My Documents\~WRL0002.tmp => File/Directory not found.
C:\Users\owner\Documents\~WRL0002.tmp => File/Directory not found.

==== End of Fixlog ====



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 31 May 2013 - 08:26 PM

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.


To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64)  and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 31 May 2013 - 09:45 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2013 01
Ran by SYSTEM on 31-05-2013 22:36:11
Running from F:\
Windows Vista ™ Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [247808 2008-12-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SmartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [915000 2009-01-08] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe [442368 2009-06-03] (IDT, Inc.)
HKLM-x32\...\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [1148200 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [1328424 2009-02-13] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [185640 2009-02-13] (CyberLink)
HKLM-x32\...\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [203872 2009-02-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [210216 2009-02-10] (CyberLink Corp.)
HKLM-x32\...\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start [206392 2009-02-17] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] "c:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [224616 2009-02-06] (Microsoft Corp.)
HKLM-x32\...\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [484408 2009-01-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKU\Default\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1644088 2009-05-08] (Hewlett-Packard)
HKU\Default\...\Policies\system: [WallpaperStyle] 2
HKU\Default User\...\Run: [HPADVISOR] c:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN [1644088 2009-05-08] (Hewlett-Packard)
HKU\Default User\...\Policies\system: [WallpaperStyle] 2
HKU\owner\...\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY [1644088 2009-05-08] (Hewlett-Packard)
HKU\owner\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2387968 2009-01-27] (Hewlett-Packard Company)
HKU\owner\...\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent [x]
HKU\owner\...\Run: [AIM] C:\Program Files (x86)\AIM\aim.exe -cnetwait.odl [x]
HKU\owner\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\owner\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKU\owner\...\Run: [DW6] "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [x]
HKU\owner\...\Run: [ISUSPM] "C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe" -scheduler [x]
HKU\owner\...\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\owner\...\Policies\system: [WallpaperStyle] 2
AppInit_DLLs:    [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)

==================== Services (Whitelisted) =================

S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2008-08-26] (Agere Systems)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365952 2009-03-09] ()
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-01-21] ()
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe [239104 2009-06-03] (IDT, Inc.)
S2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-02-04] ()
S2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-02-24] ()
S3 msiserver; %systemroot%\system32\msiexec /V [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [59144 2013-05-09] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-31 16:48 - 2013-05-31 16:48 - 00000000 ____D C:\FRST
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\My Documents\Attach.txt
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\Documents\Attach.txt
2013-05-31 11:20 - 2013-05-31 11:20 - 00010668 ____A C:\Users\owner\Desktop\attach.txt
2013-05-31 11:20 - 2013-05-31 11:19 - 00020617 ____A C:\Users\owner\Desktop\dds.txt
2013-05-31 11:17 - 2013-05-31 11:17 - 00688992 ____R (Swearware) C:\Users\owner\Downloads\dds.com
2013-05-31 10:45 - 2013-05-31 11:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:45 - 2013-05-31 11:09 - 00000000 ____D C:\ProgramData\Application Data\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:44 - 2013-05-31 10:44 - 13169742 ____A C:\Users\owner\Downloads\mbar-1.06.0.1003.zip
2013-05-31 10:44 - 2013-05-31 10:44 - 00000000 ____D C:\Users\owner\Downloads\mbar-1.06.0.1003
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-31 10:37 - 2013-04-04 10:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2013-05-31 10:36 - 2013-05-31 10:36 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\owner\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-31 10:35 - 2013-05-31 10:35 - 00006376 ____A C:\Users\owner\Desktop\FSS.txt
2013-05-31 10:34 - 2013-05-31 10:35 - 00355651 ____A (Farbar) C:\Users\owner\Downloads\FSS.exe
2013-05-31 10:27 - 2013-05-31 10:27 - 00890839 ____A C:\Users\owner\Downloads\SecurityCheck.exe
2013-05-31 06:28 - 2013-05-09 00:59 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-31 06:28 - 2013-05-09 00:59 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-30 08:11 - 2013-05-30 08:11 - 609254165 ____A C:\Windows\MEMORY.DMP
2013-05-30 08:11 - 2013-05-30 08:11 - 00274520 ____A C:\Windows\Minidump\Mini053013-01.dmp
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\My Documents\grrr.wma
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\Documents\grrr.wma
2013-05-27 12:13 - 2013-05-27 12:41 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript (1)
2013-05-27 12:13 - 2013-05-27 12:13 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript (1).zip
2013-05-21 12:56 - 2013-05-20 15:03 - 302378269 ____A C:\Users\owner\My Documents\video-2013-05-20-18-52-13.mp4
2013-05-21 12:56 - 2013-05-20 15:03 - 302378269 ____A C:\Users\owner\Documents\video-2013-05-20-18-52-13.mp4
2013-05-21 12:56 - 2013-05-20 12:27 - 509771523 ____A C:\Users\owner\My Documents\video-2013-05-20-16-07-41.mp4
2013-05-21 12:56 - 2013-05-20 12:27 - 509771523 ____A C:\Users\owner\Documents\video-2013-05-20-16-07-41.mp4
2013-05-21 12:56 - 2013-03-28 19:08 - 40328936 ____A C:\Users\owner\My Documents\video-2013-03-28-23-06-36.mp4
2013-05-21 12:56 - 2013-03-28 19:08 - 40328936 ____A C:\Users\owner\Documents\video-2013-03-28-23-06-36.mp4
2013-05-21 12:55 - 2013-05-20 15:28 - 434296755 ____A C:\Users\owner\My Documents\video-2013-05-20-19-11-29.mp4
2013-05-21 12:55 - 2013-05-20 15:28 - 434296755 ____A C:\Users\owner\Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\Application Data\HPSSUPPLY
2013-05-13 18:49 - 2013-05-13 19:29 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript
2013-05-13 18:49 - 2013-05-13 18:49 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript.zip
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\My Documents\posty.txt
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\Documents\posty.txt
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\Public\CyberLink
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2013-05-01 13:41 - 2013-05-01 13:43 - 183489104 ____A C:\Users\owner\Downloads\Community.S02E07.HDTV.XviD-LOL.avi
2013-05-01 13:38 - 2013-05-01 13:40 - 183493828 ____A C:\Users\owner\Downloads\Community.S02E06.HDTV.XviD-LOL.avi
2013-05-01 13:31 - 2013-05-01 13:34 - 183467836 ____A C:\Users\owner\Downloads\Community.S02E05.HDTV.XviD-LOL.avi
2013-05-01 13:28 - 2013-05-01 13:30 - 183481104 ____A C:\Users\owner\Downloads\Community.S02E04.HDTV.XviD-LOL.avi
2013-05-01 13:25 - 2013-05-01 13:27 - 183483694 ____A C:\Users\owner\Downloads\Community.S02E03.HDTV.XviD-LOL.avi
2013-05-01 13:20 - 2013-05-01 13:22 - 183545856 ____A C:\Users\owner\Downloads\Community.S02E02.HDTV.XviD-LOL.avi
2013-05-01 13:16 - 2013-05-01 13:19 - 183712388 ____A C:\Users\owner\Downloads\Community.S02E01.Anthropology.101.HDTV.XviD-FQM.avi
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\My Documents\chinesestudy.txt
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\Documents\chinesestudy.txt

==================== One Month Modified Files and Folders =======

2013-05-31 18:34 - 2010-07-02 10:30 - 01710749 ____A C:\Windows\WindowsUpdate.log
2013-05-31 18:34 - 2009-05-31 20:33 - 00000012 ____A C:\Windows\bthservsdp.dat
2013-05-31 18:34 - 2006-11-02 07:42 - 00032574 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-05-31 18:34 - 2006-11-02 07:42 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-05-31 18:34 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-05-31 18:34 - 2006-11-02 07:22 - 00003216 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-05-31 18:21 - 2012-12-24 08:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-05-31 16:48 - 2013-05-31 16:48 - 00000000 ____D C:\FRST
2013-05-31 14:15 - 2006-11-02 04:46 - 00703388 ____A C:\Windows\System32\PerfStringBackup.INI
2013-05-31 12:51 - 2011-06-24 12:45 - 00000334 ____A C:\Windows\Tasks\HPCeeScheduleForowner.job
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\My Documents\Attach.txt
2013-05-31 11:28 - 2013-05-31 11:28 - 00010668 ____A C:\Users\owner\Documents\Attach.txt
2013-05-31 11:20 - 2013-05-31 11:20 - 00010668 ____A C:\Users\owner\Desktop\attach.txt
2013-05-31 11:19 - 2013-05-31 11:20 - 00020617 ____A C:\Users\owner\Desktop\dds.txt
2013-05-31 11:17 - 2013-05-31 11:17 - 00688992 ____R (Swearware) C:\Users\owner\Downloads\dds.com
2013-05-31 11:09 - 2013-05-31 10:45 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-05-31 11:09 - 2013-05-31 10:45 - 00000000 ____D C:\ProgramData\Application Data\Malwarebytes' Anti-Malware (portable)
2013-05-31 10:44 - 2013-05-31 10:44 - 13169742 ____A C:\Users\owner\Downloads\mbar-1.06.0.1003.zip
2013-05-31 10:44 - 2013-05-31 10:44 - 00000000 ____D C:\Users\owner\Downloads\mbar-1.06.0.1003
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000948 ____A C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 10:37 - 2013-05-31 10:37 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-31 10:36 - 2013-05-31 10:36 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\owner\Downloads\mbam-setup-1.75.0.1300.exe
2013-05-31 10:35 - 2013-05-31 10:35 - 00006376 ____A C:\Users\owner\Desktop\FSS.txt
2013-05-31 10:35 - 2013-05-31 10:34 - 00355651 ____A (Farbar) C:\Users\owner\Downloads\FSS.exe
2013-05-31 10:27 - 2013-05-31 10:27 - 00890839 ____A C:\Users\owner\Downloads\SecurityCheck.exe
2013-05-31 10:02 - 2010-07-02 08:18 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log
2013-05-31 06:28 - 2010-07-02 08:58 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-05-30 11:39 - 2012-12-13 05:35 - 00000000 ____D C:\Users\owner\AppData\Roaming\Audacity
2013-05-30 08:11 - 2013-05-30 08:11 - 609254165 ____A C:\Windows\MEMORY.DMP
2013-05-30 08:11 - 2013-05-30 08:11 - 00274520 ____A C:\Windows\Minidump\Mini053013-01.dmp
2013-05-30 08:11 - 2011-05-02 16:39 - 00000000 ____D C:\Windows\Minidump
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\My Documents\grrr.wma
2013-05-28 05:54 - 2013-05-28 05:54 - 01311569 ____A C:\Users\owner\Documents\grrr.wma
2013-05-27 12:41 - 2013-05-27 12:13 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript (1)
2013-05-27 12:13 - 2013-05-27 12:13 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript (1).zip
2013-05-25 08:06 - 2012-07-28 13:53 - 00000000 ____D C:\Program Files (x86)\Steam
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\HPSSUPPLY
2013-05-20 18:03 - 2013-05-20 18:03 - 00000000 ____D C:\ProgramData\Application Data\HPSSUPPLY
2013-05-20 15:28 - 2013-05-21 12:55 - 434296755 ____A C:\Users\owner\My Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 15:28 - 2013-05-21 12:55 - 434296755 ____A C:\Users\owner\Documents\video-2013-05-20-19-11-29.mp4
2013-05-20 15:03 - 2013-05-21 12:56 - 302378269 ____A C:\Users\owner\My Documents\video-2013-05-20-18-52-13.mp4
2013-05-20 15:03 - 2013-05-21 12:56 - 302378269 ____A C:\Users\owner\Documents\video-2013-05-20-18-52-13.mp4
2013-05-20 12:27 - 2013-05-21 12:56 - 509771523 ____A C:\Users\owner\My Documents\video-2013-05-20-16-07-41.mp4
2013-05-20 12:27 - 2013-05-21 12:56 - 509771523 ____A C:\Users\owner\Documents\video-2013-05-20-16-07-41.mp4
2013-05-17 19:09 - 2012-07-31 06:56 - 00000000 ____D C:\Users\owner\My Documents\School
2013-05-17 19:09 - 2012-07-31 06:56 - 00000000 ____D C:\Users\owner\Documents\School
2013-05-15 16:38 - 2012-04-29 10:29 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 16:38 - 2011-06-13 13:32 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-13 19:29 - 2013-05-13 18:49 - 00000000 ____D C:\Users\owner\Downloads\jiayou-transcript
2013-05-13 18:49 - 2013-05-13 18:49 - 00126305 ____A C:\Users\owner\Downloads\jiayou-transcript.zip
2013-05-09 00:59 - 2013-05-31 06:28 - 00189936 ____A C:\Windows\System32\Drivers\aswVmm.sys
2013-05-09 00:59 - 2013-05-31 06:28 - 00065336 ____A C:\Windows\System32\Drivers\aswRvrt.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 01025808 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00378432 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00080816 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00064288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00059144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys
2013-05-09 00:59 - 2011-04-21 08:45 - 00033400 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2013-05-09 00:58 - 2011-04-21 08:45 - 00287840 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2013-05-09 00:58 - 2011-04-21 08:45 - 00041664 ____A (AVAST Software) C:\Windows\avastSS.scr
2013-05-05 11:43 - 2010-07-05 15:36 - 00000680 ____A C:\Users\owner\AppData\Local\d3d9caps.dat
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\My Documents\posty.txt
2013-05-03 14:09 - 2013-05-03 14:09 - 00002231 ____A C:\Users\owner\Documents\posty.txt
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\Public\CyberLink
2013-05-02 07:18 - 2013-05-02 07:18 - 00000000 ____D C:\Users\owner\AppData\Roaming\CyberLink
2013-05-02 07:18 - 2009-05-31 21:56 - 00000000 ____D C:\ProgramData\CyberLink
2013-05-02 07:18 - 2009-05-31 21:56 - 00000000 ____D C:\ProgramData\Application Data\CyberLink
2013-05-02 07:15 - 2010-07-26 10:41 - 00026112 ____A C:\Users\owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-02 04:56 - 2012-10-31 06:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-01 13:43 - 2013-05-01 13:41 - 183489104 ____A C:\Users\owner\Downloads\Community.S02E07.HDTV.XviD-LOL.avi
2013-05-01 13:40 - 2013-05-01 13:38 - 183493828 ____A C:\Users\owner\Downloads\Community.S02E06.HDTV.XviD-LOL.avi
2013-05-01 13:34 - 2013-05-01 13:31 - 183467836 ____A C:\Users\owner\Downloads\Community.S02E05.HDTV.XviD-LOL.avi
2013-05-01 13:30 - 2013-05-01 13:28 - 183481104 ____A C:\Users\owner\Downloads\Community.S02E04.HDTV.XviD-LOL.avi
2013-05-01 13:27 - 2013-05-01 13:25 - 183483694 ____A C:\Users\owner\Downloads\Community.S02E03.HDTV.XviD-LOL.avi
2013-05-01 13:22 - 2013-05-01 13:20 - 183545856 ____A C:\Users\owner\Downloads\Community.S02E02.HDTV.XviD-LOL.avi
2013-05-01 13:19 - 2013-05-01 13:16 - 183712388 ____A C:\Users\owner\Downloads\Community.S02E01.Anthropology.101.HDTV.XviD-FQM.avi
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\My Documents\chinesestudy.txt
2013-05-01 13:14 - 2013-05-01 13:14 - 00000158 ____A C:\Users\owner\Documents\chinesestudy.txt

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-04-24 10:00:32
Restore point made on: 2013-04-28 11:22:54
Restore point made on: 2013-04-29 17:03:56
Restore point made on: 2013-05-01 11:05:13
Restore point made on: 2013-05-02 08:50:31
Restore point made on: 2013-05-04 13:10:19
Restore point made on: 2013-05-11 10:30:14
Restore point made on: 2013-05-13 08:02:44
Restore point made on: 2013-05-15 14:04:19
Restore point made on: 2013-05-16 15:49:39
Restore point made on: 2013-05-25 06:55:43
Restore point made on: 2013-05-27 10:36:11
Restore point made on: 2013-05-29 09:20:49

==================== Memory info ===========================

Percentage of memory in use: 17%
Total physical RAM: 3998.02 MB
Available physical RAM: 3292.41 MB
Total Pagefile: 3676.99 MB
Available Pagefile: 3264.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:286.41 GB) (Free:121.71 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:11.68 GB) (Free:1.89 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]
Drive f: (USB DISK) (Removable) (Total:3.73 GB) (Free:0.84 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: B0196DD2)
Partition 1: (Active) - (Size=286 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 89012D55)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)

Last Boot: 2013-05-31 14:17

==================== End Of Log ============================



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:03 AM

Posted 01 June 2013 - 02:07 PM

Hello,

 

 

1.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

2.

Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop

Link 1
Link 2

  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.  It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • RcAuto1.gif
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    whatnext.png
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.
 

 

Things to include in your next reply::

TdssKiller log

Combofix.txt

How is your machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 01 June 2013 - 03:33 PM

Sorry this came out crazy long. It wouldnt let me attatch the files because they were too big. Also. I thought I had disabled avast but apparantly something was still running and didnt find out till after I started the scan.. I hope this didnt compromise the system.

 

My computer loaded a lot faster than usual. In fact, this morning when I turned on the computer it kept freezing but didn't find the same problems after the scans. I hope all is clear, but I just wanted to thank you for your time and patience with me :)

 

again.. sorry for this crazy long post.. lol.

 

15:23:01.0518 4688  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:23:01.0867 4688  ============================================================
15:23:01.0867 4688  Current date / time: 2013/06/01 15:23:01.0867
15:23:01.0867 4688  SystemInfo:
15:23:01.0867 4688 
15:23:01.0867 4688  OS Version: 6.0.6002 ServicePack: 2.0
15:23:01.0867 4688  Product type: Workstation
15:23:01.0867 4688  ComputerName: OWNER-PC
15:23:01.0868 4688  UserName: owner
15:23:01.0868 4688  Windows directory: C:\Windows
15:23:01.0868 4688  System windows directory: C:\Windows
15:23:01.0868 4688  Running under WOW64
15:23:01.0868 4688  Processor architecture: Intel x64
15:23:01.0868 4688  Number of processors: 2
15:23:01.0868 4688  Page size: 0x1000
15:23:01.0868 4688  Boot type: Normal boot
15:23:01.0868 4688  ============================================================
15:23:03.0013 4688  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:23:03.0019 4688  ============================================================
15:23:03.0019 4688  \Device\Harddisk0\DR0:
15:23:03.0019 4688  MBR partitions:
15:23:03.0019 4688  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23CCF800
15:23:03.0019 4688  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23CD0000, BlocksNum 0x175D000
15:23:03.0020 4688  ============================================================
15:23:03.0053 4688  C: <-> \Device\Harddisk0\DR0\Partition1
15:23:03.0106 4688  D: <-> \Device\Harddisk0\DR0\Partition2
15:23:03.0106 4688  ============================================================
15:23:03.0106 4688  Initialize success
15:23:03.0106 4688  ============================================================
15:23:38.0436 3892  Deinitialize success
 


Edited by lalalee, 01 June 2013 - 03:43 PM.


#14 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 01 June 2013 - 03:39 PM

