Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Did funmoods crash my computer? [Solved]


  • This topic is locked This topic is locked

#16
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Good question!

You can set up your web browser to ask you where to download it or cut and paste (no shortcut) the file on to your desktop. It is best to run all of these from the desktop unless noted otherwise.

Regards,

CompCav
  • 1

Advertisements


#17
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
we were so close. When I booted it did an update and then went to my desktop. I was so excited!

I decided to reboot just to verify. Nope. Back to the temp version. Shut it all the way down and then booted once again. Still the temp version.

On the other hand I did find the ADW Cleaner files so I will post them as well.

ComboFix 12-09-12.03 - Wayne 09/12/2012 12:22:28.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4044.3265 [GMT -5:00]
Running from: c:\users\Wayne\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\users\Wayne\AppData\Roaming\JomCap.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-08-12 to 2012-09-12 )))))))))))))))))))))))))))))))
.
.
2012-09-12 17:07 . 2012-09-12 17:07 0 ----a-w- c:\windows\SysWow64\shoBAB6.tmp
2012-09-12 01:43 . 2012-09-12 01:43 -------- d-----w- C:\_OTL
2012-09-11 00:43 . 2012-09-11 01:01 -------- d-----w- c:\programdata\SpeedMaxPc
2012-09-10 23:09 . 2012-09-12 02:53 -------- d-----w- c:\users\TEMP
2012-09-10 02:18 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{42DD8884-2277-4178-8E8E-88527C8FD74A}\mpengine.dll
2012-09-02 20:06 . 2012-09-02 20:06 -------- d-----w- c:\program files\Java
2012-09-02 19:57 . 2012-09-02 19:57 -------- d-----w- c:\program files (x86)\Java
2012-09-02 19:55 . 2012-09-02 19:55 -------- d-----w- c:\programdata\McAfee
2012-09-02 19:45 . 2012-09-08 12:54 -------- d-----w- c:\program files (x86)\DownloadManager
2012-09-02 19:44 . 2012-09-03 01:00 -------- d-----w- c:\users\Wayne\AppData\Local\Google
2012-09-02 19:32 . 2012-09-02 19:31 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-02 19:32 . 2012-09-02 19:31 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-08-16 11:57 . 2012-06-29 05:02 754784 ----a-w- c:\program files\Internet Explorer\iexplore.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-02 19:57 . 2011-10-23 20:09 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-01 13:37 . 2012-04-11 11:53 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-01 13:37 . 2011-07-16 05:37 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-21 09:13 . 2011-12-22 04:31 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2011-12-22 04:31 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2011-12-22 04:31 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-03-25 13:33 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2011-12-22 04:31 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2011-12-22 04:31 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-12-22 04:31 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2011-12-22 04:31 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-12-22 04:31 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-15 13:02 . 2011-10-25 12:27 62134624 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\Sidebar.exe" [2010-11-21 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-04-30 284440]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-06-28 168504]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-05-06 263496]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 250568]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-30 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-23 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2012-04-25 197504]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-02-18 2372096]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-09-28 212944]
S2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;c:\program files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-09-24 341312]
S2 nlsX86cc;NLS Service;c:\windows\SysWOW64\NLSSRV32.EXE [2011-09-24 68928]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-05-10 317440]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2012-04-13 1860672]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-12-11 565352]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 13:37]
.
2012-09-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-22 09:12]
.
2012-09-10 c:\windows\Tasks\HPCeeScheduleForWayne.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-09-08 c:\windows\Tasks\User_Feed_Synchronization-{1B619010-4F83-4A6F-8F1F-328EC1921A69}.job
- c:\windows\system32\msfeedssync.exe [2011-07-16 05:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-11 1424896]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-12-11 416024]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-12-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-12-11 392472]
"SetDefault"="c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe" [2011-12-20 44880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
mStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-RegWork - c:\program files (x86)\RegWork\RegWork.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-09-12 12:43:50 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-12 17:43
.
Pre-Run: 416,645,169,152 bytes free
Post-Run: 418,081,124,352 bytes free
.
- - End Of File - - 94D1F9D5E9926A854C7052BBF587370D


# AdwCleaner v2.001 - Logfile created 09/11/2012 at 21:27:23
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wayne - WAYNE-HP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Wayne\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Wayne\AppData\Local\funmoods-speeddial.crx
Folder Found : C:\Program Files (x86)\Yontoo
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Wayne\AppData\LocalLow\Funmoods

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\Cr_Installer
Key Found : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\f
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\prefs.js

Found : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", true);
Found : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1346615076);
Found : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.searchUserConifrmation", false[...]
Found : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setHomepage", false);
Found : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setNewTab", false);
Found : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setSearch", false);
Found : user_pref("extensions.crossriderapp4479.4479.active", true);
Found : user_pref("extensions.crossriderapp4479.4479.addressbar", "");
Found : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG&&appA[...]
Found : user_pref("extensions.crossriderapp4479.4479.backgroundver", 5);
Found : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);
Found : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");
Found : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);
Found : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1346615076");
Found : user_pref("extensions.crossriderapp4479.4479.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1346615076");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Sun Sep 02 2012 15:[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%5B%22nonexistantdomain.[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Sun Sep 09 2012 [...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22US%22");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1346616061");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2258453%22");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1346615304003");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221242%22");
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2276184%22");
Found : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Found : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1346615268564");
Found : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]
Found : user_pref("extensions.crossriderapp4479.4479.domain", "");
Found : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);
Found : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");
Found : user_pref("extensions.crossriderapp4479.4479.group", 0);
Found : user_pref("extensions.crossriderapp4479.4479.homepage", "");
Found : user_pref("extensions.crossriderapp4479.4479.iframe", false);
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "33");
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Sun Sep 02[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Found : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");
Found : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Found : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");
Found : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");
Found : user_pref("extensions.crossriderapp4479.4479.newtab", "");
Found : user_pref("extensions.crossriderapp4479.4479.opensearch", "");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 4);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 2);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 3);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");
Found : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);
Found : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,47,1000015");
Found : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Found : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Found : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 11);
Found : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");
Found : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);
Found : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);
Found : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");
Found : user_pref("extensions.crossriderapp4479.4479.thankyou", "hxxp://crossrider.com/thank_you/4479");
Found : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);
Found : user_pref("extensions.crossriderapp4479.4479.ver", 33);
Found : user_pref("extensions.crossriderapp4479.adsOldValue", -1);
Found : user_pref("extensions.crossriderapp4479.apps", "4479");
Found : user_pref("extensions.crossriderapp4479.bic", "139888646efafa0ce8825ce40edf1d6e");
Found : user_pref("extensions.crossriderapp4479.cid", 4479);
Found : user_pref("extensions.crossriderapp4479.firstrun", false);
Found : user_pref("extensions.crossriderapp4479.hadappinstalled", true);
Found : user_pref("extensions.crossriderapp4479.installationdate", 1346615265);
Found : user_pref("extensions.crossriderapp4479.lastcheck", 22443588);
Found : user_pref("extensions.crossriderapp4479.lastcheckitem", 22443601);
Found : user_pref("extensions.crossriderapp4479.modetype", "production");
Found : user_pref("extensions.funmoods.aflt", "iron2");
Found : user_pref("extensions.funmoods.autoRvrt", false);
Found : user_pref("extensions.funmoods.dfltLng", "");
Found : user_pref("extensions.funmoods.dfltSrch", true);
Found : user_pref("extensions.funmoods.dnsErr", true);
Found : user_pref("extensions.funmoods.envrmnt", "production");
Found : user_pref("extensions.funmoods.excTlbr", false);
Found : user_pref("extensions.funmoods.hmpg", true);
Found : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2Xzuy[...]
Found : user_pref("extensions.funmoods.id", "9439E569796F49E0");
Found : user_pref("extensions.funmoods.instlDay", "15585");
Found : user_pref("extensions.funmoods.instlRef", "iron2");
Found : user_pref("extensions.funmoods.isdcmntcmplt", true);
Found : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Found : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2Xz[...]
Found : user_pref("extensions.funmoods.prdct", "funmoods");
Found : user_pref("extensions.funmoods.prtnrId", "funmoods");
Found : user_pref("extensions.funmoods.srchPrvdr", "Search");
Found : user_pref("extensions.funmoods.tlbrId", "base");
Found : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=iron2&chnl=iron2&cd=2[...]
Found : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Found : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Found : user_pref("extensions.funmoods_i.newTab", true);
Found : user_pref("extensions.funmoods_i.smplGrp", "none");
Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2214:44:23");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [19921 octets] - [11/09/2012 21:27:23]

########## EOF - C:\AdwCleaner[R1].txt - [19982 octets] ##########


# AdwCleaner v2.001 - Logfile created 09/11/2012 at 22:13:38
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wayne - WAYNE-HP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Wayne\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Wayne\AppData\Local\funmoods-speeddial.crx
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Wayne\AppData\LocalLow\Funmoods

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\f
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\prefs.js

C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\user.js ... Deleted !

Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1346615076);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.active", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.addressbar", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG&&appA[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundver", 5);
Deleted : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1346615076");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1346615076");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Sun Sep 02 2012 15:[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%5B%22nonexistantdomain.[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Sun Sep 09 2012 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1346616061");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2258453%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1346615304003");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221242%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2276184%22");
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1346615268564");
Deleted : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.domain", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.group", 0);
Deleted : user_pref("extensions.crossriderapp4479.4479.homepage", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.iframe", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "33");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Sun Sep 02[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");
Deleted : user_pref("extensions.crossriderapp4479.4479.newtab", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.opensearch", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 4);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 11);
Deleted : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp4479.4479.thankyou", "hxxp://crossrider.com/thank_you/4479");
Deleted : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp4479.4479.ver", 33);
Deleted : user_pref("extensions.crossriderapp4479.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp4479.apps", "4479");
Deleted : user_pref("extensions.crossriderapp4479.bic", "139888646efafa0ce8825ce40edf1d6e");
Deleted : user_pref("extensions.crossriderapp4479.cid", 4479);
Deleted : user_pref("extensions.crossriderapp4479.firstrun", false);
Deleted : user_pref("extensions.crossriderapp4479.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp4479.installationdate", 1346615265);
Deleted : user_pref("extensions.crossriderapp4479.lastcheck", 22443588);
Deleted : user_pref("extensions.crossriderapp4479.lastcheckitem", 22443601);
Deleted : user_pref("extensions.crossriderapp4479.modetype", "production");
Deleted : user_pref("extensions.funmoods.aflt", "iron2");
Deleted : user_pref("extensions.funmoods.autoRvrt", false);
Deleted : user_pref("extensions.funmoods.dfltLng", "");
Deleted : user_pref("extensions.funmoods.dfltSrch", true);
Deleted : user_pref("extensions.funmoods.dnsErr", true);
Deleted : user_pref("extensions.funmoods.envrmnt", "production");
Deleted : user_pref("extensions.funmoods.excTlbr", false);
Deleted : user_pref("extensions.funmoods.hmpg", true);
Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=iron2&chnl=iron2&cd=2Xzuy[...]
Deleted : user_pref("extensions.funmoods.id", "9439E569796F49E0");
Deleted : user_pref("extensions.funmoods.instlDay", "15585");
Deleted : user_pref("extensions.funmoods.instlRef", "iron2");
Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true);
Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=iron2&chnl=iron2&cd=2Xz[...]
Deleted : user_pref("extensions.funmoods.prdct", "funmoods");
Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods");
Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search");
Deleted : user_pref("extensions.funmoods.tlbrId", "base");
Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=iron2&chnl=iron2&cd=2[...]
Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Deleted : user_pref("extensions.funmoods_i.newTab", true);
Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2214:44:23");

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [20020 octets] - [11/09/2012 21:27:23]
AdwCleaner[S1].txt - [20681 octets] - [11/09/2012 22:13:38]

########## EOF - C:\AdwCleaner[S1].txt - [20742 octets] ##########


# AdwCleaner v2.001 - Logfile created 09/12/2012 at 07:20:33
# Updated 09/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wayne - WAYNE-HP
# Boot Mode : Safe mode with networking
# Running from : C:\Users\Wayne\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v21.0.1180.89

File : C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [20020 octets] - [11/09/2012 21:27:23]
AdwCleaner[S1].txt - [20776 octets] - [11/09/2012 22:13:38]
AdwCleaner[S2].txt - [974 octets] - [12/09/2012 07:20:33]

########## EOF - C:\AdwCleaner[S2].txt - [1033 octets] ##########


  • 0

#18
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

  • 1

#19
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Nothing was found.
it created two logs. here they are.

21:40:40.0123 1528 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:40:42.0135 1528 ============================================================
21:40:42.0135 1528 Current date / time: 2012/09/12 21:40:42.0135
21:40:42.0135 1528 SystemInfo:
21:40:42.0135 1528
21:40:42.0135 1528 OS Version: 6.1.7601 ServicePack: 1.0
21:40:42.0135 1528 Product type: Workstation
21:40:42.0135 1528 ComputerName: WAYNE-HP
21:40:42.0135 1528 UserName: Wayne
21:40:42.0135 1528 Windows directory: C:\Windows
21:40:42.0135 1528 System windows directory: C:\Windows
21:40:42.0135 1528 Running under WOW64
21:40:42.0135 1528 Processor architecture: Intel x64
21:40:42.0135 1528 Number of processors: 4
21:40:42.0135 1528 Page size: 0x1000
21:40:42.0135 1528 Boot type: Safe boot with network
21:40:42.0135 1528 ============================================================
21:40:42.0744 1528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:40:42.0744 1528 ============================================================
21:40:42.0744 1528 \Device\Harddisk0\DR0:
21:40:42.0744 1528 MBR partitions:
21:40:42.0744 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:40:42.0744 1528 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C6E000
21:40:42.0744 1528 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37CD2000, BlocksNum 0x1EC4000
21:40:42.0744 1528 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
21:40:42.0744 1528 ============================================================
21:40:42.0775 1528 C: <-> \Device\Harddisk0\DR0\Partition2
21:40:42.0822 1528 D: <-> \Device\Harddisk0\DR0\Partition3
21:40:42.0837 1528 E: <-> \Device\Harddisk0\DR0\Partition4
21:40:42.0837 1528 ============================================================
21:40:42.0837 1528 Initialize success
21:40:42.0837 1528 ============================================================
21:40:56.0534 1068 Deinitialize success