15:26:21.0272 3848  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:26:23.0284 3848  ============================================================
15:26:23.0284 3848  Current date / time: 2013/06/01 15:26:23.0284
15:26:23.0284 3848  SystemInfo:
15:26:23.0284 3848 
15:26:23.0284 3848  OS Version: 6.0.6002 ServicePack: 2.0
15:26:23.0284 3848  Product type: Workstation
15:26:23.0284 3848  ComputerName: OWNER-PC
15:26:23.0284 3848  UserName: owner
15:26:23.0284 3848  Windows directory: C:\Windows
15:26:23.0284 3848  System windows directory: C:\Windows
15:26:23.0284 3848  Running under WOW64
15:26:23.0284 3848  Processor architecture: Intel x64
15:26:23.0284 3848  Number of processors: 2
15:26:23.0284 3848  Page size: 0x1000
15:26:23.0284 3848  Boot type: Normal boot
15:26:23.0284 3848  ============================================================
15:26:26.0738 3848  BG loaded
15:26:29.0296 3848  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:26:29.0327 3848  ============================================================
15:26:29.0327 3848  \Device\Harddisk0\DR0:
15:26:29.0358 3848  MBR partitions:
15:26:29.0358 3848  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23CCF800
15:26:29.0358 3848  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23CD0000, BlocksNum 0x175D000
15:26:29.0358 3848  ============================================================
15:26:29.0561 3848  C: <-> \Device\Harddisk0\DR0\Partition1
15:26:30.0138 3848  D: <-> \Device\Harddisk0\DR0\Partition2
15:26:30.0138 3848  ============================================================
15:26:30.0138 3848  Initialize success
15:26:30.0138 3848  ============================================================
15:31:20.0984 0888  ============================================================
15:31:20.0985 0888  Scan started
15:31:20.0985 0888  Mode: Manual; SigCheck; TDLFS;
15:31:20.0985 0888  ============================================================
15:31:21.0709 0888  ================ Scan system memory ========================
15:31:21.0709 0888  System memory - ok
15:31:21.0710 0888  ================ Scan services =============================
15:31:22.0392 0888  [ 3E2427D4966C7606097341E55AB4E105 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
15:31:22.0609 0888  Accelerometer - ok
15:31:22.0667 0888  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:31:22.0700 0888  ACPI - ok
15:31:22.0797 0888  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:31:22.0839 0888  AdobeARMservice - ok
15:31:22.0986 0888  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:31:23.0009 0888  AdobeFlashPlayerUpdateSvc - ok
15:31:23.0077 0888  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:31:23.0123 0888  adp94xx - ok
15:31:23.0177 0888  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:31:23.0253 0888  adpahci - ok
15:31:23.0294 0888  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:31:23.0312 0888  adpu160m - ok
15:31:23.0320 0888  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:31:23.0338 0888  adpu320 - ok
15:31:23.0403 0888  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:31:23.0529 0888  AeLookupSvc - ok
15:31:24.0160 0888  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
15:31:24.0224 0888  AESTFilters - ok
15:31:24.0298 0888  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
15:31:24.0367 0888  AFD - ok
15:31:24.0430 0888  [ 734088CB57AEA704CA716C1C6BC5E0E6 ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
15:31:24.0493 0888  AgereModemAudio - ok
15:31:24.0566 0888  [ 70E15CDA25E151DFC60636EF73F5A7BE ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
15:31:24.0618 0888  AgereSoftModem - ok
15:31:24.0675 0888  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:31:24.0698 0888  agp440 - ok
15:31:24.0735 0888  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:31:24.0764 0888  aic78xx - ok
15:31:24.0778 0888  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
15:31:24.0878 0888  ALG - ok
15:31:24.0904 0888  [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide          C:\Windows\system32\drivers\aliide.sys
15:31:24.0930 0888  aliide - ok
15:31:24.0936 0888  [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide          C:\Windows\system32\drivers\amdide.sys
15:31:24.0962 0888  amdide - ok
15:31:24.0991 0888  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:31:25.0072 0888  AmdK8 - ok
15:31:25.0120 0888  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
15:31:25.0171 0888  androidusb - ok
15:31:25.0211 0888  [ 69D882157E5E4D17D32E30182F945046 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
15:31:25.0231 0888  ApfiltrService - ok
15:31:25.0275 0888  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
15:31:25.0322 0888  Appinfo - ok
15:31:25.0412 0888  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:31:25.0432 0888  Apple Mobile Device - ok
15:31:25.0488 0888  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
15:31:25.0524 0888  arc - ok
15:31:25.0564 0888  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:31:25.0586 0888  arcsas - ok
15:31:25.0635 0888  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
15:31:25.0653 0888  aswFsBlk - ok
15:31:25.0695 0888  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:31:25.0714 0888  aswMonFlt - ok
15:31:25.0741 0888  [ 9A9565BB92EE412B77B7416DD1D32F0B ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
15:31:25.0761 0888  aswRdr - ok
15:31:25.0834 0888  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:31:25.0853 0888  aswRvrt - ok
15:31:25.0920 0888  [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:31:25.0961 0888  aswSnx - ok
15:31:26.0015 0888  [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:31:26.0049 0888  aswSP - ok
15:31:26.0115 0888  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
15:31:26.0141 0888  aswTdi - ok
15:31:26.0192 0888  [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:31:26.0220 0888  aswVmm - ok
15:31:26.0258 0888  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:31:26.0325 0888  AsyncMac - ok
15:31:26.0364 0888  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:31:26.0391 0888  atapi - ok
15:31:26.0442 0888  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:31:26.0563 0888  AudioEndpointBuilder - ok
15:31:26.0589 0888  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:31:26.0646 0888  AudioSrv - ok
15:31:26.0791 0888  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:31:26.0824 0888  avast! Antivirus - ok
15:31:26.0914 0888  [ 2C91205C43EA45CFE14E9E14E05601AE ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
15:31:27.0033 0888  BCM43XX - ok
15:31:27.0138 0888  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
15:31:27.0280 0888  BITS - ok
15:31:27.0343 0888  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:31:27.0417 0888  blbdrive - ok
15:31:27.0497 0888  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:31:27.0548 0888  Bonjour Service - ok
15:31:27.0608 0888  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:31:27.0689 0888  bowser - ok
15:31:27.0747 0888  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:31:27.0796 0888  BrFiltLo - ok
15:31:27.0821 0888  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:31:27.0855 0888  BrFiltUp - ok
15:31:27.0899 0888  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
15:31:27.0963 0888  Browser - ok
15:31:27.0983 0888  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:31:28.0059 0888  Brserid - ok
15:31:28.0093 0888  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:31:28.0187 0888  BrSerWdm - ok
15:31:28.0267 0888  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:31:28.0369 0888  BrUsbMdm - ok
15:31:28.0391 0888  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:31:28.0462 0888  BrUsbSer - ok
15:31:28.0532 0888  [ 471FF09330A53177BBE9FD6DDF8A8259 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:31:28.0569 0888  BthEnum - ok
15:31:28.0613 0888  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:31:28.0680 0888  BTHMODEM - ok
15:31:28.0708 0888  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:31:28.0785 0888  BthPan - ok
15:31:28.0882 0888  [ 7D104F22C04A76F0D2F96F789AC07FCB ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:31:28.0982 0888  BTHPORT - ok
15:31:29.0039 0888  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ         C:\Windows\System32\bthserv.dll
15:31:29.0092 0888  BthServ - ok
15:31:29.0138 0888  [ D9324F0C142267961CE900BFC3798BB1 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:31:29.0186 0888  BTHUSB - ok
15:31:29.0263 0888  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:31:29.0335 0888  cdfs - ok
15:31:29.0395 0888  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:31:29.0472 0888  cdrom - ok
15:31:29.0523 0888  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:31:29.0598 0888  CertPropSvc - ok
15:31:29.0632 0888  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:31:29.0721 0888  circlass - ok
15:31:29.0797 0888  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
15:31:29.0865 0888  CLFS - ok
15:31:29.0938 0888  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:31:29.0971 0888  clr_optimization_v2.0.50727_32 - ok
15:31:30.0045 0888  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:31:30.0091 0888  clr_optimization_v2.0.50727_64 - ok
15:31:30.0155 0888  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:31:30.0189 0888  clr_optimization_v4.0.30319_32 - ok
15:31:30.0248 0888  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:31:30.0294 0888  clr_optimization_v4.0.30319_64 - ok
15:31:30.0355 0888  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:31:30.0431 0888  CmBatt - ok
15:31:30.0449 0888  [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:31:30.0474 0888  cmdide - ok
15:31:30.0580 0888  [ 2F27104F5D6ED63FDAC38CACB9D19DFD ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:31:30.0598 0888  Com4QLBEx - ok
15:31:30.0620 0888  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:31:30.0640 0888  Compbatt - ok
15:31:30.0645 0888  COMSysApp - ok
15:31:30.0666 0888  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:31:30.0685 0888  crcdisk - ok
15:31:30.0734 0888  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:31:30.0756 0888  CryptSvc - ok
15:31:30.0824 0888  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:31:30.0907 0888  DcomLaunch - ok
15:31:30.0965 0888  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:31:31.0000 0888  DfsC - ok
15:31:31.0455 0888  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
15:31:31.0710 0888  DFSR - ok
15:31:31.0766 0888  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:31:31.0863 0888  Dhcp - ok
15:31:31.0938 0888  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
15:31:31.0976 0888  disk - ok
15:31:32.0011 0888  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:31:32.0069 0888  Dnscache - ok
15:31:32.0123 0888  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:31:32.0218 0888  dot3svc - ok
15:31:32.0279 0888  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:31:32.0356 0888  Dot4 - ok
15:31:32.0404 0888  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:31:32.0479 0888  Dot4Print - ok
15:31:32.0514 0888  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:31:32.0602 0888  dot4usb - ok
15:31:32.0641 0888  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
15:31:32.0716 0888  DPS - ok
15:31:32.0780 0888  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:31:32.0844 0888  drmkaud - ok
15:31:32.0940 0888  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:31:32.0995 0888  DXGKrnl - ok
15:31:33.0038 0888  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:31:33.0128 0888  E1G60 - ok
15:31:33.0194 0888  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
15:31:33.0261 0888  EapHost - ok
15:31:33.0311 0888  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:31:33.0343 0888  Ecache - ok
15:31:33.0432 0888  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:31:33.0500 0888  ehRecvr - ok
15:31:33.0542 0888  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
15:31:33.0593 0888  ehSched - ok
15:31:33.0632 0888  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
15:31:33.0698 0888  ehstart - ok
15:31:33.0758 0888  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:31:33.0800 0888  elxstor - ok
15:31:33.0891 0888  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:31:33.0972 0888  EMDMgmt - ok
15:31:34.0024 0888  [ CD0C80E5E9A9BF8DD145F43713D77993 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
15:31:34.0101 0888  enecir - ok
15:31:34.0148 0888  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:31:34.0247 0888  ErrDev - ok
15:31:34.0323 0888  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
15:31:34.0418 0888  EventSystem - ok
15:31:34.0495 0888  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:31:34.0569 0888  exfat - ok
15:31:34.0612 0888  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:31:34.0664 0888  fastfat - ok
15:31:34.0706 0888  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:31:34.0792 0888  fdc - ok
15:31:34.0825 0888  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
15:31:34.0906 0888  fdPHost - ok
15:31:34.0935 0888  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
15:31:35.0028 0888  FDResPub - ok
15:31:35.0046 0888  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:31:35.0087 0888  FileInfo - ok
15:31:35.0116 0888  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:31:35.0183 0888  Filetrace - ok
15:31:35.0236 0888  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:31:35.0295 0888  flpydisk - ok
15:31:35.0381 0888  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:31:35.0405 0888  FltMgr - ok
15:31:35.0626 0888  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
15:31:35.0753 0888  FontCache - ok
15:31:35.0820 0888  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:31:35.0840 0888  FontCache3.0.0.0 - ok
15:31:35.0865 0888  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:31:35.0914 0888  Fs_Rec - ok
15:31:35.0954 0888  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:31:35.0981 0888  gagp30kx - ok
15:31:36.0034 0888  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:31:36.0055 0888  GEARAspiWDM - ok
15:31:36.0091 0888  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:31:36.0159 0888  gpsvc - ok
15:31:36.0259 0888  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:31:36.0303 0888  HdAudAddService - ok
15:31:36.0444 0888  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:31:36.0575 0888  HDAudBus - ok
15:31:36.0626 0888  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:31:36.0739 0888  HidBth - ok
15:31:36.0785 0888  [ 5F47839455D01FF6403B008D481A6F5B ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:31:36.0855 0888  HidIr - ok
15:31:36.0888 0888  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
15:31:36.0959 0888  hidserv - ok
15:31:36.0996 0888  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:31:37.0061 0888  HidUsb - ok
15:31:37.0101 0888  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:31:37.0190 0888  hkmsvc - ok
15:31:37.0275 0888  [ 158DDAC4AA0DFCF2E33B4F53CB5A20B9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
15:31:37.0308 0888  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
15:31:37.0308 0888  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
15:31:37.0346 0888  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:31:37.0372 0888  HpCISSs - ok
15:31:37.0419 0888  [ CCBE758967CC0F53F5BA3B271653C4E6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
15:31:37.0451 0888  hpdskflt - ok
15:31:37.0634 0888  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:31:37.0800 0888  hpqcxs08 - ok
15:31:37.0855 0888  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:31:37.0883 0888  hpqddsvc - ok
15:31:37.0913 0888  [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
15:31:37.0954 0888  HpqKbFiltr - ok
15:31:38.0018 0888  [ 3E1CB5C4AFFA06B4B29E8FF12544CF23 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
15:31:38.0042 0888  hpqwmiex - ok
15:31:38.0066 0888  [ E2223A37896A76861D7F79FD81A2A193 ] hpsrv           C:\Windows\system32\Hpservice.exe
15:31:38.0088 0888  hpsrv - ok
15:31:38.0138 0888  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:31:38.0220 0888  HTTP - ok
15:31:38.0276 0888  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:31:38.0317 0888  i2omp - ok
15:31:38.0349 0888  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:31:38.0415 0888  i8042prt - ok
15:31:38.0464 0888  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:31:38.0499 0888  iaStorV - ok
15:31:38.0561 0888  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:31:38.0608 0888  IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:31:38.0608 0888  IDriverT - detected UnsignedFile.Multi.Generic (1)
15:31:38.0773 0888  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:31:38.0872 0888  idsvc - ok
15:31:39.0581 0888  [ 7B0A679638E9380C0D8D42C7D43F8169 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:31:39.0984 0888  igfx - ok
15:31:40.0014 0888  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:31:40.0034 0888  iirsp - ok
15:31:40.0085 0888  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
15:31:40.0180 0888  IKEEXT - ok
15:31:40.0238 0888  [ C7C9720A5B0FD2B974FC4F72E405204B ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
15:31:40.0322 0888  IntcHdmiAddService - ok
15:31:40.0380 0888  [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:31:40.0403 0888  intelide - ok
15:31:40.0422 0888  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:31:40.0517 0888  intelppm - ok
15:31:40.0548 0888  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:31:40.0615 0888  IPBusEnum - ok
15:31:40.0665 0888  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:31:40.0747 0888  IpFilterDriver - ok
15:31:40.0753 0888  IpInIp - ok
15:31:40.0781 0888  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:31:40.0873 0888  IPMIDRV - ok
15:31:40.0893 0888  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:31:40.0974 0888  IPNAT - ok
15:31:41.0031 0888  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:31:41.0079 0888  iPod Service - ok
15:31:41.0158 0888  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:31:41.0237 0888  IRENUM - ok
15:31:41.0268 0888  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:31:41.0293 0888  isapnp - ok
15:31:41.0325 0888  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:31:41.0356 0888  iScsiPrt - ok
15:31:41.0382 0888  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:31:41.0418 0888  iteatapi - ok
15:31:41.0433 0888  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:31:41.0458 0888  iteraid - ok
15:31:41.0491 0888  [ B33736B29D70DBD275B099BCD4F5C1BA ] JMCR            C:\Windows\system32\DRIVERS\jmcr.sys
15:31:41.0552 0888  JMCR - ok
15:31:41.0577 0888  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:31:41.0602 0888  kbdclass - ok
15:31:41.0621 0888  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:31:41.0706 0888  kbdhid - ok
15:31:41.0734 0888  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
15:31:41.0786 0888  KeyIso - ok
15:31:41.0852 0888  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:31:41.0911 0888  KSecDD - ok
15:31:41.0952 0888  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:31:42.0032 0888  ksthunk - ok
15:31:42.0116 0888  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:31:42.0212 0888  KtmRm - ok
15:31:42.0260 0888  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:31:42.0319 0888  LanmanServer - ok
15:31:42.0375 0888  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:31:42.0409 0888  LanmanWorkstation - ok
15:31:42.0472 0888  [ 9188D073CD14F886790D6037D1986063 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:31:42.0498 0888  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:31:42.0498 0888  LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:31:42.0526 0888  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:31:42.0588 0888  lltdio - ok
15:31:42.0674 0888  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:31:42.0814 0888  lltdsvc - ok
15:31:42.0882 0888  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:31:43.0015 0888  lmhosts - ok
15:31:43.0069 0888  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:31:43.0147 0888  LSI_FC - ok
15:31:43.0168 0888  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:31:43.0196 0888  LSI_SAS - ok
15:31:43.0229 0888  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:31:43.0257 0888  LSI_SCSI - ok
15:31:43.0266 0888  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:31:43.0365 0888  luafv - ok
15:31:43.0411 0888  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:31:43.0437 0888  MBAMProtector - ok
15:31:43.0496 0888  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:31:43.0539 0888  MBAMScheduler - ok
15:31:43.0621 0888  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:31:43.0669 0888  MBAMService - ok
15:31:43.0711 0888  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:31:43.0760 0888  Mcx2Svc - ok
15:31:43.0797 0888  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
15:31:43.0823 0888  megasas - ok
15:31:43.0862 0888  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:31:43.0910 0888  MegaSR - ok
15:31:43.0994 0888  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:31:44.0013 0888  Microsoft Office Groove Audit Service - ok
15:31:44.0041 0888  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
15:31:44.0119 0888  MMCSS - ok
15:31:44.0142 0888  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
15:31:44.0215 0888  Modem - ok
15:31:44.0236 0888  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:31:44.0299 0888  monitor - ok
15:31:44.0321 0888  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:31:44.0341 0888  mouclass - ok
15:31:44.0372 0888  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:31:44.0439 0888  mouhid - ok
15:31:44.0445 0888  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:31:44.0466 0888  MountMgr - ok
15:31:44.0558 0888  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:31:44.0580 0888  MozillaMaintenance - ok
15:31:44.0630 0888  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:31:44.0658 0888  mpio - ok
15:31:44.0710 0888  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:31:44.0793 0888  mpsdrv - ok
15:31:44.0838 0888  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:31:44.0866 0888  Mraid35x - ok
15:31:44.0899 0888  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:31:44.0961 0888  MRxDAV - ok
15:31:45.0009 0888  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:31:45.0079 0888  mrxsmb - ok
15:31:45.0115 0888  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:31:45.0177 0888  mrxsmb10 - ok
15:31:45.0201 0888  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:31:45.0259 0888  mrxsmb20 - ok
15:31:45.0309 0888  [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:31:45.0335 0888  msahci - ok
15:31:45.0412 0888  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:31:45.0457 0888  msdsm - ok
15:31:45.0485 0888  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
15:31:45.0599 0888  MSDTC - ok
15:31:45.0630 0888  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:31:45.0691 0888  Msfs - ok
15:31:45.0730 0888  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:31:45.0756 0888  msisadrv - ok
15:31:45.0836 0888  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:31:45.0931 0888  MSiSCSI - ok
15:31:45.0940 0888  msiserver - ok
15:31:46.0020 0888  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:31:46.0115 0888  MSKSSRV - ok
15:31:46.0148 0888  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:31:46.0240 0888  MSPCLOCK - ok
15:31:46.0274 0888  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:31:46.0358 0888  MSPQM - ok
15:31:46.0420 0888  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:31:46.0474 0888  MsRPC - ok
15:31:46.0506 0888  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:31:46.0525 0888  mssmbios - ok
15:31:46.0544 0888  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:31:46.0607 0888  MSTEE - ok
15:31:46.0640 0888  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:31:46.0661 0888  Mup - ok
15:31:46.0695 0888  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
15:31:46.0784 0888  napagent - ok
15:31:46.0840 0888  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:31:46.0887 0888  NativeWifiP - ok
15:31:46.0944 0888  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:31:47.0034 0888  NDIS - ok
15:31:47.0074 0888  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:31:47.0110 0888  NdisTapi - ok
15:31:47.0126 0888  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:31:47.0192 0888  Ndisuio - ok
15:31:47.0228 0888  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:31:47.0287 0888  NdisWan - ok
15:31:47.0315 0888  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:31:47.0375 0888  NDProxy - ok
15:31:47.0421 0888  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:31:47.0453 0888  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:31:47.0453 0888  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:31:47.0490 0888  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:31:47.0565 0888  NetBIOS - ok
15:31:47.0620 0888  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:31:47.0685 0888  netbt - ok
15:31:47.0712 0888  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
15:31:47.0730 0888  Netlogon - ok
15:31:47.0816 0888  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
15:31:47.0904 0888  Netman - ok
15:31:48.0000 0888  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
15:31:48.0040 0888  netprofm - ok
15:31:48.0126 0888  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:31:48.0236 0888  NetTcpPortSharing - ok
15:31:48.0585 0888  [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64        C:\Windows\system32\DRIVERS\NETw3v64.sys
15:31:48.0784 0888  NETw3v64 - ok
15:31:48.0827 0888  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:31:48.0853 0888  nfrd960 - ok
15:31:48.0882 0888  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:31:48.0930 0888  NlaSvc - ok
15:31:48.0966 0888  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:31:49.0030 0888  Npfs - ok
15:31:49.0074 0888  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
15:31:49.0157 0888  nsi - ok
15:31:49.0193 0888  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:31:49.0271 0888  nsiproxy - ok
15:31:49.0450 0888  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:31:49.0596 0888  Ntfs - ok
15:31:49.0696 0888  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
15:31:49.0780 0888  Null - ok
15:31:49.0803 0888  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:31:49.0842 0888  nvraid - ok
15:31:49.0865 0888  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:31:49.0917 0888  nvstor - ok
15:31:49.0941 0888  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:31:49.0983 0888  nv_agp - ok
15:31:49.0990 0888  NwlnkFlt - ok
15:31:49.0998 0888  NwlnkFwd - ok
15:31:50.0136 0888  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:31:50.0208 0888  odserv - ok
15:31:50.0243 0888  [ 1B30103FDE512915A9214B108B6E7A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:31:50.0375 0888  ohci1394 - ok
15:31:50.0444 0888  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:31:50.0505 0888  ose - ok
15:31:50.0604 0888  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:31:50.0691 0888  p2pimsvc - ok
15:31:50.0773 0888  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
15:31:50.0853 0888  p2psvc - ok
15:31:50.0934 0888  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
15:31:51.0112 0888  Parport - ok
15:31:51.0162 0888  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:31:51.0200 0888  partmgr - ok
15:31:51.0263 0888  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:31:51.0305 0888  PcaSvc - ok
15:31:51.0354 0888  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
15:31:51.0404 0888  pci - ok
15:31:51.0446 0888  [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide          C:\Windows\system32\drivers\pciide.sys
15:31:51.0489 0888  pciide - ok
15:31:51.0523 0888  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:31:51.0573 0888  pcmcia - ok
15:31:51.0642 0888  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:31:51.0801 0888  PEAUTH - ok
15:31:52.0444 0888  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:31:52.0561 0888  PerfHost - ok
15:31:52.0655 0888  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
15:31:52.0796 0888  pla - ok
15:31:52.0865 0888  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:31:52.0922 0888  PlugPlay - ok
15:31:52.0955 0888  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:31:53.0000 0888  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:31:53.0000 0888  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:31:53.0048 0888  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:31:53.0092 0888  PNRPAutoReg - ok
15:31:53.0172 0888  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:31:53.0227 0888  PNRPsvc - ok
15:31:53.0326 0888  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:31:53.0623 0888  PolicyAgent - ok
15:31:53.0701 0888  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:31:53.0787 0888  PptpMiniport - ok
15:31:53.0834 0888  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
15:31:53.0945 0888  Processor - ok
15:31:54.0006 0888  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:31:54.0079 0888  ProfSvc - ok
15:31:54.0114 0888  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:31:54.0157 0888  ProtectedStorage - ok
15:31:54.0210 0888  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:31:54.0267 0888  PSched - ok
15:31:54.0689 0888  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:31:54.0813 0888  ql2300 - ok
15:31:54.0869 0888  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:31:54.0917 0888  ql40xx - ok
15:31:55.0010 0888  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
15:31:55.0085 0888  QWAVE - ok
15:31:55.0134 0888  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:31:55.0172 0888  QWAVEdrv - ok
15:31:55.0193 0888  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:31:55.0264 0888  RasAcd - ok
15:31:55.0304 0888  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
15:31:55.0411 0888  RasAuto - ok
15:31:55.0453 0888  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:31:55.0529 0888  Rasl2tp - ok
15:31:55.0593 0888  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
15:31:55.0675 0888  RasMan - ok
15:31:55.0727 0888  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:31:55.0814 0888  RasPppoe - ok
15:31:55.0868 0888  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:31:55.0930 0888  RasSstp - ok
15:31:56.0023 0888  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:31:56.0089 0888  rdbss - ok
15:31:56.0120 0888  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:31:56.0193 0888  RDPCDD - ok
15:31:56.0317 0888  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:31:56.0431 0888  rdpdr - ok
15:31:56.0436 0888  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:31:56.0513 0888  RDPENCDD - ok
15:31:56.0553 0888  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:31:56.0598 0888  RDPWD - ok
15:31:56.0753 0888  [ 6266D28705BC3F99E8BAC1F864C14E91 ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
15:31:56.0796 0888  Recovery Service for Windows - ok
15:31:56.0849 0888  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:31:56.0945 0888  RemoteAccess - ok
15:31:56.0984 0888  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:31:57.0047 0888  RemoteRegistry - ok
15:31:57.0136 0888  [ 72C35598BA591ABDDC37FCE7D26FE1C4 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:31:57.0204 0888  RFCOMM - ok
15:31:57.0327 0888  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:31:57.0352 0888  RichVideo - ok
15:31:57.0388 0888  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
15:31:57.0441 0888  RpcLocator - ok
15:31:57.0508 0888  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
15:31:57.0551 0888  RpcSs - ok
15:31:57.0633 0888  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:31:57.0697 0888  rspndr - ok
15:31:57.0736 0888  [ 390482953C63E81BAE52F20386394421 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys
15:31:57.0787 0888  RTL8169 - ok
15:31:57.0815 0888  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
15:31:57.0831 0888  SamSs - ok
15:31:57.0858 0888  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:31:57.0874 0888  sbp2port - ok
15:31:57.0920 0888  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:31:57.0985 0888  SCardSvr - ok
15:31:58.0046 0888  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
15:31:58.0185 0888  Schedule - ok
15:31:58.0209 0888  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:31:58.0255 0888  SCPolicySvc - ok
15:31:58.0325 0888  [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
15:31:58.0440 0888  sdbus - ok
15:31:58.0492 0888  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:31:58.0524 0888  SDRSVC - ok
15:31:58.0551 0888  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:31:58.0672 0888  secdrv - ok
15:31:58.0749 0888  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
15:31:58.0844 0888  seclogon - ok
15:31:58.0864 0888  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
15:31:58.0973 0888  SENS - ok
15:31:58.0999 0888  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:31:59.0106 0888  Serenum - ok
15:31:59.0183 0888  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
15:31:59.0296 0888  Serial - ok
15:31:59.0328 0888  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:31:59.0401 0888  sermouse - ok
15:31:59.0455 0888  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:31:59.0523 0888  SessionEnv - ok
15:31:59.0552 0888  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:31:59.0616 0888  sffdisk - ok
15:31:59.0641 0888  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:31:59.0688 0888  sffp_mmc - ok
15:31:59.0714 0888  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:31:59.0784 0888  sffp_sd - ok
15:31:59.0825 0888  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:31:59.0940 0888  sfloppy - ok
15:32:00.0035 0888  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:32:00.0095 0888  ShellHWDetection - ok
15:32:00.0124 0888  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:32:00.0160 0888  SiSRaid2 - ok
15:32:00.0204 0888  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:32:00.0244 0888  SiSRaid4 - ok
15:32:00.0303 0888  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:32:00.0326 0888  SkypeUpdate - ok
15:32:00.0605 0888  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
15:32:00.0814 0888  slsvc - ok
15:32:00.0890 0888  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:32:00.0964 0888  SLUINotify - ok
15:32:01.0000 0888  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:32:01.0080 0888  Smb - ok
15:32:01.0147 0888  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:32:01.0214 0888  SNMPTRAP - ok
15:32:01.0268 0888  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
15:32:01.0296 0888  spldr - ok
15:32:01.0335 0888  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
15:32:01.0369 0888  Spooler - ok
15:32:01.0426 0888  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:32:01.0490 0888  srv - ok
15:32:01.0530 0888  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:32:01.0559 0888  srv2 - ok
15:32:01.0584 0888  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:32:01.0626 0888  srvnet - ok
15:32:01.0684 0888  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
15:32:01.0730 0888  ssadbus - ok
15:32:01.0769 0888  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:32:01.0817 0888  ssadmdfl - ok
15:32:01.0870 0888  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
15:32:01.0934 0888  ssadmdm - ok
15:32:01.0960 0888  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
15:32:01.0991 0888  ssadserd - ok
15:32:02.0071 0888  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:32:02.0168 0888  SSDPSRV - ok
15:32:02.0210 0888  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:32:02.0275 0888  SstpSvc - ok
15:32:02.0638 0888  [ 72EB6157E892A674E47E08732BB5CCE3 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\STacSV64.exe
15:32:02.0685 0888  STacSV - ok
15:32:02.0735 0888  Steam Client Service - ok
15:32:02.0793 0888  [ 0C7BDA7E9A329A071C080EB5210FE019 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