21:44:23.0070 2724 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
21:44:25.0082 2724 ============================================================
21:44:25.0082 2724 Current date / time: 2012/09/12 21:44:25.0082
21:44:25.0082 2724 SystemInfo:
21:44:25.0082 2724
21:44:25.0082 2724 OS Version: 6.1.7601 ServicePack: 1.0
21:44:25.0082 2724 Product type: Workstation
21:44:25.0082 2724 ComputerName: WAYNE-HP
21:44:25.0082 2724 UserName: Wayne
21:44:25.0082 2724 Windows directory: C:\Windows
21:44:25.0082 2724 System windows directory: C:\Windows
21:44:25.0082 2724 Running under WOW64
21:44:25.0082 2724 Processor architecture: Intel x64
21:44:25.0082 2724 Number of processors: 4
21:44:25.0082 2724 Page size: 0x1000
21:44:25.0082 2724 Boot type: Normal boot
21:44:25.0082 2724 ============================================================
21:44:25.0831 2724 BG loaded
21:44:26.0533 2724 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:44:26.0533 2724 ============================================================
21:44:26.0533 2724 \Device\Harddisk0\DR0:
21:44:26.0533 2724 MBR partitions:
21:44:26.0533 2724 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:44:26.0533 2724 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37C6E000
21:44:26.0533 2724 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37CD2000, BlocksNum 0x1EC4000
21:44:26.0533 2724 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39B96000, BlocksNum 0x7EF830
21:44:26.0533 2724 ============================================================
21:44:26.0595 2724 C: <-> \Device\Harddisk0\DR0\Partition2
21:44:26.0658 2724 D: <-> \Device\Harddisk0\DR0\Partition3
21:44:26.0673 2724 E: <-> \Device\Harddisk0\DR0\Partition4
21:44:26.0673 2724 ============================================================
21:44:26.0673 2724 Initialize success
21:44:26.0673 2724 ============================================================
21:44:43.0429 3416 ============================================================
21:44:43.0429 3416 Scan started
21:44:43.0429 3416 Mode: Manual;
21:44:43.0429 3416 ============================================================
21:44:55.0176 3416 ================ Scan system memory ========================
21:44:55.0176 3416 System memory - ok
21:44:55.0191 3416 ================ Scan services =============================
21:44:56.0814 3416 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:44:56.0829 3416 1394ohci - ok
21:44:56.0907 3416 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:44:56.0938 3416 ACPI - ok
21:44:57.0313 3416 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:44:57.0313 3416 AcpiPmi - ok
21:44:58.0062 3416 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:44:58.0062 3416 AdobeARMservice - ok
21:44:59.0606 3416 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:44:59.0669 3416 AdobeFlashPlayerUpdateSvc - ok
21:44:59.0871 3416 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:44:59.0918 3416 adp94xx - ok
21:45:00.0168 3416 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:45:00.0183 3416 adpahci - ok
21:45:00.0277 3416 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:45:00.0293 3416 adpu320 - ok
21:45:00.0339 3416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:45:00.0339 3416 AeLookupSvc - ok
21:45:00.0433 3416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:45:00.0449 3416 AFD - ok
21:45:00.0511 3416 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:45:00.0511 3416 agp440 - ok
21:45:00.0620 3416 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:45:00.0636 3416 ALG - ok
21:45:00.0698 3416 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:45:00.0714 3416 aliide - ok
21:45:00.0792 3416 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:45:00.0792 3416 amdide - ok
21:45:00.0948 3416 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:45:00.0948 3416 AmdK8 - ok
21:45:01.0010 3416 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:45:01.0010 3416 AmdPPM - ok
21:45:01.0088 3416 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:45:01.0088 3416 amdsata - ok
21:45:01.0182 3416 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:45:01.0213 3416 amdsbs - ok
21:45:01.0229 3416 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:45:01.0244 3416 amdxata - ok
21:45:01.0385 3416 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:45:01.0385 3416 AppID - ok
21:45:01.0431 3416 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:45:01.0431 3416 AppIDSvc - ok
21:45:01.0494 3416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:45:01.0494 3416 Appinfo - ok
21:45:01.0681 3416 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:45:01.0681 3416 Apple Mobile Device - ok
21:45:01.0915 3416 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
21:45:01.0915 3416 arc - ok
21:45:01.0977 3416 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:45:01.0977 3416 arcsas - ok
21:45:02.0570 3416 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:45:02.0867 3416 aspnet_state - ok
21:45:03.0584 3416 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:45:03.0584 3416 aswFsBlk - ok
21:45:03.0803 3416 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:45:03.0803 3416 aswMonFlt - ok
21:45:04.0005 3416 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:45:04.0021 3416 aswRdr - ok
21:45:04.0177 3416 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:45:04.0193 3416 aswSnx - ok
21:45:04.0567 3416 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:45:04.0567 3416 aswSP - ok
21:45:04.0629 3416 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:45:04.0629 3416 aswTdi - ok
21:45:04.0723 3416 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:45:04.0723 3416 AsyncMac - ok
21:45:04.0848 3416 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:45:04.0848 3416 atapi - ok
21:45:05.0019 3416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:45:05.0035 3416 AudioEndpointBuilder - ok
21:45:05.0160 3416 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:45:05.0175 3416 AudioSrv - ok
21:45:05.0425 3416 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:45:05.0441 3416 avast! Antivirus - ok
21:45:05.0550 3416 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:45:05.0550 3416 AxInstSV - ok
21:45:05.0862 3416 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:45:05.0940 3416 b06bdrv - ok
21:45:06.0111 3416 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:45:06.0174 3416 b57nd60a - ok
21:45:06.0439 3416 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:45:06.0486 3416 BCM43XX - ok
21:45:06.0579 3416 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:45:06.0579 3416 BDESVC - ok
21:45:06.0751 3416 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:45:06.0767 3416 Beep - ok
21:45:07.0016 3416 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:45:07.0016 3416 BFE - ok
21:45:07.0203 3416 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
21:45:07.0313 3416 BITS - ok
21:45:07.0406 3416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
21:45:07.0406 3416 blbdrive - ok
21:45:07.0484 3416 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:45:07.0500 3416 Bonjour Service - ok
21:45:07.0578 3416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:45:07.0578 3416 bowser - ok
21:45:07.0640 3416 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:45:07.0656 3416 BrFiltLo - ok
21:45:07.0671 3416 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:45:07.0687 3416 BrFiltUp - ok
21:45:07.0937 3416 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:45:07.0937 3416 BridgeMP - ok
21:45:08.0046 3416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:45:08.0046 3416 Browser - ok
21:45:08.0217 3416 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:45:08.0233 3416 Brserid - ok
21:45:08.0327 3416 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:45:08.0327 3416 BrSerWdm - ok
21:45:08.0389 3416 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:45:08.0436 3416 BrUsbMdm - ok
21:45:08.0483 3416 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:45:08.0498 3416 BrUsbSer - ok
21:45:08.0607 3416 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:45:08.0607 3416 BTHMODEM - ok
21:45:08.0670 3416 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:45:08.0685 3416 bthserv - ok
21:45:08.0748 3416 catchme - ok
21:45:08.0810 3416 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:45:08.0810 3416 cdfs - ok
21:45:08.0966 3416 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:45:08.0982 3416 cdrom - ok
21:45:09.0060 3416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:45:09.0060 3416 CertPropSvc - ok
21:45:09.0107 3416 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
21:45:09.0107 3416 circlass - ok
21:45:09.0231 3416 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:45:09.0263 3416 CLFS - ok
21:45:09.0372 3416 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:45:09.0387 3416 clr_optimization_v2.0.50727_32 - ok
21:45:09.0543 3416 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:45:09.0559 3416 clr_optimization_v2.0.50727_64 - ok
21:45:09.0887 3416 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:45:10.0043 3416 clr_optimization_v4.0.30319_32 - ok
21:45:10.0167 3416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:45:10.0199 3416 clr_optimization_v4.0.30319_64 - ok
21:45:10.0308 3416 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
21:45:10.0308 3416 clwvd - ok
21:45:10.0401 3416 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:45:10.0401 3416 CmBatt - ok
21:45:10.0433 3416 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:45:10.0448 3416 cmdide - ok
21:45:10.0635 3416 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:45:10.0651 3416 CNG - ok
21:45:10.0745 3416 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:45:10.0745 3416 Compbatt - ok
21:45:10.0823 3416 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:45:10.0838 3416 CompositeBus - ok
21:45:10.0854 3416 COMSysApp - ok
21:45:10.0902 3416 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:45:10.0902 3416 crcdisk - ok
21:45:11.0042 3416 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:45:11.0042 3416 CryptSvc - ok
21:45:11.0245 3416 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
21:45:11.0260 3416 cvhsvc - ok
21:45:11.0370 3416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:45:11.0385 3416 DcomLaunch - ok
21:45:11.0463 3416 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:45:11.0479 3416 defragsvc - ok
21:45:11.0541 3416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:45:11.0541 3416 DfsC - ok
21:45:11.0635 3416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:45:11.0650 3416 Dhcp - ok
21:45:11.0713 3416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:45:11.0713 3416 discache - ok
21:45:11.0838 3416 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
21:45:11.0869 3416 Disk - ok
21:45:11.0948 3416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:45:11.0948 3416 Dnscache - ok
21:45:12.0057 3416 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:45:12.0073 3416 dot3svc - ok
21:45:12.0135 3416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:45:12.0135 3416 DPS - ok
21:45:12.0182 3416 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:45:12.0182 3416 drmkaud - ok
21:45:12.0385 3416 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:45:12.0400 3416 DXGKrnl - ok
21:45:12.0587 3416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:45:12.0603 3416 EapHost - ok
21:45:13.0040 3416 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:45:13.0149 3416 ebdrv - ok
21:45:13.0305 3416 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:45:13.0321 3416 EFS - ok
21:45:13.0555 3416 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:45:13.0601 3416 ehRecvr - ok
21:45:13.0679 3416 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:45:13.0679 3416 ehSched - ok
21:45:14.0179 3416 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:45:14.0194 3416 elxstor - ok
21:45:14.0210 3416 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:45:14.0225 3416 ErrDev - ok
21:45:14.0397 3416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:45:14.0413 3416 EventSystem - ok
21:45:14.0475 3416 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:45:14.0491 3416 exfat - ok
21:45:14.0522 3416 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:45:14.0522 3416 fastfat - ok
21:45:14.0693 3416 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:45:14.0725 3416 Fax - ok
21:45:14.0756 3416 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
21:45:14.0756 3416 fdc - ok
21:45:14.0787 3416 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:45:14.0787 3416 fdPHost - ok
21:45:14.0834 3416 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:45:14.0849 3416 FDResPub - ok
21:45:14.0881 3416 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:45:14.0881 3416 FileInfo - ok
21:45:14.0896 3416 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:45:14.0896 3416 Filetrace - ok
21:45:14.0974 3416 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:45:14.0974 3416 flpydisk - ok
21:45:15.0052 3416 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:45:15.0052 3416 FltMgr - ok
21:45:15.0161 3416 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:45:15.0177 3416 FontCache - ok
21:45:15.0302 3416 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:45:15.0317 3416 FontCache3.0.0.0 - ok
21:45:15.0473 3416 [ 26065327BB2AA358140381FC76520908 ] FPLService C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
21:45:15.0473 3416 FPLService - ok
21:45:15.0536 3416 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:45:15.0536 3416 FsDepends - ok
21:45:15.0598 3416 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:45:15.0614 3416 Fs_Rec - ok
21:45:15.0661 3416 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:45:15.0661 3416 fvevol - ok
21:45:15.0723 3416 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:45:15.0739 3416 gagp30kx - ok
21:45:15.0926 3416 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:45:15.0926 3416 GamesAppService - ok
21:45:15.0973 3416 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:45:15.0973 3416 GEARAspiWDM - ok
21:45:16.0175 3416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:45:16.0175 3416 gpsvc - ok
21:45:16.0222 3416 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:45:16.0222 3416 hcw85cir - ok
21:45:16.0285 3416 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:45:16.0316 3416 HdAudAddService - ok
21:45:16.0363 3416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:45:16.0363 3416 HDAudBus - ok
21:45:16.0425 3416 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:45:16.0441 3416 HidBatt - ok
21:45:16.0456 3416 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:45:16.0472 3416 HidBth - ok
21:45:16.0487 3416 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
21:45:16.0503 3416 HidIr - ok
21:45:16.0534 3416 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
21:45:16.0534 3416 hidserv - ok
21:45:16.0597 3416 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:45:16.0597 3416 HidUsb - ok
21:45:16.0643 3416 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:45:16.0643 3416 hkmsvc - ok
21:45:16.0706 3416 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:45:16.0753 3416 HomeGroupListener - ok
21:45:16.0784 3416 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:45:16.0799 3416 HomeGroupProvider - ok
21:45:17.0018 3416 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:45:17.0018 3416 HP Support Assistant Service - ok
21:45:17.0127 3416 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:45:17.0143 3416 HPClientSvc - ok
21:45:17.0299 3416 [ 8EB0813B7760BBE161BACF8043322186 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:45:17.0314 3416 HPDrvMntSvc.exe - ok
21:45:17.0533 3416 [ 5298E3B4844328A11C9EB6C001CF0529 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:45:17.0579 3416 hpqwmiex - ok
21:45:17.0657 3416 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:45:17.0657 3416 HpSAMD - ok
21:45:17.0845 3416 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:45:17.0845 3416 HPWMISVC - ok
21:45:17.0985 3416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:45:17.0985 3416 HTTP - ok
21:45:18.0047 3416 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:45:18.0047 3416 hwpolicy - ok
21:45:18.0141 3416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:45:18.0141 3416 i8042prt - ok
21:45:18.0235 3416 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:45:18.0235 3416 iaStor - ok
21:45:18.0375 3416 [ E79A8E33BD136D14BAE1FA20EB2EF124 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
21:45:18.0375 3416 IAStorDataMgrSvc - ok
21:45:18.0469 3416 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:45:18.0515 3416 iaStorV - ok
21:45:18.0843 3416 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:45:18.0874 3416 IconMan_R - ok
21:45:19.0046 3416 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:45:19.0093 3416 idsvc - ok
21:45:20.0684 3416 [ 33FAA40B288002C89529DBD14F3AB72C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:45:20.0855 3416 igfx - ok
21:45:20.0933 3416 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:45:20.0933 3416 iirsp - ok
21:45:21.0058 3416 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:45:21.0074 3416 IKEEXT - ok
21:45:21.0183 3416 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:45:21.0183 3416 IntcDAud - ok
21:45:21.0230 3416 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:45:21.0230 3416 intelide - ok
21:45:21.0308 3416 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:45:21.0308 3416 intelppm - ok
21:45:21.0433 3416 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:45:21.0448 3416 IPBusEnum - ok
21:45:21.0526 3416 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:45:21.0542 3416 IpFilterDriver - ok
21:45:21.0667 3416 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:45:21.0682 3416 iphlpsvc - ok
21:45:21.0713 3416 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:45:21.0713 3416 IPMIDRV - ok
21:45:21.0791 3416 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:45:21.0791 3416 IPNAT - ok
21:45:22.0025 3416 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:45:22.0135 3416 iPod Service - ok
21:45:22.0181 3416 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:45:22.0197 3416 IRENUM - ok
21:45:22.0400 3416 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:45:22.0400 3416 isapnp - ok
21:45:22.0618 3416 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:45:22.0649 3416 iScsiPrt - ok
21:45:22.0961 3416 [ 5A9894E80575647DC77A7D1954B05CE7 ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
21:45:22.0961 3416 jhi_service - ok
21:45:23.0086 3416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:45:23.0086 3416 kbdclass - ok
21:45:23.0180 3416 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:45:23.0195 3416 kbdhid - ok
21:45:23.0242 3416 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:45:23.0242 3416 KeyIso - ok
21:45:23.0305 3416 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:45:23.0305 3416 KSecDD - ok
21:45:23.0351 3416 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:45:23.0367 3416 KSecPkg - ok
21:45:23.0461 3416 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:45:23.0476 3416 ksthunk - ok
21:45:23.0554 3416 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:45:23.0570 3416 KtmRm - ok
21:45:23.0741 3416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:45:23.0757 3416 LanmanServer - ok
21:45:23.0819 3416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:45:23.0835 3416 LanmanWorkstation - ok
21:45:23.0882 3416 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:45:23.0882 3416 lltdio - ok
21:45:23.0991 3416 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:45:24.0007 3416 lltdsvc - ok
21:45:24.0053 3416 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:45:24.0053 3416 lmhosts - ok
21:45:24.0178 3416 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:45:24.0178 3416 LMS - ok
21:45:24.0287 3416 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:45:24.0287 3416 LSI_FC - ok
21:45:24.0475 3416 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:45:24.0475 3416 LSI_SAS - ok
21:45:24.0521 3416 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:45:24.0521 3416 LSI_SAS2 - ok
21:45:24.0599 3416 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:45:24.0599 3416 LSI_SCSI - ok
21:45:24.0646 3416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:45:24.0646 3416 luafv - ok
21:45:24.0709 3416 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:45:24.0724 3416 Mcx2Svc - ok
21:45:24.0755 3416 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
21:45:24.0755 3416 megasas - ok
21:45:24.0818 3416 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:45:24.0849 3416 MegaSR - ok
21:45:24.0911 3416 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:45:24.0911 3416 MEIx64 - ok
21:45:24.0958 3416 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:45:24.0958 3416 MMCSS - ok
21:45:25.0021 3416 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:45:25.0021 3416 Modem - ok
21:45:25.0083 3416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:45:25.0083 3416 monitor - ok
21:45:25.0114 3416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:45:25.0114 3416 mouclass - ok
21:45:25.0177 3416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:45:25.0177 3416 mouhid - ok
21:45:25.0286 3416 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:45:25.0301 3416 mountmgr - ok
21:45:25.0426 3416 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:45:25.0442 3416 MozillaMaintenance - ok