15:32:02.0862 0888  STHDA - ok
15:32:02.0909 0888  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
15:32:02.0953 0888  stisvc - ok
15:32:02.0981 0888  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:32:03.0005 0888  swenum - ok
15:32:03.0104 0888  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
15:32:03.0208 0888  swprv - ok
15:32:03.0243 0888  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:32:03.0268 0888  Symc8xx - ok
15:32:03.0306 0888  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:32:03.0331 0888  Sym_hi - ok
15:32:03.0339 0888  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:32:03.0364 0888  Sym_u3 - ok
15:32:03.0435 0888  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
15:32:03.0535 0888  SysMain - ok
15:32:03.0587 0888  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:32:03.0652 0888  TabletInputService - ok
15:32:03.0709 0888  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:32:03.0784 0888  TapiSrv - ok
15:32:03.0816 0888  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
15:32:03.0885 0888  TBS - ok
15:32:04.0082 0888  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:32:04.0211 0888  Tcpip - ok
15:32:04.0314 0888  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:32:04.0397 0888  Tcpip6 - ok
15:32:04.0430 0888  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:32:04.0454 0888  tcpipreg - ok
15:32:04.0514 0888  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:32:04.0576 0888  TDPIPE - ok
15:32:04.0582 0888  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:32:04.0639 0888  TDTCP - ok
15:32:04.0688 0888  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:32:04.0741 0888  tdx - ok
15:32:04.0784 0888  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:32:04.0803 0888  TermDD - ok
15:32:04.0851 0888  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
15:32:04.0907 0888  TermService - ok
15:32:04.0952 0888  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
15:32:04.0980 0888  Themes - ok
15:32:05.0014 0888  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:32:05.0069 0888  THREADORDER - ok
15:32:05.0110 0888  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
15:32:05.0186 0888  TrkWks - ok
15:32:05.0250 0888  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:32:05.0307 0888  TrustedInstaller - ok
15:32:05.0344 0888  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:32:05.0420 0888  tssecsrv - ok
15:32:05.0439 0888  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:32:05.0486 0888  tunmp - ok
15:32:05.0537 0888  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:32:05.0584 0888  tunnel - ok
15:32:05.0705 0888  [ 4215ECFC15D265A8E6E1925084B80908 ] TVCapSvc        C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
15:32:05.0733 0888  TVCapSvc - ok
15:32:05.0776 0888  [ F386D56F1B6D70E0E4E70E494975D279 ] TVSched         C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
15:32:05.0798 0888  TVSched - ok
15:32:05.0863 0888  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:32:05.0891 0888  uagp35 - ok
15:32:05.0922 0888  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:32:05.0994 0888  udfs - ok
15:32:06.0039 0888  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:32:06.0111 0888  UI0Detect - ok
15:32:06.0156 0888  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:32:06.0184 0888  uliagpkx - ok
15:32:06.0216 0888  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:32:06.0265 0888  uliahci - ok
15:32:06.0293 0888  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:32:06.0320 0888  UlSata - ok
15:32:06.0356 0888  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:32:06.0386 0888  ulsata2 - ok
15:32:06.0404 0888  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:32:06.0467 0888  umbus - ok
15:32:06.0494 0888  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
15:32:06.0585 0888  upnphost - ok
15:32:06.0638 0888  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:32:06.0688 0888  USBAAPL64 - ok
15:32:06.0727 0888  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:32:06.0776 0888  usbccgp - ok
15:32:06.0805 0888  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:32:06.0898 0888  usbcir - ok
15:32:06.0922 0888  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:32:06.0986 0888  usbehci - ok
15:32:07.0045 0888  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:32:07.0102 0888  usbhub - ok
15:32:07.0148 0888  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:32:07.0256 0888  usbohci - ok
15:32:07.0290 0888  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:32:07.0352 0888  usbprint - ok
15:32:07.0383 0888  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:32:07.0433 0888  usbscan - ok
15:32:07.0450 0888  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:32:07.0510 0888  USBSTOR - ok
15:32:07.0536 0888  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:32:07.0596 0888  usbuhci - ok
15:32:07.0621 0888  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:32:07.0697 0888  usbvideo - ok
15:32:07.0733 0888  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
15:32:07.0819 0888  UxSms - ok
15:32:07.0860 0888  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
15:32:07.0953 0888  vds - ok
15:32:08.0027 0888  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:32:08.0105 0888  vga - ok
15:32:08.0132 0888  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:32:08.0261 0888  VgaSave - ok
15:32:08.0279 0888  [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide          C:\Windows\system32\drivers\viaide.sys
15:32:08.0305 0888  viaide - ok
15:32:08.0336 0888  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:32:08.0365 0888  volmgr - ok
15:32:08.0402 0888  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:32:08.0458 0888  volmgrx - ok
15:32:08.0494 0888  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:32:08.0530 0888  volsnap - ok
15:32:08.0565 0888  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:32:08.0601 0888  vsmraid - ok
15:32:08.0672 0888  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
15:32:08.0820 0888  VSS - ok
15:32:08.0876 0888  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
15:32:08.0961 0888  W32Time - ok
15:32:08.0997 0888  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:32:09.0099 0888  WacomPen - ok
15:32:09.0132 0888  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:32:09.0205 0888  Wanarp - ok
15:32:09.0211 0888  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:32:09.0261 0888  Wanarpv6 - ok
15:32:09.0296 0888  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:32:09.0331 0888  wcncsvc - ok
15:32:09.0367 0888  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:32:09.0405 0888  WcsPlugInService - ok
15:32:09.0450 0888  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
15:32:09.0469 0888  Wd - ok
15:32:09.0521 0888  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:32:09.0563 0888  Wdf01000 - ok
15:32:09.0583 0888  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:32:09.0633 0888  WdiServiceHost - ok
15:32:09.0639 0888  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:32:09.0695 0888  WdiSystemHost - ok
15:32:09.0723 0888  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
15:32:09.0772 0888  WebClient - ok
15:32:09.0819 0888  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:32:09.0842 0888  Wecsvc - ok
15:32:09.0893 0888  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:32:09.0927 0888  wercplsupport - ok
15:32:09.0959 0888  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
15:32:10.0017 0888  WerSvc - ok
15:32:10.0023 0888  WinHttpAutoProxySvc - ok
15:32:10.0068 0888  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:32:10.0132 0888  Winmgmt - ok
15:32:10.0200 0888  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:32:10.0334 0888  WinRM - ok
15:32:10.0397 0888  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:32:10.0494 0888  Wlansvc - ok
15:32:10.0528 0888  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:32:10.0597 0888  WmiAcpi - ok
15:32:10.0625 0888  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:32:10.0679 0888  wmiApSrv - ok
15:32:10.0714 0888  WMPNetworkSvc - ok
15:32:10.0743 0888  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:32:10.0817 0888  WPCSvc - ok
15:32:10.0869 0888  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:32:10.0928 0888  WPDBusEnum - ok
15:32:10.0986 0888  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:32:11.0037 0888  WpdUsb - ok
15:32:11.0158 0888  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:32:11.0213 0888  WPFFontCache_v0400 - ok
15:32:11.0278 0888  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:32:11.0339 0888  ws2ifsl - ok
15:32:11.0345 0888  WSearch - ok
15:32:11.0454 0888  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:32:11.0617 0888  wuauserv - ok
15:32:11.0650 0888  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:32:11.0697 0888  WudfPf - ok
15:32:11.0748 0888  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:32:11.0801 0888  WUDFRd - ok
15:32:11.0837 0888  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:32:11.0869 0888  wudfsvc - ok
15:32:11.0915 0888  [ 07F7285220307AAFB755D890295F0F9A ] yukonx64        C:\Windows\system32\DRIVERS\yk60x64.sys
15:32:12.0047 0888  yukonx64 - ok
15:32:12.0072 0888  ================ Scan global ===============================
15:32:12.0111 0888  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:32:12.0153 0888  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:32:12.0197 0888  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
15:32:12.0240 0888  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:32:12.0246 0888  [Global] - ok
15:32:12.0247 0888  ================ Scan MBR ==================================
15:32:12.0264 0888  [ 5C86ADEC17B739C437E145E3B3FC2E6D ] \Device\Harddisk0\DR0
15:32:13.0278 0888  \Device\Harddisk0\DR0 - ok
15:32:13.0279 0888  ================ Scan VBR ==================================
15:32:13.0314 0888  [ 05BB50DDF89AF95F050ED647427FAE61 ] \Device\Harddisk0\DR0\Partition1
15:32:13.0318 0888  \Device\Harddisk0\DR0\Partition1 - ok
15:32:13.0347 0888  [ C7C059667602D07C3F67A5CE00A8FEF7 ] \Device\Harddisk0\DR0\Partition2
15:32:13.0351 0888  \Device\Harddisk0\DR0\Partition2 - ok
15:32:13.0352 0888  ================ Scan active images ========================
15:32:13.0357 0888  [ 4F4E1093ADFBAE48544DA6E7CCF09FE4 ] C:\Windows\System32\drivers\crashdmp.sys
15:32:13.0357 0888  C:\Windows\System32\drivers\crashdmp.sys - ok
15:32:13.0367 0888  [ 7E7270D67964C9EDDE6BFDAAC07B7999 ] C:\Windows\System32\drivers\Dumpata.sys
15:32:13.0367 0888  C:\Windows\System32\drivers\Dumpata.sys - ok
15:32:13.0379 0888  [ AA459F2AB3AB603C357FF117CAE3D818 ] C:\Windows\System32\drivers\msahci.sys
15:32:13.0379 0888  C:\Windows\System32\drivers\msahci.sys - ok
15:32:13.0393 0888  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] C:\Windows\System32\drivers\tunnel.sys
15:32:13.0393 0888  C:\Windows\System32\drivers\tunnel.sys - ok
15:32:13.0399 0888  [ B52D9A14CE4101577900A364BA86F3DF ] C:\Windows\System32\drivers\CmBatt.sys
15:32:13.0400 0888  C:\Windows\System32\drivers\CmBatt.sys - ok
15:32:13.0409 0888  [ BFD84AF32FA1BAD6231C4585CB469630 ] C:\Windows\System32\drivers\intelppm.sys
15:32:13.0409 0888  C:\Windows\System32\drivers\intelppm.sys - ok
15:32:13.0418 0888  [ 89EC74A9E602D16A75A4170511029B3C ] C:\Windows\System32\drivers\TUNMP.SYS
15:32:13.0419 0888  C:\Windows\System32\drivers\TUNMP.SYS - ok
15:32:13.0427 0888  [ 7B0A679638E9380C0D8D42C7D43F8169 ] C:\Windows\System32\drivers\igdkmd64.sys
15:32:13.0427 0888  C:\Windows\System32\drivers\igdkmd64.sys - ok
15:32:13.0434 0888  [ B8E554E502D5123BC111F99D6A2181B4 ] C:\Windows\System32\drivers\dxgkrnl.sys
15:32:13.0434 0888  C:\Windows\System32\drivers\dxgkrnl.sys - ok
15:32:13.0442 0888  [ 2F956EA22FCCE4C9F15C64175C891A1E ] C:\Windows\System32\drivers\watchdog.sys
15:32:13.0442 0888  C:\Windows\System32\drivers\watchdog.sys - ok
15:32:13.0447 0888  [ A60FDA63F3901AE49C244FF988427A9C ] C:\Windows\System32\drivers\usbport.sys
15:32:13.0447 0888  C:\Windows\System32\drivers\usbport.sys - ok
15:32:13.0457 0888  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] C:\Windows\System32\drivers\usbuhci.sys
15:32:13.0457 0888  C:\Windows\System32\drivers\usbuhci.sys - ok
15:32:13.0463 0888  [ 827E44DE934A736EA31E91D353EB126F ] C:\Windows\System32\drivers\usbehci.sys
15:32:13.0463 0888  C:\Windows\System32\drivers\usbehci.sys - ok
15:32:13.0474 0888  [ F942C5820205F2FB453243EDFEC82A3D ] C:\Windows\System32\drivers\hdaudbus.sys
15:32:13.0475 0888  C:\Windows\System32\drivers\hdaudbus.sys - ok
15:32:13.0480 0888  [ 2C91205C43EA45CFE14E9E14E05601AE ] C:\Windows\System32\drivers\BCMWL664.SYS
15:32:13.0480 0888  C:\Windows\System32\drivers\BCMWL664.SYS - ok
15:32:13.0490 0888  [ 390482953C63E81BAE52F20386394421 ] C:\Windows\System32\drivers\Rtlh64.sys
15:32:13.0490 0888  C:\Windows\System32\drivers\Rtlh64.sys - ok
15:32:13.0495 0888  [ B33736B29D70DBD275B099BCD4F5C1BA ] C:\Windows\System32\drivers\jmcr.sys
15:32:13.0495 0888  C:\Windows\System32\drivers\jmcr.sys - ok
15:32:13.0501 0888  [ 0ECC54FD34D6A089C300846B011E81D6 ] C:\Windows\System32\drivers\HpqKbFiltr.sys
15:32:13.0501 0888  C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
15:32:13.0510 0888  [ CBB597659A2713CE0C9CC20C88C7591F ] C:\Windows\System32\drivers\i8042prt.sys
15:32:13.0510 0888  C:\Windows\System32\drivers\i8042prt.sys - ok
15:32:13.0517 0888  [ 423696F3BA6472DD17699209B933BC26 ] C:\Windows\System32\drivers\kbdclass.sys
15:32:13.0517 0888  C:\Windows\System32\drivers\kbdclass.sys - ok
15:32:13.0525 0888  [ 69D882157E5E4D17D32E30182F945046 ] C:\Windows\System32\drivers\Apfiltr.sys
15:32:13.0525 0888  C:\Windows\System32\drivers\Apfiltr.sys - ok
15:32:13.0532 0888  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] C:\Windows\System32\drivers\mouclass.sys
15:32:13.0533 0888  C:\Windows\System32\drivers\mouclass.sys - ok
15:32:13.0541 0888  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] C:\Windows\System32\drivers\cdrom.sys
15:32:13.0541 0888  C:\Windows\System32\drivers\cdrom.sys - ok
15:32:13.0549 0888  [ 3E2427D4966C7606097341E55AB4E105 ] C:\Windows\System32\drivers\Accelerometer.sys
15:32:13.0549 0888  C:\Windows\System32\drivers\Accelerometer.sys - ok
15:32:13.0557 0888  [ CD0C80E5E9A9BF8DD145F43713D77993 ] C:\Windows\System32\drivers\enecir.sys
15:32:13.0557 0888  C:\Windows\System32\drivers\enecir.sys - ok
15:32:13.0563 0888  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
15:32:13.0563 0888  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
15:32:13.0574 0888  [ E4FDF99599F27EC25D2CF6D754243520 ] C:\Windows\System32\drivers\msiscsi.sys
15:32:13.0574 0888  C:\Windows\System32\drivers\msiscsi.sys - ok
15:32:13.0579 0888  [ C39A90534C5B1E28B8BC8B38A3900AFF ] C:\Windows\System32\drivers\tdi.sys
15:32:13.0579 0888  C:\Windows\System32\drivers\tdi.sys - ok
15:32:13.0586 0888  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] C:\Windows\System32\drivers\wmiacpi.sys
15:32:13.0586 0888  C:\Windows\System32\drivers\wmiacpi.sys - ok
15:32:13.0593 0888  [ 64DF698A425478E321981431AC171334 ] C:\Windows\System32\drivers\ndistapi.sys
15:32:13.0593 0888  C:\Windows\System32\drivers\ndistapi.sys - ok
15:32:13.0600 0888  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] C:\Windows\System32\drivers\rasl2tp.sys
15:32:13.0600 0888  C:\Windows\System32\drivers\rasl2tp.sys - ok
15:32:13.0606 0888  [ F8158771905260982CE724076419EF19 ] C:\Windows\System32\drivers\ndiswan.sys
15:32:13.0606 0888  C:\Windows\System32\drivers\ndiswan.sys - ok
15:32:13.0613 0888  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] C:\Windows\System32\drivers\raspppoe.sys
15:32:13.0613 0888  C:\Windows\System32\drivers\raspppoe.sys - ok
15:32:13.0619 0888  [ 23386E9952025F5F21C368971E2E7301 ] C:\Windows\System32\drivers\raspptp.sys
15:32:13.0619 0888  C:\Windows\System32\drivers\raspptp.sys - ok
15:32:13.0627 0888  [ C6A593B51F34C33E5474539544072527 ] C:\Windows\System32\drivers\rassstp.sys
15:32:13.0627 0888  C:\Windows\System32\drivers\rassstp.sys - ok
15:32:13.0634 0888  [ 8C19678D22649EC002EF2282EAE92F98 ] C:\Windows\System32\drivers\termdd.sys
15:32:13.0634 0888  C:\Windows\System32\drivers\termdd.sys - ok
15:32:13.0640 0888  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] C:\Windows\System32\drivers\circlass.sys
15:32:13.0641 0888  C:\Windows\System32\drivers\circlass.sys - ok
15:32:13.0647 0888  [ 6DF6A6E5642D97B07214B1FBED4A15B3 ] C:\Windows\System32\drivers\ks.sys
15:32:13.0647 0888  C:\Windows\System32\drivers\ks.sys - ok
15:32:13.0653 0888  [ 8A851CA908B8B974F89C50D2E18D4F0C ] C:\Windows\System32\drivers\swenum.sys
15:32:13.0654 0888  C:\Windows\System32\drivers\swenum.sys - ok
15:32:13.0660 0888  [ 855796E59DF77EA93AF46F20155BF55B ] C:\Windows\System32\drivers\mssmbios.sys
15:32:13.0661 0888  C:\Windows\System32\drivers\mssmbios.sys - ok
15:32:13.0667 0888  [ 46E9A994C4FED537DD951F60B86AD3F4 ] C:\Windows\System32\drivers\umbus.sys
15:32:13.0667 0888  C:\Windows\System32\drivers\umbus.sys - ok
15:32:13.0674 0888  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] C:\Windows\System32\drivers\usbhub.sys
15:32:13.0674 0888  C:\Windows\System32\drivers\usbhub.sys - ok
15:32:13.0680 0888  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] C:\Windows\System32\drivers\ndproxy.sys
15:32:13.0680 0888  C:\Windows\System32\drivers\ndproxy.sys - ok
15:32:13.0686 0888  [ A54FA007FD0349AB68DE6D3016A95C8C ] C:\Windows\System32\drivers\drmk.sys
15:32:13.0686 0888  C:\Windows\System32\drivers\drmk.sys - ok
15:32:13.0693 0888  [ 7B7820082CACF593D6FF343D082A3AA3 ] C:\Windows\System32\drivers\portcls.sys
15:32:13.0693 0888  C:\Windows\System32\drivers\portcls.sys - ok
15:32:13.0697 0888  [ 0C7BDA7E9A329A071C080EB5210FE019 ] C:\Windows\System32\drivers\stwrt64.sys
15:32:13.0697 0888  C:\Windows\System32\drivers\stwrt64.sys - ok
15:32:13.0707 0888  [ 1D419CF43DB29396ECD7113D129D94EB ] C:\Windows\System32\drivers\ksthunk.sys
15:32:13.0707 0888  C:\Windows\System32\drivers\ksthunk.sys - ok
15:32:13.0711 0888  [ 4C01941132AF4405D43668302CC59D2F ] C:\Windows\System32\drivers\usbd.sys
15:32:13.0711 0888  C:\Windows\System32\drivers\usbd.sys - ok
15:32:13.0718 0888  [ 70E15CDA25E151DFC60636EF73F5A7BE ] C:\Windows\System32\drivers\agrsm64.sys
15:32:13.0718 0888  C:\Windows\System32\drivers\agrsm64.sys - ok
15:32:13.0725 0888  [ 59848D5CC74606F0EE7557983BB73C2E ] C:\Windows\System32\drivers\modem.sys
15:32:13.0725 0888  C:\Windows\System32\drivers\modem.sys - ok
15:32:13.0731 0888  [ C7C9720A5B0FD2B974FC4F72E405204B ] C:\Windows\System32\drivers\IntcHdmi.sys
15:32:13.0732 0888  C:\Windows\System32\drivers\IntcHdmi.sys - ok
15:32:13.0738 0888  [ 70B7902B8DDD3C4B88AC3FC278A9B987 ] C:\Windows\System32\drivers\hidclass.sys
15:32:13.0738 0888  C:\Windows\System32\drivers\hidclass.sys - ok
15:32:13.0745 0888  [ 5F47839455D01FF6403B008D481A6F5B ] C:\Windows\System32\drivers\hidir.sys
15:32:13.0745 0888  C:\Windows\System32\drivers\hidir.sys - ok
15:32:13.0752 0888  [ B13C6930BE914AA433C320E01B0182F3 ] C:\Windows\System32\drivers\hidparse.sys
15:32:13.0752 0888  C:\Windows\System32\drivers\hidparse.sys - ok
15:32:13.0758 0888  [ DBDF75D51464FBC47D0104EC3D572C05 ] C:\Windows\System32\drivers\kbdhid.sys
15:32:13.0758 0888  C:\Windows\System32\drivers\kbdhid.sys - ok
15:32:13.0765 0888  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] C:\Windows\System32\drivers\mouhid.sys
15:32:13.0765 0888  C:\Windows\System32\drivers\mouhid.sys - ok
15:32:13.0774 0888  [ 07E3498FC60834219D2356293DA0FECC ] C:\Windows\System32\drivers\usbccgp.sys
15:32:13.0775 0888  C:\Windows\System32\drivers\usbccgp.sys - ok
15:32:13.0778 0888  [ FC33099877790D51B0927B7039059855 ] C:\Windows\System32\drivers\usbvideo.sys
15:32:13.0778 0888  C:\Windows\System32\drivers\usbvideo.sys - ok
15:32:13.0786 0888  [ 10ED1CAB84AA65983C41A11F60294C9B ] C:\Windows\System32\drivers\aswSnx.sys
15:32:13.0786 0888  C:\Windows\System32\drivers\aswSnx.sys - ok
15:32:13.0792 0888  [ 5779B86CD8B32519FBECB136394D946A ] C:\Windows\System32\drivers\fs_rec.sys
15:32:13.0792 0888  C:\Windows\System32\drivers\fs_rec.sys - ok
15:32:13.0799 0888  [ DD5D684975352B85B52E3FD5347C20CB ] C:\Windows\System32\drivers\null.sys
15:32:13.0799 0888  C:\Windows\System32\drivers\null.sys - ok
15:32:13.0808 0888  [ B83AB16B51FEDA65DD81B8C59D114D63 ] C:\Windows\System32\drivers\vga.sys
15:32:13.0808 0888  C:\Windows\System32\drivers\vga.sys - ok
15:32:13.0812 0888  [ 84F9479F8BD5EF517E98CBBD8D3300F7 ] C:\Windows\System32\drivers\videoprt.sys
15:32:13.0812 0888  C:\Windows\System32\drivers\videoprt.sys - ok
15:32:13.0818 0888  [ 603900CC05F6BE65CCBF373800AF3716 ] C:\Windows\System32\drivers\RDPCDD.sys
15:32:13.0819 0888  C:\Windows\System32\drivers\RDPCDD.sys - ok
15:32:13.0825 0888  [ CAB9421DAF3D97B33D0D055858E2C3AB ] C:\Windows\System32\drivers\RDPENCDD.sys
15:32:13.0825 0888  C:\Windows\System32\drivers\RDPENCDD.sys - ok
15:32:13.0832 0888  [ 704F59BFC4512D2BB0146AEC31B10A7C ] C:\Windows\System32\drivers\msfs.sys
15:32:13.0832 0888  C:\Windows\System32\drivers\msfs.sys - ok
15:32:13.0841 0888  [ B298874F8E0EA93F06EC40AA8D146478 ] C:\Windows\System32\drivers\npfs.sys
15:32:13.0841 0888  C:\Windows\System32\drivers\npfs.sys - ok
15:32:13.0845 0888  [ 1013B3B663A56D3DDD784F581C1BD005 ] C:\Windows\System32\drivers\rasacd.sys
15:32:13.0846 0888  C:\Windows\System32\drivers\rasacd.sys - ok
15:32:13.0852 0888  [ 458919C8C42E398DC4802178D5FFEE27 ] C:\Windows\System32\drivers\tdx.sys
15:32:13.0852 0888  C:\Windows\System32\drivers\tdx.sys - ok
15:32:13.0859 0888  [ 29DD8E458A84171202AA4979364C30C0 ] C:\Windows\System32\drivers\aswTdi.sys
15:32:13.0859 0888  C:\Windows\System32\drivers\aswTdi.sys - ok
15:32:13.0866 0888  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] C:\Windows\System32\drivers\smb.sys
15:32:13.0866 0888  C:\Windows\System32\drivers\smb.sys - ok
15:32:13.0872 0888  [ C4F6CE6087760AD70960C9EB130E7943 ] C:\Windows\System32\drivers\afd.sys
15:32:13.0872 0888  C:\Windows\System32\drivers\afd.sys - ok
15:32:13.0879 0888  [ 9A9565BB92EE412B77B7416DD1D32F0B ] C:\Windows\System32\drivers\aswRdr.sys
15:32:13.0879 0888  C:\Windows\System32\drivers\aswRdr.sys - ok
15:32:13.0886 0888  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] C:\Windows\System32\drivers\netbt.sys
15:32:13.0886 0888  C:\Windows\System32\drivers\netbt.sys - ok
15:32:13.0892 0888  [ A499294F5029A7862ADC115BDA7371CE ] C:\Windows\System32\drivers\netbios.sys
15:32:13.0893 0888  C:\Windows\System32\drivers\netbios.sys - ok
15:32:13.0899 0888  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] C:\Windows\System32\drivers\pacer.sys
15:32:13.0899 0888  C:\Windows\System32\drivers\pacer.sys - ok
15:32:13.0908 0888  [ B8E7049622300D20BA6D8BE0C47C0CFD ] C:\Windows\System32\drivers\wanarp.sys
15:32:13.0908 0888  C:\Windows\System32\drivers\wanarp.sys - ok
15:32:13.0915 0888  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] C:\Windows\System32\drivers\rdbss.sys
15:32:13.0915 0888  C:\Windows\System32\drivers\rdbss.sys - ok
15:32:13.0925 0888  [ 8B722BA35205C71E7951CDC4CDBADE19 ] C:\Windows\System32\drivers\dfsc.sys
15:32:13.0925 0888  C:\Windows\System32\drivers\dfsc.sys - ok
15:32:13.0930 0888  [ 1523AF19EE8B030BA682F7A53537EAEB ] C:\Windows\System32\drivers\nsiproxy.sys
15:32:13.0930 0888  C:\Windows\System32\drivers\nsiproxy.sys - ok
15:32:13.0936 0888  [ 00E5253353717D3CA12A0F5A6F9991EC ] C:\Windows\System32\drivers\aswSP.sys
15:32:13.0936 0888  C:\Windows\System32\drivers\aswSP.sys - ok
15:32:13.0944 0888  [ 784491AA0A781059AA3EC0BCB7AD760A ] C:\Windows\System32\ntdll.dll
15:32:13.0944 0888  C:\Windows\System32\ntdll.dll - ok
15:32:13.0948 0888  [ 34B7B826716B166778ED454B7628EF5E ] C:\Windows\System32\smss.exe
15:32:13.0948 0888  C:\Windows\System32\smss.exe - ok
15:32:13.0954 0888  [ E24D4475713CB382A720D003BDDA9628 ] C:\Windows\System32\autochk.exe
15:32:13.0954 0888  C:\Windows\System32\autochk.exe - ok
15:32:13.0961 0888  [ 604384D4459F4A68FF88E7C212C43F61 ] C:\Windows\System32\shlwapi.dll
15:32:13.0961 0888  C:\Windows\System32\shlwapi.dll - ok
15:32:13.0967 0888  [ ADC1964755BB12485A15070A4D4F2697 ] C:\Windows\System32\Wldap32.dll
15:32:13.0967 0888  C:\Windows\System32\Wldap32.dll - ok
15:32:13.0975 0888  [ BAB10B35E2D5EE0DC3DE05A177C52C50 ] C:\Windows\System32\ws2_32.dll
15:32:13.0975 0888  C:\Windows\System32\ws2_32.dll - ok
15:32:13.0981 0888  [ 8D4DEA45FCDF9FCFD9E31232A07E6EF9 ] C:\Windows\System32\iertutil.dll
15:32:13.0981 0888  C:\Windows\System32\iertutil.dll - ok
15:32:13.0988 0888  [ 3B2671CBC989F1B2084290D787DE8499 ] C:\Windows\System32\oleaut32.dll
15:32:13.0988 0888  C:\Windows\System32\oleaut32.dll - ok
15:32:13.0994 0888  [ 09ED5DF1622C759B5EB9C40B89FD310A ] C:\Windows\System32\imagehlp.dll
15:32:13.0994 0888  C:\Windows\System32\imagehlp.dll - ok
15:32:14.0001 0888  [ 533B3BA63E5DB49FC59A842A1DE3121F ] C:\Windows\System32\normaliz.dll
15:32:14.0001 0888  C:\Windows\System32\normaliz.dll - ok
15:32:14.0008 0888  [ D3A6792AED4841B4D055C7C80C815BB7 ] C:\Windows\System32\urlmon.dll
15:32:14.0009 0888  C:\Windows\System32\urlmon.dll - ok
15:32:14.0015 0888  [ F3F5549E69AE8509342E67E4F972CA1C ] C:\Windows\System32\user32.dll
15:32:14.0015 0888  C:\Windows\System32\user32.dll - ok
15:32:14.0021 0888  [ 11EAF90B44A9E378CB6F4ECBF2471F60 ] C:\Windows\System32\usp10.dll
15:32:14.0021 0888  C:\Windows\System32\usp10.dll - ok
15:32:14.0028 0888  [ A4F6142CABA82FB7293ECE5FF864B440 ] C:\Windows\System32\wininet.dll
15:32:14.0028 0888  C:\Windows\System32\wininet.dll - ok
15:32:14.0034 0888  [ AA09B70F619CBF499EFC22E7A63E3CE6 ] C:\Windows\System32\comdlg32.dll
15:32:14.0035 0888  C:\Windows\System32\comdlg32.dll - ok
15:32:14.0041 0888  [ 62C15795629FA290656C6A7E5CD25F52 ] C:\Windows\System32\imm32.dll
15:32:14.0041 0888  C:\Windows\System32\imm32.dll - ok
15:32:14.0047 0888  [ C669ABA2C3298B4B4F252EB6A5AE8964 ] C:\Windows\System32\gdi32.dll
15:32:14.0047 0888  C:\Windows\System32\gdi32.dll - ok
15:32:14.0054 0888  [ DB310BF331A32FD208CADA64ABA2903A ] C:\Windows\System32\clbcatq.dll
15:32:14.0054 0888  C:\Windows\System32\clbcatq.dll - ok
15:32:14.0060 0888  [ 487C3C0927F67331681294B867A4141B ] C:\Windows\System32\shell32.dll
15:32:14.0060 0888  C:\Windows\System32\shell32.dll - ok
15:32:14.0067 0888  [ A02EB771DAE80667E3C877CF19E3F6EE ] C:\Windows\System32\kernel32.dll
15:32:14.0067 0888  C:\Windows\System32\kernel32.dll - ok
15:32:14.0073 0888  [ 87CB61DF57FEC0948A26F9E671ADD81A ] C:\Windows\System32\msctf.dll
15:32:14.0073 0888  C:\Windows\System32\msctf.dll - ok
15:32:14.0080 0888  [ BB8C4784AA400BDC3D51B6ACAA077E96 ] C:\Windows\System32\advapi32.dll
15:32:14.0080 0888  C:\Windows\System32\advapi32.dll - ok
15:32:14.0086 0888  [ 7CAF51D586DFE475147DFB158BEBB3F8 ] C:\Windows\System32\nsi.dll
15:32:14.0086 0888  C:\Windows\System32\nsi.dll - ok
15:32:14.0094 0888  [ 0CB93E3F36C4F4122E7CBBAA731F67D1 ] C:\Windows\System32\ole32.dll
15:32:14.0094 0888  C:\Windows\System32\ole32.dll - ok
15:32:14.0100 0888  [ 8E0189219E941613B1512431604114E0 ] C:\Windows\System32\rpcrt4.dll
15:32:14.0101 0888  C:\Windows\System32\rpcrt4.dll - ok
15:32:14.0109 0888  [ 2C74308C8A20F3F3A2226DFE36914CBF ] C:\Windows\System32\msvcrt.dll
15:32:14.0109 0888  C:\Windows\System32\msvcrt.dll - ok
15:32:14.0113 0888  [ BE2E23B3DD533B33338D9B3D826574DA ] C:\Windows\System32\setupapi.dll
15:32:14.0113 0888  C:\Windows\System32\setupapi.dll - ok
15:32:14.0120 0888  [ 74ABE02BF1937B32C6FC169A782FCF60 ] C:\Windows\System32\comctl32.dll
15:32:14.0120 0888  C:\Windows\System32\comctl32.dll - ok
15:32:14.0128 0888  [ 891E1D0DCDE747C8F1EE71E61EA193F5 ] C:\Windows\System32\lpk.dll
15:32:14.0128 0888  C:\Windows\System32\lpk.dll - ok
15:32:14.0134 0888  [ AEF2D8B0B518A5623FC5F9832F622677 ] C:\Windows\System32\psapi.dll
15:32:14.0134 0888  C:\Windows\System32\psapi.dll - ok
15:32:14.0143 0888  [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\SysWOW64\normaliz.dll
15:32:14.0143 0888  C:\Windows\SysWOW64\normaliz.dll - ok
15:32:14.0149 0888  [ 4C2DC63036D452FDB636D58D8EA7BC90 ] C:\Windows\System32\drivers\dxapi.sys
15:32:14.0149 0888  C:\Windows\System32\drivers\dxapi.sys - ok
15:32:14.0155 0888  [ 7BF92FF2C82BBB8A293947372FC4F588 ] C:\Windows\System32\win32k.sys
15:32:14.0155 0888  C:\Windows\System32\win32k.sys - ok
15:32:14.0162 0888  [ 38CE04857A9A2AE83A4673C691E68D10 ] C:\Windows\System32\csrsrv.dll
15:32:14.0162 0888  C:\Windows\System32\csrsrv.dll - ok
15:32:14.0168 0888  [ B4ABE68596B173FF2AB2076BC7C35EB4 ] C:\Windows\System32\csrss.exe
15:32:14.0168 0888  C:\Windows\System32\csrss.exe - ok
15:32:14.0176 0888  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\System32\basesrv.dll
15:32:14.0176 0888  C:\Windows\System32\basesrv.dll - ok
15:32:14.0181 0888  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\System32\winsrv.dll
15:32:14.0181 0888  C:\Windows\System32\winsrv.dll - ok
15:32:14.0187 0888  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] C:\Windows\System32\drivers\monitor.sys
15:32:14.0187 0888  C:\Windows\System32\drivers\monitor.sys - ok
15:32:14.0195 0888  [ 86173B7125321C93E355DF3837039244 ] C:\Windows\System32\tsddd.dll
15:32:14.0195 0888  C:\Windows\System32\tsddd.dll - ok
15:32:14.0199 0888  [ 95E848589698D6CF716ECF1403925DFC ] C:\Windows\System32\userenv.dll
15:32:14.0199 0888  C:\Windows\System32\userenv.dll - ok
15:32:14.0206 0888  [ 117EA87DF785CA1B9D821F6F213DCE07 ] C:\Windows\System32\wininit.exe
15:32:14.0206 0888  C:\Windows\System32\wininit.exe - ok
15:32:14.0214 0888  [ FEA83138B1C1D6EB55046C4612905888 ] C:\Windows\System32\secur32.dll
15:32:14.0214 0888  C:\Windows\System32\secur32.dll - ok
15:32:14.0220 0888  [ 89A722B06A83706797E283016181BEAB ] C:\Windows\System32\KBDUS.DLL
15:32:14.0220 0888  C:\Windows\System32\KBDUS.DLL - ok
15:32:14.0227 0888  [ F33E804A031F160D128AB78990DE7C91 ] C:\Windows\System32\apphelp.dll
15:32:14.0227 0888  C:\Windows\System32\apphelp.dll - ok
15:32:14.0233 0888  [ D1BDCF6DE24D16E16FC57AEE4A1BE9AE ] C:\Windows\System32\WlS0WndH.dll
15:32:14.0233 0888  C:\Windows\System32\WlS0WndH.dll - ok
15:32:14.0240 0888  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\System32\services.exe
15:32:14.0240 0888  C:\Windows\System32\services.exe - ok
15:32:14.0247 0888  [ 16687F0351E513BF2019073ABF02B585 ] C:\Windows\System32\sxs.dll
15:32:14.0247 0888  C:\Windows\System32\sxs.dll - ok
15:32:14.0253 0888  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] C:\Windows\System32\lsass.exe
15:32:14.0253 0888  C:\Windows\System32\lsass.exe - ok
15:32:14.0261 0888  [ 54D814DC2FA54AA847D240D4EA0E6586 ] C:\Windows\System32\lsm.exe
15:32:14.0261 0888  C:\Windows\System32\lsm.exe - ok
15:32:14.0267 0888  [ 495EB57ACF30983AA441B70A8DE2B7ED ] C:\Windows\System32\scesrv.dll
15:32:14.0267 0888  C:\Windows\System32\scesrv.dll - ok
15:32:14.0276 0888  [ AFBE3FC3CF0996A9ABC8925419250AB3 ] C:\Windows\System32\cdd.dll
15:32:14.0276 0888  C:\Windows\System32\cdd.dll - ok
15:32:14.0280 0888  [ 902F14A1FDF1B4A543326A35CB21EB1F ] C:\Windows\System32\lsasrv.dll
15:32:14.0280 0888  C:\Windows\System32\lsasrv.dll - ok
15:32:14.0286 0888  [ 009456399B31D69C67654F6C3618D9A8 ] C:\Windows\System32\sysntfy.dll
15:32:14.0286 0888  C:\Windows\System32\sysntfy.dll - ok
15:32:14.0293 0888  [ 0C2E0A8562FE4B33D00E175A97E05793 ] C:\Windows\System32\wmsgapi.dll
15:32:14.0293 0888  C:\Windows\System32\wmsgapi.dll - ok
15:32:14.0300 0888  [ 5EF9205E045643A5A75A82B116395B25 ] C:\Windows\System32\authz.dll
15:32:14.0300 0888  C:\Windows\System32\authz.dll - ok
15:32:14.0306 0888  [ F3E5C76AA1175D29F6459BDB7DF345EC ] C:\Windows\System32\netapi32.dll
15:32:14.0306 0888  C:\Windows\System32\netapi32.dll - ok
15:32:14.0312 0888  [ FA19D9DE54B122316274703D50F34130 ] C:\Windows\System32\ncobjapi.dll
15:32:14.0312 0888  C:\Windows\System32\ncobjapi.dll - ok
15:32:14.0319 0888  [ 0F421175574BFE0BF2F4D8E910A253BB ] C:\Windows\System32\aelupsvc.dll
15:32:14.0319 0888  C:\Windows\System32\aelupsvc.dll - ok
15:32:14.0326 0888  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] C:\Windows\System32\alg.exe
15:32:14.0326 0888  C:\Windows\System32\alg.exe - ok
15:32:14.0332 0888  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] C:\Windows\System32\appinfo.dll
15:32:14.0332 0888  C:\Windows\System32\appinfo.dll - ok
15:32:14.0338 0888  [ 15C815573011719585EB836614ED1DF1 ] C:\Windows\System32\rascfg.dll
15:32:14.0338 0888  C:\Windows\System32\rascfg.dll - ok
15:32:14.0345 0888  [ 60EEC5440C2D05E5FDA04900E45FF717 ] C:\Windows\System32\samsrv.dll
15:32:14.0345 0888  C:\Windows\System32\samsrv.dll - ok
15:32:14.0351 0888  [ 79318C744693EC983D20E9337A2F8196 ] C:\Windows\System32\audiosrv.dll
15:32:14.0351 0888  C:\Windows\System32\audiosrv.dll - ok
15:32:14.0360 0888  [ 419CE835359938213BD32A7AA327F2B9 ] C:\Windows\System32\cryptdll.dll
15:32:14.0360 0888  C:\Windows\System32\cryptdll.dll - ok
15:32:14.0364 0888  [ E4C283A98F118CEC9E087EAC4E9EFB6A ] C:\Windows\System32\dnsapi.dll
15:32:14.0364 0888  C:\Windows\System32\dnsapi.dll - ok
15:32:14.0370 0888  [ 6D316F4859634071CC25C4FD4589AD2C ] C:\Windows\System32\qmgr.dll
15:32:14.0370 0888  C:\Windows\System32\qmgr.dll - ok
15:32:14.0377 0888  [ 5279672A8BDAF3CFB0A4C6E0591987AC ] C:\Windows\System32\samlib.dll
15:32:14.0377 0888  C:\Windows\System32\samlib.dll - ok
15:32:14.0383 0888  [ 301D19A870E40C12540BE46034BD6B20 ] C:\Windows\System32\msasn1.dll
15:32:14.0383 0888  C:\Windows\System32\msasn1.dll - ok
15:32:14.0390 0888  [ A1B39DE453433B115B4EA69EE0343816 ] C:\Windows\System32\browser.dll
15:32:14.0393 0888  C:\Windows\System32\browser.dll - ok
15:32:14.0397 0888  [ 22E65FFD640F16968F855F5B3528D366 ] C:\Windows\System32\bthserv.dll
15:32:14.0397 0888  C:\Windows\System32\bthserv.dll - ok
15:32:14.0403 0888  [ 5A268127633C7EE2A7FB87F39D748D56 ] C:\Windows\System32\certprop.dll
15:32:14.0403 0888  C:\Windows\System32\certprop.dll - ok
15:32:14.0410 0888  [ 33741BA808457C9AF07055C0FBEFE973 ] C:\Windows\System32\ntdsapi.dll
15:32:14.0410 0888  C:\Windows\System32\ntdsapi.dll - ok
15:32:14.0416 0888  [ DDEE5FE5C3C3141CE02DE6B7B2BF686B ] C:\Windows\System32\comres.dll
15:32:14.0416 0888  C:\Windows\System32\comres.dll - ok
15:32:14.0423 0888  [ D7924B0F3AB5574BF59CA2892BE8961A ] C:\Windows\System32\feclient.dll
15:32:14.0423 0888  C:\Windows\System32\feclient.dll - ok
15:32:14.0429 0888  [ B3EBBD687BDFCBBBBCB6115B682D1845 ] C:\Windows\System32\mpr.dll
15:32:14.0429 0888  C:\Windows\System32\mpr.dll - ok
15:32:14.0435 0888  [ 9BDB79FD2FD662BA9AD573C3EC0342A6 ] C:\Windows\System32\crypt32.dll
15:32:14.0435 0888  C:\Windows\System32\crypt32.dll - ok
15:32:14.0443 0888  [ EE11F2630840479C4AA784AF3770F8E2 ] C:\Windows\System32\SLC.dll
15:32:14.0443 0888  C:\Windows\System32\SLC.dll - ok
15:32:14.0447 0888  [ 45B4004F43B48E4A3F12B85891F81221 ] C:\Windows\System32\wevtapi.dll
15:32:14.0447 0888  C:\Windows\System32\wevtapi.dll - ok
15:32:14.0453 0888  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] C:\Windows\System32\dhcpcsvc.dll
15:32:14.0453 0888  C:\Windows\System32\dhcpcsvc.dll - ok
15:32:14.0461 0888  [ A9D70295BA8F31D5EA118B0A6B74183E ] C:\Windows\System32\IPHLPAPI.DLL
15:32:14.0461 0888  C:\Windows\System32\IPHLPAPI.DLL - ok
15:32:14.0467 0888  [ 6D0773A3A65D28B663F334C90441D01A ] C:\Windows\System32\winlogon.exe
15:32:14.0467 0888  C:\Windows\System32\winlogon.exe - ok
15:32:14.0473 0888  [ 21322B1A2AD337C579F4A65EA0D25193 ] C:\Windows\System32\cngaudit.dll
15:32:14.0477 0888  C:\Windows\System32\cngaudit.dll - ok
15:32:14.0480 0888  [ 956148910C7EB6A8C095D9B4E6F94E62 ] C:\Windows\System32\dhcpcsvc6.dll
15:32:14.0480 0888  C:\Windows\System32\dhcpcsvc6.dll - ok
15:32:14.0486 0888  [ FD51DED28EEC823940432D05BACE2490 ] C:\Windows\System32\ncrypt.dll
15:32:14.0486 0888  C:\Windows\System32\ncrypt.dll - ok
15:32:14.0494 0888  [ 58AAAEA100F45F4F44297D6DE9ACF8ED ] C:\Windows\System32\winnsi.dll
15:32:14.0494 0888  C:\Windows\System32\winnsi.dll - ok
15:32:14.0499 0888  [ 1671EF15434501ABBE9E7BE905EF998B ] C:\Windows\System32\winsta.dll
15:32:14.0499 0888  C:\Windows\System32\winsta.dll - ok
15:32:14.0505 0888  [ 02EE316487BCC8F4F6017CAD538365CC ] C:\Windows\System32\bcrypt.dll
15:32:14.0505 0888  C:\Windows\System32\bcrypt.dll - ok
15:32:14.0512 0888  [ CA78B312C44E4D52E842C2C8BD48E452 ] C:\Windows\System32\cryptsvc.dll
15:32:14.0512 0888  C:\Windows\System32\cryptsvc.dll - ok
15:32:14.0518 0888  [ 2E4733239CB09A2212C44FCD1C1B4CC9 ] C:\Windows\System32\dfsrres.dll
15:32:14.0518 0888  C:\Windows\System32\dfsrres.dll - ok