21:45:25.0504 3416 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:45:25.0504 3416 mpio - ok
21:45:25.0598 3416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:45:25.0598 3416 mpsdrv - ok
21:45:25.0769 3416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:45:25.0785 3416 MpsSvc - ok
21:45:25.0847 3416 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:45:25.0847 3416 MRxDAV - ok
21:45:25.0925 3416 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:45:25.0941 3416 mrxsmb - ok
21:45:26.0081 3416 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:45:26.0097 3416 mrxsmb10 - ok
21:45:26.0128 3416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:45:26.0128 3416 mrxsmb20 - ok
21:45:26.0191 3416 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:45:26.0191 3416 msahci - ok
21:45:26.0300 3416 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:45:26.0331 3416 msdsm - ok
21:45:26.0347 3416 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:45:26.0362 3416 MSDTC - ok
21:45:26.0409 3416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:45:26.0409 3416 Msfs - ok
21:45:26.0440 3416 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:45:26.0456 3416 mshidkmdf - ok
21:45:26.0487 3416 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:45:26.0487 3416 msisadrv - ok
21:45:26.0549 3416 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:45:26.0549 3416 MSiSCSI - ok
21:45:26.0565 3416 msiserver - ok
21:45:26.0612 3416 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:45:26.0627 3416 MSKSSRV - ok
21:45:26.0659 3416 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:45:26.0659 3416 MSPCLOCK - ok
21:45:26.0674 3416 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:45:26.0690 3416 MSPQM - ok
21:45:26.0721 3416 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:45:26.0721 3416 MsRPC - ok
21:45:26.0830 3416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:45:26.0830 3416 mssmbios - ok
21:45:26.0877 3416 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:45:26.0877 3416 MSTEE - ok
21:45:26.0971 3416 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:45:26.0971 3416 MTConfig - ok
21:45:27.0017 3416 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:45:27.0033 3416 Mup - ok
21:45:27.0095 3416 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:45:27.0111 3416 napagent - ok
21:45:27.0251 3416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:45:27.0267 3416 NativeWifiP - ok
21:45:27.0595 3416 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:45:28.0281 3416 NDIS - ok
21:45:28.0343 3416 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:45:28.0343 3416 NdisCap - ok
21:45:28.0390 3416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:45:28.0390 3416 NdisTapi - ok
21:45:28.0453 3416 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:45:28.0453 3416 Ndisuio - ok
21:45:28.0484 3416 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:45:28.0484 3416 NdisWan - ok
21:45:28.0546 3416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:45:28.0546 3416 NDProxy - ok
21:45:28.0609 3416 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:45:28.0609 3416 NetBIOS - ok
21:45:28.0655 3416 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:45:28.0655 3416 NetBT - ok
21:45:28.0718 3416 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:45:28.0718 3416 Netlogon - ok
21:45:28.0811 3416 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:45:28.0843 3416 Netman - ok
21:45:28.0936 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:28.0967 3416 NetMsmqActivator - ok
21:45:29.0014 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:29.0014 3416 NetPipeActivator - ok
21:45:29.0123 3416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:45:29.0155 3416 netprofm - ok
21:45:29.0326 3416 [ 31609B481CC202BFB441E37FEBCDEA05 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
21:45:29.0342 3416 netr28x - ok
21:45:29.0560 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:29.0576 3416 NetTcpActivator - ok
21:45:29.0591 3416 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:45:29.0591 3416 NetTcpPortSharing - ok
21:45:29.0654 3416 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:45:29.0669 3416 nfrd960 - ok
21:45:30.0044 3416 [ 7F98566A311CEB1FE2994F8C2A05FBC1 ] NitroDriverReadSpool C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
21:45:30.0044 3416 NitroDriverReadSpool - ok
21:45:30.0153 3416 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:45:30.0153 3416 NlaSvc - ok
21:45:31.0229 3416 [ 7BFA0C5D8A4A2F1C46A6A3A698BDE3E5 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
21:45:31.0229 3416 nlsX86cc - ok
21:45:31.0417 3416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:45:31.0417 3416 Npfs - ok
21:45:31.0510 3416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:45:31.0510 3416 nsi - ok
21:45:31.0541 3416 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:45:31.0541 3416 nsiproxy - ok
21:45:32.0025 3416 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:45:32.0150 3416 Ntfs - ok
21:45:32.0181 3416 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:45:32.0181 3416 Null - ok
21:45:32.0321 3416 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
21:45:32.0353 3416 NVENETFD - ok
21:45:32.0431 3416 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:45:32.0446 3416 nvraid - ok
21:45:32.0477 3416 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:45:32.0477 3416 nvstor - ok
21:45:32.0680 3416 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:45:32.0680 3416 nv_agp - ok
21:45:32.0711 3416 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:45:32.0727 3416 ohci1394 - ok
21:45:32.0961 3416 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:45:32.0961 3416 ose - ok
21:45:33.0991 3416 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:45:34.0162 3416 osppsvc - ok
21:45:34.0271 3416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:45:34.0318 3416 p2pimsvc - ok
21:45:34.0381 3416 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:45:34.0474 3416 p2psvc - ok
21:45:34.0490 3416 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
21:45:34.0505 3416 Parport - ok
21:45:34.0568 3416 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:45:34.0568 3416 partmgr - ok
21:45:34.0661 3416 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:45:34.0677 3416 PcaSvc - ok
21:45:34.0739 3416 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:45:34.0771 3416 pci - ok
21:45:34.0911 3416 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:45:34.0911 3416 pciide - ok
21:45:35.0067 3416 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:45:35.0098 3416 pcmcia - ok
21:45:35.0145 3416 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:45:35.0145 3416 pcw - ok
21:45:35.0192 3416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:45:35.0207 3416 PEAUTH - ok
21:45:35.0301 3416 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:45:35.0317 3416 PerfHost - ok
21:45:35.0441 3416 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:45:35.0504 3416 pla - ok
21:45:35.0629 3416 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:45:35.0644 3416 PlugPlay - ok
21:45:35.0675 3416 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:45:35.0675 3416 PNRPAutoReg - ok
21:45:35.0738 3416 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:45:35.0753 3416 PNRPsvc - ok
21:45:35.0847 3416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:45:35.0863 3416 PolicyAgent - ok
21:45:35.0941 3416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:45:35.0956 3416 Power - ok
21:45:36.0019 3416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:45:36.0019 3416 PptpMiniport - ok
21:45:36.0112 3416 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
21:45:36.0112 3416 Processor - ok
21:45:36.0206 3416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:45:36.0221 3416 ProfSvc - ok
21:45:36.0237 3416 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:45:36.0253 3416 ProtectedStorage - ok
21:45:36.0331 3416 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:45:36.0331 3416 Psched - ok
21:45:36.0611 3416 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:45:36.0674 3416 ql2300 - ok
21:45:36.0736 3416 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:45:36.0736 3416 ql40xx - ok
21:45:36.0877 3416 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:45:36.0877 3416 QWAVE - ok
21:45:36.0923 3416 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:45:36.0939 3416 QWAVEdrv - ok
21:45:36.0986 3416 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:45:37.0001 3416 RasAcd - ok
21:45:37.0079 3416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:45:37.0079 3416 RasAgileVpn - ok
21:45:37.0142 3416 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:45:37.0157 3416 RasAuto - ok
21:45:37.0251 3416 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:45:37.0251 3416 Rasl2tp - ok
21:45:37.0345 3416 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:45:37.0360 3416 RasMan - ok
21:45:37.0423 3416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:45:37.0438 3416 RasPppoe - ok
21:45:37.0501 3416 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:45:37.0501 3416 RasSstp - ok
21:45:37.0563 3416 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:45:37.0579 3416 rdbss - ok
21:45:37.0610 3416 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:45:37.0625 3416 rdpbus - ok
21:45:37.0657 3416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:45:37.0672 3416 RDPCDD - ok
21:45:37.0750 3416 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:45:37.0766 3416 RDPENCDD - ok
21:45:37.0828 3416 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:45:37.0828 3416 RDPREFMP - ok
21:45:37.0984 3416 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:45:38.0000 3416 RDPWD - ok
21:45:38.0047 3416 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:45:38.0047 3416 rdyboost - ok
21:45:38.0078 3416 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:45:38.0078 3416 RemoteAccess - ok
21:45:38.0140 3416 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:45:38.0156 3416 RemoteRegistry - ok
21:45:38.0312 3416 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
21:45:38.0327 3416 RoxioNow Service - ok
21:45:38.0390 3416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:45:38.0405 3416 RpcEptMapper - ok
21:45:38.0468 3416 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:45:38.0468 3416 RpcLocator - ok
21:45:38.0577 3416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
21:45:38.0593 3416 RpcSs - ok
21:45:38.0873 3416 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
21:45:38.0889 3416 RSPCIESTOR - ok
21:45:38.0967 3416 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:45:38.0983 3416 rspndr - ok
21:45:39.0076 3416 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:45:39.0092 3416 RTL8167 - ok
21:45:39.0139 3416 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:45:39.0139 3416 SamSs - ok
21:45:39.0232 3416 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:45:39.0232 3416 sbp2port - ok
21:45:39.0310 3416 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:45:39.0326 3416 SCardSvr - ok
21:45:39.0373 3416 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:45:39.0388 3416 scfilter - ok
21:45:39.0575 3416 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:45:39.0607 3416 Schedule - ok
21:45:39.0653 3416 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:45:39.0669 3416 SCPolicySvc - ok
21:45:39.0731 3416 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
21:45:39.0731 3416 sdbus - ok
21:45:39.0825 3416 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:45:39.0841 3416 SDRSVC - ok
21:45:39.0903 3416 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:45:39.0903 3416 secdrv - ok
21:45:39.0934 3416 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:45:39.0950 3416 seclogon - ok
21:45:39.0997 3416 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
21:45:39.0997 3416 SENS - ok
21:45:40.0059 3416 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:45:40.0075 3416 SensrSvc - ok
21:45:40.0137 3416 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
21:45:40.0137 3416 Serenum - ok
21:45:40.0215 3416 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
21:45:40.0215 3416 Serial - ok
21:45:40.0309 3416 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:45:40.0324 3416 sermouse - ok
21:45:40.0402 3416 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:45:40.0418 3416 SessionEnv - ok
21:45:40.0480 3416 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:45:40.0480 3416 sffdisk - ok
21:45:40.0543 3416 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:45:40.0543 3416 sffp_mmc - ok
21:45:40.0621 3416 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:45:40.0621 3416 sffp_sd - ok
21:45:40.0683 3416 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:45:40.0683 3416 sfloppy - ok
21:45:40.0901 3416 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
21:45:40.0917 3416 Sftfs - ok
21:45:41.0104 3416 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:45:41.0120 3416 sftlist - ok
21:45:41.0198 3416 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
21:45:41.0213 3416 Sftplay - ok
21:45:41.0276 3416 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
21:45:41.0276 3416 Sftredir - ok
21:45:41.0401 3416 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
21:45:41.0401 3416 Sftvol - ok
21:45:41.0416 3416 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:45:41.0432 3416 sftvsa - ok
21:45:41.0603 3416 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:45:41.0650 3416 SharedAccess - ok
21:45:41.0713 3416 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:45:41.0728 3416 ShellHWDetection - ok
21:45:41.0806 3416 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:45:41.0806 3416 SiSRaid2 - ok
21:45:41.0900 3416 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:45:41.0900 3416 SiSRaid4 - ok
21:45:42.0025 3416 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:45:42.0025 3416 Smb - ok
21:45:42.0118 3416 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:45:42.0134 3416 SNMPTRAP - ok
21:45:42.0165 3416 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:45:42.0165 3416 spldr - ok
21:45:42.0321 3416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:45:42.0337 3416 Spooler - ok
21:45:42.0976 3416 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:45:43.0023 3416 sppsvc - ok
21:45:43.0070 3416 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:45:43.0117 3416 sppuinotify - ok
21:45:43.0179 3416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:45:43.0179 3416 srv - ok
21:45:43.0304 3416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:45:43.0304 3416 srv2 - ok
21:45:43.0491 3416 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:45:43.0522 3416 SrvHsfHDA - ok
21:45:43.0663 3416 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:45:43.0709 3416 SrvHsfV92 - ok
21:45:43.0881 3416 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:45:43.0943 3416 SrvHsfWinac - ok
21:45:43.0990 3416 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:45:43.0990 3416 srvnet - ok
21:45:44.0131 3416 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:45:44.0146 3416 SSDPSRV - ok
21:45:44.0177 3416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:45:44.0177 3416 SstpSvc - ok
21:45:44.0505 3416 [ 7BF818B11C1FEDC3E76D233124470A30 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:45:44.0521 3416 STacSV - ok
21:45:44.0536 3416 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:45:44.0552 3416 stexstor - ok
21:45:44.0723 3416 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:45:44.0739 3416 STHDA - ok
21:45:44.0786 3416 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:45:44.0786 3416 StillCam - ok
21:45:44.0864 3416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:45:44.0879 3416 stisvc - ok
21:45:44.0911 3416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:45:44.0911 3416 swenum - ok
21:45:44.0957 3416 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:45:44.0973 3416 swprv - ok
21:45:45.0035 3416 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:45:45.0051 3416 SynTP - ok
21:45:45.0223 3416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:45:45.0269 3416 SysMain - ok
21:45:45.0285 3416 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:45:45.0301 3416 TabletInputService - ok
21:45:45.0347 3416 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:45:45.0363 3416 TapiSrv - ok
21:45:45.0394 3416 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:45:45.0410 3416 TBS - ok
21:45:45.0847 3416 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:45:45.0940 3416 Tcpip - ok
21:45:46.0143 3416 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:45:46.0159 3416 TCPIP6 - ok
21:45:46.0221 3416 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:45:46.0221 3416 tcpipreg - ok
21:45:46.0268 3416 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:45:46.0268 3416 TDPIPE - ok
21:45:46.0346 3416 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:45:46.0346 3416 TDTCP - ok
21:45:46.0580 3416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:45:46.0580 3416 tdx - ok
21:45:46.0642 3416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:45:46.0642 3416 TermDD - ok
21:45:46.0720 3416 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:45:46.0736 3416 TermService - ok
21:45:46.0767 3416 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:45:46.0767 3416 Themes - ok
21:45:46.0798 3416 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:45:46.0814 3416 THREADORDER - ok
21:45:46.0845 3416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:45:46.0861 3416 TrkWks - ok
21:45:46.0939 3416 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:45:46.0954 3416 TrustedInstaller - ok
21:45:46.0970 3416 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:45:46.0985 3416 tssecsrv - ok
21:45:47.0048 3416 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:45:47.0063 3416 TsUsbFlt - ok
21:45:47.0079 3416 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:45:47.0095 3416 TsUsbGD - ok
21:45:47.0157 3416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:45:47.0157 3416 tunnel - ok
21:45:47.0188 3416 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:45:47.0188 3416 uagp35 - ok
21:45:47.0235 3416 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:45:47.0235 3416 udfs - ok
21:45:47.0297 3416 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:45:47.0313 3416 UI0Detect - ok
21:45:47.0360 3416 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:45:47.0360 3416 uliagpkx - ok
21:45:47.0407 3416 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:45:47.0407 3416 umbus - ok
21:45:47.0438 3416 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
21:45:47.0453 3416 UmPass - ok
21:45:47.0843 3416 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:45:47.0953 3416 UNS - ok
21:45:48.0015 3416 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:45:48.0015 3416 upnphost - ok
21:45:48.0171 3416 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:45:48.0187 3416 usbaudio - ok
21:45:48.0265 3416 [ C85B8247FADD432FA54FE11667C8D97D ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
21:45:48.0265 3416 usbbus - ok
21:45:48.0311 3416 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:45:48.0327 3416 usbccgp - ok
21:45:48.0389 3416 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:45:48.0405 3416 usbcir - ok
21:45:48.0499 3416 [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
21:45:48.0499 3416 UsbDiag - ok
21:45:48.0545 3416 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:45:48.0545 3416 usbehci - ok
21:45:48.0655 3416 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:45:48.0670 3416 usbhub - ok
21:45:48.0733 3416 [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
21:45:48.0748 3416 USBModem - ok
21:45:48.0764 3416 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:45:48.0779 3416 usbohci - ok
21:45:48.0826 3416 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:45:48.0826 3416 usbprint - ok
21:45:48.0873 3416 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:45:48.0873 3416 USBSTOR - ok
21:45:48.0889 3416 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:45:48.0904 3416 usbuhci - ok
21:45:48.0982 3416 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
21:45:48.0982 3416 usbvideo - ok
21:45:49.0029 3416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:45:49.0045 3416 UxSms - ok
21:45:49.0076 3416 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:45:49.0076 3416 VaultSvc - ok
21:45:49.0123 3416 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:45:49.0138 3416 vdrvroot - ok
21:45:49.0279 3416 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:45:49.0325 3416 vds - ok
21:45:49.0419 3416 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:45:49.0419 3416 vga - ok
21:45:49.0450 3416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:45:49.0450 3416 VgaSave - ok
21:45:49.0513 3416 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:45:49.0528 3416 vhdmp - ok
21:45:49.0559 3416 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:45:49.0575 3416 viaide - ok
21:45:49.0606 3416 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:45:49.0622 3416 volmgr - ok
21:45:49.0684 3416 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:45:49.0684 3416 volmgrx - ok
21:45:49.0778 3416 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:45:49.0825 3416 volsnap - ok
21:45:49.0949 3416 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:45:49.0949 3416 vsmraid - ok
21:45:50.0246 3416 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:45:50.0324 3416 VSS - ok