15:32:14.0527 0888  [ CE7183F26642FAFE46C8374AE70A66DB ] C:\Windows\System32\oleres.dll
15:32:14.0527 0888  C:\Windows\System32\oleres.dll - ok
15:32:14.0532 0888  [ B7CCDC4B877DC3CC665DE8F322F2BD9E ] C:\Windows\System32\credssp.dll
15:32:14.0532 0888  C:\Windows\System32\credssp.dll - ok
15:32:14.0538 0888  [ 1A7156DD1E850E9914E5E991E3225B94 ] C:\Windows\System32\dot3svc.dll
15:32:14.0538 0888  C:\Windows\System32\dot3svc.dll - ok
15:32:14.0544 0888  [ CD6D49EA9DBBD3EA9E449FD84C51C731 ] C:\Windows\System32\kerberos.dll
15:32:14.0545 0888  C:\Windows\System32\kerberos.dll - ok
15:32:14.0551 0888  [ F7097878AE102618656A04F03951C339 ] C:\Windows\System32\msprivs.dll
15:32:14.0551 0888  C:\Windows\System32\msprivs.dll - ok
15:32:14.0561 0888  [ 14CE384D2E27B64C256BDA4DC39C312D ] C:\Windows\ehome\ehrecvr.exe
15:32:14.0561 0888  C:\Windows\ehome\ehrecvr.exe - ok
15:32:14.0564 0888  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] C:\Windows\System32\dps.dll
15:32:14.0565 0888  C:\Windows\System32\dps.dll - ok
15:32:14.0571 0888  [ C2303883FD9BE49DC36A6400643002EA ] C:\Windows\System32\eapsvc.dll
15:32:14.0571 0888  C:\Windows\System32\eapsvc.dll - ok
15:32:14.0578 0888  [ 253607D6C54A1604436F08E67CCED044 ] C:\Windows\System32\WSHTCPIP.DLL
15:32:14.0578 0888  C:\Windows\System32\WSHTCPIP.DLL - ok
15:32:14.0585 0888  [ 2C305F6445662EFF9A08B1BA41784CC0 ] C:\Windows\System32\wship6.dll
15:32:14.0585 0888  C:\Windows\System32\wship6.dll - ok
15:32:14.0594 0888  [ 599DA6EB260D9601D2D67AE177F95568 ] C:\Windows\System32\wshqos.dll
15:32:14.0594 0888  C:\Windows\System32\wshqos.dll - ok
15:32:14.0598 0888  [ B06524F21423565E7DAED0B508DA16F3 ] C:\Windows\System32\atmfd.dll
15:32:14.0598 0888  C:\Windows\System32\atmfd.dll - ok
15:32:14.0604 0888  [ 062972C53BDC6819CE0BAAAA5382F758 ] C:\Windows\System32\NapiNSP.dll
15:32:14.0605 0888  C:\Windows\System32\NapiNSP.dll - ok
15:32:14.0611 0888  [ F145BF4C4668E7E312069F81EF847CFC ] C:\Windows\System32\nlasvc.dll
15:32:14.0611 0888  C:\Windows\System32\nlasvc.dll - ok
15:32:14.0618 0888  [ B93159C1313D66FDFBBE876F5189CD52 ] C:\Windows\ehome\ehsched.exe
15:32:14.0618 0888  C:\Windows\ehome\ehsched.exe - ok
15:32:14.0627 0888  [ BB08D93011B82883EC33C7707A9627BE ] C:\Windows\System32\mswsock.dll
15:32:14.0627 0888  C:\Windows\System32\mswsock.dll - ok
15:32:14.0631 0888  [ E1BAEEE7949ED5019259E69393367400 ] C:\Windows\System32\pnrpnsp.dll
15:32:14.0631 0888  C:\Windows\System32\pnrpnsp.dll - ok
15:32:14.0637 0888  [ F5EE2527D74449868E3C3227A59BCD28 ] C:\Windows\ehome\ehstart.dll
15:32:14.0637 0888  C:\Windows\ehome\ehstart.dll - ok
15:32:14.0644 0888  [ A9B18B63A4FD6BAAB83326706D857FAB ] C:\Windows\System32\emdmgmt.dll
15:32:14.0644 0888  C:\Windows\System32\emdmgmt.dll - ok
15:32:14.0650 0888  [ 434B2B82B237FC2F4F8F6844A8FF1909 ] C:\Windows\System32\msv1_0.dll
15:32:14.0650 0888  C:\Windows\System32\msv1_0.dll - ok
15:32:14.0656 0888  [ A3F1B171702CA04744EE514243B45BFB ] C:\Windows\System32\netlogon.dll
15:32:14.0656 0888  C:\Windows\System32\netlogon.dll - ok
15:32:14.0663 0888  [ B3564B747D0B059D99E888F8369E56BC ] C:\Windows\System32\wevtsvc.dll
15:32:14.0663 0888  C:\Windows\System32\wevtsvc.dll - ok
15:32:14.0669 0888  [ CA307C0BD127FA7ADE5E6FEE8750F046 ] C:\Windows\System32\winbrand.dll
15:32:14.0669 0888  C:\Windows\System32\winbrand.dll - ok
15:32:14.0678 0888  [ BB9267ACACD8B7533DD936C34A0CBA5E ] C:\Windows\System32\fdPHost.dll
15:32:14.0678 0888  C:\Windows\System32\fdPHost.dll - ok
15:32:14.0683 0888  [ 300C80931EABBE1DB7591C516EFE8D0F ] C:\Windows\System32\FDResPub.dll
15:32:14.0683 0888  C:\Windows\System32\FDResPub.dll - ok
15:32:14.0689 0888  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] C:\Windows\System32\FntCache.dll
15:32:14.0689 0888  C:\Windows\System32\FntCache.dll - ok
15:32:14.0695 0888  [ 4C7F1DA7E2BF41EB19208540DD5574C8 ] C:\Windows\System32\schannel.dll
15:32:14.0695 0888  C:\Windows\System32\schannel.dll - ok
15:32:14.0699 0888  [ 4D27759CC69F69E4B3228A970FF55F88 ] C:\Windows\System32\rsaenh.dll
15:32:14.0699 0888  C:\Windows\System32\rsaenh.dll - ok
15:32:14.0706 0888  [ B4A04D5AA66E8F77DE19E0EB89C52D2B ] C:\Windows\System32\wdigest.dll
15:32:14.0706 0888  C:\Windows\System32\wdigest.dll - ok
15:32:14.0712 0888  [ 899F834C330A96A80EC36DAEDA2FF018 ] C:\Windows\System32\gpapi.dll
15:32:14.0712 0888  C:\Windows\System32\gpapi.dll - ok
15:32:14.0719 0888  [ E60BB0CDC5EA153F6D24C51AAD4A73FD ] C:\Windows\System32\PresentationHost.exe
15:32:14.0719 0888  C:\Windows\System32\PresentationHost.exe - ok
15:32:14.0728 0888  [ BC69DA355B62C898DFEA93851335EAF0 ] C:\Windows\System32\TSpkg.dll
15:32:14.0728 0888  C:\Windows\System32\TSpkg.dll - ok
15:32:14.0732 0888  [ 59361D38A297755D46A540E450202B2A ] C:\Windows\System32\hidserv.dll
15:32:14.0732 0888  C:\Windows\System32\hidserv.dll - ok
15:32:14.0738 0888  [ B12F367EA39C0795FD57E31242CE1A5A ] C:\Windows\System32\KMSVC.DLL
15:32:14.0739 0888  C:\Windows\System32\KMSVC.DLL - ok
15:32:14.0745 0888  [ 42161FDC47A49CD513D29BACB99D6E0D ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
15:32:14.0745 0888  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
15:32:14.0752 0888  [ 0C9EA6E654E7B0471741E343A6C671AF ] C:\Windows\System32\IKEEXT.DLL
15:32:14.0752 0888  C:\Windows\System32\IKEEXT.DLL - ok
15:32:14.0758 0888  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] C:\Windows\System32\IPBusEnum.dll
15:32:14.0758 0888  C:\Windows\System32\IPBusEnum.dll - ok
15:32:14.0765 0888  [ C6336D1625515CC5F70E5630CFF14182 ] C:\Windows\System32\keyiso.dll
15:32:14.0765 0888  C:\Windows\System32\keyiso.dll - ok
15:32:14.0771 0888  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] C:\Windows\System32\srvsvc.dll
15:32:14.0771 0888  C:\Windows\System32\srvsvc.dll - ok
15:32:14.0778 0888  [ CAF86FC1388BE1E470F1A7B43E348ADB ] C:\Windows\System32\wkssvc.dll
15:32:14.0778 0888  C:\Windows\System32\wkssvc.dll - ok
15:32:14.0784 0888  [ 4698036AE905F88E02C3F69BA77981FB ] C:\Windows\ehome\ehres.dll
15:32:14.0784 0888  C:\Windows\ehome\ehres.dll - ok
15:32:14.0791 0888  [ 4B8C95B49C58D7A41BF3FE38AA64DC6C ] C:\Windows\System32\lltdres.dll
15:32:14.0791 0888  C:\Windows\System32\lltdres.dll - ok
15:32:14.0799 0888  [ A47F8080CACC23C91FE823AD19AA5612 ] C:\Windows\System32\lmhsvc.dll
15:32:14.0799 0888  C:\Windows\System32\lmhsvc.dll - ok
15:32:14.0805 0888  [ FFA2B274A5CC6C9A03CBDCF5B8F0239A ] C:\Windows\System32\FirewallAPI.dll
15:32:14.0805 0888  C:\Windows\System32\FirewallAPI.dll - ok
15:32:14.0812 0888  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] C:\Windows\System32\mmcss.dll
15:32:14.0812 0888  C:\Windows\System32\mmcss.dll - ok
15:32:14.0818 0888  [ 1371FA9D8B1E567AE852E0F74D41D040 ] C:\Windows\System32\iscsidsc.dll
15:32:14.0818 0888  C:\Windows\System32\iscsidsc.dll - ok
15:32:14.0824 0888  [ FCD84867883C365A24C61E50AF8A6DB9 ] C:\Windows\System32\msimsg.dll
15:32:14.0825 0888  C:\Windows\System32\msimsg.dll - ok
15:32:14.0831 0888  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] C:\Windows\System32\QAGENTRT.DLL
15:32:14.0831 0888  C:\Windows\System32\QAGENTRT.DLL - ok
15:32:14.0837 0888  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] C:\Windows\System32\netman.dll
15:32:14.0837 0888  C:\Windows\System32\netman.dll - ok
15:32:14.0845 0888  [ 0341CB05512AA87BB64A834DE6264C34 ] C:\Windows\System32\netprof.dll
15:32:14.0845 0888  C:\Windows\System32\netprof.dll - ok
15:32:14.0850 0888  [ ACB62BAA1C319B17752553DF3026EEEB ] C:\Windows\System32\nsisvc.dll
15:32:14.0850 0888  C:\Windows\System32\nsisvc.dll - ok
15:32:14.0856 0888  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] C:\Windows\System32\p2psvc.dll
15:32:14.0856 0888  C:\Windows\System32\p2psvc.dll - ok
15:32:14.0864 0888  [ 9AB157B374192FF276C1628FBDBA2B0E ] C:\Windows\System32\pcasvc.dll
15:32:14.0864 0888  C:\Windows\System32\pcasvc.dll - ok
15:32:14.0870 0888  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] C:\Windows\System32\pla.dll
15:32:14.0871 0888  C:\Windows\System32\pla.dll - ok
15:32:14.0878 0888  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] C:\Windows\System32\umpnpmgr.dll
15:32:14.0878 0888  C:\Windows\System32\umpnpmgr.dll - ok
15:32:14.0885 0888  [ F7BEA2085635CA9B2B991D8EDC426D3A ] C:\Windows\System32\polstore.dll
15:32:14.0885 0888  C:\Windows\System32\polstore.dll - ok
15:32:14.0891 0888  [ E058CE4FC2449D8BFA14739C83B7FF2A ] C:\Windows\System32\profsvc.dll
15:32:14.0891 0888  C:\Windows\System32\profsvc.dll - ok
15:32:14.0898 0888  [ 43A4F5B4EAC81FA11DAC3143ADC77CBA ] C:\Windows\System32\psbase.dll
15:32:14.0898 0888  C:\Windows\System32\psbase.dll - ok
15:32:14.0904 0888  [ 90574842C3DA781E279061A3EFF91F07 ] C:\Windows\System32\qwave.dll
15:32:14.0905 0888  C:\Windows\System32\qwave.dll - ok
15:32:14.0912 0888  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] C:\Windows\System32\drivers\qwavedrv.sys
15:32:14.0912 0888  C:\Windows\System32\drivers\qwavedrv.sys - ok
15:32:14.0918 0888  [ B2AE18F847D07F0044404DDF7CB04497 ] C:\Windows\System32\rasauto.dll
15:32:14.0918 0888  C:\Windows\System32\rasauto.dll - ok
15:32:14.0924 0888  [ 3AD83E4046C43BE510DE681588ACB8AF ] C:\Windows\System32\rasmans.dll
15:32:14.0924 0888  C:\Windows\System32\rasmans.dll - ok
15:32:14.0931 0888  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] C:\Windows\System32\sstpsvc.dll
15:32:14.0931 0888  C:\Windows\System32\sstpsvc.dll - ok
15:32:14.0937 0888  [ C612B9557DA73F70D41F8A6FBC8E5344 ] C:\Windows\System32\mprdim.dll
15:32:14.0937 0888  C:\Windows\System32\mprdim.dll - ok
15:32:14.0945 0888  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] C:\Windows\System32\regsvc.dll
15:32:14.0945 0888  C:\Windows\System32\regsvc.dll - ok
15:32:14.0950 0888  [ F46C457840D4B7A4DAAFEE739CE04102 ] C:\Windows\System32\Locator.exe
15:32:14.0950 0888  C:\Windows\System32\Locator.exe - ok
15:32:14.0954 0888  [ FD1CDCF108D5EF3366F00D18B70FB89B ] C:\Windows\System32\SCardSvr.dll
15:32:14.0954 0888  C:\Windows\System32\SCardSvr.dll - ok
15:32:14.0962 0888  [ 0F838C811AD295D2A4489B9993096C63 ] C:\Windows\System32\schedsvc.dll
15:32:14.0962 0888  C:\Windows\System32\schedsvc.dll - ok
15:32:14.0968 0888  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] C:\Windows\System32\sdrsvc.dll
15:32:14.0968 0888  C:\Windows\System32\sdrsvc.dll - ok
15:32:14.0974 0888  [ 5ACDCBC67FCF894A1815B9F96D704490 ] C:\Windows\System32\seclogon.dll
15:32:14.0975 0888  C:\Windows\System32\seclogon.dll - ok
15:32:14.0981 0888  [ 90973A64B96CD647FF81C79443618EED ] C:\Windows\System32\Sens.dll
15:32:14.0981 0888  C:\Windows\System32\Sens.dll - ok
15:32:14.0987 0888  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] C:\Windows\System32\SessEnv.dll
15:32:14.0987 0888  C:\Windows\System32\SessEnv.dll - ok
15:32:14.0995 0888  [ 56793271ECDEDD350C5ADD305603E963 ] C:\Windows\System32\shsvcs.dll
15:32:14.0995 0888  C:\Windows\System32\shsvcs.dll - ok
15:32:15.0000 0888  [ A9A27A8E257B45A604FDAD4F26FE7241 ] C:\Windows\System32\SLsvc.exe
15:32:15.0000 0888  C:\Windows\System32\SLsvc.exe - ok
15:32:15.0006 0888  [ FD74B4B7C2088E390A30C85A896FC3AF ] C:\Windows\System32\SLUINotify.dll
15:32:15.0006 0888  C:\Windows\System32\SLUINotify.dll - ok
15:32:15.0013 0888  [ F8F08779E7D997913607B0146710CC04 ] C:\Windows\System32\tcpipcfg.dll
15:32:15.0013 0888  C:\Windows\System32\tcpipcfg.dll - ok
15:32:15.0020 0888  [ F8F47F38909823B1AF28D60B96340CFF ] C:\Windows\System32\snmptrap.exe
15:32:15.0020 0888  C:\Windows\System32\snmptrap.exe - ok
15:32:15.0029 0888  [ F66FF751E7EFC816D266977939EF5DC3 ] C:\Windows\System32\spoolsv.exe
15:32:15.0029 0888  C:\Windows\System32\spoolsv.exe - ok
15:32:15.0033 0888  [ 192C74646EC5725AEF3F80D19FF75F6A ] C:\Windows\System32\ssdpsrv.dll
15:32:15.0033 0888  C:\Windows\System32\ssdpsrv.dll - ok
15:32:15.0039 0888  [ 15825C1FBFB8779992CB65087F316AF5 ] C:\Windows\System32\wiaservc.dll
15:32:15.0039 0888  C:\Windows\System32\wiaservc.dll - ok
15:32:15.0046 0888  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] C:\Windows\System32\swprv.dll
15:32:15.0046 0888  C:\Windows\System32\swprv.dll - ok
15:32:15.0052 0888  [ 92D7A8B0F87B036F17D25885937897A6 ] C:\Windows\System32\sysmain.dll
15:32:15.0052 0888  C:\Windows\System32\sysmain.dll - ok
15:32:15.0058 0888  [ 005CE42567F9113A3BCCB3B20073B029 ] C:\Windows\System32\TabSvc.dll
15:32:15.0059 0888  C:\Windows\System32\TabSvc.dll - ok
15:32:15.0065 0888  [ CC2562B4D55E0B6A4758C65407F63B79 ] C:\Windows\System32\tapisrv.dll
15:32:15.0065 0888  C:\Windows\System32\tapisrv.dll - ok
15:32:15.0072 0888  [ CDBE8D7C1E201B911CDC346D06617FB5 ] C:\Windows\System32\tbssvc.dll
15:32:15.0072 0888  C:\Windows\System32\tbssvc.dll - ok
15:32:15.0079 0888  [ 5CDD30BC217082DAC71A9878D9BFD566 ] C:\Windows\System32\termsrv.dll
15:32:15.0079 0888  C:\Windows\System32\termsrv.dll - ok
15:32:15.0084 0888  [ F4689F05AF472A651A7B1B7B02D200E7 ] C:\Windows\System32\trkwks.dll
15:32:15.0084 0888  C:\Windows\System32\trkwks.dll - ok
15:32:15.0091 0888  [ 66328B08EF5A9305D8EDE36B93930369 ] C:\Windows\servicing\TrustedInstaller.exe
15:32:15.0091 0888  C:\Windows\servicing\TrustedInstaller.exe - ok
15:32:15.0097 0888  [ 060507C4113391394478F6953A79EEDC ] C:\Windows\System32\UI0Detect.exe
15:32:15.0097 0888  C:\Windows\System32\UI0Detect.exe - ok
15:32:15.0104 0888  [ 7093799FF80E9DECA0680D2E3535BE60 ] C:\Windows\System32\upnphost.dll
15:32:15.0104 0888  C:\Windows\System32\upnphost.dll - ok
15:32:15.0112 0888  [ 449F5AB17863698F12F0BC8E99079AA6 ] C:\Windows\System32\dwm.exe
15:32:15.0112 0888  C:\Windows\System32\dwm.exe - ok
15:32:15.0117 0888  [ 294945381DFA7CE58CECF0A9896AF327 ] C:\Windows\System32\vds.exe
15:32:15.0117 0888  C:\Windows\System32\vds.exe - ok
15:32:15.0123 0888  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] C:\Windows\System32\VSSVC.exe
15:32:15.0123 0888  C:\Windows\System32\VSSVC.exe - ok
15:32:15.0130 0888  [ F14A7DE2EA41883E250892E1E5230A9A ] C:\Windows\System32\w32time.dll
15:32:15.0130 0888  C:\Windows\System32\w32time.dll - ok
15:32:15.0136 0888  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] C:\Windows\System32\wcncsvc.dll
15:32:15.0136 0888  C:\Windows\System32\wcncsvc.dll - ok
15:32:15.0146 0888  [ EA4B369560E986F19D93F45A881484AC ] C:\Windows\System32\WcsPlugInService.dll
15:32:15.0146 0888  C:\Windows\System32\WcsPlugInService.dll - ok
15:32:15.0150 0888  [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\Windows\System32\drivers\Wdf01000.sys
15:32:15.0150 0888  C:\Windows\System32\drivers\Wdf01000.sys - ok
15:32:15.0156 0888  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] C:\Windows\System32\wdi.dll
15:32:15.0156 0888  C:\Windows\System32\wdi.dll - ok
15:32:15.0167 0888  [ 3E6D05381CF35F75EBB055544A8ED9AC ] C:\Windows\System32\WebClnt.dll
15:32:15.0167 0888  C:\Windows\System32\WebClnt.dll - ok
15:32:15.0173 0888  [ 8D40BC587993F876658BF9FB0F7D3462 ] C:\Windows\System32\wecsvc.dll
15:32:15.0173 0888  C:\Windows\System32\wecsvc.dll - ok
15:32:15.0180 0888  [ 9C980351D7E96288EA0C23AE232BD065 ] C:\Windows\System32\wercplsupport.dll
15:32:15.0180 0888  C:\Windows\System32\wercplsupport.dll - ok
15:32:15.0191 0888  [ 66B9ECEBC46683F47EDC06333C075FEF ] C:\Windows\System32\wersvc.dll
15:32:15.0191 0888  C:\Windows\System32\wersvc.dll - ok
15:32:15.0198 0888  [ A2D043408A2DC9CDE48CFF88FCD74662 ] C:\Windows\System32\winhttp.dll
15:32:15.0198 0888  C:\Windows\System32\winhttp.dll - ok
15:32:15.0204 0888  [ D2E7296ED1BD26D8DB2799770C077A02 ] C:\Windows\System32\wbem\WMIsvc.dll
15:32:15.0204 0888  C:\Windows\System32\wbem\WMIsvc.dll - ok
15:32:15.0213 0888  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] C:\Windows\System32\WsmSvc.dll
15:32:15.0213 0888  C:\Windows\System32\WsmSvc.dll - ok
15:32:15.0217 0888  [ EC339C8115E91BAED835957E9A677F16 ] C:\Windows\System32\wlansvc.dll
15:32:15.0217 0888  C:\Windows\System32\wlansvc.dll - ok
15:32:15.0224 0888  [ 56382A5EB85A25446745E3BD6D50A3A5 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:32:15.0224 0888  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:32:15.0231 0888  [ 21FA389E65A852698B6A1341F36EE02D ] C:\Windows\System32\wbem\WmiApSrv.exe
15:32:15.0231 0888  C:\Windows\System32\wbem\WmiApSrv.exe - ok
15:32:15.0237 0888  [ CBC156C913F099E6680D1DF9307DB7A8 ] C:\Windows\System32\wpcsvc.dll
15:32:15.0238 0888  C:\Windows\System32\wpcsvc.dll - ok
15:32:15.0246 0888  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] C:\Windows\System32\wpdbusenum.dll
15:32:15.0246 0888  C:\Windows\System32\wpdbusenum.dll - ok
15:32:15.0252 0888  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:32:15.0252 0888  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
15:32:15.0259 0888  [ A2AC37A1EEF83BD9E912B0EFCBEA06BD ] C:\Windows\System32\SearchIndexer.exe
15:32:15.0259 0888  C:\Windows\System32\SearchIndexer.exe - ok
15:32:15.0265 0888  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
15:32:15.0266 0888  C:\Windows\System32\wuaueng.dll - ok
15:32:15.0272 0888  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
15:32:15.0272 0888  C:\Windows\System32\drivers\WUDFPf.sys - ok
15:32:15.0280 0888  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
15:32:15.0280 0888  C:\Windows\System32\WUDFSvc.dll - ok
15:32:15.0285 0888  [ 9922ADB6DCA8F0F5EA038BEFF339C08B ] C:\Windows\System32\scecli.dll
15:32:15.0285 0888  C:\Windows\System32\scecli.dll - ok
15:32:15.0291 0888  [ EE3718BCF5CEF1C457C10A745E410959 ] C:\Windows\System32\ntmarta.dll
15:32:15.0291 0888  C:\Windows\System32\ntmarta.dll - ok
15:32:15.0298 0888  [ CDA9F1373805AF88F6FA4F2064BBA24D ] C:\Windows\System32\svchost.exe
15:32:15.0298 0888  C:\Windows\System32\svchost.exe - ok
15:32:15.0304 0888  [ 7823A58BF0FE3CAAA555C12B5CF91290 ] C:\Windows\System32\powrprof.dll
15:32:15.0304 0888  C:\Windows\System32\powrprof.dll - ok
15:32:15.0313 0888  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] C:\Windows\System32\drivers\luafv.sys
15:32:15.0313 0888  C:\Windows\System32\drivers\luafv.sys - ok
15:32:15.0318 0888  [ FA562F34ED6633C66170B09182B4C049 ] C:\Windows\System32\drivers\aswMonFlt.sys
15:32:15.0318 0888  C:\Windows\System32\drivers\aswMonFlt.sys - ok
15:32:15.0324 0888  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] C:\Windows\System32\drivers\aswFsBlk.sys
15:32:15.0324 0888  C:\Windows\System32\drivers\aswFsBlk.sys - ok
15:32:15.0331 0888  [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
15:32:15.0331 0888  C:\Windows\System32\drivers\mbam.sys - ok
15:32:15.0338 0888  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] C:\Windows\System32\rpcss.dll
15:32:15.0338 0888  C:\Windows\System32\rpcss.dll - ok
15:32:15.0347 0888  [ EA3D2B63BA304EB6EDABBAFA21599B47 ] C:\Windows\System32\version.dll
15:32:15.0347 0888  C:\Windows\System32\version.dll - ok
15:32:15.0351 0888  [ BAD79FECE1387CDD8388A3314645757F ] C:\Windows\System32\LogonUI.exe
15:32:15.0351 0888  C:\Windows\System32\LogonUI.exe - ok
15:32:15.0357 0888  [ 363D07C0F427C72BDE0B6D6492A205C9 ] C:\Windows\System32\authui.dll
15:32:15.0357 0888  C:\Windows\System32\authui.dll - ok
15:32:15.0364 0888  [ 303C4EB5C2FB40F194E2B24CAD7148EF ] C:\Windows\System32\MMDevAPI.dll
15:32:15.0364 0888  C:\Windows\System32\MMDevAPI.dll - ok
15:32:15.0370 0888  [ 46662CD685A6341AB4AED86D134D80E9 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll
15:32:15.0370 0888  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd\comctl32.dll - ok
15:32:15.0380 0888  [ 6C2D2558DECB89C83873F80160D19F2C ] C:\Windows\System32\wtsapi32.dll
15:32:15.0380 0888  C:\Windows\System32\wtsapi32.dll - ok
15:32:15.0384 0888  [ 6B58266234B36ABCDD43C797B0D1932E ] C:\Windows\System32\msimg32.dll
15:32:15.0384 0888  C:\Windows\System32\msimg32.dll - ok
15:32:15.0390 0888  [ 88DBC757681093478BC80211C21695E5 ] C:\Windows\System32\uxtheme.dll
15:32:15.0390 0888  C:\Windows\System32\uxtheme.dll - ok
15:32:15.0398 0888  [ 72EB6157E892A674E47E08732BB5CCE3 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe
15:32:15.0398 0888  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe - ok
15:32:15.0405 0888  [ 514A07C903607458B6B5A430B09BF794 ] C:\Windows\System32\avrt.dll
15:32:15.0405 0888  C:\Windows\System32\avrt.dll - ok
15:32:15.0414 0888  [ 4EAC411F90DCDE41D05D8184DE335524 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll
15:32:15.0414 0888  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_56abd97bb593eaca\GdiPlus.dll - ok
15:32:15.0419 0888  [ 08C16507241D274FF9B583E5C4F9DBC8 ] C:\Windows\System32\wintrust.dll
15:32:15.0419 0888  C:\Windows\System32\wintrust.dll - ok
15:32:15.0425 0888  [ E3041BC26D6930D61F42AEDB79C91720 ] C:\Windows\System32\drivers\fltMgr.sys
15:32:15.0425 0888  C:\Windows\System32\drivers\fltMgr.sys - ok
15:32:15.0432 0888  [ EA47AF4FBF17580D093C0C36C4E49921 ] C:\Windows\System32\dsound.dll
15:32:15.0432 0888  C:\Windows\System32\dsound.dll - ok
15:32:15.0438 0888  [ 73F18E253DF8E0A9CE5FC45E62FB1945 ] C:\Windows\System32\cabinet.dll
15:32:15.0438 0888  C:\Windows\System32\cabinet.dll - ok
15:32:15.0447 0888  [ 99AA51A6AE40DED4A74776E6E1C066C1 ] C:\Windows\System32\adtschema.dll
15:32:15.0447 0888  C:\Windows\System32\adtschema.dll - ok
15:32:15.0451 0888  [ 7500278FEF4A66B0D76D8438F0295F4E ] C:\Windows\System32\winmm.dll
15:32:15.0451 0888  C:\Windows\System32\winmm.dll - ok
15:32:15.0455 0888  [ D58A65112AE355CADFABEEFC8D329A8F ] C:\Windows\System32\oleacc.dll
15:32:15.0455 0888  C:\Windows\System32\oleacc.dll - ok
15:32:15.0464 0888  [ 9E693C6146932B5369DFFA584E805EF6 ] C:\Windows\System32\PSHED.DLL
15:32:15.0464 0888  C:\Windows\System32\PSHED.DLL - ok
15:32:15.0468 0888  [ 7F633AC83782EB0E8ADE513B8A1A9BC8 ] C:\Windows\System32\audiodg.exe
15:32:15.0468 0888  C:\Windows\System32\audiodg.exe - ok
15:32:15.0475 0888  [ 16881B42E07390FAA8C7331E9B8316A7 ] C:\Windows\System32\duser.dll
15:32:15.0475 0888  C:\Windows\System32\duser.dll - ok
15:32:15.0481 0888  [ 2494DCE21A76881317CAEC47D3A2AEB6 ] C:\Windows\System32\stapi64.dll
15:32:15.0481 0888  C:\Windows\System32\stapi64.dll - ok
15:32:15.0487 0888  [ 84551E8DECDBF4DEBE3462DB6DA3C64B ] C:\Windows\System32\kbd101.dll
15:32:15.0488 0888  C:\Windows\System32\kbd101.dll - ok
15:32:15.0497 0888  [ 3915404715670AF7E4474147677160C3 ] C:\Windows\System32\kbd106.dll
15:32:15.0497 0888  C:\Windows\System32\kbd106.dll - ok
15:32:15.0501 0888  [ 7E1F61CACAAA48548F84EAE47593F764 ] C:\Windows\System32\KBDJPN.DLL
15:32:15.0501 0888  C:\Windows\System32\KBDJPN.DLL - ok
15:32:15.0507 0888  [ C215F8DD4A5CCAF8C81117764B4D9DE2 ] C:\Windows\System32\kbdnec.dll
15:32:15.0507 0888  C:\Windows\System32\kbdnec.dll - ok
15:32:15.0514 0888  [ 656CF740A2FDB99664A91C439D05C0ED ] C:\Windows\System32\xmllite.dll
15:32:15.0514 0888  C:\Windows\System32\xmllite.dll - ok
15:32:15.0520 0888  [ A0E1B575BA8F504968CD40C0FAEB2384 ] C:\Windows\System32\gpsvc.dll
15:32:15.0520 0888  C:\Windows\System32\gpsvc.dll - ok
15:32:15.0526 0888  [ C501852F1CA40FFC55363ACC0D2DF5BA ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:32:15.0527 0888  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:32:15.0533 0888  [ C5EDECA7546B009484B23FAD0E9724C1 ] C:\Windows\System32\nlaapi.dll
15:32:15.0533 0888  C:\Windows\System32\nlaapi.dll - ok
15:32:15.0539 0888  [ F59CF3BFE865EB795C5DE5850F48B321 ] C:\Windows\System32\rasplap.dll
15:32:15.0540 0888  C:\Windows\System32\rasplap.dll - ok
15:32:15.0547 0888  [ 7FC9AFDD2A2ACFCB52FB05D57FE8C2F4 ] C:\Windows\System32\atl.dll
15:32:15.0547 0888  C:\Windows\System32\atl.dll - ok
15:32:15.0552 0888  [ A4F3F34A7146D8633FA8D346535A9CAA ] C:\Windows\System32\rasapi32.dll
15:32:15.0553 0888  C:\Windows\System32\rasapi32.dll - ok
15:32:15.0559 0888  [ C30BD20F185A47DCD4FD05F5AE1BC077 ] C:\Windows\System32\rasman.dll
15:32:15.0559 0888  C:\Windows\System32\rasman.dll - ok
15:32:15.0565 0888  [ E12F22B73F153DECE721CD45EC05B4AF ] C:\Windows\System32\es.dll
15:32:15.0565 0888  C:\Windows\System32\es.dll - ok
15:32:15.0572 0888  [ FE13271EF661F8BE83A1A0D3366164D0 ] C:\Windows\System32\propsys.dll
15:32:15.0572 0888  C:\Windows\System32\propsys.dll - ok
15:32:15.0581 0888  [ F0884FA3E83C79775BF89C74DD28B616 ] C:\Windows\System32\tapi32.dll
15:32:15.0581 0888  C:\Windows\System32\tapi32.dll - ok
15:32:15.0585 0888  [ F1D25FB6A8BF8FBAE49717B684670393 ] C:\Windows\System32\rtutils.dll
15:32:15.0585 0888  C:\Windows\System32\rtutils.dll - ok
15:32:15.0591 0888  [ B1D4BB8DFD7128A90982562268920724 ] C:\Windows\System32\WinSCard.dll
15:32:15.0591 0888  C:\Windows\System32\WinSCard.dll - ok
15:32:15.0598 0888  [ 75C881C65CEF2C7B911EB0A351957368 ] C:\Windows\System32\drivers\spsys.sys
15:32:15.0598 0888  C:\Windows\System32\drivers\spsys.sys - ok
15:32:15.0605 0888  [ 00C7DAFAD08FAD59E51EB9A1F90925DE ] C:\Windows\System32\shgina.dll
15:32:15.0605 0888  C:\Windows\System32\shgina.dll - ok
15:32:15.0611 0888  [ 4CEA4255CAE84BF21FCA9A2827E16CBB ] C:\Windows\System32\shacct.dll
15:32:15.0614 0888  C:\Windows\System32\shacct.dll - ok
15:32:15.0618 0888  [ 35FBB6F5993C9EE70CDB72CC8AAB5D38 ] C:\Windows\System32\wdmaud.drv
15:32:15.0618 0888  C:\Windows\System32\wdmaud.drv - ok
15:32:15.0624 0888  [ A1A408E9F8C2DB9C3B3BA21C25CCF9C3 ] C:\Windows\System32\AudioEng.dll
15:32:15.0624 0888  C:\Windows\System32\AudioEng.dll - ok
15:32:15.0631 0888  [ EEFDA2A090E8000740D46B09DCDBEAFF ] C:\Windows\System32\AudioSes.dll
15:32:15.0631 0888  C:\Windows\System32\AudioSes.dll - ok
15:32:15.0637 0888  [ 17BF3BF5296936B153FDDDA189B60E07 ] C:\Windows\System32\ksuser.dll
15:32:15.0637 0888  C:\Windows\System32\ksuser.dll - ok
15:32:15.0643 0888  [ 48FEF0CD6C0D4CA428DE7024F297E1CD ] C:\Windows\System32\WindowsCodecs.dll
15:32:15.0643 0888  C:\Windows\System32\WindowsCodecs.dll - ok
15:32:15.0650 0888  [ E2223A37896A76861D7F79FD81A2A193 ] C:\Windows\System32\hpservice.exe
15:32:15.0650 0888  C:\Windows\System32\hpservice.exe - ok
15:32:15.0656 0888  [ CB77E41BFFE0A4167A713632EEB107A5 ] C:\Windows\System32\mfc42u.dll
15:32:15.0656 0888  C:\Windows\System32\mfc42u.dll - ok
15:32:15.0664 0888  [ C8805CEAA9ADE51658643B3E2C147BB7 ] C:\Windows\System32\odbc32.dll
15:32:15.0664 0888  C:\Windows\System32\odbc32.dll - ok
15:32:15.0669 0888  [ 62BDB059ED8AE0C63E33BBF990941E0F ] C:\Windows\System32\midimap.dll
15:32:15.0669 0888  C:\Windows\System32\midimap.dll - ok
15:32:15.0676 0888  [ 215DFBEF790637C2B9C02BB23C9887EB ] C:\Windows\System32\msacm32.dll
15:32:15.0676 0888  C:\Windows\System32\msacm32.dll - ok
15:32:15.0682 0888  [ 9A328CC4E4490E929E30332AC902CAC1 ] C:\Windows\System32\msacm32.drv
15:32:15.0682 0888  C:\Windows\System32\msacm32.drv - ok
15:32:15.0689 0888  [ 09451F87CFF73FF22D9479FB0A73861C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll
15:32:15.0689 0888  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_41466cae55469b30\comctl32.dll - ok
15:32:15.0700 0888  [ E08935E54CEE225BEB3CC220CBCC734A ] C:\Windows\System32\AUDIOKSE.dll
15:32:15.0700 0888  C:\Windows\System32\AUDIOKSE.dll - ok
15:32:15.0708 0888  [ B7EEA7A7A6F8F80DD6A22E585F619C20 ] C:\Windows\System32\accelerometerdll.DLL
15:32:15.0708 0888  C:\Windows\System32\accelerometerdll.DLL - ok
15:32:15.0715 0888  [ 53E401AE1E8CEF522E00576650CC11EB ] C:\Windows\System32\odbcint.dll
15:32:15.0715 0888  C:\Windows\System32\odbcint.dll - ok
15:32:15.0722 0888  [ D76E231E4850BB3F88A3D9A78DF191E3 ] C:\Windows\System32\uxsms.dll
15:32:15.0722 0888  C:\Windows\System32\uxsms.dll - ok
15:32:15.0731 0888  [ 56697D33950E5E83A4049F477BE7C320 ] C:\Windows\System32\hid.dll
15:32:15.0731 0888  C:\Windows\System32\hid.dll - ok
15:32:15.0735 0888  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
15:32:15.0735 0888  C:\Windows\System32\WUDFPlatform.dll - ok
15:32:15.0741 0888  [ 96ECE2659B6654C10A0C310AE3A6D02C ] C:\Windows\System32\drivers\lltdio.sys
15:32:15.0742 0888  C:\Windows\System32\drivers\lltdio.sys - ok
15:32:15.0748 0888  [ 2007B826C4ACD94AE32232B41F0842B9 ] C:\Windows\System32\drivers\nwifi.sys
15:32:15.0748 0888  C:\Windows\System32\drivers\nwifi.sys - ok
15:32:15.0755 0888  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] C:\Windows\System32\drivers\ndisuio.sys
15:32:15.0755 0888  C:\Windows\System32\drivers\ndisuio.sys - ok
15:32:15.0761 0888  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] C:\Windows\System32\drivers\rspndr.sys
15:32:15.0761 0888  C:\Windows\System32\drivers\rspndr.sys - ok
15:32:15.0768 0888  [ 06230F1B721494A6DF8D47FD395BB1B0 ] C:\Windows\System32\dnsrslvr.dll
15:32:15.0768 0888  C:\Windows\System32\dnsrslvr.dll - ok
15:32:15.0774 0888  [ E0159CE395B31F746AA26D0A6996DB29 ] C:\Windows\System32\eapphost.dll
15:32:15.0774 0888  C:\Windows\System32\eapphost.dll - ok
15:32:15.0782 0888  [ 0160AD4F8F4F817428CA74358612EC48 ] C:\Windows\System32\rastls.dll
15:32:15.0782 0888  C:\Windows\System32\rastls.dll - ok
15:32:15.0787 0888  [ BFDF69526CB6476992540D4C477CC27A ] C:\Windows\System32\raschap.dll
15:32:15.0787 0888  C:\Windows\System32\raschap.dll - ok
15:32:15.0794 0888  [ D716BD01181B489200D158F88A9DA061 ] C:\Windows\System32\stapo64.dll
15:32:15.0794 0888  C:\Windows\System32\stapo64.dll - ok
15:32:15.0800 0888  [ 57D1DE90D43E25C9E645D81FFC4FB678 ] C:\Windows\System32\umb.dll
15:32:15.0800 0888  C:\Windows\System32\umb.dll - ok
15:32:15.0807 0888  [ F64C1360D0590DF16AF01C8DA66973CB ] C:\Windows\System32\wlanmsm.dll
15:32:15.0807 0888  C:\Windows\System32\wlanmsm.dll - ok
15:32:15.0815 0888  [ CE11C00CCC066FB06CC0E671CA0D7660 ] C:\Windows\System32\wlansec.dll
15:32:15.0815 0888  C:\Windows\System32\wlansec.dll - ok
15:32:15.0820 0888  [ DE2B9C350BB7C9CF355972AB8CB9B865 ] C:\Windows\System32\WMALFXGFXDSP.dll
15:32:15.0820 0888  C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:32:15.0826 0888  [ DED15764B578A26BE9E45E7692820549 ] C:\Windows\System32\onex.dll
15:32:15.0826 0888  C:\Windows\System32\onex.dll - ok
15:32:15.0832 0888  [ B7BD00787568A178CDE26A83B5C847BE ] C:\Windows\System32\mfplat.dll
15:32:15.0832 0888  C:\Windows\System32\mfplat.dll - ok
15:32:15.0839 0888  [ B50D0BF177657752B826697259341858 ] C:\Windows\System32\eappprxy.dll
15:32:15.0839 0888  C:\Windows\System32\eappprxy.dll - ok
15:32:15.0848 0888  [ 03FDED7449428CE493432EE35FE5A2FB ] C:\Windows\System32\eappcfg.dll
15:32:15.0848 0888  C:\Windows\System32\eappcfg.dll - ok
15:32:15.0852 0888  [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
15:32:15.0852 0888  C:\Windows\System32\AESTAR64.dll - ok
15:32:15.0858 0888  [ 9689076012A34CE4631D0CBFE148D092 ] C:\Windows\System32\wlgpclnt.dll
15:32:15.0858 0888  C:\Windows\System32\wlgpclnt.dll - ok
15:32:15.0865 0888  [ A73C52B285405E1FD79388AF2C7B2EB6 ] C:\Windows\System32\l2gpstore.dll
15:32:15.0865 0888  C:\Windows\System32\l2gpstore.dll - ok
15:32:15.0871 0888  [ 4DD86EDDA09715DC235E41C1F698F041 ] C:\Windows\System32\wlanutil.dll
15:32:15.0872 0888  C:\Windows\System32\wlanutil.dll - ok
15:32:15.0878 0888  [ 8B517F63A5B87F8FFAC2145F0673498A ] C:\Windows\System32\msxml6.dll
15:32:15.0878 0888  C:\Windows\System32\msxml6.dll - ok
15:32:15.0884 0888  [ 0989ECD292D373E31D6DF5EDB9B62AE1 ] C:\Windows\System32\AESTAC64.dll
15:32:15.0884 0888  C:\Windows\System32\AESTAC64.dll - ok
15:32:15.0891 0888  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:32:15.0891 0888  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
15:32:15.0899 0888  [ 39777F8ECD0B10B51CB79AC4F562C088 ] C:\Windows\System32\wlanext.exe
15:32:15.0899 0888  C:\Windows\System32\wlanext.exe - ok
15:32:15.0904 0888  [ D645D27E4B8F9CC41D6D1483C6CADDB4 ] C:\Windows\System32\bcmihvsrv64.dll
15:32:15.0904 0888  C:\Windows\System32\bcmihvsrv64.dll - ok
15:32:15.0910 0888  [ 6AAF63A85181E39F94EC0641C55A4EF0 ] C:\Windows\SysWOW64\ntdll.dll
15:32:15.0910 0888  C:\Windows\SysWOW64\ntdll.dll - ok
15:32:15.0918 0888  [ 813C216E14005CB42BBD1B037FCF030F ] C:\Windows\System32\wow64.dll
15:32:15.0918 0888  C:\Windows\System32\wow64.dll - ok
15:32:15.0928 0888  [ 8FE910915F14C9C6A9561D8032B603D3 ] C:\Windows\System32\wow64win.dll
15:32:15.0928 0888  C:\Windows\System32\wow64win.dll - ok
15:32:15.0933 0888  [ CA9EECC6092B9C2CE86D95C04B51BA20 ] C:\Windows\System32\wow64cpu.dll
15:32:15.0933 0888  C:\Windows\System32\wow64cpu.dll - ok
15:32:15.0939 0888  [ D59DD2AAFF94EAB9BD6C7940C2851735 ] C:\Windows\SysWOW64\kernel32.dll
15:32:15.0939 0888  C:\Windows\SysWOW64\kernel32.dll - ok
15:32:15.0948 0888  [ 483E6FE556B3146D5A634B8552FDD15C ] C:\Windows\System32\wlanapi.dll
15:32:15.0949 0888  C:\Windows\System32\wlanapi.dll - ok
15:32:15.0952 0888  [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\SysWOW64\ws2_32.dll
15:32:15.0952 0888  C:\Windows\SysWOW64\ws2_32.dll - ok
15:32:15.0959 0888  [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\SysWOW64\msvcrt.dll
15:32:15.0959 0888  C:\Windows\SysWOW64\msvcrt.dll - ok
15:32:15.0966 0888  [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\SysWOW64\advapi32.dll
15:32:15.0966 0888  C:\Windows\SysWOW64\advapi32.dll - ok
15:32:15.0970 0888  [ 0ABE67004EB4C162F4456E64F90A11FD ] C:\Windows\SysWOW64\rpcrt4.dll
15:32:15.0971 0888  C:\Windows\SysWOW64\rpcrt4.dll - ok
15:32:15.0977 0888  [ 3D4DD2D3D59ABE3BA902778C57D2E004 ] C:\Windows\SysWOW64\secur32.dll
15:32:15.0977 0888  C:\Windows\SysWOW64\secur32.dll - ok
15:32:15.0983 0888  [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\SysWOW64\nsi.dll
15:32:15.0983 0888  C:\Windows\SysWOW64\nsi.dll - ok
15:32:15.0990 0888  [ 54AE15322C30814FC23FC26907A563B3 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
15:32:15.0990 0888  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
15:32:15.0999 0888  [ 40F2889475EDC401F98FD7938F0BBF66 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
15:32:15.0999 0888  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
15:32:16.0004 0888  [ 1F9319EA6D87522C70271A55AC3BE365 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
15:32:16.0004 0888  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
15:32:16.0010 0888  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
15:32:16.0010 0888  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
15:32:16.0018 0888  [ D29FDB5DEDBDC1BD882164DC6DC4DD53 ] C:\Windows\SysWOW64\user32.dll
15:32:16.0019 0888  C:\Windows\SysWOW64\user32.dll - ok
15:32:16.0025 0888  [ 05C8C8767E29163FC251164FF6839EA5 ] C:\Windows\SysWOW64\gdi32.dll
15:32:16.0025 0888  C:\Windows\SysWOW64\gdi32.dll - ok
15:32:16.0032 0888  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
15:32:16.0032 0888  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
15:32:16.0038 0888  [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\SysWOW64\ole32.dll
15:32:16.0038 0888  C:\Windows\SysWOW64\ole32.dll - ok
15:32:16.0044 0888  [ C1AE82B8F60ADB630C00DCE48E571CDD ] C:\Windows\System32\netcfgx.dll
15:32:16.0044 0888  C:\Windows\System32\netcfgx.dll - ok
15:32:16.0051 0888  [ 0C70F8F5CC8359AC633724BECF6ABAF3 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
15:32:16.0051 0888  C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
15:32:16.0057 0888  [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\SysWOW64\wsock32.dll
15:32:16.0057 0888  C:\Windows\SysWOW64\wsock32.dll - ok
15:32:16.0066 0888  [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\SysWOW64\version.dll
15:32:16.0066 0888  C:\Windows\SysWOW64\version.dll - ok
15:32:16.0071 0888  [ F79B2469046122E24450FB66AE580C83 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
15:32:16.0071 0888  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
15:32:16.0077 0888  [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\SysWOW64\psapi.dll
15:32:16.0077 0888  C:\Windows\SysWOW64\psapi.dll - ok
15:32:16.0084 0888  [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\SysWOW64\crypt32.dll
15:32:16.0084 0888  C:\Windows\SysWOW64\crypt32.dll - ok
15:32:16.0090 0888  [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\SysWOW64\msasn1.dll
15:32:16.0090 0888  C:\Windows\SysWOW64\msasn1.dll - ok
15:32:16.0099 0888  [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\SysWOW64\userenv.dll
15:32:16.0099 0888  C:\Windows\SysWOW64\userenv.dll - ok
15:32:16.0105 0888  [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\SysWOW64\wininet.dll
15:32:16.0105 0888  C:\Windows\SysWOW64\wininet.dll - ok
15:32:16.0111 0888  [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\SysWOW64\shlwapi.dll
15:32:16.0111 0888  C:\Windows\SysWOW64\shlwapi.dll - ok
15:32:16.0119 0888  [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\SysWOW64\iertutil.dll
15:32:16.0119 0888  C:\Windows\SysWOW64\iertutil.dll - ok
15:32:16.0125 0888  [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\SysWOW64\urlmon.dll
15:32:16.0125 0888  C:\Windows\SysWOW64\urlmon.dll - ok
15:32:16.0133 0888  [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\SysWOW64\oleaut32.dll
15:32:16.0133 0888  C:\Windows\SysWOW64\oleaut32.dll - ok
 



15:32:16.0138 0888  [ B8FBE5F40B09F5D20E1E5CCFEF893D62 ] C:\Windows\SysWOW64\imm32.dll
15:32:16.0138 0888  C:\Windows\SysWOW64\imm32.dll - ok
15:32:16.0144 0888  [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\SysWOW64\msctf.dll
15:32:16.0144 0888  C:\Windows\SysWOW64\msctf.dll - ok
15:32:16.0151 0888  [ DF37346EA13082E3E1B423B54014E641 ] C:\Windows\SysWOW64\lpk.dll
15:32:16.0151 0888  C:\Windows\SysWOW64\lpk.dll - ok
15:32:16.0157 0888  [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\SysWOW64\usp10.dll
15:32:16.0157 0888  C:\Windows\SysWOW64\usp10.dll - ok
15:32:16.0166 0888  [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
15:32:16.0166 0888  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
15:32:16.0174 0888  [ BED93F434CD291DEC110901F7343E000 ] C:\Windows\System32\dllhost.exe
15:32:16.0174 0888  C:\Windows\System32\dllhost.exe - ok
15:32:16.0179 0888  [ ED4EC7C21A3607A4CB7D36E9C5B90AB2 ] C:\Windows\System32\AtBroker.exe
15:32:16.0179 0888  C:\Windows\System32\AtBroker.exe - ok
15:32:16.0186 0888  [ A0AB2BB9A92293D9CE66E252719AB5FE ] C:\Windows\System32\userinit.exe
15:32:16.0187 0888  C:\Windows\System32\userinit.exe - ok
15:32:16.0192 0888  [ 1AD703C14E705F69D4ADF79154054173 ] C:\Windows\System32\dwmapi.dll
15:32:16.0192 0888  C:\Windows\System32\dwmapi.dll - ok
15:32:16.0200 0888  [ A78E7E16E8696172FF3F4147E6050DC3 ] C:\Windows\System32\dwmredir.dll
15:32:16.0200 0888  C:\Windows\System32\dwmredir.dll - ok
15:32:16.0206 0888  [ B77AD1818DBD476245B1281016E075E4 ] C:\Windows\System32\milcore.dll
15:32:16.0206 0888  C:\Windows\System32\milcore.dll - ok
15:32:16.0212 0888  [ D4175BE7CA634C7BB9205F7EE4F3F7E4 ] C:\Windows\System32\d3d9.dll
15:32:16.0212 0888  C:\Windows\System32\d3d9.dll - ok
15:32:16.0220 0888  [ E6409B960CCAA48F292A4808E00167C8 ] C:\Windows\System32\d3d8thk.dll
15:32:16.0220 0888  C:\Windows\System32\d3d8thk.dll - ok
15:32:16.0226 0888  [ 3FA82D80A6E782C21771D5CC01E2717B ] C:\Windows\System32\igdumd64.dll
15:32:16.0226 0888  C:\Windows\System32\igdumd64.dll - ok
15:32:16.0235 0888  [ 6B08E54A451B3F95E4109DBA7E594270 ] C:\Windows\explorer.exe
15:32:16.0235 0888  C:\Windows\explorer.exe - ok
15:32:16.0239 0888  [ 7B005E3F9825A98312E089CBA0F83DAA ] C:\Windows\System32\uDWM.dll
15:32:16.0239 0888  C:\Windows\System32\uDWM.dll - ok
15:32:16.0245 0888  [ 9DCAA0F7D8EC0C07BBBE724041DB7AC5 ] C:\Windows\System32\shdocvw.dll
15:32:16.0245 0888  C:\Windows\System32\shdocvw.dll - ok
15:32:16.0251 0888  [ EE9040473EB1339E75E79A75FA47A825 ] C:\Windows\System32\browseui.dll
15:32:16.0252 0888  C:\Windows\System32\browseui.dll - ok
15:32:16.0258 0888  [ BBC016A0189C605FBBFCAEED315D0F64 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
15:32:16.0258 0888  C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
15:32:16.0267 0888  [ 920B4D089E02FB4A3F8ADA8B4BEF9B26 ] C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
15:32:16.0267 0888  C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll - ok
15:32:16.0273 0888  [ D092AA9740076D7B55BA7E3ECD22DFA7 ] C:\Windows\System32\msi.dll
15:32:16.0273 0888  C:\Windows\System32\msi.dll - ok
15:32:16.0279 0888  [ B2E32F41E1D6500F62CAEF5EF2B17196 ] C:\Windows\System32\EhStorShell.dll
15:32:16.0279 0888  C:\Windows\System32\EhStorShell.dll - ok
15:32:16.0287 0888  [ EDC41901878A99EA11765F5536CCAE67 ] C:\Windows\System32\imageres.dll
15:32:16.0287 0888  C:\Windows\System32\imageres.dll - ok
15:32:16.0293 0888  [ A45D8543AE13502984366767D7A4B4CD ] C:\Windows\System32\IconCodecService.dll
15:32:16.0293 0888  C:\Windows\System32\IconCodecService.dll - ok
15:32:16.0300 0888  [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\SysWOW64\apphelp.dll
15:32:16.0300 0888  C:\Windows\SysWOW64\apphelp.dll - ok
15:32:16.0305 0888  [ C86121BF74BB07FC99DB9DB0ED1B49FF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
15:32:16.0305 0888  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
15:32:16.0312 0888  [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:32:16.0312 0888  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:32:16.0318 0888  [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\SysWOW64\winhttp.dll
15:32:16.0319 0888  C:\Windows\SysWOW64\winhttp.dll - ok
15:32:16.0325 0888  [ D068312FEC645A9D7C1398808734B142 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
15:32:16.0325 0888  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
15:32:16.0333 0888  [ 64BF5CD9B9D7BD391CBC9EDE847A2902 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
15:32:16.0333 0888  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
15:32:16.0339 0888  [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\SysWOW64\wship6.dll
15:32:16.0339 0888  C:\Windows\SysWOW64\wship6.dll - ok
15:32:16.0345 0888  [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\SysWOW64\wshqos.dll
15:32:16.0345 0888  C:\Windows\SysWOW64\wshqos.dll - ok
15:32:16.0351 0888  [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\SysWOW64\NapiNSP.dll
15:32:16.0351 0888  C:\Windows\SysWOW64\NapiNSP.dll - ok
15:32:16.0358 0888  [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\SysWOW64\pnrpnsp.dll
15:32:16.0358 0888  C:\Windows\SysWOW64\pnrpnsp.dll - ok
15:32:16.0367 0888  [ 8617350C9B590B63E620881092751BCB ] C:\Windows\SysWOW64\mswsock.dll
15:32:16.0367 0888  C:\Windows\SysWOW64\mswsock.dll - ok
15:32:16.0371 0888  [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
15:32:16.0371 0888  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
15:32:16.0378 0888  [ DA8B8A95780F406EBB213C1C5D4C0D90 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
15:32:16.0378 0888  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
15:32:16.0385 0888  [ D873AF6112E377CDBCBF3055B86C30A9 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
15:32:16.0385 0888  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
15:32:16.0392 0888  [ 69B9DD83535C421F229227B0B303082A ] C:\Program Files\AVAST Software\Avast\ashTask.dll
15:32:16.0392 0888  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
15:32:16.0401 0888  [ 91F1D56F6DC6B2AEC45369765787B64D ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
15:32:16.0401 0888  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
15:32:16.0405 0888  [ 1919B2A6BB69BD206A4F0C20FBA5E4B6 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
15:32:16.0405 0888  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
15:32:16.0411 0888  [ 808A26DA7028B02A081A5A1BCBF69A2A ] C:\Windows\System32\wiarpc.dll
15:32:16.0411 0888  C:\Windows\System32\wiarpc.dll - ok
15:32:16.0419 0888  [ B3B4DDCD7263993FA3C42573066A16BE ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
15:32:16.0419 0888  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
15:32:16.0425 0888  [ 7D289D7E6253BC998F51CAADB54C5192 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
15:32:16.0425 0888  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
15:32:16.0434 0888  [ E43B269964099D96DDDAAED0E57F109E ] C:\Program Files\AVAST Software\Avast\avastIP.dll
15:32:16.0434 0888  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
15:32:16.0438 0888  [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:32:16.0439 0888  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:32:16.0445 0888  [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:32:16.0445 0888  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:32:16.0451 0888  [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\SysWOW64\dnsapi.dll
15:32:16.0451 0888  C:\Windows\SysWOW64\dnsapi.dll - ok
15:32:16.0458 0888  [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\SysWOW64\winnsi.dll
15:32:16.0458 0888  C:\Windows\SysWOW64\winnsi.dll - ok
15:32:16.0467 0888  [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:32:16.0467 0888  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:32:16.0473 0888  [ BB2BE07A396B5B22AC56787FACF8D86F ] C:\Program Files\AVAST Software\Avast\aswDld.dll
15:32:16.0473 0888  C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
15:32:16.0477 0888  [ 79B5BAEC23456D3F7EC10FC8374DA2CC ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
15:32:16.0477 0888  C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
15:32:16.0484 0888  [ 52D0FE133CBE687ED4E83FBDA70EBC9C ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
15:32:16.0484 0888  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
15:32:16.0490 0888  [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\SysWOW64\setupapi.dll
15:32:16.0490 0888  C:\Windows\SysWOW64\setupapi.dll - ok
15:32:16.0496 0888  [ 6B6D0747C1D56D5742F5171B57E8CB6F ] C:\Windows\System32\ktmw32.dll
15:32:16.0496 0888  C:\Windows\System32\ktmw32.dll - ok
15:32:16.0504 0888  [ 3ADB1950539C78F82EFD392BE98BE80D ] C:\Windows\System32\taskcomp.dll
15:32:16.0504 0888  C:\Windows\System32\taskcomp.dll - ok
15:32:16.0510 0888  [ 098F1E4E5C9CB5B0063A959063631610 ] C:\Windows\System32\drivers\http.sys
15:32:16.0510 0888  C:\Windows\System32\drivers\http.sys - ok
15:32:16.0517 0888  [ EA85B96A8BFB435749C9004BC7340347 ] C:\Windows\System32\taskeng.exe
15:32:16.0518 0888  C:\Windows\System32\taskeng.exe - ok
15:32:16.0523 0888  [ D48445B07F61CAFE2FE8972AAB4E31B8 ] C:\Windows\System32\spoolss.dll
15:32:16.0523 0888  C:\Windows\System32\spoolss.dll - ok
15:32:16.0529 0888  [ 2348447A80920B2493A9B582A23E81E1 ] C:\Windows\System32\drivers\bowser.sys
15:32:16.0529 0888  C:\Windows\System32\drivers\bowser.sys - ok
15:32:16.0536 0888  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] C:\Windows\System32\drivers\srvnet.sys
15:32:16.0536 0888  C:\Windows\System32\drivers\srvnet.sys - ok
15:32:16.0542 0888  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] C:\Windows\System32\drivers\mrxdav.sys
15:32:16.0542 0888  C:\Windows\System32\drivers\mrxdav.sys - ok
15:32:16.0551 0888  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] C:\Windows\System32\drivers\mrxsmb.sys
15:32:16.0551 0888  C:\Windows\System32\drivers\mrxsmb.sys - ok
15:32:16.0556 0888  [ 3B929A60C833FC615FD97FBA82BC7632 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:32:16.0556 0888  C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:32:16.0562 0888  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] C:\Windows\System32\drivers\mrxsmb20.sys
15:32:16.0562 0888  C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:32:16.0568 0888  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] C:\Windows\System32\drivers\srv2.sys
15:32:16.0568 0888  C:\Windows\System32\drivers\srv2.sys - ok
15:32:16.0575 0888  [ 5F0501B0C731E7F2DDE196E3A32E3500 ] C:\Windows\System32\PlaySndSrv.dll
15:32:16.0575 0888  C:\Windows\System32\PlaySndSrv.dll - ok
15:32:16.0584 0888  [ 18ADF933B54C8953FCC3EEAB4EAF4A63 ] C:\Windows\System32\TSChannel.dll
15:32:16.0584 0888  C:\Windows\System32\TSChannel.dll - ok
15:32:16.0589 0888  [ AD8DDBB13B341B931CC9229BBC9D0625 ] C:\Windows\System32\HotStartUserAgent.dll
15:32:16.0589 0888  C:\Windows\System32\HotStartUserAgent.dll - ok
15:32:16.0596 0888  [ B420EB9D254C2C16CCFBB09BCC6AB113 ] C:\Windows\System32\MsCtfMonitor.dll
15:32:16.0596 0888  C:\Windows\System32\MsCtfMonitor.dll - ok
15:32:16.0602 0888  [ AD27B41DA928C0338E6F364BE928D3F7 ] C:\Windows\System32\msutb.dll
15:32:16.0602 0888  C:\Windows\System32\msutb.dll - ok
15:32:16.0609 0888  [ 10446646D128E580C46615338E74E672 ] C:\Windows\System32\rundll32.exe
15:32:16.0609 0888  C:\Windows\System32\rundll32.exe - ok
15:32:16.0618 0888  [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\SysWOW64\wscapi.dll
15:32:16.0618 0888  C:\Windows\SysWOW64\wscapi.dll - ok
15:32:16.0622 0888  [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\SysWOW64\wscisvif.dll
15:32:16.0622 0888  C:\Windows\SysWOW64\wscisvif.dll - ok
15:32:16.0628 0888  [ D4A3B93741F20BF285FB41D1A7726D2C ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswEngin.dll
15:32:16.0629 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswEngin.dll - ok
15:32:16.0635 0888  [ 1C842051DCD87BE8EA550D7237C5C6D4 ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnIS.dll
15:32:16.0635 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnIS.dll - ok
15:32:16.0642 0888  [ 3B3C5474236CE8FC1F5CA103221AEC7D ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnOS.dll
15:32:16.0642 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnOS.dll - ok
15:32:16.0651 0888  [ A8899B91751658283EC33465F131787F ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnBS.dll
15:32:16.0651 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswCmnBS.dll - ok
15:32:16.0656 0888  [ 8879C220243CD433CDF0FC56D9519D13 ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswScan.dll
15:32:16.0656 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswScan.dll - ok
15:32:16.0663 0888  [ 32ED62D8C410117E09B0B7CA44FC4456 ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswRep.dll
15:32:16.0663 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswRep.dll - ok
15:32:16.0670 0888  [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswFiDb.dll
15:32:16.0670 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswFiDb.dll - ok
15:32:16.0677 0888  [ BB190EE09EDAC89958FB662569DDEE2D ] C:\Program Files\AVAST Software\Avast\defs\13060100\algo.dll
15:32:16.0677 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\algo.dll - ok
15:32:16.0685 0888  [ 2EDBDB75D2F41386804B2CB53C572E75 ] C:\Windows\System32\TMM.dll
15:32:16.0685 0888  C:\Windows\System32\TMM.dll - ok
15:32:16.0691 0888  [ 880A57FCCB571EBD063D4DD50E93E46D ] C:\Windows\System32\drivers\srv.sys
15:32:16.0691 0888  C:\Windows\System32\drivers\srv.sys - ok
15:32:16.0697 0888  [ 82EF87D210A32D1C18F636FF417038C8 ] C:\Windows\System32\igfxTMM.dll
15:32:16.0698 0888  C:\Windows\System32\igfxTMM.dll - ok
15:32:16.0704 0888  [ 185A819D9AC5A1D7F387C45F476CFE32 ] C:\Windows\System32\pdh.dll
15:32:16.0704 0888  C:\Windows\System32\pdh.dll - ok
15:32:16.0710 0888  [ CE010ACB489CAA0253A3F692E0892631 ] C:\Windows\System32\tdh.dll
15:32:16.0710 0888  C:\Windows\System32\tdh.dll - ok
15:32:16.0718 0888  [ C1DD6288ABA16EECBA39C3299C4040FE ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
15:32:16.0718 0888  C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
15:32:16.0723 0888  [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\SysWOW64\shell32.dll
15:32:16.0724 0888  C:\Windows\SysWOW64\shell32.dll - ok
15:32:16.0727 0888  [ A77267CDDE66443FB779CEE39CEE2141 ] C:\Windows\System32\QAGENT.DLL
15:32:16.0728 0888  C:\Windows\System32\QAGENT.DLL - ok
15:32:16.0735 0888  [ 7972615E382EF39785FD45F136F64D8C ] C:\Windows\System32\FWPUCLNT.DLL
15:32:16.0735 0888  C:\Windows\System32\FWPUCLNT.DLL - ok
15:32:16.0740 0888  [ ED99B5F4B9DFE4BECA711F3B0340F931 ] C:\Windows\System32\QUTIL.DLL
15:32:16.0740 0888  C:\Windows\System32\QUTIL.DLL - ok
15:32:16.0746 0888  [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\SysWOW64\fltLib.dll
15:32:16.0746 0888  C:\Windows\SysWOW64\fltLib.dll - ok
15:32:16.0753 0888  [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\SysWOW64\winsta.dll
15:32:16.0753 0888  C:\Windows\SysWOW64\winsta.dll - ok
15:32:16.0759 0888  [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\SysWOW64\wtsapi32.dll
15:32:16.0759 0888  C:\Windows\SysWOW64\wtsapi32.dll - ok
15:32:16.0768 0888  [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\SysWOW64\netapi32.dll
15:32:16.0769 0888  C:\Windows\SysWOW64\netapi32.dll - ok
15:32:16.0773 0888  [ E385B9E07B08C3F686B45D52C9F5A9B9 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
15:32:16.0773 0888  C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
15:32:16.0780 0888  [ E28034BDEDD48E44C889FF40C462005D ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
15:32:16.0780 0888  C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
15:32:16.0790 0888  [ B20C06BDE50900C33CEE861E5B288ABF ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
15:32:16.0790 0888  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
15:32:16.0797 0888  [ DAC5B3F300E08EFA9782F6DD0E4A9FDA ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
15:32:16.0797 0888  C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
15:32:16.0803 0888  [ 5B07E1B2414CE6A7F8942493F194B697 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
15:32:16.0803 0888  C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
15:32:16.0810 0888  [ F9AA8285BE0CCB3BDD77549DFC817423 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
15:32:16.0810 0888  C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
15:32:16.0819 0888  [ 90622E62EABD12FFEACEF083E765707C ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
15:32:16.0819 0888  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
15:32:16.0823 0888  [ B7F721185071CF20CAB25CC2869BE0C2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
15:32:16.0823 0888  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
15:32:16.0830 0888  [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\SysWOW64\wlanapi.dll
15:32:16.0830 0888  C:\Windows\SysWOW64\wlanapi.dll - ok
15:32:16.0837 0888  [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\SysWOW64\onex.dll
15:32:16.0837 0888  C:\Windows\SysWOW64\onex.dll - ok
15:32:16.0843 0888  [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\SysWOW64\eappprxy.dll
15:32:16.0843 0888  C:\Windows\SysWOW64\eappprxy.dll - ok
15:32:16.0852 0888  [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\SysWOW64\eappcfg.dll
15:32:16.0852 0888  C:\Windows\SysWOW64\eappcfg.dll - ok
15:32:16.0858 0888  [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
15:32:16.0858 0888  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
15:32:16.0864 0888  [ DE3C091D7E05093B7ABA93DA5952F0FD ] C:\Windows\System32\netmsg.dll
15:32:16.0864 0888  C:\Windows\System32\netmsg.dll - ok
15:32:16.0871 0888  [ 2BFD160AB9531CD20EDC9639EB0CD711 ] C:\Windows\System32\clusapi.dll
15:32:16.0871 0888  C:\Windows\System32\clusapi.dll - ok
15:32:16.0877 0888  [ 476616A17AE5F69CE583D8E1E2A7B134 ] C:\Windows\System32\sscore.dll
15:32:16.0877 0888  C:\Windows\System32\sscore.dll - ok
15:32:16.0886 0888  [ 45C5EAB112D3481A25485B0CF7E3597D ] C:\Windows\System32\activeds.dll
15:32:16.0886 0888  C:\Windows\System32\activeds.dll - ok
15:32:16.0891 0888  [ 80B8B7FF3AADD2156EE969C048644CAF ] C:\Windows\System32\adsldpc.dll
15:32:16.0891 0888  C:\Windows\System32\adsldpc.dll - ok
15:32:16.0897 0888  [ 77C276A0E431203EE56E52600A2575EA ] C:\Windows\System32\credui.dll
15:32:16.0897 0888  C:\Windows\System32\credui.dll - ok
15:32:16.0904 0888  [ D55A487295CC38D9E533C5AD87C1EB69 ] C:\Windows\System32\resutils.dll
15:32:16.0904 0888  C:\Windows\System32\resutils.dll - ok
15:32:16.0910 0888  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:32:16.0910 0888  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
15:32:16.0917 0888  [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\SysWOW64\wintrust.dll
15:32:16.0917 0888  C:\Windows\SysWOW64\wintrust.dll - ok
15:32:16.0924 0888  [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\SysWOW64\imagehlp.dll
15:32:16.0924 0888  C:\Windows\SysWOW64\imagehlp.dll - ok
15:32:16.0930 0888  [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\SysWOW64\shimeng.dll
15:32:16.0930 0888  C:\Windows\SysWOW64\shimeng.dll - ok
15:32:16.0937 0888  [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe
15:32:16.0937 0888  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe - ok
15:32:16.0944 0888  [ 734088CB57AEA704CA716C1C6BC5E0E6 ] C:\Program Files\LSI SoftModem\agr64svc.exe
15:32:16.0944 0888  C:\Program Files\LSI SoftModem\agr64svc.exe - ok
15:32:16.0952 0888  [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:32:16.0952 0888  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
15:32:16.0957 0888  [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\SysWOW64\duser.dll
15:32:16.0957 0888  C:\Windows\SysWOW64\duser.dll - ok
15:32:16.0964 0888  [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\SysWOW64\oleacc.dll
15:32:16.0964 0888  C:\Windows\SysWOW64\oleacc.dll - ok
15:32:16.0970 0888  [ 88B630F6AEB5A11F6AD064930B38C2C0 ] C:\Windows\SysWOW64\uxtheme.dll
15:32:16.0970 0888  C:\Windows\SysWOW64\uxtheme.dll - ok
15:32:16.0977 0888  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:32:16.0977 0888  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:32:16.0981 0888  [ 4ACF748A8E576761E4C610ACAB67B1BC ] C:\Windows\SysWOW64\bcrypt.dll
15:32:16.0981 0888  C:\Windows\SysWOW64\bcrypt.dll - ok
15:32:16.0988 0888  [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\SysWOW64\wlanutil.dll
15:32:16.0988 0888  C:\Windows\SysWOW64\wlanutil.dll - ok
15:32:16.0994 0888  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:32:16.0994 0888  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:32:17.0002 0888  [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
15:32:17.0003 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
15:32:17.0008 0888  [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
15:32:17.0009 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
15:32:17.0015 0888  [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
15:32:17.0015 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
15:32:17.0022 0888  [ E98E402067978DB38282158F9E8609CA ] C:\Windows\SysWOW64\netshell.dll
15:32:17.0022 0888  C:\Windows\SysWOW64\netshell.dll - ok
15:32:17.0029 0888  [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
15:32:17.0029 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
15:32:17.0037 0888  [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
15:32:17.0037 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
15:32:17.0044 0888  [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
15:32:17.0044 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
15:32:17.0053 0888  [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\SysWOW64\winmm.dll
15:32:17.0053 0888  C:\Windows\SysWOW64\winmm.dll - ok
15:32:17.0059 0888  [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
15:32:17.0059 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
15:32:17.0066 0888  [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
15:32:17.0066 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
15:32:17.0072 0888  [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\SysWOW64\nlaapi.dll
15:32:17.0073 0888  C:\Windows\SysWOW64\nlaapi.dll - ok
15:32:17.0079 0888  [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\SysWOW64\clbcatq.dll
15:32:17.0079 0888  C:\Windows\SysWOW64\clbcatq.dll - ok
15:32:17.0086 0888  [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
15:32:17.0086 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
15:32:17.0093 0888  [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\SysWOW64\rsaenh.dll
15:32:17.0093 0888  C:\Windows\SysWOW64\rsaenh.dll - ok
15:32:17.0099 0888  [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
15:32:17.0099 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
15:32:17.0106 0888  [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
15:32:17.0106 0888  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
15:32:17.0112 0888  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
15:32:17.0113 0888  C:\Windows\SysWOW64\dnssd.dll - ok
15:32:17.0120 0888  [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\SysWOW64\ntmarta.dll
15:32:17.0120 0888  C:\Windows\SysWOW64\ntmarta.dll - ok
15:32:17.0125 0888  [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\SysWOW64\samlib.dll
15:32:17.0125 0888  C:\Windows\SysWOW64\samlib.dll - ok
15:32:17.0131 0888  [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\SysWOW64\Wldap32.dll
15:32:17.0131 0888  C:\Windows\SysWOW64\Wldap32.dll - ok
15:32:17.0138 0888  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
15:32:17.0138 0888  C:\Program Files\Bonjour\mDNSResponder.exe - ok
15:32:17.0145 0888  [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
15:32:17.0145 0888  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
15:32:17.0153 0888  [ AAC3C0194EEBA939E18590411130CF43 ] C:\Program Files\AVAST Software\Avast\defs\13060100\ArPot.dll
15:32:17.0153 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\ArPot.dll - ok
15:32:17.0159 0888  [ 2E10EB73ED1E094E9A113D0798058B88 ] C:\Windows\System32\vssapi.dll
15:32:17.0159 0888  C:\Windows\System32\vssapi.dll - ok
15:32:17.0166 0888  [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
15:32:17.0166 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
15:32:17.0172 0888  [ A6BCDC241B6578C7DB57B5973B99FE7E ] C:\Windows\System32\wdscore.dll
15:32:17.0172 0888  C:\Windows\System32\wdscore.dll - ok
15:32:17.0179 0888  [ 6542A767BD7A90F5383605E6849FDF48 ] C:\Windows\System32\WSDApi.dll
15:32:17.0179 0888  C:\Windows\System32\WSDApi.dll - ok
15:32:17.0187 0888  [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\SysWOW64\svchost.exe
15:32:17.0187 0888  C:\Windows\SysWOW64\svchost.exe - ok
15:32:17.0194 0888  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
15:32:17.0194 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
15:32:17.0203 0888  [ 290A15C136531024982698A124F299FB ] C:\Windows\System32\taskschd.dll
15:32:17.0203 0888  C:\Windows\System32\taskschd.dll - ok
15:32:17.0207 0888  [ 7F80E2C493079E9D42CCECC715790E10 ] C:\Windows\System32\fundisc.dll
15:32:17.0207 0888  C:\Windows\System32\fundisc.dll - ok
15:32:17.0214 0888  [ 65247F45AADA547397134AF688EFE471 ] C:\Windows\System32\httpapi.dll
15:32:17.0214 0888  C:\Windows\System32\httpapi.dll - ok
15:32:17.0220 0888  [ A2EAE71B251BD27B0F4185CF9699A1C2 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
15:32:17.0220 0888  C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
15:32:17.0227 0888  [ F3CD3269896D64ECAEA4CA34BCEAC381 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
15:32:17.0227 0888  C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
15:32:17.0231 0888  [ 19BDFEDD205E79B89809813A510033FA ] C:\Windows\System32\msxml3.dll
15:32:17.0231 0888  C:\Windows\System32\msxml3.dll - ok
15:32:17.0238 0888  [ D86A39BF100069444D026D22D9A6E555 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:32:17.0239 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
15:32:17.0245 0888  [ F1B221EB9A136344521CAC9EF711C01C ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
15:32:17.0245 0888  C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
15:32:17.0254 0888  [ 9188D073CD14F886790D6037D1986063 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:32:17.0254 0888  C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
15:32:17.0260 0888  [ F4ADD96E3DDE8BC7CEE80C73C67F27FA ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
15:32:17.0260 0888  C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
15:32:17.0267 0888  [ 2A6B16AAD88A449B9E124FBF2D308E07 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
15:32:17.0270 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
15:32:17.0274 0888  [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\SysWOW64\winspool.drv
15:32:17.0274 0888  C:\Windows\SysWOW64\winspool.drv - ok
15:32:17.0281 0888  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:32:17.0281 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
15:32:17.0287 0888  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
15:32:17.0288 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
15:32:17.0294 0888  [ E8AECB69B2057EB308BE15A77AF2489E ] C:\Windows\System32\vsstrace.dll
15:32:17.0295 0888  C:\Windows\System32\vsstrace.dll - ok
15:32:17.0301 0888  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
15:32:17.0301 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
15:32:17.0308 0888  [ C2156710CD27EDCEBB24239681F22AAC ] C:\Windows\System32\cryptnet.dll
15:32:17.0308 0888  C:\Windows\System32\cryptnet.dll - ok
15:32:17.0314 0888  [ 0842A765D31D6E4AE50D6DF7DED61748 ] C:\Windows\System32\SensApi.dll
15:32:17.0314 0888  C:\Windows\System32\SensApi.dll - ok
15:32:17.0321 0888  [ 2A70994A408D889715DE6A527679397E ] C:\Windows\System32\wshbth.dll
15:32:17.0321 0888  C:\Windows\System32\wshbth.dll - ok
15:32:17.0328 0888  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
15:32:17.0328 0888  C:\Program Files\Bonjour\mdnsNSP.dll - ok
15:32:17.0334 0888  [ 8449D81B9FB1CCADEC3E64F30E1076C7 ] C:\Windows\System32\winrnr.dll
15:32:17.0334 0888  C:\Windows\System32\winrnr.dll - ok
15:32:17.0340 0888  [ 70071E1657823DA231713D74A9CC8ECA ] C:\Windows\System32\rasadhlp.dll
15:32:17.0341 0888  C:\Windows\System32\rasadhlp.dll - ok
15:32:17.0347 0888  [ 38573C7D9D91B316E6EE76E0C94F749E ] C:\Windows\System32\localspl.dll
15:32:17.0347 0888  C:\Windows\System32\localspl.dll - ok
15:32:17.0354 0888  [ 2CCA759379C220D29F0066CA49E9259F ] C:\Windows\System32\sfc.dll
15:32:17.0355 0888  C:\Windows\System32\sfc.dll - ok
15:32:17.0361 0888  [ FEB771AF00A645DCA8A7D07CC33F7E8E ] C:\Windows\System32\winspool.drv
15:32:17.0361 0888  C:\Windows\System32\winspool.drv - ok
15:32:17.0367 0888  [ 1830828B9F8B6E800C9CB915B26D7D2D ] C:\Windows\System32\hpf3l083.dll
15:32:17.0371 0888  C:\Windows\System32\hpf3l083.dll - ok
15:32:17.0375 0888  [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
15:32:17.0375 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
15:32:17.0382 0888  [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
15:32:17.0382 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
15:32:17.0390 0888  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:32:17.0390 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
15:32:17.0397 0888  [ 7E6B9EF8711A921EE12287C4ABFA62AB ] C:\Windows\System32\hpz3l5ha.dll
15:32:17.0397 0888  C:\Windows\System32\hpz3l5ha.dll - ok
15:32:17.0405 0888  [ 74D59F72104C9FF8D154D1AB372A5A57 ] C:\Windows\System32\tcpmon.dll
15:32:17.0405 0888  C:\Windows\System32\tcpmon.dll - ok
15:32:17.0411 0888  [ 943F05B78BC03F3463FCE26D4B5B81A9 ] C:\Windows\System32\snmpapi.dll
15:32:17.0411 0888  C:\Windows\System32\snmpapi.dll - ok
15:32:17.0421 0888  [ 57120423BC6342F0EAE16E3720184D5A ] C:\Windows\System32\wsnmp32.dll
15:32:17.0421 0888  C:\Windows\System32\wsnmp32.dll - ok
15:32:17.0425 0888  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
15:32:17.0425 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
15:32:17.0431 0888  [ 4B7BB89AFC32632F775D8A3E62FCA979 ] C:\Windows\System32\mgmtapi.dll
15:32:17.0431 0888  C:\Windows\System32\mgmtapi.dll - ok
15:32:17.0438 0888  [ 7BCB22C93FF0E90683F3513531E2990B ] C:\Windows\System32\tcpmib.dll
15:32:17.0438 0888  C:\Windows\System32\tcpmib.dll - ok
15:32:17.0444 0888  [ 5948F2B4FECE4F3301D290771F5183CF ] C:\Windows\System32\usbmon.dll
15:32:17.0444 0888  C:\Windows\System32\usbmon.dll - ok
15:32:17.0450 0888  [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\SysWOW64\mpr.dll
15:32:17.0454 0888  C:\Windows\SysWOW64\mpr.dll - ok
15:32:17.0457 0888  [ DE0EED5106BD03CE11CDBF690285FE6C ] C:\Windows\System32\WSDMon.dll
15:32:17.0457 0888  C:\Windows\System32\WSDMon.dll - ok
15:32:17.0464 0888  [ 0C063350E73B443666B17F225BB9FEC7 ] C:\Windows\System32\cfgmgr32.dll
15:32:17.0464 0888  C:\Windows\System32\cfgmgr32.dll - ok
15:32:17.0471 0888  [ AFDE12C926996FCC41C1F3A1F13A86E6 ] C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll
15:32:17.0471 0888  C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll - ok
15:32:17.0477 0888  [ 844B578724EFD76AE1666CF1B5835365 ] C:\Windows\System32\spool\prtprocs\x64\hpzpp5ha.dll
15:32:17.0477 0888  C:\Windows\System32\spool\prtprocs\x64\hpzpp5ha.dll - ok
15:32:17.0484 0888  [ 1D2CC592516BD0544A107104461688F4 ] C:\Windows\System32\win32spl.dll
15:32:17.0484 0888  C:\Windows\System32\win32spl.dll - ok
15:32:17.0490 0888  [ 961F7B0A130E1FA3976ED1E9573D4D36 ] C:\Windows\System32\netrap.dll
15:32:17.0491 0888  C:\Windows\System32\netrap.dll - ok
15:32:17.0497 0888  [ A5A54257E6FD4AF082CCB0470AD4FC98 ] C:\Windows\System32\inetpp.dll
15:32:17.0497 0888  C:\Windows\System32\inetpp.dll - ok
15:32:17.0504 0888  [ 19CB8D7776D3656006496C4D890F5312 ] C:\Windows\System32\printcom.dll
15:32:17.0504 0888  C:\Windows\System32\printcom.dll - ok
15:32:17.0510 0888  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
15:32:17.0510 0888  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
15:32:17.0517 0888  [ F6F7943CAC73C59FA9996206A899146D ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
15:32:17.0517 0888  C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
15:32:17.0525 0888  [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
15:32:17.0525 0888  C:\Windows\System32\HPZinw12.dll - ok
15:32:17.0531 0888  [ BA019C21DAC7CAC193C93E86B9F2F3CB ] C:\Windows\System32\wsock32.dll
15:32:17.0531 0888  C:\Windows\System32\wsock32.dll - ok
15:32:17.0538 0888  [ 58865916F53592A61549B04941BFD80D ] C:\Windows\System32\drivers\PEAuth.sys
15:32:17.0538 0888  C:\Windows\System32\drivers\PEAuth.sys - ok
15:32:17.0544 0888  [ 5E1D96076745F73C56B1307FEE6BEDFE ] C:\Windows\System32\ncsi.dll
15:32:17.0544 0888  C:\Windows\System32\ncsi.dll - ok
15:32:17.0550 0888  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
15:32:17.0550 0888  C:\Windows\System32\HPZipm12.dll - ok
15:32:17.0556 0888  [ 6266D28705BC3F99E8BAC1F864C14E91 ] C:\Program Files (x86)\SMINST\BLService.exe
15:32:17.0557 0888  C:\Program Files (x86)\SMINST\BLService.exe - ok
15:32:17.0563 0888  [ 467FBA22AD764B6AB85BE58C25EEF15D ] C:\Windows\System32\ssdpapi.dll
15:32:17.0563 0888  C:\Windows\System32\ssdpapi.dll - ok
15:32:17.0571 0888  [ 5E9584123B75A205053BD82BC0E29232 ] C:\Program Files (x86)\SMINST\STWmiM.dll
15:32:17.0571 0888  C:\Program Files (x86)\SMINST\STWmiM.dll - ok
15:32:17.0576 0888  [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\SysWOW64\comdlg32.dll
15:32:17.0576 0888  C:\Windows\SysWOW64\comdlg32.dll - ok
15:32:17.0583 0888  [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\SysWOW64\oledlg.dll
15:32:17.0583 0888  C:\Windows\SysWOW64\oledlg.dll - ok
15:32:17.0590 0888  [ 7371D6B52B85190971CB3F35FA0CED05 ] C:\Windows\System32\diagperf.dll
15:32:17.0590 0888  C:\Windows\System32\diagperf.dll - ok
15:32:17.0597 0888  [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
15:32:17.0597 0888  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
15:32:17.0606 0888  [ 498EB62A160674E793FA40FD65390625 ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
15:32:17.0606 0888  C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
15:32:17.0613 0888  [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
15:32:17.0613 0888  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
15:32:17.0623 0888  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
15:32:17.0623 0888  C:\Windows\System32\drivers\secdrv.sys - ok
15:32:17.0627 0888  [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
15:32:17.0627 0888  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
15:32:17.0633 0888  [ C7E72A4071EE0200E3C075DACFB2B334 ] C:\Windows\System32\drivers\tcpipreg.sys
15:32:17.0633 0888  C:\Windows\System32\drivers\tcpipreg.sys - ok
15:32:17.0640 0888  [ 4215ECFC15D265A8E6E1925084B80908 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
15:32:17.0640 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe - ok
15:32:17.0656 0888  [ 4E1CC9DB8B680795F17F20FC6C51974B ] C:\Windows\System32\icaapi.dll
15:32:17.0656 0888  C:\Windows\System32\icaapi.dll - ok
15:32:17.0663 0888  [ 3E5EF481EAA9695181B6C02A2B88983E ] C:\Windows\System32\wiatrace.dll
15:32:17.0663 0888  C:\Windows\System32\wiatrace.dll - ok
15:32:17.0691 0888  [ 8E10B36901325C1ABE28E71FB8E437D9 ] C:\Windows\System32\wsdchngr.dll
15:32:17.0691 0888  C:\Windows\System32\wsdchngr.dll - ok
15:32:17.0700 0888  [ F386D56F1B6D70E0E4E70E494975D279 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
15:32:17.0700 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe - ok
15:32:17.0716 0888  [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\AVAST Software\Avast\defs\13060100\exts.dll
15:32:17.0717 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\exts.dll - ok
15:32:17.0743 0888  [ EFA80360111D8D179E39E314A49C9ED4 ] C:\Windows\SysWOW64\wshbth.dll
15:32:17.0743 0888  C:\Windows\SysWOW64\wshbth.dll - ok
15:32:17.0774 0888  [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\SysWOW64\winrnr.dll
15:32:17.0774 0888  C:\Windows\SysWOW64\winrnr.dll - ok
15:32:17.0792 0888  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
15:32:17.0792 0888  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
15:32:17.0799 0888  [ E9DBC876EC1C78A74A55D8D121016344 ] C:\Windows\System32\wbemcomn.dll
15:32:17.0799 0888  C:\Windows\System32\wbemcomn.dll - ok
15:32:17.0809 0888  [ 898804F8043BA721AC2E9F45AA55558B ] C:\Windows\System32\PortableDeviceApi.dll
15:32:17.0809 0888  C:\Windows\System32\PortableDeviceApi.dll - ok
15:32:17.0813 0888  [ 6FF25F418D373097C199E3ACCFA06E78 ] C:\Windows\System32\tquery.dll
15:32:17.0813 0888  C:\Windows\System32\tquery.dll - ok
15:32:17.0822 0888  [ BF0873241C01C97E9E027C68863914C6 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
15:32:17.0822 0888  C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
15:32:17.0827 0888  [ B25321F9C037BA9AE1DD68B36913ACAC ] C:\Windows\System32\wbem\WinMgmtR.dll
15:32:17.0827 0888  C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:32:17.0833 0888  [ 41F84775AE00035887A98EE774914939 ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:32:17.0833 0888  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:32:17.0840 0888  [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\SysWOW64\rasadhlp.dll
15:32:17.0840 0888  C:\Windows\SysWOW64\rasadhlp.dll - ok
15:32:17.0847 0888  [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\SysWOW64\security.dll
15:32:17.0847 0888  C:\Windows\SysWOW64\security.dll - ok
15:32:17.0856 0888  [ 0F2B9A24F8463EEC4E363AA36F763917 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
15:32:17.0856 0888  C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
15:32:17.0861 0888  [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\SysWOW64\wscproxystub.dll
15:32:17.0861 0888  C:\Windows\SysWOW64\wscproxystub.dll - ok
15:32:17.0867 0888  [ A0B762992A52FA8A657A97C34BEEA807 ] C:\Windows\System32\mssrch.dll
15:32:17.0867 0888  C:\Windows\System32\mssrch.dll - ok
15:32:17.0874 0888  [ 10AA3E99691C9782308A4768F0485D8D ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
15:32:17.0874 0888  C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
15:32:17.0884 0888  [ 900B9B25C345AAA4F90913BA9AECABF4 ] C:\Windows\System32\dbghelp.dll
15:32:17.0884 0888  C:\Windows\System32\dbghelp.dll - ok
15:32:17.0890 0888  [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\SysWOW64\p2pcollab.dll
15:32:17.0890 0888  C:\Windows\SysWOW64\p2pcollab.dll - ok
15:32:17.0895 0888  [ 112EEF699F3E5EFBE13EDDB50AEDE249 ] C:\Program Files\AVAST Software\Avast\defs\13060100\swhealthex.dll
15:32:17.0896 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\swhealthex.dll - ok
15:32:17.0901 0888  [ 54BEFBE0B681A7254FD74E1E5288F7F6 ] C:\Windows\System32\msidle.dll
15:32:17.0901 0888  C:\Windows\System32\msidle.dll - ok
15:32:17.0907 0888  [ 7846D0136CC2B264926A73047BA7688A ] C:\Windows\System32\netprofm.dll
15:32:17.0907 0888  C:\Windows\System32\netprofm.dll - ok
15:32:17.0913 0888  [ 7D0D71B83CC6697D797D5836990FA2EC ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
15:32:17.0913 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll - ok
15:32:17.0924 0888  [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\SysWOW64\shfolder.dll
15:32:17.0924 0888  C:\Windows\SysWOW64\shfolder.dll - ok
15:32:17.0928 0888  [ 27F479DFA5E1BD942E056888DCF5C270 ] C:\Windows\System32\Query.dll
15:32:17.0928 0888  C:\Windows\System32\Query.dll - ok
15:32:17.0938 0888  [ A5D8AD128FBB763F147F29F3D6A1C084 ] C:\Windows\System32\npmproxy.dll
15:32:17.0938 0888  C:\Windows\System32\npmproxy.dll - ok
15:32:17.0946 0888  [ 0FD5754319A388FBD2E13C21E806AC42 ] C:\Windows\System32\pnpts.dll
15:32:17.0946 0888  C:\Windows\System32\pnpts.dll - ok
15:32:17.0950 0888  [ 5DA42D24712E00728CEA2342A65009B2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:32:17.0950 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
15:32:17.0957 0888  [ AA6FAA30D3D0D4424DBA3D74D1CA1E14 ] C:\Windows\System32\netshell.dll
15:32:17.0957 0888  C:\Windows\System32\netshell.dll - ok
15:32:17.0964 0888  [ 1B7A24F2BFA1BB09CC67D4688B411039 ] C:\Windows\System32\pcadm.dll
15:32:17.0964 0888  C:\Windows\System32\pcadm.dll - ok
15:32:17.0974 0888  [ 595BAC1B188813CEAE88A599738E60F8 ] C:\Windows\System32\mssprxy.dll
15:32:17.0975 0888  C:\Windows\System32\mssprxy.dll - ok
15:32:17.0979 0888  [ CDBAE31A2B6C8819DDBC5CF8432E3B3E ] C:\Windows\System32\en-US\tquery.dll.mui
15:32:17.0979 0888  C:\Windows\System32\en-US\tquery.dll.mui - ok
15:32:17.0985 0888  [ 5398BD3BA9735ECF658487A2826C0885 ] C:\Windows\System32\runonce.exe
15:32:17.0985 0888  C:\Windows\System32\runonce.exe - ok
15:32:17.0992 0888  [ E21FFFE678FF09BAA6BF5F76BD8805C6 ] C:\Windows\System32\esent.dll
15:32:17.0992 0888  C:\Windows\System32\esent.dll - ok
15:32:17.0999 0888  [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\Windows\SysWOW64\runonce.exe
15:32:17.0999 0888  C:\Windows\SysWOW64\runonce.exe - ok
15:32:18.0008 0888  [ A44E61A183FD6D65C655E31A330ECA7E ] C:\Windows\System32\msscb.dll
15:32:18.0008 0888  C:\Windows\System32\msscb.dll - ok
15:32:18.0015 0888  [ 8FC931CA97B8DA19A380AB653AC3D6B7 ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswAR.dll
15:32:18.0015 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswAR.dll - ok
15:32:18.0025 0888  [ D23E5184266747DDCE9D0C6581D916B3 ] C:\Windows\System32\hnetcfg.dll
15:32:18.0025 0888  C:\Windows\System32\hnetcfg.dll - ok
15:32:18.0029 0888  [ 9BBD858EEC0AA9894B8063218CF1D19D ] C:\Windows\System32\upnp.dll
15:32:18.0029 0888  C:\Windows\System32\upnp.dll - ok
15:32:18.0036 0888  [ 9EC1D983086E5FA14FFB3518B7E3B596 ] C:\Program Files\AVAST Software\Avast\defs\13060100\aswRawFS.dll
15:32:18.0036 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\aswRawFS.dll - ok
15:32:18.0043 0888  [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\SysWOW64\ncrypt.dll
15:32:18.0043 0888  C:\Windows\SysWOW64\ncrypt.dll - ok
15:32:18.0050 0888  [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\SysWOW64\gpapi.dll
15:32:18.0051 0888  C:\Windows\SysWOW64\gpapi.dll - ok
15:32:18.0059 0888  [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\SysWOW64\SLC.dll
15:32:18.0059 0888  C:\Windows\SysWOW64\SLC.dll - ok
15:32:18.0064 0888  [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\SysWOW64\cryptnet.dll
15:32:18.0065 0888  C:\Windows\SysWOW64\cryptnet.dll - ok
15:32:18.0075 0888  [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\SysWOW64\SensApi.dll
15:32:18.0075 0888  C:\Windows\SysWOW64\SensApi.dll - ok
15:32:18.0079 0888  [ BC687BE08AF06AB5FE481BFAFFC55C6D ] C:\Windows\System32\dot3api.dll
15:32:18.0079 0888  C:\Windows\System32\dot3api.dll - ok
15:32:18.0090 0888  [ 8598C2AE3A7C7281B1290297C7CCFD57 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
15:32:18.0091 0888  C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
15:32:18.0095 0888  [ D86A2D30934F2192E477D4159632AD63 ] C:\Windows\System32\wlanhlp.dll
15:32:18.0095 0888  C:\Windows\System32\wlanhlp.dll - ok
15:32:18.0102 0888  [ 21F36392598072A73C7576CD8AFD6E70 ] C:\Windows\System32\wbem\wbemprox.dll
15:32:18.0102 0888  C:\Windows\System32\wbem\wbemprox.dll - ok
15:32:18.0110 0888  [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\SysWOW64\mfc42.dll
15:32:18.0110 0888  C:\Windows\SysWOW64\mfc42.dll - ok
15:32:18.0116 0888  [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\SysWOW64\sxs.dll
15:32:18.0116 0888  C:\Windows\SysWOW64\sxs.dll - ok
15:32:18.0124 0888  [ D642A49B5E19B3F5B0B4647FAE27817E ] C:\Windows\System32\wbem\wbemcore.dll
15:32:18.0124 0888  C:\Windows\System32\wbem\wbemcore.dll - ok
15:32:18.0129 0888  [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\SysWOW64\odbc32.dll
15:32:18.0129 0888  C:\Windows\SysWOW64\odbc32.dll - ok
15:32:18.0135 0888  [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
15:32:18.0135 0888  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
15:32:18.0141 0888  [ 37B697901FE364144D634128369098FF ] C:\Windows\System32\wbem\esscli.dll
15:32:18.0141 0888  C:\Windows\System32\wbem\esscli.dll - ok
15:32:18.0148 0888  [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\SysWOW64\msvcp60.dll
15:32:18.0148 0888  C:\Windows\SysWOW64\msvcp60.dll - ok
15:32:18.0154 0888  [ 11F705A35F4CB2B4D6FA51606A9B8C54 ] C:\Windows\System32\wbem\fastprox.dll
15:32:18.0154 0888  C:\Windows\System32\wbem\fastprox.dll - ok
15:32:18.0161 0888  [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\SysWOW64\odbcint.dll
15:32:18.0161 0888  C:\Windows\SysWOW64\odbcint.dll - ok
15:32:18.0167 0888  [ 128257DE99E96CFAF3917465C00EBB60 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\PCMRRec4.dll
15:32:18.0167 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\PCMRRec4.dll - ok
15:32:18.0174 0888  [ 8F8380E73A04BCB85340B1A3653FB8A5 ] C:\Windows\System32\wbem\wbemsvc.dll
15:32:18.0174 0888  C:\Windows\System32\wbem\wbemsvc.dll - ok
15:32:18.0179 0888  [ 85155AC913CA65ADE0323DC751AF3391 ] C:\Windows\System32\bitsperf.dll
15:32:18.0179 0888  C:\Windows\System32\bitsperf.dll - ok
15:32:18.0185 0888  [ 7E451C585AD79B895D03A3301EC5A675 ] C:\Windows\System32\shfolder.dll
15:32:18.0185 0888  C:\Windows\System32\shfolder.dll - ok
15:32:18.0191 0888  [ 1AE49D81622BE6364194F70045F07194 ] C:\Windows\System32\wbem\wmiutils.dll