21:45:50.0371 3416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:45:50.0371 3416 vwifibus - ok
21:45:50.0386 3416 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:45:50.0386 3416 vwififlt - ok
21:45:50.0464 3416 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:45:50.0464 3416 vwifimp - ok
21:45:50.0558 3416 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:45:50.0573 3416 W32Time - ok
21:45:50.0636 3416 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:45:50.0636 3416 WacomPen - ok
21:45:50.0745 3416 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:45:50.0745 3416 WANARP - ok
21:45:50.0745 3416 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:45:50.0761 3416 Wanarpv6 - ok
21:45:51.0010 3416 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:45:51.0104 3416 WatAdminSvc - ok
21:45:51.0338 3416 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:45:51.0400 3416 wbengine - ok
21:45:51.0431 3416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:45:51.0447 3416 WbioSrvc - ok
21:45:51.0556 3416 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:45:51.0603 3416 wcncsvc - ok
21:45:51.0619 3416 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:45:51.0681 3416 WcsPlugInService - ok
21:45:51.0712 3416 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
21:45:51.0712 3416 Wd - ok
21:45:51.0868 3416 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:45:51.0946 3416 Wdf01000 - ok
21:45:51.0977 3416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:45:51.0993 3416 WdiServiceHost - ok
21:45:52.0009 3416 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:45:52.0024 3416 WdiSystemHost - ok
21:45:52.0071 3416 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:45:52.0087 3416 WebClient - ok
21:45:52.0149 3416 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:45:52.0165 3416 Wecsvc - ok
21:45:52.0211 3416 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:45:52.0227 3416 wercplsupport - ok
21:45:52.0289 3416 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:45:52.0289 3416 WerSvc - ok
21:45:52.0352 3416 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:45:52.0352 3416 WfpLwf - ok
21:45:52.0399 3416 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:45:52.0430 3416 WIMMount - ok
21:45:52.0445 3416 WinDefend - ok
21:45:52.0492 3416 WinHttpAutoProxySvc - ok
21:45:52.0742 3416 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:45:52.0742 3416 Winmgmt - ok
21:45:53.0101 3416 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:45:53.0179 3416 WinRM - ok
21:45:53.0303 3416 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
21:45:53.0303 3416 WinUSB - ok
21:45:53.0413 3416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:45:53.0444 3416 Wlansvc - ok
21:45:53.0506 3416 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:45:53.0506 3416 wlcrasvc - ok
21:45:53.0678 3416 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:45:53.0709 3416 wlidsvc - ok
21:45:53.0787 3416 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:45:53.0787 3416 WmiAcpi - ok
21:45:53.0818 3416 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:45:53.0834 3416 wmiApSrv - ok
21:45:53.0881 3416 WMPNetworkSvc - ok
21:45:53.0959 3416 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:45:53.0974 3416 WPCSvc - ok
21:45:53.0990 3416 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:45:54.0005 3416 WPDBusEnum - ok
21:45:54.0068 3416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:45:54.0068 3416 ws2ifsl - ok
21:45:54.0115 3416 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
21:45:54.0130 3416 wscsvc - ok
21:45:54.0146 3416 WSearch - ok
21:45:54.0317 3416 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:45:54.0364 3416 wuauserv - ok
21:45:54.0395 3416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:45:54.0411 3416 WudfPf - ok
21:45:54.0473 3416 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:45:54.0473 3416 WUDFRd - ok
21:45:54.0505 3416 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:45:54.0520 3416 wudfsvc - ok
21:45:54.0551 3416 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
21:45:54.0583 3416 WwanSvc - ok
21:45:54.0910 3416 ================ Scan global ===============================
21:45:54.0941 3416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:45:55.0004 3416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:45:55.0035 3416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:45:55.0082 3416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:45:55.0113 3416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:45:55.0129 3416 [Global] - ok
21:45:55.0129 3416 ================ Scan MBR ==================================
21:45:55.0144 3416 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:45:56.0455 3416 \Device\Harddisk0\DR0 - ok
21:45:56.0455 3416 ================ Scan VBR ==================================
21:45:56.0595 3416 [ A76DD16DC6CF7D1F96252D66121E713A ] \Device\Harddisk0\DR0\Partition1
21:45:56.0595 3416 \Device\Harddisk0\DR0\Partition1 - ok
21:45:56.0689 3416 [ 9F0211928AA3EA36458DD0D371FAA251 ] \Device\Harddisk0\DR0\Partition2
21:45:56.0689 3416 \Device\Harddisk0\DR0\Partition2 - ok
21:45:56.0767 3416 [ ACED71D2809306D14F6152DBCA73A294 ] \Device\Harddisk0\DR0\Partition3
21:45:56.0782 3416 \Device\Harddisk0\DR0\Partition3 - ok
21:45:56.0829 3416 [ 561E1348DB123EA75EF7CFB8FC78F931 ] \Device\Harddisk0\DR0\Partition4
21:45:56.0829 3416 \Device\Harddisk0\DR0\Partition4 - ok
21:45:56.0829 3416 ================ Scan active images ========================
21:45:56.0829 3416 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:45:56.0829 3416 C:\Windows\System32\drivers\crashdmp.sys - ok
21:45:56.0829 3416 [ 26CF4275034214ECEDD8EC17B0A18A99 ] C:\Windows\System32\drivers\iaStor.sys
21:45:56.0829 3416 C:\Windows\System32\drivers\iaStor.sys - ok
21:45:56.0845 3416 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:45:56.0845 3416 C:\Windows\System32\drivers\dumpfve.sys - ok
21:45:56.0845 3416 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
21:45:56.0845 3416 C:\Windows\System32\drivers\cdrom.sys - ok
21:45:56.0860 3416 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] C:\Windows\System32\drivers\aswSnx.sys
21:45:56.0860 3416 C:\Windows\System32\drivers\aswSnx.sys - ok
21:45:56.0860 3416 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:45:56.0860 3416 C:\Windows\System32\drivers\null.sys - ok
21:45:56.0876 3416 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:45:56.0876 3416 C:\Windows\System32\drivers\beep.sys - ok
21:45:56.0876 3416 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:45:56.0876 3416 C:\Windows\System32\drivers\watchdog.sys - ok
21:45:56.0876 3416 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:45:56.0876 3416 C:\Windows\System32\drivers\videoprt.sys - ok
21:45:56.0891 3416 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:45:56.0891 3416 C:\Windows\System32\drivers\vga.sys - ok
21:45:56.0891 3416 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:45:56.0891 3416 C:\Windows\System32\drivers\RDPCDD.sys - ok
21:45:56.0907 3416 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:45:56.0907 3416 C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:45:56.0907 3416 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:45:56.0907 3416 C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:45:56.0907 3416 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:45:56.0907 3416 C:\Windows\System32\drivers\msfs.sys - ok
21:45:56.0923 3416 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:45:56.0923 3416 C:\Windows\System32\drivers\npfs.sys - ok
21:45:56.0923 3416 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
21:45:56.0923 3416 C:\Windows\System32\drivers\tdi.sys - ok
21:45:56.0923 3416 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
21:45:56.0923 3416 C:\Windows\System32\drivers\tdx.sys - ok
21:45:56.0938 3416 [ C3EC420451AC5300A22190AE38418FBA ] C:\Windows\System32\drivers\aswTdi.sys
21:45:56.0938 3416 C:\Windows\System32\drivers\aswTdi.sys - ok
21:45:56.0938 3416 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
21:45:56.0938 3416 C:\Windows\System32\drivers\afd.sys - ok
21:45:56.0954 3416 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] C:\Windows\System32\drivers\aswRdr2.sys
21:45:56.0954 3416 C:\Windows\System32\drivers\aswRdr2.sys - ok
21:45:56.0954 3416 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
21:45:56.0954 3416 C:\Windows\System32\drivers\netbt.sys - ok
21:45:56.0954 3416 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
21:45:56.0954 3416 C:\Windows\System32\drivers\ws2ifsl.sys - ok
21:45:56.0969 3416 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:45:56.0969 3416 C:\Windows\System32\drivers\wfplwf.sys - ok
21:45:56.0969 3416 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
21:45:56.0969 3416 C:\Windows\System32\drivers\pacer.sys - ok
21:45:56.0969 3416 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:45:56.0969 3416 C:\Windows\System32\drivers\vwififlt.sys - ok
21:45:56.0985 3416 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:45:56.0985 3416 C:\Windows\System32\drivers\netbios.sys - ok
21:45:56.0985 3416 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
21:45:56.0985 3416 C:\Windows\System32\drivers\wanarp.sys - ok
21:45:56.0985 3416 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
21:45:57.0001 3416 C:\Windows\System32\drivers\termdd.sys - ok
21:45:57.0001 3416 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
21:45:57.0001 3416 C:\Windows\System32\drivers\rdbss.sys - ok
21:45:57.0001 3416 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:45:57.0001 3416 C:\Windows\System32\drivers\nsiproxy.sys - ok
21:45:57.0001 3416 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:45:57.0001 3416 C:\Windows\System32\drivers\mssmbios.sys - ok
21:45:57.0016 3416 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:45:57.0016 3416 C:\Windows\System32\drivers\discache.sys - ok
21:45:57.0016 3416 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
21:45:57.0016 3416 C:\Windows\System32\drivers\dfsc.sys - ok
21:45:57.0032 3416 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:45:57.0032 3416 C:\Windows\System32\drivers\blbdrive.sys - ok
21:45:57.0032 3416 [ 9A49D80D65451AF22913AEF772CC3DA9 ] C:\Windows\System32\drivers\aswSP.sys
21:45:57.0032 3416 C:\Windows\System32\drivers\aswSP.sys - ok
21:45:57.0047 3416 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
21:45:57.0047 3416 C:\Windows\System32\drivers\tunnel.sys - ok
21:45:57.0047 3416 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
21:45:57.0047 3416 C:\Windows\System32\drivers\CmBatt.sys - ok
21:45:57.0063 3416 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:45:57.0063 3416 C:\Windows\System32\smss.exe - ok
21:45:57.0063 3416 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