15:32:18.0191 0888  C:\Windows\System32\wbem\wmiutils.dll - ok
15:32:18.0197 0888  [ 5103B1E343F2D5FBDFA8D0318ABC59C4 ] C:\Windows\System32\wbem\repdrvfs.dll
15:32:18.0197 0888  C:\Windows\System32\wbem\repdrvfs.dll - ok
15:32:18.0207 0888  [ 980F1A36B970F5AE361C5C2A90C9E972 ] C:\Windows\System32\bitsigd.dll
15:32:18.0207 0888  C:\Windows\System32\bitsigd.dll - ok
15:32:18.0210 0888  [ 0C03B4C202B3C12C6E7D8BC9E0E02AF4 ] C:\Windows\System32\qmgrprxy.dll
15:32:18.0210 0888  C:\Windows\System32\qmgrprxy.dll - ok
15:32:18.0216 0888  [ 10F13FFF542FEC4A2C4FA734EEBE56B9 ] C:\Windows\SysWOW64\qmgrprxy.dll
15:32:18.0216 0888  C:\Windows\SysWOW64\qmgrprxy.dll - ok
15:32:18.0223 0888  [ 6F5386A655598F71BAAB2D6B63A69D6A ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
15:32:18.0223 0888  C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
15:32:18.0228 0888  [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\SysWOW64\msdmo.dll
15:32:18.0228 0888  C:\Windows\SysWOW64\msdmo.dll - ok
15:32:18.0233 0888  [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\SysWOW64\devenum.dll
15:32:18.0233 0888  C:\Windows\SysWOW64\devenum.dll - ok
15:32:18.0240 0888  [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\SysWOW64\avicap32.dll
15:32:18.0240 0888  C:\Windows\SysWOW64\avicap32.dll - ok
15:32:18.0245 0888  [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\SysWOW64\msvfw32.dll
15:32:18.0245 0888  C:\Windows\SysWOW64\msvfw32.dll - ok
15:32:18.0250 0888  [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\SysWOW64\vfwwdm32.dll
15:32:18.0250 0888  C:\Windows\SysWOW64\vfwwdm32.dll - ok
15:32:18.0254 0888  [ E946553F786521C073AABC7CD0714807 ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:32:18.0254 0888  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:32:18.0261 0888  [ 8D94313E7A7786997B4C362B7CCB5D29 ] C:\Windows\System32\wbem\wbemess.dll
15:32:18.0261 0888  C:\Windows\System32\wbem\wbemess.dll - ok
15:32:18.0266 0888  [ CA4C8F3C594EBD72013FD599E9756172 ] C:\Program Files (x86)\Safari\Safari.exe
15:32:18.0266 0888  C:\Program Files (x86)\Safari\Safari.exe - ok
15:32:18.0273 0888  [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\SysWOW64\wdmaud.drv
15:32:18.0273 0888  C:\Windows\SysWOW64\wdmaud.drv - ok
15:32:18.0278 0888  [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\SysWOW64\ksuser.dll
15:32:18.0278 0888  C:\Windows\SysWOW64\ksuser.dll - ok
15:32:18.0283 0888  [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\SysWOW64\MMDevAPI.dll
15:32:18.0283 0888  C:\Windows\SysWOW64\MMDevAPI.dll - ok
15:32:18.0290 0888  [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\SysWOW64\AudioSes.dll
15:32:18.0290 0888  C:\Windows\SysWOW64\AudioSes.dll - ok
15:32:18.0295 0888  [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\SysWOW64\avrt.dll
15:32:18.0295 0888  C:\Windows\SysWOW64\avrt.dll - ok
15:32:18.0300 0888  [ DA7478BA9E41B60B3D5DA456E253002A ] C:\Windows\SysWOW64\AudioEng.dll
15:32:18.0300 0888  C:\Windows\SysWOW64\AudioEng.dll - ok
15:32:18.0307 0888  [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\SysWOW64\midimap.dll
15:32:18.0307 0888  C:\Windows\SysWOW64\midimap.dll - ok
15:32:18.0313 0888  [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\SysWOW64\msacm32.dll
15:32:18.0313 0888  C:\Windows\SysWOW64\msacm32.dll - ok
15:32:18.0319 0888  [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\SysWOW64\msacm32.drv
15:32:18.0319 0888  C:\Windows\SysWOW64\msacm32.drv - ok
15:32:18.0325 0888  [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\SysWOW64\schannel.dll
15:32:18.0325 0888  C:\Windows\SysWOW64\schannel.dll - ok
15:32:18.0332 0888  [ F320CA1A86DAF6779447C09C1ABA6B3E ] C:\Program Files (x86)\Java\jre7\bin\keytool.exe
15:32:18.0332 0888  C:\Program Files (x86)\Java\jre7\bin\keytool.exe - ok
15:32:18.0341 0888  [ 32732CEDE2A1106B736EF3D84054EE04 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
15:32:18.0341 0888  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
15:32:18.0346 0888  [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:32:18.0346 0888  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:32:18.0353 0888  [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\SysWOW64\wbemcomn.dll
15:32:18.0353 0888  C:\Windows\SysWOW64\wbemcomn.dll - ok
15:32:18.0359 0888  [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\SysWOW64\credssp.dll
15:32:18.0359 0888  C:\Windows\SysWOW64\credssp.dll - ok
15:32:18.0365 0888  [ CD9F3F56C0F9BEC66C65550BD23810A2 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
15:32:18.0365 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll - ok
15:32:18.0374 0888  [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
15:32:18.0374 0888  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
15:32:18.0379 0888  [ D89585872F9C5130226CB42A0C42C220 ] C:\Windows\System32\dssenh.dll
15:32:18.0379 0888  C:\Windows\System32\dssenh.dll - ok
15:32:18.0385 0888  [ 4996896DEB6DFCF6A7757D7F9FA0E5FA ] C:\Program Files (x86)\Java\jre7\bin\jli.dll
15:32:18.0385 0888  C:\Program Files (x86)\Java\jre7\bin\jli.dll - ok
15:32:18.0392 0888  [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:32:18.0392 0888  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:32:18.0398 0888  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
15:32:18.0398 0888  C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
15:32:18.0404 0888  [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:32:18.0404 0888  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:32:18.0410 0888  [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\SysWOW64\ntdsapi.dll
15:32:18.0411 0888  C:\Windows\SysWOW64\ntdsapi.dll - ok
15:32:18.0417 0888  [ A814551A2ACC6EE113156723742C757C ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll
15:32:18.0417 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLSchMgr.dll - ok
15:32:18.0429 0888  [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\SysWOW64\mfc42u.dll
15:32:18.0429 0888  C:\Windows\SysWOW64\mfc42u.dll - ok
15:32:18.0437 0888  [ 4C74AEB140FEB8036616AD535DC18062 ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
15:32:18.0437 0888  C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
15:32:18.0450 0888  [ E97B6931B5629D7E9F6EE29A68FD6123 ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:32:18.0450 0888  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:32:18.0459 0888  [ D14FC67002177932D291A1E31BE9D5FF ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll
15:32:18.0459 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLTinyDB.dll - ok
15:32:18.0464 0888  [ 8246DAB3BC2ED178E4FC3486EBAF2781 ] C:\Windows\System32\igfxdev.dll
15:32:18.0464 0888  C:\Windows\System32\igfxdev.dll - ok
15:32:18.0469 0888  [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
15:32:18.0469 0888  C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
15:32:18.0476 0888  [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\SysWOW64\powrprof.dll
15:32:18.0477 0888  C:\Windows\SysWOW64\powrprof.dll - ok
15:32:18.0482 0888  [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
15:32:18.0482 0888  C:\Windows\AppPatch\AcGenral.dll - ok
15:32:18.0487 0888  [ C847CF49E40CC92523C6EB231AA1BAE5 ] C:\Windows\System32\wbem\wmipcima.dll
15:32:18.0487 0888  C:\Windows\System32\wbem\wmipcima.dll - ok
15:32:18.0494 0888  [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\SysWOW64\msimg32.dll
15:32:18.0494 0888  C:\Windows\SysWOW64\msimg32.dll - ok
15:32:18.0500 0888  [ BFEFE6082328C37E7A441143E5ADCA31 ] C:\Windows\System32\framedynos.dll
15:32:18.0500 0888  C:\Windows\System32\framedynos.dll - ok
15:32:18.0503 0888  [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\SysWOW64\dwmapi.dll
15:32:18.0503 0888  C:\Windows\SysWOW64\dwmapi.dll - ok
15:32:18.0509 0888  [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\SysWOW64\sfc.dll
15:32:18.0510 0888  C:\Windows\SysWOW64\sfc.dll - ok
15:32:18.0515 0888  [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\SysWOW64\sfc_os.dll
15:32:18.0515 0888  C:\Windows\SysWOW64\sfc_os.dll - ok
15:32:18.0521 0888  [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\SysWOW64\cmd.exe
15:32:18.0521 0888  C:\Windows\SysWOW64\cmd.exe - ok
15:32:18.0527 0888  [ 72A73B43C20902760022FBC91B3EC948 ] C:\Windows\System32\cmd.exe
15:32:18.0527 0888  C:\Windows\System32\cmd.exe - ok
15:32:18.0532 0888  [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\SysWOW64\propsys.dll
15:32:18.0532 0888  C:\Windows\SysWOW64\propsys.dll - ok
15:32:18.0541 0888  [ C43DECDAC58C0A43E0376A216590F40A ] C:\Windows\SysWOW64\quartz.dll
15:32:18.0541 0888  C:\Windows\SysWOW64\quartz.dll - ok
15:32:18.0544 0888  [ 6080A176D09435FC8E6E800996656E18 ] C:\Windows\SysWOW64\conime.exe
15:32:18.0545 0888  C:\Windows\SysWOW64\conime.exe - ok
15:32:18.0550 0888  [ 00E1D5F656B13C00CC31CEB6B43C1D69 ] C:\Windows\System32\conime.exe
15:32:18.0550 0888  C:\Windows\System32\conime.exe - ok
15:32:18.0558 0888  [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\SysWOW64\ieframe.dll
15:32:18.0558 0888  C:\Windows\SysWOW64\ieframe.dll - ok
15:32:18.0562 0888  [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\SysWOW64\dxva2.dll
15:32:18.0562 0888  C:\Windows\SysWOW64\dxva2.dll - ok
15:32:18.0568 0888  [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\Windows\SysWOW64\qcap.dll
15:32:18.0568 0888  C:\Windows\SysWOW64\qcap.dll - ok
15:32:18.0575 0888  [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\SysWOW64\ksproxy.ax
15:32:18.0575 0888  C:\Windows\SysWOW64\ksproxy.ax - ok
15:32:18.0580 0888  [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\SysWOW64\d3d9.dll
15:32:18.0580 0888  C:\Windows\SysWOW64\d3d9.dll - ok
15:32:18.0585 0888  [ AC2DB0155EA5AFC4E15BD0BE59F673C0 ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
15:32:18.0585 0888  C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok
15:32:18.0592 0888  [ 63BD471712132D597431407527A57628 ] C:\Windows\System32\dxgi.dll
15:32:18.0592 0888  C:\Windows\System32\dxgi.dll - ok
15:32:18.0597 0888  [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\SysWOW64\dssenh.dll
15:32:18.0597 0888  C:\Windows\SysWOW64\dssenh.dll - ok
15:32:18.0603 0888  [ 1C4D251305E3DE58D412552104EDD3CF ] C:\Program Files (x86)\Java\jre7\bin\java.exe
15:32:18.0603 0888  C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
15:32:18.0610 0888  [ 0A540E628474BF593B95CDDDD04353E1 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll
15:32:18.0610 0888  C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok
15:32:18.0615 0888  [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\SysWOW64\d3d8thk.dll
15:32:18.0616 0888  C:\Windows\SysWOW64\d3d8thk.dll - ok
15:32:18.0621 0888  [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\Windows\SysWOW64\Kswdmcap.ax
15:32:18.0621 0888  C:\Windows\SysWOW64\Kswdmcap.ax - ok
15:32:18.0627 0888  [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\SysWOW64\vidcap.ax
15:32:18.0627 0888  C:\Windows\SysWOW64\vidcap.ax - ok
15:32:18.0634 0888  [ 49084A75BAE043AE02D5B44D02991BB2 ] C:\Windows\System32\drivers\mspqm.sys
15:32:18.0634 0888  C:\Windows\System32\drivers\mspqm.sys - ok
15:32:18.0641 0888  [ 5537EBC1209B3AA1332A03896B1184C3 ] C:\Windows\System32\PresentationSettings.exe
15:32:18.0642 0888  C:\Windows\System32\PresentationSettings.exe - ok
15:32:18.0646 0888  [ 47CF2F23790A9F0029320A0664E52DD0 ] C:\Program Files (x86)\Java\jre7\bin\java.dll
15:32:18.0646 0888  C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
15:32:18.0652 0888  [ CD9B0B592EE021821DD8E115B77B8264 ] C:\Program Files (x86)\Java\jre7\bin\zip.dll
15:32:18.0652 0888  C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok
15:32:18.0659 0888  [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\SysWOW64\shdocvw.dll
15:32:18.0659 0888  C:\Windows\SysWOW64\shdocvw.dll - ok
15:32:18.0665 0888  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\owner\AppData\Local\Temp\C1E4B888-73FF-48F7-BC0C-29605BFAA6A3.exe
15:32:18.0665 0888  C:\Users\owner\AppData\Local\Temp\C1E4B888-73FF-48F7-BC0C-29605BFAA6A3.exe - ok
15:32:18.0670 0888  [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:32:18.0671 0888  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:32:18.0677 0888  [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\SysWOW64\EhStorShell.dll
15:32:18.0677 0888  C:\Windows\SysWOW64\EhStorShell.dll - ok
15:32:18.0683 0888  [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
15:32:18.0683 0888  C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
15:32:18.0692 0888  [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
15:32:18.0692 0888  C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
15:32:18.0696 0888  [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
15:32:18.0696 0888  C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
15:32:18.0702 0888  [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\SysWOW64\imageres.dll
15:32:18.0702 0888  C:\Windows\SysWOW64\imageres.dll - ok
15:32:18.0708 0888  [ 75C34D22D3E7D1D0238B62C55F604BFC ] C:\Windows\System32\cscapi.dll
15:32:18.0709 0888  C:\Windows\System32\cscapi.dll - ok
15:32:18.0714 0888  [ 3A1BCFC2963C422A51111493C1ABC574 ] C:\Program Files (x86)\Java\jre7\bin\sunec.dll
15:32:18.0714 0888  C:\Program Files (x86)\Java\jre7\bin\sunec.dll - ok
15:32:18.0720 0888  [ B546BA6BF1D90A0AB6C660BC8BEEFF3F ] C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll
15:32:18.0720 0888  C:\Program Files (x86)\Java\jre7\bin\sunmscapi.dll - ok
15:32:18.0726 0888  [ 05411EF3E66659C63803563BB06C2E17 ] C:\Windows\System32\dimsjob.dll
15:32:18.0726 0888  C:\Windows\System32\dimsjob.dll - ok
15:32:18.0732 0888  [ 48DC4268BAA33F8770F498F96100E301 ] C:\Windows\System32\pautoenr.dll
15:32:18.0732 0888  C:\Windows\System32\pautoenr.dll - ok
15:32:18.0738 0888  [ C88208718545410FA0F11E06F6E7F01B ] C:\Windows\System32\certcli.dll
15:32:18.0738 0888  C:\Windows\System32\certcli.dll - ok
15:32:18.0744 0888  [ 5AF34B08C676F16A070A7D7EF2AB4C3E ] C:\Windows\System32\CertEnroll.dll
15:32:18.0744 0888  C:\Windows\System32\CertEnroll.dll - ok
15:32:18.0750 0888  [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\SysWOW64\rasapi32.dll
15:32:18.0750 0888  C:\Windows\SysWOW64\rasapi32.dll - ok
15:32:18.0759 0888  [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\SysWOW64\rasman.dll
15:32:18.0759 0888  C:\Windows\SysWOW64\rasman.dll - ok
15:32:18.0762 0888  [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\SysWOW64\tapi32.dll
15:32:18.0762 0888  C:\Windows\SysWOW64\tapi32.dll - ok
15:32:18.0767 0888  [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\SysWOW64\rtutils.dll
15:32:18.0767 0888  C:\Windows\SysWOW64\rtutils.dll - ok
15:32:18.0776 0888  [ 8F8E0EE62D73C72015D43E91BBF62B01 ] C:\Windows\System32\rastapi.dll
15:32:18.0776 0888  C:\Windows\System32\rastapi.dll - ok
15:32:18.0780 0888  [ 8139F933EF1559D4E7187E48F93EA136 ] C:\Windows\System32\unimdm.tsp
15:32:18.0780 0888  C:\Windows\System32\unimdm.tsp - ok
15:32:18.0785 0888  [ B3F777F027078644A7EC57C1EA40A5F1 ] C:\Windows\System32\uniplat.dll
15:32:18.0785 0888  C:\Windows\System32\uniplat.dll - ok
15:32:18.0792 0888  [ AA2AD4B7292A3D5F2B0295DB8A35669B ] C:\Windows\System32\unimdmat.dll
15:32:18.0792 0888  C:\Windows\System32\unimdmat.dll - ok
15:32:18.0797 0888  [ 0C31659ABF8C63995E355B330ACB3AE2 ] C:\Windows\System32\modemui.dll
15:32:18.0797 0888  C:\Windows\System32\modemui.dll - ok
15:32:18.0803 0888  [ ABCA3F75096C7CAF510CE0117FA29397 ] C:\Windows\System32\kmddsp.tsp
15:32:18.0803 0888  C:\Windows\System32\kmddsp.tsp - ok
15:32:18.0809 0888  [ A39C6C710DAC32A2D3B0677F648FD711 ] C:\Windows\System32\ndptsp.tsp
15:32:18.0809 0888  C:\Windows\System32\ndptsp.tsp - ok
15:32:18.0815 0888  [ AE865C840368BEEF09E2E2C619E8DB48 ] C:\Windows\System32\hidphone.tsp
15:32:18.0815 0888  C:\Windows\System32\hidphone.tsp - ok
15:32:18.0820 0888  [ 4500B574CB7F5ED6EE8E0BBC72AE2E31 ] C:\Windows\System32\rasppp.dll
15:32:18.0820 0888  C:\Windows\System32\rasppp.dll - ok
15:32:18.0826 0888  [ F77B49A32331FA80F11C86877A6700DB ] C:\Windows\System32\mprapi.dll
15:32:18.0826 0888  C:\Windows\System32\mprapi.dll - ok
15:32:18.0832 0888  [ 88C3F45AAF528E67D85C6F303958AA0C ] C:\Windows\System32\rasqec.dll
15:32:18.0832 0888  C:\Windows\System32\rasqec.dll - ok
15:32:18.0837 0888  [ A361672E1AE1581B475F035607F4FD87 ] C:\Windows\System32\cryptui.dll
15:32:18.0837 0888  C:\Windows\System32\cryptui.dll - ok
15:32:18.0844 0888  [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\SysWOW64\cabinet.dll
15:32:18.0844 0888  C:\Windows\SysWOW64\cabinet.dll - ok
15:32:18.0849 0888  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
15:32:18.0850 0888  C:\Windows\System32\ie4uinit.exe - ok
15:32:18.0855 0888  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
15:32:18.0855 0888  C:\Windows\System32\iedkcs32.dll - ok
15:32:18.0861 0888  [ DBBB05E1AD745B842BA790A3835637C8 ] C:\Windows\System32\timedate.cpl
15:32:18.0861 0888  C:\Windows\System32\timedate.cpl - ok
15:32:18.0867 0888  [ 27CEEAA8E6149FC6F2F9EE5E0BDAC5A5 ] C:\Windows\System32\actxprxy.dll
15:32:18.0867 0888  C:\Windows\System32\actxprxy.dll - ok
15:32:18.0872 0888  [ 8BDE3074EE7BB92030448419E33635C7 ] C:\Windows\System32\linkinfo.dll
15:32:18.0872 0888  C:\Windows\System32\linkinfo.dll - ok
15:32:18.0879 0888  [ 652B60C9C4D5391FF0970B9086702E8F ] C:\Windows\System32\ieframe.dll
15:32:18.0879 0888  C:\Windows\System32\ieframe.dll - ok
15:32:18.0890 0888  [ 486858C7A3718A3925CACAA3C7CAC357 ] C:\Windows\System32\igfxtray.exe
15:32:18.0891 0888  C:\Windows\System32\igfxtray.exe - ok
15:32:18.0899 0888  [ F328DD46A5C06774DFA6B27D9C32F890 ] C:\Windows\System32\hkcmd.exe
15:32:18.0899 0888  C:\Windows\System32\hkcmd.exe - ok
15:32:18.0908 0888  [ 954E647FB4CDFDF3DC78C00DDC8955A3 ] C:\Windows\System32\igfxpers.exe
15:32:18.0908 0888  C:\Windows\System32\igfxpers.exe - ok
15:32:18.0916 0888  [ CEA5F4EB9F7A099CC0B3B1F2CF3BE50F ] C:\Windows\System32\igfxsrvc.exe
15:32:18.0916 0888  C:\Windows\System32\igfxsrvc.exe - ok
15:32:18.0925 0888  [ 82955BAF6EE545110F7CE768AECA4144 ] C:\Windows\System32\thumbcache.dll
15:32:18.0925 0888  C:\Windows\System32\thumbcache.dll - ok
15:32:18.0929 0888  [ 67A1BD62A017ACD65D3A9C34EC6C1E02 ] C:\Windows\System32\igfxsrvc.dll
15:32:18.0929 0888  C:\Windows\System32\igfxsrvc.dll - ok
15:32:18.0934 0888  [ 079C4723655133D5F74A93E232A2E8A8 ] C:\Windows\System32\ntshrui.dll
15:32:18.0935 0888  C:\Windows\System32\ntshrui.dll - ok
15:32:18.0943 0888  [ DB8CB2A904A50C6F9BC131EAC63B2BEE ] C:\Program Files\Apoint2K\Apoint.exe
15:32:18.0943 0888  C:\Program Files\Apoint2K\Apoint.exe - ok
15:32:18.0947 0888  [ E572915DB4DAD7F062D99334D9F10BFF ] C:\Windows\System32\networkexplorer.dll
15:32:18.0947 0888  C:\Windows\System32\networkexplorer.dll - ok
15:32:18.0952 0888  [ DCC0E55997F80516993B19EA3937A463 ] C:\Windows\System32\hccutils.dll
15:32:18.0952 0888  C:\Windows\System32\hccutils.dll - ok
15:32:18.0959 0888  [ 11D415DB881C617288D3CB81BB1FE51D ] C:\Windows\System32\wbem\NCProv.dll
15:32:18.0959 0888  C:\Windows\System32\wbem\NCProv.dll - ok
15:32:18.0964 0888  [ 4D90AE122ECFF91835D08BCB4F1230CF ] C:\Windows\System32\Vxdif.dll
15:32:18.0964 0888  C:\Windows\System32\Vxdif.dll - ok
15:32:18.0970 0888  [ 06FDEA0167BAD4CDE26210F92F33FDBA ] C:\Windows\System32\wbem\wbemcons.dll
15:32:18.0970 0888  C:\Windows\System32\wbem\wbemcons.dll - ok
15:32:18.0976 0888  [ F50B03EB7C150E44DF2843F2138D4F70 ] C:\Windows\System32\mlang.dll
15:32:18.0976 0888  C:\Windows\System32\mlang.dll - ok
15:32:18.0982 0888  [ B9138D094038C0498FEF537AE1DD5C20 ] C:\Program Files\Apoint2K\Apoint.dll
15:32:18.0982 0888  C:\Program Files\Apoint2K\Apoint.dll - ok
15:32:18.0988 0888  [ 5C2A516F77E410895FADDEBE24419C44 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
15:32:18.0988 0888  C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
15:32:18.0994 0888  [ 61C090AFC693640742904A4FA2409BBC ] C:\Windows\System32\ExplorerFrame.dll
15:32:18.0994 0888  C:\Windows\System32\ExplorerFrame.dll - ok
15:32:19.0000 0888  [ 32BFF048169F9A57B9BBAF2DC90EAC1B ] C:\Windows\System32\stobject.dll
15:32:19.0000 0888  C:\Windows\System32\stobject.dll - ok
15:32:19.0005 0888  [ 93E888DA525F3DA1D8A94C174DDCC7C0 ] C:\Windows\System32\batmeter.dll
15:32:19.0005 0888  C:\Windows\System32\batmeter.dll - ok
15:32:19.0012 0888  [ 0AF5229C02A7D0F799A0A1C9213478CF ] C:\Windows\System32\igfxrenu.lrc
15:32:19.0012 0888  C:\Windows\System32\igfxrenu.lrc - ok
15:32:19.0017 0888  [ 5C8C51B679B947F3DF948533C0926240 ] C:\Windows\System32\SndVolSSO.dll
15:32:19.0017 0888  C:\Windows\System32\SndVolSSO.dll - ok
15:32:19.0023 0888  [ 0043D5AD523B22BEEEADC9516D6F2E01 ] C:\Program Files\Apoint2K\EzAuto.dll
15:32:19.0023 0888  C:\Program Files\Apoint2K\EzAuto.dll - ok
15:32:19.0029 0888  [ FF253B202C460492B9A35C457066CCC0 ] C:\Windows\ehome\ehSSO.dll
15:32:19.0029 0888  C:\Windows\ehome\ehSSO.dll - ok
15:32:19.0035 0888  [ 23EA7E9C58918227062545DB51B287DF ] C:\Windows\System32\igfxress.dll
15:32:19.0035 0888  C:\Windows\System32\igfxress.dll - ok
15:32:19.0043 0888  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\71767623.sys
15:32:19.0043 0888  C:\Windows\System32\drivers\71767623.sys - ok
15:32:19.0047 0888  [ FEC380264F8C18F9F80AE0861F4C659A ] C:\Program Files\Apoint2K\ApMsgFwd.exe
15:32:19.0047 0888  C:\Program Files\Apoint2K\ApMsgFwd.exe - ok
15:32:19.0052 0888  [ DE95622B09554A70DB4F035D197330BF ] C:\Windows\System32\pnidui.dll
15:32:19.0053 0888  C:\Windows\System32\pnidui.dll - ok
15:32:19.0060 0888  [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\SysWOW64\msi.dll
15:32:19.0060 0888  C:\Windows\SysWOW64\msi.dll - ok
15:32:19.0065 0888  [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
15:32:19.0065 0888  C:\Windows\System32\mscoree.dll - ok
15:32:19.0070 0888  [ 96BCC5962CA2B8B5A08E71DC80C2E128 ] C:\Program Files\IDT\WDM\sttray64.exe
15:32:19.0070 0888  C:\Program Files\IDT\WDM\sttray64.exe - ok
15:32:19.0077 0888  [ 9DD626CC4FB7CAAC19B2F4C33CD6A2A3 ] C:\Windows\System32\fdProxy.dll
15:32:19.0077 0888  C:\Windows\System32\fdProxy.dll - ok
15:32:19.0082 0888  [ 31519A9B25D4A8998EEC9C81E69269D9 ] C:\Windows\System32\fdWSD.dll
15:32:19.0082 0888  C:\Windows\System32\fdWSD.dll - ok
15:32:19.0087 0888  [ 39872A309B2DB96738AF44402F7BD43C ] C:\Windows\System32\rasdlg.dll
15:32:19.0087 0888  C:\Windows\System32\rasdlg.dll - ok
15:32:19.0094 0888  [ 6E97C86DFD7FD2984FEC1808DE906476 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
15:32:19.0094 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
15:32:19.0100 0888  [ DDCDE414B6DB14707DBD504EB23EF13E ] C:\Windows\System32\fdSSDP.dll
15:32:19.0100 0888  C:\Windows\System32\fdSSDP.dll - ok
15:32:19.0106 0888  [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\SysWOW64\riched20.dll
15:32:19.0106 0888  C:\Windows\SysWOW64\riched20.dll - ok
15:32:19.0113 0888  [ 6105AFCB022541D34206741185D2EC72 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
15:32:19.0113 0888  C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe - ok
15:32:19.0119 0888  [ 5A0C3C56DCF77EEA6FAC8EB3054332F1 ] C:\Program Files (x86)\AIM\aim.exe
15:32:19.0119 0888  C:\Program Files (x86)\AIM\aim.exe - ok
15:32:19.0127 0888  [ 65437DAD4F238EA9549408A783002222 ] C:\Windows\ehome\ehtray.exe
15:32:19.0127 0888  C:\Windows\ehome\ehtray.exe - ok
15:32:19.0131 0888  [ 6D9E1356A9C1B5F36698FAFF9205E34A ] C:\Program Files (x86)\Xvid\CheckUpdate.exe
15:32:19.0131 0888  C:\Program Files (x86)\Xvid\CheckUpdate.exe - ok
15:32:19.0137 0888  [ EAA666E9DD8DCDA6E075087091CB85EE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
15:32:19.0137 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
15:32:19.0143 0888  [ 0058E2924F2B6483591FAA7C2A6595A7 ] C:\Windows\System32\msiltcfg.dll
15:32:19.0143 0888  C:\Windows\System32\msiltcfg.dll - ok
15:32:19.0149 0888  [ 376D1B585060CD65BEEFE15A8577FCA0 ] C:\Windows\System32\sfc_os.dll
15:32:19.0149 0888  C:\Windows\System32\sfc_os.dll - ok
15:32:19.0155 0888  [ 6C86CD942313CF01E67262DD763295AC ] C:\Program Files\IDT\WDM\stlang64.dll
15:32:19.0155 0888  C:\Program Files\IDT\WDM\stlang64.dll - ok
15:32:19.0161 0888  [ 0A6BCB31307A1385CC8432B80D23E377 ] C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
15:32:19.0161 0888  C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll - ok
15:32:19.0168 0888  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:32:19.0168 0888  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:32:19.0173 0888  [ 1CA1F99D167BB19F785F2D8582579CFB ] C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
15:32:19.0173 0888  C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll - ok
15:32:19.0179 0888  [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\SysWOW64\msiltcfg.dll
15:32:19.0180 0888  C:\Windows\SysWOW64\msiltcfg.dll - ok
15:32:19.0185 0888  [ B6A7E7F43234BFA6A8E6CC4110CB9448 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
15:32:19.0186 0888  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
15:32:19.0194 0888  [ FDAC777249FC4A5ED75FF3F563817FA1 ] C:\Windows\System32\AltTab.dll
15:32:19.0194 0888  C:\Windows\System32\AltTab.dll - ok
15:32:19.0197 0888  [ 6B28D35E4C2C9D9ABA083EE4F9FD51CC ] C:\Windows\System32\WPDShServiceObj.dll
15:32:19.0197 0888  C:\Windows\System32\WPDShServiceObj.dll - ok
15:32:19.0204 0888  [ A0A92B5F2926C52A3FF415E928BC9301 ] C:\Windows\System32\PortableDeviceTypes.dll
15:32:19.0204 0888  C:\Windows\System32\PortableDeviceTypes.dll - ok
15:32:19.0212 0888  [ B6D5917CF9FDA3B434AD908559EBD2B3 ] C:\Windows\System32\srchadmin.dll
15:32:19.0212 0888  C:\Windows\System32\srchadmin.dll - ok
15:32:19.0218 0888  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
15:32:19.0218 0888  C:\Windows\System32\webcheck.dll - ok
15:32:19.0227 0888  [ E55DE59CD89138BD973602F9F202E84D ] C:\Windows\System32\SyncCenter.dll
15:32:19.0227 0888  C:\Windows\System32\SyncCenter.dll - ok
15:32:19.0231 0888  [ 6CD92194F84F6F0CE0D0088DBFC97262 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
15:32:19.0231 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
15:32:19.0236 0888  [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\SysWOW64\mscoree.dll
15:32:19.0236 0888  C:\Windows\SysWOW64\mscoree.dll - ok
15:32:19.0244 0888  [ DBC0B012A13C7738871D569005DEB5D1 ] C:\Windows\System32\bthprops.cpl
15:32:19.0244 0888  C:\Windows\System32\bthprops.cpl - ok
15:32:19.0249 0888  [ F2C56E2FB83F06831F9565E77C48078D ] C:\Windows\ehome\ehmsas.exe
15:32:19.0249 0888  C:\Windows\ehome\ehmsas.exe - ok
15:32:19.0255 0888  [ B6FAD59C92D1381D986CD7368A5291F4 ] C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
15:32:19.0255 0888  C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok
15:32:19.0261 0888  [ C66376234C25D1FB4F5F376CE2923DBF ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
15:32:19.0262 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
15:32:19.0265 0888  [ AEC6EF113ADB5308F178975EB9C52E71 ] C:\Windows\System32\consent.exe
15:32:19.0265 0888  C:\Windows\System32\consent.exe - ok
15:32:19.0271 0888  [ 11AAEC8BB512262F07C191ACCEE205D8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
15:32:19.0271 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
15:32:19.0277 0888  [ 5CE2C1433B9B634591F0A1C4C1203A0B ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
15:32:19.0277 0888  C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
15:32:19.0284 0888  [ 8FC3025462B3AA725EF63230F9F18191 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
15:32:19.0284 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
15:32:19.0290 0888  [ E084B2AD48152AAB8D12C3EBBD95E6C2 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
15:32:19.0290 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll - ok
15:32:19.0297 0888  [ 697D6CAF74F39C7F0017088C6F6B5C33 ] C:\Program Files\Windows Media Player\wmpnssci.dll
15:32:19.0297 0888  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
15:32:19.0303 0888  [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
15:32:19.0303 0888  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
15:32:19.0311 0888  [ D883BD7C5BA86AE7D442C3A24F13A46D ] C:\Windows\System32\p2pcollab.dll
15:32:19.0311 0888  C:\Windows\System32\p2pcollab.dll - ok
15:32:19.0315 0888  [ 2620C17442BAA264DBE18953FFD10889 ] C:\Windows\System32\wmpmde.dll
15:32:19.0316 0888  C:\Windows\System32\wmpmde.dll - ok
15:32:19.0321 0888  [ E9B44CD74DBA07FDDAA6562C29BCF8F2 ] C:\Windows\ehome\ehProxy.dll
15:32:19.0321 0888  C:\Windows\ehome\ehProxy.dll - ok
15:32:19.0328 0888  [ C56EBA7C1D396FCAF3C8D6867EF1C10E ] C:\Windows\System32\mf.dll
15:32:19.0328 0888  C:\Windows\System32\mf.dll - ok
15:32:19.0333 0888  [ E4FC525CF5F63732A437BC93F3506A75 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
15:32:19.0333 0888  C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe - ok
15:32:19.0339 0888  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:32:19.0339 0888  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:32:19.0345 0888  [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\SysWOW64\ddraw.dll
15:32:19.0345 0888  C:\Windows\SysWOW64\ddraw.dll - ok
15:32:19.0352 0888  [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\SysWOW64\dciman32.dll
15:32:19.0352 0888  C:\Windows\SysWOW64\dciman32.dll - ok
15:32:19.0358 0888  [ 1E6F5A9A18466E0F7FF87F712058F3A2 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
15:32:19.0361 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe - ok
15:32:19.0364 0888  [ A1793136ED32C13ADB3740A6557B3D84 ] C:\Windows\SysWOW64\MFC71u.dll
15:32:19.0364 0888  C:\Windows\SysWOW64\MFC71u.dll - ok
15:32:19.0370 0888  [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\SysWOW64\WMVCORE.DLL
15:32:19.0370 0888  C:\Windows\SysWOW64\WMVCORE.DLL - ok
15:32:19.0377 0888  [ FEFC51A19141A9A911B1E161A6662CED ] C:\Windows\SysWOW64\msvcr71.dll
15:32:19.0377 0888  C:\Windows\SysWOW64\msvcr71.dll - ok
15:32:19.0382 0888  [ A55C9E6DE12ED46A6C39EA24DF8056E2 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
15:32:19.0383 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
15:32:19.0388 0888  [ B1C5ADF56C4D47833D32D06A02D4E184 ] C:\Windows\SysWOW64\msvcp71.dll
15:32:19.0388 0888  C:\Windows\SysWOW64\msvcp71.dll - ok
15:32:19.0395 0888  [ FDC7AB400BB586A09F8CEAFF05FEEF38 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
15:32:19.0395 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe - ok
15:32:19.0401 0888  [ 15CDBDC3BB79771A90EE87904EE511C2 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
15:32:19.0401 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
15:32:19.0407 0888  [ AF96CCADA9B7ADB6488DDB6A60374821 ] C:\Windows\System32\evr.dll
15:32:19.0407 0888  C:\Windows\System32\evr.dll - ok
15:32:19.0413 0888  [ 9ACFD9D5E12D849B28C78FED6D620EB3 ] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
15:32:19.0413 0888  C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe - ok
15:32:19.0419 0888  [ 487AEAF20975504ED06CE59536EC5B1E ] C:\Windows\SysWOW64\igdumdx32.dll
15:32:19.0419 0888  C:\Windows\SysWOW64\igdumdx32.dll - ok
15:32:19.0425 0888  [ A949AA49376F8CB91D19EA8A7ADC94D4 ] C:\Windows\System32\wmdrmsdk.dll
15:32:19.0428 0888  C:\Windows\System32\wmdrmsdk.dll - ok
15:32:19.0431 0888  [ 601D77C0AA637A99073210894554B6BA ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
15:32:19.0431 0888  C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok
15:32:19.0438 0888  [ 415DB13940CB81BB27C7F48139ABAD1F ] C:\Windows\SysWOW64\MFC71.dll
15:32:19.0438 0888  C:\Windows\SysWOW64\MFC71.dll - ok
15:32:19.0444 0888  [ B4A5C31E8DA0C110B3D23261B00486B7 ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Helper.dll
15:32:19.0445 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Helper.dll - ok
15:32:19.0450 0888  [ 82A3031F7FAA61CB5E040B0D98A104AF ] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
15:32:19.0450 0888  C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe - ok
15:32:19.0455 0888  [ F041AB49DE23CC8BDB404EE59CD1935D ] C:\Windows\System32\dxva2.dll
15:32:19.0456 0888  C:\Windows\System32\dxva2.dll - ok
15:32:19.0462 0888  [ B5BACDED609EAF588A47CB4621C7E038 ] C:\Windows\SysWOW64\msxml3.dll
15:32:19.0462 0888  C:\Windows\SysWOW64\msxml3.dll - ok
15:32:19.0468 0888  [ 4FD5E2C796FDD1D4F850D0BD562204CC ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
15:32:19.0468 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe - ok
15:32:19.0474 0888  [ DE489A291F364B1473D6858560107113 ] C:\Windows\System32\wmp.dll
15:32:19.0474 0888  C:\Windows\System32\wmp.dll - ok
15:32:19.0480 0888  [ 9ACFD9D5E12D849B28C78FED6D620EB3 ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
15:32:19.0480 0888  C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
15:32:19.0485 0888  [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\SysWOW64\hid.dll
15:32:19.0485 0888  C:\Windows\SysWOW64\hid.dll - ok
15:32:19.0491 0888  [ 41AF130DDA88755D64523C031E9D37F6 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
15:32:19.0491 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
15:32:19.0498 0888  [ 41B85F8047AFFE819C25B6939C4F14D0 ] C:\Windows\SysWOW64\igdumd32.dll
15:32:19.0498 0888  C:\Windows\SysWOW64\igdumd32.dll - ok
15:32:19.0503 0888  [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\SysWOW64\WMASF.DLL
15:32:19.0504 0888  C:\Windows\SysWOW64\WMASF.DLL - ok
15:32:19.0511 0888  [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\SysWOW64\ntlanman.dll
15:32:19.0511 0888  C:\Windows\SysWOW64\ntlanman.dll - ok
15:32:19.0515 0888  [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\SysWOW64\drprov.dll
15:32:19.0515 0888  C:\Windows\SysWOW64\drprov.dll - ok
15:32:19.0519 0888  [ 9ACFD9D5E12D849B28C78FED6D620EB3 ] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
15:32:19.0519 0888  C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe - ok
15:32:19.0525 0888  [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\SysWOW64\davclnt.dll
15:32:19.0525 0888  C:\Windows\SysWOW64\davclnt.dll - ok
15:32:19.0531 0888  [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\SysWOW64\cscapi.dll
15:32:19.0531 0888  C:\Windows\SysWOW64\cscapi.dll - ok
15:32:19.0536 0888  [ B4D787DB8D30793A4D4DF9FEED18F136 ] C:\Windows\System32\drivers\cdfs.sys
15:32:19.0536 0888  C:\Windows\System32\drivers\cdfs.sys - ok
15:32:19.0545 0888  [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\SysWOW64\wpdshext.dll
15:32:19.0545 0888  C:\Windows\SysWOW64\wpdshext.dll - ok
15:32:19.0548 0888  [ DA41104DBAAE7C2508601A4B15B475E5 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
15:32:19.0549 0888  C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe - ok
15:32:19.0555 0888  [ 8BFB0599C95027E54EF3302DCD19E10B ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\CLRCEngine3.dll
15:32:19.0555 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\CLRCEngine3.dll - ok
15:32:19.0561 0888  [ D5BF6F7CD2F0CF8C01C98B12D0A29D06 ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
15:32:19.0561 0888  C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
15:32:19.0567 0888  [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
15:32:19.0567 0888  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
15:32:19.0573 0888  [ 376FAD0BD6E157205C8144D23A66493D ] C:\Windows\System32\wbem\cimwin32.dll
15:32:19.0573 0888  C:\Windows\System32\wbem\cimwin32.dll - ok
15:32:19.0579 0888  [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
15:32:19.0580 0888  C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
15:32:19.0586 0888  [ 7AF5A466CF4AECA28E3DCBCF5B6FD220 ] C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
15:32:19.0586 0888  C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe - ok
15:32:19.0592 0888  [ 3F11B20D12D89365D7721BDC860CE5F0 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:32:19.0592 0888  C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
15:32:19.0598 0888  [ F92B3868E3801653AF196C76078829FA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
15:32:19.0598 0888  C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
15:32:19.0604 0888  [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\SysWOW64\cryptui.dll
15:32:19.0604 0888  C:\Windows\SysWOW64\cryptui.dll - ok
15:32:19.0611 0888  [ B9B5C142C75E7E2A95E7E958CF6EAB3A ] C:\Program Files (x86)\Xvid\autoupdate-windows.exe
15:32:19.0612 0888  C:\Program Files (x86)\Xvid\autoupdate-windows.exe - ok
15:32:19.0617 0888  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
15:32:19.0617 0888  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
15:32:19.0622 0888  [ 7684CB595B2718F3ACF5FA0FA4ABEA3D ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll
15:32:19.0623 0888  C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll - ok
15:32:19.0629 0888  [ 98C42F36A13C25E099F1E081EB4EC59D ] C:\Windows\System32\wmi.dll
15:32:19.0629 0888  C:\Windows\System32\wmi.dll - ok
15:32:19.0635 0888  [ 38D8EDE4240767A103788A489E9DE27F ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Common\CLRCEngine3.dll
15:32:19.0635 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Common\CLRCEngine3.dll - ok
15:32:19.0641 0888  [ 7D2CB10042CAC091DE7BC04AFF27CF9E ] C:\Windows\System32\wbem\unsecapp.exe
15:32:19.0641 0888  C:\Windows\System32\wbem\unsecapp.exe - ok
15:32:19.0648 0888  [ 9CB07DD713BC54598CEF88B8E331EA15 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\CBS.dll
15:32:19.0648 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\CBS.dll - ok
15:32:19.0653 0888  [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\SysWOW64\mlang.dll
15:32:19.0653 0888  C:\Windows\SysWOW64\mlang.dll - ok
15:32:19.0659 0888  [ F347FD7DD03B3408691049CDE0ABB6B6 ] C:\Windows\System32\wbem\wmiprov.dll
15:32:19.0659 0888  C:\Windows\System32\wbem\wmiprov.dll - ok
15:32:19.0665 0888  [ 499659486B98FC962EA2D9CE517C6D6E ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapX.dll
15:32:19.0666 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapX.dll - ok
15:32:19.0671 0888  [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\SysWOW64\dsound.dll
15:32:19.0671 0888  C:\Windows\SysWOW64\dsound.dll - ok
15:32:19.0679 0888  [ 307CC4AF07C317542B5DE4CB4FB9C41A ] C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLAuMixer.dll
15:32:19.0679 0888  C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLAuMixer.dll - ok
15:32:19.0684 0888  [ 2F517DF83C26A2FEBE9BD18C974F03B2 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\HwCtrlMgr.dll
15:32:19.0684 0888  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\Dump\DIEGO\HwCtrlMgr.dll - ok
15:32:19.0690 0888  [ 19C69E1F96A4E4D92822002D6EEE9913 ] C:\Windows\System32\msvfw32.dll
15:32:19.0690 0888  C:\Windows\System32\msvfw32.dll - ok
15:32:19.0696 0888  [ 7DC262AEEA66CCD6ED86DAAB16C4CDFF ] C:\Windows\System32\ntlanman.dll
15:32:19.0696 0888  C:\Windows\System32\ntlanman.dll - ok
15:32:19.0702 0888  [ 94D616EBF8A3D2F7F8300F255E377A80 ] C:\Windows\System32\wmploc.DLL
15:32:19.0702 0888  C:\Windows\System32\wmploc.DLL - ok
15:32:19.0708 0888  [ 2790F04DFDDA00B7B6DE6719399A8739 ] C:\Windows\System32\drprov.dll
15:32:19.0708 0888  C:\Windows\System32\drprov.dll - ok
15:32:19.0714 0888  [ AAC4DFF79689736D8B316FC05A3E25EC ] C:\Windows\System32\davclnt.dll
15:32:19.0714 0888  C:\Windows\System32\davclnt.dll - ok
15:32:19.0720 0888  [ 6B80D55576B222FDF6F8407D6237EFC6 ] C:\Windows\System32\wmpps.dll
15:32:19.0720 0888  C:\Windows\System32\wmpps.dll - ok
15:32:19.0725 0888  [ AC80AF09C7131FBC518BD8069096CA85 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
15:32:19.0725 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
15:32:19.0732 0888  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
15:32:19.0732 0888  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
15:32:19.0737 0888  [ 56DB34F4DC39CECBC871A895C6FCF1C3 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
15:32:19.0737 0888  C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
15:32:19.0746 0888  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:32:19.0746 0888  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:32:19.0750 0888  [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:32:19.0750 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
15:32:19.0756 0888  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
15:32:19.0756 0888  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
15:32:19.0762 0888  [ 5A2B3AEDA5E5B35F3F351173277452B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll
15:32:19.0762 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\5175a0985efd95b306a5637aee7ad811\mscorlib.ni.dll - ok
15:32:19.0768 0888  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:32:19.0768 0888  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
15:32:19.0771 0888  [ FEF3AE955F69F656D3E7CFE305C315C5 ] C:\Program Files\Apoint2K\ApntEx.exe
15:32:19.0771 0888  C:\Program Files\Apoint2K\ApntEx.exe - ok
15:32:19.0779 0888  [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
15:32:19.0779 0888  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
15:32:19.0783 0888  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
15:32:19.0784 0888  C:\Windows\System32\msvcr100_clr0400.dll - ok
15:32:19.0789 0888  [ 6946774424967FD9C2656A577C922188 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
15:32:19.0789 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
15:32:19.0796 0888  [ A66325E43C09902374854B285DAC1548 ] C:\Windows\System32\riched20.dll
15:32:19.0796 0888  C:\Windows\System32\riched20.dll - ok
15:32:19.0801 0888  [ 02983B48906817AB33E498AF687B636D ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe
15:32:19.0801 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe - ok
15:32:19.0807 0888  [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:32:19.0807 0888  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:32:19.0814 0888  [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
15:32:19.0814 0888  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
15:32:19.0820 0888  [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:32:19.0820 0888  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
15:32:19.0825 0888  [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:32:19.0825 0888  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
15:32:19.0832 0888  [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
15:32:19.0832 0888  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
15:32:19.0837 0888  [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
15:32:19.0837 0888  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
15:32:19.0846 0888  [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
15:32:19.0846 0888  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
15:32:19.0851 0888  [ 6BE0D00C71645E1381B2BEB58B970DE5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
15:32:19.0851 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
15:32:19.0857 0888  [ A027A414E637637C81EBC928D9F4025D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
15:32:19.0857 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
15:32:19.0863 0888  [ 6DDAFD96A3947EA1287F2EC63D668F38 ] C:\Program Files (x86)\AIM\AIM_xmlp.dll
15:32:19.0863 0888  C:\Program Files (x86)\AIM\AIM_xmlp.dll - ok
15:32:19.0868 0888  [ 79BEAB3B58CF0F346D53265D449B8BAB ] C:\Program Files (x86)\AIM\Xprt.dll
15:32:19.0868 0888  C:\Program Files (x86)\AIM\Xprt.dll - ok
15:32:19.0874 0888  [ 7A9215AEB776C56401F8FB10CDA13993 ] C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll
15:32:19.0874 0888  C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll - ok
15:32:19.0882 0888  [ 3851909899A5E6210C58DB9CC02068D3 ] C:\Program Files\AVAST Software\Avast\aswData.dll
15:32:19.0882 0888  C:\Program Files\AVAST Software\Avast\aswData.dll - ok
15:32:19.0888 0888  [ A3BB91467FBDDA34039686C95A31C8C2 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
15:32:19.0888 0888  C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
15:32:19.0896 0888  [ 5684CD3B207C1668DEE6BD2802C25B19 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
15:32:19.0896 0888  C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
15:32:19.0900 0888  [ 2D08D660E28F8DAFA3145203E2511F79 ] C:\Program Files (x86)\AIM\oscore.dll
15:32:19.0900 0888  C:\Program Files (x86)\AIM\oscore.dll - ok
15:32:19.0906 0888  [ BE1EBECDE79A9410DEAA66C48ACB639B ] C:\Program Files (x86)\AIM\Xpcs.dll
15:32:19.0906 0888  C:\Program Files (x86)\AIM\Xpcs.dll - ok
15:32:19.0913 0888  [ B3ABED774AD943368FE513666413CACE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
15:32:19.0913 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
15:32:19.0918 0888  [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\SysWOW64\taskschd.dll
15:32:19.0918 0888  C:\Windows\SysWOW64\taskschd.dll - ok
15:32:19.0923 0888  [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
15:32:19.0923 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
15:32:19.0930 0888  [ 09EFB6439C76E94059C5E22409926B48 ] C:\Users\owner\AppData\Local\Temp\BRF288.tmp
15:32:19.0930 0888  C:\Users\owner\AppData\Local\Temp\BRF288.tmp - ok
15:32:19.0935 0888  [ FB25FC87FC236EBE14647CB9A776EBF8 ] C:\Program Files (x86)\AIM\Xptl.dll
15:32:19.0935 0888  C:\Program Files (x86)\AIM\Xptl.dll - ok
15:32:19.0940 0888  [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\SysWOW64\xmllite.dll
15:32:19.0940 0888  C:\Windows\SysWOW64\xmllite.dll - ok
15:32:19.0946 0888  [ BE7EE16751EE2C279741222A2F54FE21 ] C:\Program Files (x86)\AIM\idlemon.dll
15:32:19.0947 0888  C:\Program Files (x86)\AIM\idlemon.dll - ok
15:32:19.0953 0888  [ 7CDFC5DEB2D68AA412D5DF540D6E77C8 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
15:32:19.0953 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
15:32:19.0959 0888  [ 77074A68A465BCBDBF4803C9BC60C7AB ] C:\Program Files (x86)\AIM\oscres.dll
15:32:19.0959 0888  C:\Program Files (x86)\AIM\oscres.dll - ok
15:32:19.0965 0888  [ 4DC3215530E334D38E2671898CC4FCD3 ] C:\Program Files (x86)\AIM\dunzip32.dll
15:32:19.0965 0888  C:\Program Files (x86)\AIM\dunzip32.dll - ok
15:32:19.0971 0888  [ CED5CC757C37FFA8568542C64C593F63 ] C:\Program Files (x86)\AIM\ate32.dll
15:32:19.0971 0888  C:\Program Files (x86)\AIM\ate32.dll - ok
15:32:19.0976 0888  [ 08AD4CD2A940379F1DCDBDB9884A1375 ] C:\Users\owner\AppData\Local\Temp\BRF4E9.tmp
15:32:19.0976 0888  C:\Users\owner\AppData\Local\Temp\BRF4E9.tmp - ok
15:32:19.0982 0888  [ 98A06FFE98D4131D84196BB34CCF94ED ] C:\Program Files (x86)\AIM\AIMToday.dll
15:32:19.0982 0888  C:\Program Files (x86)\AIM\AIMToday.dll - ok
15:32:19.0988 0888  [ DB998334D21928780883FC24B3B50988 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
15:32:19.0988 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
15:32:19.0996 0888  [ FF25F2DB360000E5B2CA07714954BD8B ] C:\Program Files (x86)\AIM\xprt5.dll
15:32:19.0997 0888  C:\Program Files (x86)\AIM\xprt5.dll - ok
15:32:20.0001 0888  [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
15:32:20.0001 0888  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
15:32:20.0006 0888  [ E35514FC402F6268333529384CFD7B20 ] C:\Users\owner\AppData\Local\Temp\BRF632.tmp
15:32:20.0006 0888  C:\Users\owner\AppData\Local\Temp\BRF632.tmp - ok
15:32:20.0013 0888  [ 0BB258C6EDF4148C5147FFBEF0D78308 ] C:\Program Files (x86)\AIM\rtvideo.dll
15:32:20.0013 0888  C:\Program Files (x86)\AIM\rtvideo.dll - ok
15:32:20.0018 0888  [ DC0909AFDE1CD61A1B0CEE573D2A30D0 ] C:\Program Files (x86)\AIM\aimapi.dll
15:32:20.0018 0888  C:\Program Files (x86)\AIM\aimapi.dll - ok
15:32:20.0022 0888  [ A71A3849CB037CD0F136BC20C3C3FFE1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\1b83ca006b291a4bb7be1754d8c593b9\System.ni.dll
15:32:20.0022 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\1b83ca006b291a4bb7be1754d8c593b9\System.ni.dll - ok
15:32:20.0030 0888  [ AD844CB51BEAE104D17ACCE79F53B0A4 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
15:32:20.0030 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
15:32:20.0034 0888  [ FA371EF8D8C686574FA956751E3F628B ] C:\Program Files (x86)\AIM\oscarui.dll
15:32:20.0034 0888  C:\Program Files (x86)\AIM\oscarui.dll - ok
15:32:20.0040 0888  [ F9191E14D24EB4944BD90E4BB80D6F33 ] C:\Program Files (x86)\AIM\sb.dll
15:32:20.0040 0888  C:\Program Files (x86)\AIM\sb.dll - ok
15:32:20.0047 0888  [ 1CF3861A325D760ED8A1678FBEEBEC96 ] C:\Program Files\Apoint2K\EzLaunch.dll
15:32:20.0047 0888  C:\Program Files\Apoint2K\EzLaunch.dll - ok
15:32:20.0052 0888  [ 027491B39A7B16B116E780F55ABC288E ] C:\Users\owner\AppData\Local\Temp\BRF826.tmp
15:32:20.0052 0888  C:\Users\owner\AppData\Local\Temp\BRF826.tmp - ok
15:32:20.0058 0888  [ 4BF2029BBEDA32417ED67F7B4CD924D2 ] C:\Program Files (x86)\AIM\xmlparse.dll
15:32:20.0058 0888  C:\Program Files (x86)\AIM\xmlparse.dll - ok
15:32:20.0064 0888  [ 24BB4B3F7F639B41CA1B694BC9357097 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
15:32:20.0064 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
15:32:20.0070 0888  [ 949BE5445C00147C2D9426683DD50DB9 ] C:\Program Files (x86)\AIM\xmltok.dll
15:32:20.0070 0888  C:\Program Files (x86)\AIM\xmltok.dll - ok
15:32:20.0075 0888  [ 0FFC216C8AAF7A1C96093740C7EFAD15 ] C:\Program Files (x86)\AIM\CoolBos.dll
15:32:20.0075 0888  C:\Program Files (x86)\AIM\CoolBos.dll - ok
15:32:20.0081 0888  [ A210F1AC135E5331C314CE5F394FB5A5 ] C:\Users\owner\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
15:32:20.0082 0888  C:\Users\owner\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll - ok
15:32:20.0088 0888  [ 04EDE6D647716A20D03FE5F44D6A13DF ] C:\Program Files (x86)\AIM\CoolBucky.dll
15:32:20.0088 0888  C:\Program Files (x86)\AIM\CoolBucky.dll - ok
15:32:20.0097 0888  [ B0D16BC319E37E875C4B491460807051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
15:32:20.0097 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll - ok
15:32:20.0101 0888  [ B76748BA1B1751CDB2085C176575D93D ] C:\Program Files (x86)\AIM\CoolSocket.dll
15:32:20.0102 0888  C:\Program Files (x86)\AIM\CoolSocket.dll - ok
15:32:20.0107 0888  [ DB115D44B4361D5CC9AE5C95FF02DC5B ] C:\Program Files (x86)\AIM\CoolHttp.dll
15:32:20.0107 0888  C:\Program Files (x86)\AIM\CoolHttp.dll - ok
15:32:20.0113 0888  [ 7CD4642B7E2CECEBD37C7075DAA0EC84 ] C:\Program Files (x86)\AIM\CoolSos.dll
15:32:20.0114 0888  C:\Program Files (x86)\AIM\CoolSos.dll - ok
15:32:20.0118 0888  [ 19B39459A689818F7E6AFB465A9D423E ] C:\Program Files (x86)\AIM\CoolPeer.dll
15:32:20.0119 0888  C:\Program Files (x86)\AIM\CoolPeer.dll - ok
15:32:20.0124 0888  [ 8DA8A3120DF28673C06B6130D96F4504 ] C:\Program Files (x86)\AIM\CoolSecNss.dll
15:32:20.0124 0888  C:\Program Files (x86)\AIM\CoolSecNss.dll - ok
15:32:20.0130 0888  [ 03DD0CF529A57B7F43B62A175633EAF9 ] C:\Program Files (x86)\AIM\oscmain.ocm
15:32:20.0130 0888  C:\Program Files (x86)\AIM\oscmain.ocm - ok
15:32:20.0136 0888  [ 394A6BAFA32B0CFA4E0744E76C4D7F2F ] C:\Program Files (x86)\AIM\miscui.ocm
15:32:20.0136 0888  C:\Program Files (x86)\AIM\miscui.ocm - ok
15:32:20.0141 0888  [ 295363D4317820AED0D527E15B90A8ED ] C:\Windows\SysWOW64\pdh.dll
15:32:20.0141 0888  C:\Windows\SysWOW64\pdh.dll - ok
15:32:20.0148 0888  [ F180D6A27221DE0A1BA7EEDF1E84B188 ] C:\Program Files (x86)\AIM\osclogin.ocm
15:32:20.0148 0888  C:\Program Files (x86)\AIM\osclogin.ocm - ok
15:32:20.0154 0888  [ B669AEF497DA5136AB41C3C1119235EB ] C:\Program Files (x86)\AIM\buddyui.ocm
15:32:20.0154 0888  C:\Program Files (x86)\AIM\buddyui.ocm - ok
15:32:20.0159 0888  [ 17220E5B51A033453142E0B4052E9551 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
15:32:20.0159 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
15:32:20.0165 0888  [ 97F1ED3C0A8991B9AA9B644CEA55588E ] C:\Program Files (x86)\AIM\icbmui.ocm
15:32:20.0166 0888  C:\Program Files (x86)\AIM\icbmui.ocm - ok
15:32:20.0171 0888  [ 72FAB2C90296330ECA3787DC4093E208 ] C:\Users\owner\AppData\Local\Temp\BR467.tmp
15:32:20.0171 0888  C:\Users\owner\AppData\Local\Temp\BR467.tmp - ok
15:32:20.0177 0888  [ D9D1FD43DC679CBA0414994D62C68E44 ] C:\Program Files (x86)\AIM\AimCoreSvcs.dll
15:32:20.0177 0888  C:\Program Files (x86)\AIM\AimCoreSvcs.dll - ok
15:32:20.0183 0888  [ ACB447402E9E193BDC6C8DECAD424D27 ] C:\Program Files (x86)\AIM\AimSecondarySvcs.dll
15:32:20.0183 0888  C:\Program Files (x86)\AIM\AimSecondarySvcs.dll - ok
15:32:20.0189 0888  [ E6A64863D032FD4102C1C1648D38C25C ] C:\Program Files (x86)\AIM\AimRes.dll
15:32:20.0189 0888  C:\Program Files (x86)\AIM\AimRes.dll - ok
15:32:20.0197 0888  [ C85E9B1DF4A7E61AF9B02110EABC296D ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_202.ocx
15:32:20.0197 0888  C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_202.ocx - ok
15:32:20.0201 0888  [ 3E1CB5C4AFFA06B4B29E8FF12544CF23 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:32:20.0201 0888  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
15:32:20.0207 0888  [ FCF226A5BB55F3D1969FDE84E50D2B74 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
15:32:20.0207 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
15:32:20.0215 0888  [ 4DB8C3E9A5D6EB99F21B199C28EDE8D1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
15:32:20.0215 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
15:32:20.0220 0888  [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
15:32:20.0220 0888  C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
15:32:20.0227 0888  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
15:32:20.0227 0888  C:\Program Files\iPod\bin\iPodService.exe - ok
15:32:20.0235 0888  [ 55670B542FE95148AFB77CBD8C7B6CD9 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\BezlACTN.dll
15:32:20.0235 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\BezlACTN.dll - ok
15:32:20.0241 0888  [ 469533CC7F16566BE9D3436860E12013 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
15:32:20.0241 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe - ok
15:32:20.0247 0888  [ B1336894C6026087EE96820BDCB8302B ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
15:32:20.0248 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
15:32:20.0253 0888  [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
15:32:20.0254 0888  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
15:32:20.0259 0888  [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
15:32:20.0259 0888  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
15:32:20.0266 0888  [ B4EB1E7438DC099078CE8FE6E5A2C99D ] C:\Users\owner\AppData\Local\Temp\BR12C9.tmp
15:32:20.0266 0888  C:\Users\owner\AppData\Local\Temp\BR12C9.tmp - ok
15:32:20.0269 0888  [ 158DDAC4AA0DFCF2E33B4F53CB5A20B9 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
15:32:20.0269 0888  C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
15:32:20.0276 0888  [ 616776D00711EBD243EC9861C35ED4AB ] C:\Program Files (x86)\AIM\wndutils.dll
15:32:20.0276 0888  C:\Program Files (x86)\AIM\wndutils.dll - ok
15:32:20.0282 0888  [ 5F08E342FD975C3C81955A8CB6EE2E76 ] C:\Program Files (x86)\AIM\aimax.dll
15:32:20.0282 0888  C:\Program Files (x86)\AIM\aimax.dll - ok
15:32:20.0288 0888  [ A7E630091A3AA8D00DB5713236966EE2 ] C:\Program Files (x86)\AIM\proto.ocm
15:32:20.0288 0888  C:\Program Files (x86)\AIM\proto.ocm - ok
15:32:20.0293 0888  [ 89630C7BFBCC9F75B917D0813EBBA9A7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\15614c09d2c30b7c2517497799a032b4\WindowsBase.ni.dll
15:32:20.0294 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\15614c09d2c30b7c2517497799a032b4\WindowsBase.ni.dll - ok
15:32:20.0300 0888  [ 3F7A27E0C58B13991B349EC019FFF16E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\2d7d9ced84fc3c02c5d59ee04a724a57\System.Drawing.ni.dll
15:32:20.0300 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\2d7d9ced84fc3c02c5d59ee04a724a57\System.Drawing.ni.dll - ok
15:32:20.0306 0888  [ 5A871FEAFC697198C8961C792EBF6B48 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
15:32:20.0306 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok
15:32:20.0314 0888  [ A6037AC993BDD9D82A18BD7FACFCDED6 ] C:\Program Files (x86)\AIM\startup.ocm
15:32:20.0314 0888  C:\Program Files (x86)\AIM\startup.ocm - ok
15:32:20.0319 0888  [ B24BF80927D3D0A391CB8426F7CB290D ] C:\Users\owner\AppData\Local\Temp\BR13A5.tmp
15:32:20.0319 0888  C:\Users\owner\AppData\Local\Temp\BR13A5.tmp - ok
15:32:20.0325 0888  [ D38E9160EFA8C0ACA39F3F3A7F4E9A6E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
15:32:20.0325 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll - ok
15:32:20.0331 0888  [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll
15:32:20.0331 0888  C:\Windows\SysWOW64\HPZipr12.dll - ok
15:32:20.0337 0888  [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:32:20.0337 0888  C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:32:20.0342 0888  [ 73A08D01DB0687364E08FB1B2EC4661C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
15:32:20.0342 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll - ok
15:32:20.0348 0888  [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
15:32:20.0348 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
15:32:20.0355 0888  [ 6E03B70DDC51822D6CBF7A83C0513DA4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f41921fc4aa49129d128d9bd9123a4db\System.ServiceProcess.ni.dll
15:32:20.0355 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f41921fc4aa49129d128d9bd9123a4db\System.ServiceProcess.ni.dll - ok
15:32:20.0360 0888  [ 0B601EEB05F9DEF5A8A101C1CD8A69EE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
15:32:20.0360 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll - ok
15:32:20.0367 0888  [ 66BB5B07696219FA334452D6F51FD648 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
15:32:20.0367 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe - ok
15:32:20.0373 0888  [ 023646CBAEA12D786DB1A104CC392FC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\cfb40813b38398a5cb682d3d6c9515ef\System.Runtime.Remoting.ni.dll
15:32:20.0373 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\cfb40813b38398a5cb682d3d6c9515ef\System.Runtime.Remoting.ni.dll - ok
15:32:20.0381 0888  [ 2F27104F5D6ED63FDAC38CACB9D19DFD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
15:32:20.0381 0888  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
15:32:20.0386 0888  [ 92D1B7E3981A24B8F3093CE42AB31C68 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
15:32:20.0386 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll - ok
15:32:20.0391 0888  [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\SysWOW64\mscms.dll
15:32:20.0391 0888  C:\Windows\SysWOW64\mscms.dll - ok
15:32:20.0398 0888  [ 2CB1AD2C2F65B81EC36E6A31978EC1DB ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
15:32:20.0398 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll - ok
15:32:20.0403 0888  [ B6A6A022E4878DAD9F61E069A67E7B76 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll
15:32:20.0403 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\9126f2ff9fd9c05900f67e963ccc27ef\WindowsBase.ni.dll - ok
15:32:20.0409 0888  [ 251B891B8351BB7634F03ACEFF20BDFF ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
15:32:20.0409 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc - ok
15:32:20.0416 0888  [ 0691B1AD2E55BAA71B14E13439D55E2E ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll
15:32:20.0416 0888  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfcm90u.dll - ok
15:32:20.0422 0888  [ 3FCB7347D2DE38488C85A31EA7838A3C ] C:\Windows\SysWOW64\WinSATAPI.dll
15:32:20.0422 0888  C:\Windows\SysWOW64\WinSATAPI.dll - ok
15:32:20.0428 0888  [ DE9328E3BE34CA140597356000B1B961 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3c016ea87b126a87fbf02d4bf5c5138c\System.Xml.ni.dll
15:32:20.0428 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\3c016ea87b126a87fbf02d4bf5c5138c\System.Xml.ni.dll - ok
15:32:20.0434 0888  [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\SysWOW64\msxml6.dll
15:32:20.0434 0888  C:\Windows\SysWOW64\msxml6.dll - ok
15:32:20.0439 0888  [ EE96613777EDA0854F7A5702618D29AD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\1616186fbc63a56bad5a6a178966e877\System.Windows.Forms.ni.dll
15:32:20.0440 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\1616186fbc63a56bad5a6a178966e877\System.Windows.Forms.ni.dll - ok
15:32:20.0446 0888  [ F3A23E72E67FC554FB69A2D088939997 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\79277260fa0525b1d039a56e90315c03\PresentationCore.ni.dll
15:32:20.0446 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\79277260fa0525b1d039a56e90315c03\PresentationCore.ni.dll - ok
15:32:20.0453 0888  [ AFB3677620C6782B4E778B05C337055A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll
15:32:20.0453 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\a8080296b18898342ce986091c08b0a4\PresentationCore.ni.dll - ok
15:32:20.0459 0888  [ C83E91A4059AED39C2C391331436159F ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll
15:32:20.0459 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqssm08.dll - ok
15:32:20.0465 0888  [ F191A4A9D59AA3D32EAC1FDCC2B6D6EB ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
15:32:20.0465 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll - ok
15:32:20.0471 0888  [ 9D3AD5571B88A5ED4C36255F90264EBA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll
15:32:20.0471 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\668c039655437b25586280e1fbff8ef0\PresentationFramework.ni.dll - ok
15:32:20.0477 0888  [ 72BD3A0BF937A1FBD353217D528E7AD5 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll
15:32:20.0477 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll - ok
15:32:20.0483 0888  [ C2BB88001D192FB04545E2099A248D68 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\f087e2699bfe87e1f5d0a10b2892127f\System.Configuration.ni.dll
15:32:20.0483 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\f087e2699bfe87e1f5d0a10b2892127f\System.Configuration.ni.dll - ok
15:32:20.0489 0888  [ 8480CEF5AA9A19337762F193AB22D4E1 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
15:32:20.0489 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc - ok
15:32:20.0495 0888  [ 61E69498B2724FD093B23C87ED90CC9A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
15:32:20.0495 0888  C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
15:32:20.0502 0888  [ D9AE21D1691D50E54EF3CBD07183DAD9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cd4f216c3c72c85fcf3ea3e6d7ed829f\PresentationFramework.ni.dll
15:32:20.0502 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\cd4f216c3c72c85fcf3ea3e6d7ed829f\PresentationFramework.ni.dll - ok
15:32:20.0508 0888  [ 177A1CBE1920942B87487D06EF31BA50 ] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll
15:32:20.0508 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSplh08.dll - ok
15:32:20.0515 0888  [ 25EEC01026548DC97635DB3CBC6C3834 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
15:32:20.0515 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
15:32:20.0520 0888  [ 501E2FBCB27E1F79DBCC5FD86AA242AE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b50d2334ab9be4ac9b8dab8b01529201\System.Management.ni.dll
15:32:20.0520 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b50d2334ab9be4ac9b8dab8b01529201\System.Management.ni.dll - ok
15:32:20.0525 0888  [ 5D54AF105F6F2EF70DF85AB8093806D9 ] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
15:32:20.0525 0888  C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll - ok
15:32:20.0531 0888  [ 1FAF6926F3416D3DA05C5B265491BDAE ] C:\Windows\System32\msdtckrm.dll
15:32:20.0531 0888  C:\Windows\System32\msdtckrm.dll - ok
15:32:20.0537 0888  [ 3CB92DFDED0EC2A86E0EB56A77B0595D ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
15:32:20.0537 0888  C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll - ok
15:32:20.0542 0888  [ 41826F4A4FCDDFCAD0A66CF004A67BE8 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
15:32:20.0542 0888  C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
15:32:20.0549 0888  [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
15:32:20.0549 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
15:32:20.0554 0888  [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
15:32:20.0554 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
15:32:20.0560 0888  [ 182FE5EC97B1047E7B9F7C38814395CF ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll
15:32:20.0560 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll - ok
15:32:20.0567 0888  [ 949518DA0F2DD3A5051CA02577BA18DC ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll
15:32:20.0567 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll - ok
15:32:20.0573 0888  [ 20A771958DB2B8CA4372EB95F59FDF3F ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll
15:32:20.0573 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll - ok
15:32:20.0582 0888  [ F9195E4B484B7D659525C45016E7939F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll
15:32:20.0582 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll - ok
15:32:20.0586 0888  [ 2955A48BE10FD1F7A112B0A890A6271D ] C:\Windows\SysWOW64\msisip.dll
15:32:20.0586 0888  C:\Windows\SysWOW64\msisip.dll - ok
15:32:20.0592 0888  [ 660CEAFFA04B5C4C6BAEE20399F245D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\8d9e9637288c38ba02a244a8c12064da\System.Xml.ni.dll
15:32:20.0592 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\8d9e9637288c38ba02a244a8c12064da\System.Xml.ni.dll - ok
15:32:20.0599 0888  [ B584B9E3B468DF079D39F4F3C8463216 ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
15:32:20.0599 0888  C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
15:32:20.0605 0888  [ 93E364FC16FA7C42935BAA0208926D55 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
15:32:20.0605 0888  C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe - ok
15:32:20.0610 0888  [ 470B58A3909848984634A6B09AD6104C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
15:32:20.0611 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
15:32:20.0617 0888  [ 77779EEDECC9FD3A27E6ED3F2013B5A9 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
15:32:20.0617 0888  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
15:32:20.0623 0888  [ D1FF91E5D243A1F9632A8D2F9B264271 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.ObjectBuilder.dll
15:32:20.0623 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.ObjectBuilder.dll - ok
15:32:20.0629 0888  [ C4E343A6EBE21F7B3C5E257FF541D0B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll
15:32:20.0629 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll - ok
15:32:20.0637 0888  [ 23B05F3260CDE32E677A807EF3E76294 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\59cd8889b26ea43d59660e906049b2b3\UIAutomationTypes.ni.dll
15:32:20.0637 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\59cd8889b26ea43d59660e906049b2b3\UIAutomationTypes.ni.dll - ok
15:32:20.0643 0888  [ FD143AB6A2B6FC1E0BBADD9128AB9D69 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\ab7c290f4f8f2278228870eb24654078\PresentationFramework.Aero.ni.dll
15:32:20.0643 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\ab7c290f4f8f2278228870eb24654078\PresentationFramework.Aero.ni.dll - ok
15:32:20.0650 0888  [ 012A965F34414458075EF4F0EDC11536 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
15:32:20.0650 0888  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
15:32:20.0655 0888  [ 2C7B4E944A48B9A07B7BF2AB262F197E ] C:\Windows\SysWOW64\icm32.dll
15:32:20.0655 0888  C:\Windows\SysWOW64\icm32.dll - ok
15:32:20.0661 0888  [ BDAB253C8213BEE456CBBE297E2DF4BD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\610029bf03483a28c3cceacbc105001e\Microsoft.VisualBasic.ni.dll
15:32:20.0661 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\610029bf03483a28c3cceacbc105001e\Microsoft.VisualBasic.ni.dll - ok
15:32:20.0667 0888  [ EC8D1C7B6A1EC7E337B7350780BA7DC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll
15:32:20.0667 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\4d2c890606d2a3a43a90684115bfccfc\PresentationFramework.Aero.ni.dll - ok
15:32:20.0673 0888  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
15:32:20.0674 0888  C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
15:32:20.0682 0888  [ 468B4C4E57F4F371F13990F0F3B010C4 ] C:\Windows\System32\mspatcha.dll
15:32:20.0682 0888  C:\Windows\System32\mspatcha.dll - ok
15:32:20.0686 0888  [ 847B711F43A7C5830179890EE0441F64 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\HPShared64.dll
15:32:20.0686 0888  C:\Program Files\Hewlett-Packard\HP MediaSmart\HPShared64.dll - ok
15:32:20.0692 0888  [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
15:32:20.0692 0888  C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
15:32:20.0699 0888  [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
15:32:20.0699 0888  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
15:32:20.0705 0888  [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
15:32:20.0705 0888  C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
15:32:20.0711 0888  [ 87B1E9B5DBFADA04D9FFDC52D16CB000 ] C:\Windows\System32\mscms.dll
15:32:20.0711 0888  C:\Windows\System32\mscms.dll - ok
15:32:20.0717 0888  [ 2C43D77451C623CA3521CEC2D742586D ] C:\Windows\System32\WindowsCodecsExt.dll
15:32:20.0717 0888  C:\Windows\System32\WindowsCodecsExt.dll - ok
15:32:20.0723 0888  [ 63913CC6067DCA9F284697521E430D03 ] C:\Windows\System32\icm32.dll
15:32:20.0723 0888  C:\Windows\System32\icm32.dll - ok
15:32:20.0729 0888  [ 903FD9E58858E6799D0295D6FF4FDB20 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\ShareVol64.dll
15:32:20.0729 0888  C:\Program Files\Hewlett-Packard\HP MediaSmart\ShareVol64.dll - ok
15:32:20.0735 0888  [ 48F8A1037B0F2804F254B54E2BC4F992 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\690aa44bfe80d94582571f239d308367\System.Data.ni.dll
15:32:20.0735 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\690aa44bfe80d94582571f239d308367\System.Data.ni.dll - ok
15:32:20.0741 0888  [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\SysWOW64\dxgi.dll
15:32:20.0741 0888  C:\Windows\SysWOW64\dxgi.dll - ok
15:32:20.0749 0888  [ CC96587B1C07F84B95271223B19537A8 ] C:\Program Files\AVAST Software\Avast\defs\13060100\uiext.dll
15:32:20.0749 0888  C:\Program Files\AVAST Software\Avast\defs\13060100\uiext.dll - ok
15:32:20.0753 0888  [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\SysWOW64\activeds.dll
15:32:20.0753 0888  C:\Windows\SysWOW64\activeds.dll - ok
15:32:20.0758 0888  [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\SysWOW64\adsldpc.dll
15:32:20.0758 0888  C:\Windows\SysWOW64\adsldpc.dll - ok
15:32:20.0766 0888  [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\SysWOW64\credui.dll
15:32:20.0766 0888  C:\Windows\SysWOW64\credui.dll - ok
15:32:20.0770 0888  [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\SysWOW64\atl.dll
15:32:20.0770 0888  C:\Windows\SysWOW64\atl.dll - ok
15:32:20.0773 0888  [ CE683F9B7482B31D0EC5D04FD7533F54 ] C:\Windows\SysWOW64\adsldp.dll
15:32:20.0773 0888  C:\Windows\SysWOW64\adsldp.dll - ok
15:32:20.0779 0888  [ EF14CC38149C25210140A6F4338BEC1B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
15:32:20.0779 0888  C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
15:32:20.0786 0888  [ 878DDB1E294DD69EF45F91AE7690F1A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
15:32:20.0786 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
15:32:20.0792 0888  [ D7132786027BF58DF0D9EE49C9A3B9A0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
15:32:20.0792 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
15:32:20.0799 0888  [ 58133D423CFAACA159DAC5C5C8A6783B ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
15:32:20.0799 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
15:32:20.0804 0888  [ 6E48C3687899B3865CBB2D44B6B08EEF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
15:32:20.0804 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
15:32:20.0810 0888  [ 8A5E958A53911DF1101F7814BED0B7AA ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
15:32:20.0810 0888  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
15:32:20.0816 0888  [ 79B7FFFFF8C5F4F1674A47647D0C6FF6 ] C:\Windows\System32\PresentationNative_v0300.dll
15:32:20.0816 0888  C:\Windows\System32\PresentationNative_v0300.dll - ok
15:32:20.0822 0888  [ E5866CA09AC74AC6C1F8501BB60DFD90 ] C:\Windows\SysWOW64\PresentationNative_v0300.dll
15:32:20.0823 0888  C:\Windows\SysWOW64\PresentationNative_v0300.dll - ok
15:32:20.0828 0888  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
15:32:20.0828 0888  C:\Windows\System32\wups.dll - ok
15:32:20.0834 0888  [ 7570C39D5CA95CFF5E3D49789A347542 ] C:\Windows\SysWOW64\msctfui.dll
15:32:20.0835 0888  C:\Windows\SysWOW64\msctfui.dll - ok
15:32:20.0840 0888  [ 44B5B1DC53F7DE0FBCCD8226C2839844 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll
15:32:20.0840 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll - ok
15:32:20.0846 0888  [ 724B0A07CD1B32E90A770CD94ADDFA03 ] C:\Windows\System32\msctfui.dll
15:32:20.0846 0888  C:\Windows\System32\msctfui.dll - ok
15:32:20.0852 0888  [ 1B6705BA59946E420E8D7C354E693ADE ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll
15:32:20.0852 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll - ok
15:32:20.0858 0888  [ F99A3CF7DF5B5C827A08CF9DE55A6861 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll
15:32:20.0858 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll - ok
15:32:20.0866 0888  [ E5BF47F07A65B956A442D8593E832B9B ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
15:32:20.0866 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll - ok
15:32:20.0871 0888  [ 8190CECB21F1FFBEDC491B92ED0B482F ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll
15:32:20.0871 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll - ok
15:32:20.0877 0888  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
15:32:20.0877 0888  C:\Windows\System32\wups2.dll - ok
15:32:20.0884 0888  [ 935D5CA5F97C1DF8511AC7B9CD16287B ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
15:32:20.0884 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll - ok
15:32:20.0890 0888  [ 108C49BB443E08DBE065A66DE758B5BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll
15:32:20.0890 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll - ok
15:32:20.0897 0888  [ F7BC2822F0388C6DBCE3CD179E1075BF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll
15:32:20.0897 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll - ok
15:32:20.0904 0888  [ 05C245593DCB591A6B38A796D0C1975E ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
15:32:20.0904 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
15:32:20.0910 0888  [ 14B1AF40195CF5DB586F39387A77AFB6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
15:32:20.0910 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
15:32:20.0916 0888  [ 7A9DE8B16CF183D1038E49C9613275B7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
15:32:20.0916 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
15:32:20.0922 0888  [ FB875FBE3BD042F6A69A4406178C561B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
15:32:20.0922 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
15:32:20.0927 0888  [ 304503DEE4D3F7989B8660C62CAFAE28 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
15:32:20.0927 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
15:32:20.0934 0888  [ 7868ED46C34A1B36BEA10560F453598F ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
15:32:20.0934 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll - ok
15:32:20.0940 0888  [ FA060A54D3FFB0694EA37A8F82A58F30 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll
15:32:20.0940 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll - ok
15:32:20.0946 0888  [ 506B6592BF6116521F152DCCB39A6143 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
15:32:20.0946 0888  C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
15:32:20.0953 0888  [ B40EFB3521580FF47FADF6CAC80B3D82 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
15:32:20.0953 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll - ok
15:32:20.0959 0888  [ 23C8B66417E69CBBB3C15754CCE7FF81 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
15:32:20.0959 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
15:32:20.0967 0888  [ 6434516C878E6A291F72758717FF8DB0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll
15:32:20.0967 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\421cb77e6a4c21f94e3c5ddf766de23b\System.Web.ni.dll - ok
15:32:20.0972 0888  [ C72CAC8060BD1821C7A1ACF1DAAD1E9A ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
15:32:20.0972 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll - ok
15:32:20.0978 0888  [ F6B8709ACF322FD927C459A1767E8953 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
15:32:20.0978 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll - ok
15:32:20.0984 0888  [ E91FD381C8A0473690B43669902AA637 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
15:32:20.0984 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll - ok
15:32:20.0990 0888  [ F5C9B702A8A79347FE3D746EBC466375 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
15:32:20.0990 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll - ok
15:32:20.0996 0888  [ 35A936C7C029A5B705D3FFD40518D660 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
15:32:20.0996 0888  C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
15:32:21.0002 0888  [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
15:32:21.0002 0888  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
15:32:21.0008 0888  [ A483A370982BB46F7962C3190EB468FD ] C:\Windows\System32\security.dll
15:32:21.0008 0888  C:\Windows\System32\security.dll - ok
15:32:21.0017 0888  [ 3B0D5E25ABC3D38F300FD8B28F5D7970 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
15:32:21.0017 0888  C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll - ok
15:32:21.0021 0888  [ CECB7971499C5E84F701AFABDDFFA27C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
15:32:21.0021 0888  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll - ok
15:32:21.0024 0888  [ 71AEBACA7E1B84390446093E12359D20 ] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
15:32:21.0024 0888  C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
15:32:21.0031 0888  [ 59A0E98AF983E2D797894C73F3004CE4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\435f54c71bb0411d2d44f2c4f22ae7a1\System.Runtime.Serialization.Formatters.Soap.ni.dll
15:32:21.0031 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\435f54c71bb0411d2d44f2c4f22ae7a1\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
15:32:21.0038 0888  [ 3BBEE4333328A81455029F4C88D270AC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\cfedb32f922547abca6d9d6dfaa9e74a\System.Web.ni.dll
15:32:21.0038 0888  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\cfedb32f922547abca6d9d6dfaa9e74a\System.Web.ni.dll - ok
15:32:21.0044 0888  [ 5C27AAAB9A1B1CA30F14C624C19F4DEE ] C:\Windows\System32\wbem\WMIADAP.exe
15:32:21.0044 0888  C:\Windows\System32\wbem\WMIADAP.exe - ok
15:32:21.0051 0888  [ E4B386B22D1B6B1684D4CBB5D67AE04C ] C:\Windows\System32\loadperf.dll
15:32:21.0051 0888  C:\Windows\System32\loadperf.dll - ok
15:32:21.0056 0888  [ 589CDC23CCDC419C36DDD200BEB00944 ] C:\Windows\System32\wer.dll
15:32:21.0056 0888  C:\Windows\System32\wer.dll - ok
15:32:21.0062 0888  [ 7DF26ADAD4A931D8E4E0E89278FC8E8B ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
15:32:21.0062 0888  C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
15:32:21.0068 0888  [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\SysWOW64\actxprxy.dll
15:32:21.0068 0888  C:\Windows\SysWOW64\actxprxy.dll - ok
15:32:21.0074 0888  [ C720BD3BDE2C9A1BFC4476F6D3A4B64D ] C:\Windows\SysWOW64\ieui.dll
15:32:21.0074 0888  C:\Windows\SysWOW64\ieui.dll - ok
15:32:21.0079 0888  [ 6B0272B55C8958327CDBE1250CD4BD0A ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
15:32:21.0080 0888  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
15:32:21.0089 0888  [ 15435AD98E92CBADFDBF495D1D57BF33 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
15:32:21.0089 0888  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
15:32:21.0095 0888  [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\SysWOW64\mssprxy.dll
15:32:21.0095 0888  C:\Windows\SysWOW64\mssprxy.dll - ok
15:32:21.0101 0888  [ 658EBC74BD38D16805648C4775F7FA82 ] C:\Windows\SysWOW64\mshtml.dll
15:32:21.0101 0888  C:\Windows\SysWOW64\mshtml.dll - ok
15:32:21.0107 0888  [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\SysWOW64\d2d1.dll
15:32:21.0107 0888  C:\Windows\SysWOW64\d2d1.dll - ok
15:32:21.0112 0888  [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\SysWOW64\DWrite.dll
15:32:21.0112 0888  C:\Windows\SysWOW64\DWrite.dll - ok
15:32:21.0119 0888  [ 5FFAA6BAF0B56CDC61443D06A6FEBA6B ] C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
15:32:21.0119 0888  C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - ok
15:32:21.0125 0888  [ 972F4608E0BA74BE1DB448947E5A9822 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
15:32:21.0125 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll - ok
15:32:21.0134 0888  [ C6157A1233BE84D05A194F46022EF619 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll
15:32:21.0134 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\UtilityLib.dll - ok
15:32:21.0138 0888  [ 10CBADBB78CEEE801E07F70910ACC2A9 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll
15:32:21.0138 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\RsrcLoaderLib.dll - ok
15:32:21.0145 0888  [ F36FA84C7C1F4107433B76BD38A4389F ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll
15:32:21.0145 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\SatelliteENU.dll - ok
15:32:21.0152 0888  [ DBA01E33B18FD8592DA0F47B99EDB2D4 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpXRE.dll
15:32:21.0152 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpXRE.dll - ok
15:32:21.0158 0888  [ 34EF8080D4591A495F94E95D37C04B09 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\mozcrt19.dll
15:32:21.0158 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\mozcrt19.dll - ok
15:32:21.0167 0888  [ 72596213EBDECB7EF1EE933DF071A32B ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xul.dll
15:32:21.0168 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xul.dll - ok
15:32:21.0172 0888  [ 0A6152534EA55F45BC29C4D17ECBEB49 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\sqlite3.dll
15:32:21.0172 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\sqlite3.dll - ok
15:32:21.0178 0888  [ 6966F7C128106C942F6787E78388A210 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\js3250.dll
15:32:21.0178 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\js3250.dll - ok
15:32:21.0185 0888  [ 63D5682FE31278F4EAB4BF93DB523886 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nspr4.dll
15:32:21.0185 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nspr4.dll - ok
15:32:21.0191 0888  [ A1474E9488527C9AED975725D6FF3449 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\smime3.dll
15:32:21.0191 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\smime3.dll - ok
15:32:21.0197 0888  [ 350D6D825023A4A58CF2691E2F7CA848 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nss3.dll
15:32:21.0197 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nss3.dll - ok
15:32:21.0204 0888  [ 15DD623207D99F6E33D8E1B656C59E75 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nssutil3.dll
15:32:21.0204 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\nssutil3.dll - ok
15:32:21.0210 0888  [ F86062027E3E27652978CF2AC2DCF99D ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plc4.dll
15:32:21.0210 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plc4.dll - ok
15:32:21.0218 0888  [ 3071DA2E0AA382DF856FA5EAF2F0C716 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plds4.dll
15:32:21.0218 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\plds4.dll - ok
15:32:21.0224 0888  [ CAD799DD070C782D02686D06DC980AC1 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\ssl3.dll
15:32:21.0224 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\ssl3.dll - ok
15:32:21.0230 0888  [ 2FBE5087B17225F035150E2F2BF7D6D0 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xpcom.dll
15:32:21.0230 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\xpcom.dll - ok
15:32:21.0236 0888  [ 2C9983D248C2C4D56EA275BFAFFFFDB1 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpNeoLogging.dll
15:32:21.0236 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\xre\components\hpNeoLogging.dll - ok
15:32:21.0244 0888  [ DD0343E035D76940C52FC0C65E0E3EF0 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
15:32:21.0244 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll - ok
15:32:21.0251 0888  [ AC592074AC7D67EA52B9426EBEE09C96 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
15:32:21.0251 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll - ok
15:32:21.0257 0888  [ 2151D95BBA7D8766BA8B5BD1F595FB3A ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
15:32:21.0257 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll - ok
15:32:21.0263 0888  [ FA979BD1B2FBD8D7D409532461C846D6 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
15:32:21.0263 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll - ok
15:32:21.0270 0888  [ D749E8B62D7C2F6844F4995BB71B172A ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
15:32:21.0270 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll - ok
15:32:21.0277 0888  [ 6F8A654AF50F13B0ABDDA731527F65AD ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
15:32:21.0277 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll - ok
15:32:21.0285 0888  [ A9956C8EC5D16ACEF896F043A80A9FB6 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_Operation.dll
15:32:21.0285 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_Operation.dll - ok
15:32:21.0291 0888  [ BA0ED7AA3C36A8DA27DED1D6B3508158 ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
15:32:21.0291 0888  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
15:32:21.0297 0888  [ 6CD44651413CE8F6F8A66760B027D23C ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
15:32:21.0297 0888  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
15:32:21.0303 0888  [ 4743B45C41BE35709F81BEC62FDA0AA0 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
15:32:21.0303 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll - ok
15:32:21.0310 0888  [ B07B569AF5665FCB388EA4B6A0756A10 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\ClipBookDBComponent.dll
15:32:21.0310 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\ClipBookDBComponent.dll - ok
15:32:21.0318 0888  [ 85D374F30A2015D795B1E8D1258866D4 ] C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
15:32:21.0318 0888  C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe - ok
15:32:21.0322 0888  [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\SysWOW64\dbghelp.dll
15:32:21.0322 0888  C:\Windows\SysWOW64\dbghelp.dll - ok
15:32:21.0328 0888  [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\SysWOW64\ieapfltr.dll
15:32:21.0328 0888  C:\Windows\SysWOW64\ieapfltr.dll - ok
15:32:21.0335 0888  [ 7E6052699CAF18ADEDD846D44ECCE81F ] C:\Windows\SysWOW64\jscript9.dll
15:32:21.0335 0888  C:\Windows\SysWOW64\jscript9.dll - ok
15:32:21.0340 0888  [ E202B6E55B42A709886481F0DA53212D ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
15:32:21.0340 0888  C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
15:32:21.0345 0888  [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\SysWOW64\msimtf.dll
15:32:21.0345 0888  C:\Windows\SysWOW64\msimtf.dll - ok
15:32:21.0352 0888  [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\SysWOW64\d3d10_1.dll
15:32:21.0352 0888  C:\Windows\SysWOW64\d3d10_1.dll - ok
15:32:21.0357 0888  [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\SysWOW64\d3d10_1core.dll
15:32:21.0357 0888  C:\Windows\SysWOW64\d3d10_1core.dll - ok
15:32:21.0362 0888  [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\SysWOW64\d3d10warp.dll
15:32:21.0362 0888  C:\Windows\SysWOW64\d3d10warp.dll - ok
15:32:21.0368 0888  [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
15:32:21.0368 0888  C:\Windows\SysWOW64\dxtrans.dll - ok
15:32:21.0374 0888  [ 734DAA4FEAC6905BCFB30410D6C7E003 ] C:\Windows\SysWOW64\ddrawex.dll
15:32:21.0374 0888  C:\Windows\SysWOW64\ddrawex.dll - ok
15:32:21.0379 0888  [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
15:32:21.0379 0888  C:\Windows\SysWOW64\dxtmsft.dll - ok
15:32:21.0385 0888  [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\SysWOW64\d3d10.dll
15:32:21.0386 0888  C:\Windows\SysWOW64\d3d10.dll - ok
15:32:21.0391 0888  [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\SysWOW64\d3d10core.dll
15:32:21.0391 0888  C:\Windows\SysWOW64\d3d10core.dll - ok
15:32:21.0396 0888  [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
15:32:21.0396 0888  C:\Windows\SysWOW64\msls31.dll - ok
15:32:21.0403 0888  [ 69EDE878C3891E7796D46B7E552330B1 ] C:\Windows\SysWOW64\url.dll
15:32:21.0403 0888  C:\Windows\SysWOW64\url.dll - ok
15:32:21.0409 0888  [ C1243976808DF259E00200CD15170D2E ] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe
15:32:21.0409 0888  C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_202_ActiveX.exe - ok
15:32:21.0415 0888  [ 3A916280D02FD43F2A9B44611F79F33A ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
15:32:21.0415 0888  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe - ok
15:32:21.0421 0888  [ 7E38DA8C11833B99766A97CEE3F80F07 ] C:\Windows\SysWOW64\oleaccrc.dll
15:32:21.0422 0888  C:\Windows\SysWOW64\oleaccrc.dll - ok
15:32:21.0428 0888  [ 02507DE13C03F7136FE7AC8E1F05804B ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.dll
15:32:21.0428 0888  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.dll - ok
15:32:21.0432 0888  ============================================================
15:32:21.0432 0888  Scan finished
15:32:21.0432 0888  ============================================================
15:32:21.0446 3988  Detected object count: 5
15:32:21.0446 3988  Actual detected object count: 5
15:33:17.0989 3988  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:17.0989 3988  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:17.0989 3988  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:17.0989 3988  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:17.0990 3988  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:17.0990 3988  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:17.0991 3988  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:17.0991 3988  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:33:17.0991 3988  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:33:17.0991 3988  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:34:22.0106 3640  Deinitialize success



#15 lalalee

lalalee
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Local time:11:03 AM

Posted 01 June 2013 - 03:40 PM

ComboFix 13-06-01.01 - owner 06/01/2013  16:04:06.1.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3998.2395 [GMT -4:00]
Running from: c:\users\owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\owner\AppData\Roaming\DefaultTab\DefaultTab
c:\users\owner\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
c:\users\owner\Documents\~WRL0001.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-01 to 2013-06-01  )))))))))))))))))))))))))))))))
.
.
2013-06-01 00:48 . 2013-06-01 00:48 -------- d-----w- C:\FRST
2013-05-31 18:45 . 2013-05-31 19:09 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-05-31 18:37 . 2013-05-31 18:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-31 18:37 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-31 14:28 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-31 14:28 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-21 02:03 . 2013-05-21 02:03 -------- d-----w- c:\programdata\HPSSUPPLY
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 00:38 . 2012-04-29 18:29 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 00:38 . 2011-06-13 21:32 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2011-04-21 16:45 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2011-04-21 16:45 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2011-04-21 16:45 59144 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2011-04-21 16:45 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2011-04-21 16:45 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2011-04-21 16:45 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2011-04-21 16:45 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-04-21 16:45 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-01 23:58 . 2006-11-02 12:35 72702784 ----a-w- c:\windows\system32\mrt.exe
2013-03-11 13:33 . 2013-04-22 18:12 4691304 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-09 04:16 . 2013-04-22 18:12 85504 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-09 01:48 . 2013-04-22 18:12 75264 ----a-w- c:\windows\system32\smss.exe
2013-03-08 16:08 . 2012-10-24 19:24 416 ----a-w- c:\programdata\Microsoft\MSDN\9.0\1033\ResourceCache.dll
2013-03-08 04:18 . 2013-04-22 18:12 451072 ----a-w- c:\windows\system32\winsrv.dll
2013-03-08 04:17 . 2013-04-22 18:11 2425344 ----a-w- c:\windows\system32\mstscax.dll
2013-03-08 03:52 . 2013-04-22 18:11 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-03-05 01:57 . 2013-04-22 18:12 2774016 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-05-08 1644088]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-01-28 2387968]
"AIM"="c:\program files (x86)\AIM\aim.exe" [2005-08-03 67160]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"Xvid"="c:\program files (x86)\Xvid\CheckUpdate.exe" [2011-01-17 8192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-02-26 1148200]
"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2009-02-13 1328424]
"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2009-02-13 185640]
"TVAgent"="c:\program files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe" [2009-02-24 203872]
"UCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-02-11 210216]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-02-17 206392]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-06 224616]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-01-23 484408]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe [2009-03-02 89600]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-01-28 05:28 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 00:38]
.
2013-05-31 c:\windows\Tasks\HPCeeScheduleForowner.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-06-01 01:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-10-28 153624]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-10-28 225816]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-10-28 200216]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-12-19 247808]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-04 442368]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer-2.x/UnityWebPlayer.cab
FF - ProfilePath - c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\h6ywjiz7.default\
FF - ExtSQL: 2013-04-28 18:28; chineseperakun@gmail.com; c:\users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\h6ywjiz7.default\extensions\chineseperakun@gmail.com
FF - ExtSQL: !HIDDEN! 2010-07-02 13:38; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - (no file)
URLSearchHooks-{3bbd3c14-4c16-4989-8366-95bc9179779d} - (no file)
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe
Wow6432Node-HKCU-Run-ISUSPM - c:\programdata\FLEXnet\Connect\11\ISUSPM.exe
SafeBoot-99719787.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
Toolbar-10 - (no file)
WebBrowser-{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - (no file)
WebBrowser-{3BBD3C14-4C16-4989-8366-95BC9179779D} - (no file)
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2013-06-01  16:24:37 - machine was rebooted
ComboFix-quarantined-files.txt  2013-06-01 20:24
.
Pre-Run: 130,359,484,416 bytes free
Post-Run: 130,365,751,296 bytes free
.
- - End Of File - - 3E33DDF33F6B073AD116529F8549EDE0
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users