21:45:57.0063 3416 C:\Windows\System32\ntdll.dll - ok
21:45:57.0063 3416 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
21:45:57.0079 3416 C:\Windows\System32\autochk.exe - ok
21:45:57.0079 3416 [ 33FAA40B288002C89529DBD14F3AB72C ] C:\Windows\System32\drivers\igdkmd64.sys
21:45:57.0079 3416 C:\Windows\System32\drivers\igdkmd64.sys - ok
21:45:57.0079 3416 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
21:45:57.0079 3416 C:\Windows\System32\drivers\fastfat.sys - ok
21:45:57.0079 3416 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
21:45:57.0079 3416 C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:45:57.0094 3416 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
21:45:57.0094 3416 C:\Windows\System32\drivers\dxgmms1.sys - ok
21:45:57.0094 3416 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
21:45:57.0094 3416 C:\Windows\System32\drivers\HECIx64.sys - ok
21:45:57.0110 3416 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
21:45:57.0110 3416 C:\Windows\System32\drivers\usbport.sys - ok
21:45:57.0110 3416 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
21:45:57.0110 3416 C:\Windows\System32\drivers\usbehci.sys - ok
21:45:57.0110 3416 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
21:45:57.0110 3416 C:\Windows\System32\drivers\hdaudbus.sys - ok
21:45:57.0125 3416 [ 31609B481CC202BFB441E37FEBCDEA05 ] C:\Windows\System32\drivers\netr28x.sys
21:45:57.0125 3416 C:\Windows\System32\drivers\netr28x.sys - ok
21:45:57.0125 3416 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:45:57.0125 3416 C:\Windows\System32\drivers\vwifibus.sys - ok
21:45:57.0125 3416 [ 9140DB0911DE035FED0A9A77A2D156EA ] C:\Windows\System32\drivers\Rt64win7.sys
21:45:57.0125 3416 C:\Windows\System32\drivers\Rt64win7.sys - ok
21:45:57.0141 3416 [ 546D7F426776090B90EF5F195B6AE662 ] C:\Windows\System32\drivers\RtsPStor.sys
21:45:57.0141 3416 C:\Windows\System32\drivers\RtsPStor.sys - ok
21:45:57.0141 3416 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:45:57.0141 3416 C:\Windows\System32\drivers\i8042prt.sys - ok
21:45:57.0157 3416 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:45:57.0157 3416 C:\Windows\System32\drivers\kbdclass.sys - ok
21:45:57.0157 3416 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
21:45:57.0157 3416 C:\Windows\System32\drivers\usbd.sys - ok
21:45:57.0172 3416 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] C:\Windows\System32\drivers\SynTP.sys
21:45:57.0172 3416 C:\Windows\System32\drivers\SynTP.sys - ok
21:45:57.0172 3416 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:45:57.0172 3416 C:\Windows\System32\drivers\mouclass.sys - ok
21:45:57.0188 3416 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:45:57.0188 3416 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:45:57.0188 3416 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:45:57.0188 3416 C:\Windows\System32\drivers\wmiacpi.sys - ok
21:45:57.0203 3416 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
21:45:57.0203 3416 C:\Windows\System32\drivers\intelppm.sys - ok
21:45:57.0203 3416 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
21:45:57.0203 3416 C:\Windows\System32\drivers\CompositeBus.sys - ok
21:45:57.0203 3416 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
21:45:57.0203 3416 C:\Windows\System32\drivers\ks.sys - ok
21:45:57.0219 3416 [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
21:45:57.0219 3416 C:\Windows\System32\drivers\clwvd.sys - ok
21:45:57.0219 3416 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:45:57.0219 3416 C:\Windows\System32\drivers\ksthunk.sys - ok
21:45:57.0219 3416 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:45:57.0219 3416 C:\Windows\System32\drivers\agilevpn.sys - ok
21:45:57.0235 3416 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
21:45:57.0235 3416 C:\Windows\System32\drivers\rasl2tp.sys - ok
21:45:57.0235 3416 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:45:57.0235 3416 C:\Windows\System32\drivers\ndistapi.sys - ok
21:45:57.0250 3416 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
21:45:57.0250 3416 C:\Windows\System32\drivers\ndiswan.sys - ok
21:45:57.0250 3416 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:45:57.0250 3416 C:\Windows\System32\drivers\raspppoe.sys - ok
21:45:57.0250 3416 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
21:45:57.0250 3416 C:\Windows\System32\drivers\raspptp.sys - ok
21:45:57.0266 3416 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:45:57.0266 3416 C:\Windows\System32\drivers\rassstp.sys - ok
21:45:57.0266 3416 [ DECACB6921DED1A38642642685D77DAC ] C:\Windows\System32\drivers\serscan.sys
21:45:57.0266 3416 C:\Windows\System32\drivers\serscan.sys - ok
21:45:57.0281 3416 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:45:57.0281 3416 C:\Windows\System32\drivers\swenum.sys - ok
21:45:57.0281 3416 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
21:45:57.0281 3416 C:\Windows\System32\drivers\umbus.sys - ok
21:45:57.0281 3416 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
21:45:57.0281 3416 C:\Windows\System32\drivers\usbhub.sys - ok
21:45:57.0281 3416 [ E10A0704318A6F7E52787D09717D7C2C ] C:\Windows\System32\iertutil.dll
21:45:57.0281 3416 C:\Windows\System32\iertutil.dll - ok
21:45:57.0297 3416 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
21:45:57.0297 3416 C:\Windows\System32\drivers\ndproxy.sys - ok
21:45:57.0297 3416 [ 7F7FE11DF2D67B36DFE5013881619A94 ] C:\Windows\System32\urlmon.dll
21:45:57.0297 3416 C:\Windows\System32\urlmon.dll - ok
21:45:57.0313 3416 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:45:57.0313 3416 C:\Windows\System32\drivers\drmk.sys - ok
21:45:57.0313 3416 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
21:45:57.0313 3416 C:\Windows\System32\comdlg32.dll - ok
21:45:57.0313 3416 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:45:57.0313 3416 C:\Windows\System32\drivers\portcls.sys - ok
21:45:57.0313 3416 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A ] C:\Windows\System32\drivers\stwrt64.sys
21:45:57.0313 3416 C:\Windows\System32\drivers\stwrt64.sys - ok
21:45:57.0328 3416 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
21:45:57.0328 3416 C:\Windows\System32\gdi32.dll - ok
21:45:57.0328 3416 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:45:57.0328 3416 C:\Windows\System32\difxapi.dll - ok
21:45:57.0344 3416 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
21:45:57.0344 3416 C:\Windows\System32\drivers\IntcDAud.sys - ok
21:45:57.0344 3416 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
21:45:57.0344 3416 C:\Windows\System32\imagehlp.dll - ok
21:45:57.0344 3416 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:45:57.0344 3416 C:\Windows\System32\msctf.dll - ok
21:45:57.0359 3416 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
21:45:57.0359 3416 C:\Windows\System32\shlwapi.dll - ok
21:45:57.0359 3416 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
21:45:57.0359 3416 C:\Windows\System32\user32.dll - ok
21:45:57.0359 3416 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:45:57.0359 3416 C:\Windows\System32\advapi32.dll - ok
21:45:57.0375 3416 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:45:57.0375 3416 C:\Windows\System32\nsi.dll - ok
21:45:57.0375 3416 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
21:45:57.0375 3416 C:\Windows\System32\kernel32.dll - ok
21:45:57.0375 3416 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:45:57.0375 3416 C:\Windows\System32\sechost.dll - ok
21:45:57.0375 3416 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:45:57.0375 3416 C:\Windows\System32\imm32.dll - ok
21:45:57.0391 3416 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
21:45:57.0391 3416 C:\Windows\System32\rpcrt4.dll - ok
21:45:57.0391 3416 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
21:45:57.0391 3416 C:\Windows\System32\shell32.dll - ok
21:45:57.0391 3416 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
21:45:57.0391 3416 C:\Windows\System32\ole32.dll - ok
21:45:57.0406 3416 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:45:57.0406 3416 C:\Windows\System32\clbcatq.dll - ok
21:45:57.0406 3416 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
21:45:57.0406 3416 C:\Windows\System32\ws2_32.dll - ok
21:45:57.0422 3416 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
21:45:57.0422 3416 C:\Windows\System32\setupapi.dll - ok
21:45:57.0422 3416 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
21:45:57.0422 3416 C:\Windows\System32\drivers\hidclass.sys - ok
21:45:57.0422 3416 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
21:45:57.0422 3416 C:\Windows\System32\drivers\hidparse.sys - ok
21:45:57.0437 3416 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
21:45:57.0437 3416 C:\Windows\System32\drivers\hidusb.sys - ok
21:45:57.0437 3416 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
21:45:57.0437 3416 C:\Windows\System32\drivers\mouhid.sys - ok
21:45:57.0437 3416 [ 8EA68FD3780DDDD5072F8CB830B3CB3D ] C:\Windows\System32\wininet.dll
21:45:57.0437 3416 C:\Windows\System32\wininet.dll - ok
21:45:57.0437 3416 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
21:45:57.0437 3416 C:\Windows\System32\drivers\usbccgp.sys - ok
21:45:57.0453 3416 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
21:45:57.0453 3416 C:\Windows\System32\Wldap32.dll - ok
21:45:57.0453 3416 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
21:45:57.0453 3416 C:\Windows\System32\oleaut32.dll - ok
21:45:57.0453 3416 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
21:45:57.0469 3416 C:\Windows\System32\drivers\usbvideo.sys - ok
21:45:57.0469 3416 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:45:57.0469 3416 C:\Windows\System32\normaliz.dll - ok
21:45:57.0469 3416 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
21:45:57.0469 3416 C:\Windows\System32\msvcrt.dll - ok
21:45:57.0484 3416 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
21:45:57.0484 3416 C:\Windows\System32\usp10.dll - ok
21:45:57.0484 3416 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:45:57.0484 3416 C:\Windows\System32\lpk.dll - ok
21:45:57.0484 3416 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:45:57.0484 3416 C:\Windows\System32\psapi.dll - ok
21:45:57.0500 3416 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
21:45:57.0500 3416 C:\Windows\System32\comctl32.dll - ok
21:45:57.0500 3416 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
21:45:57.0500 3416 C:\Windows\System32\crypt32.dll - ok
21:45:57.0515 3416 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
21:45:57.0515 3416 C:\Windows\System32\wintrust.dll - ok
21:45:57.0515 3416 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:45:57.0515 3416 C:\Windows\System32\devobj.dll - ok
21:45:57.0515 3416 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
21:45:57.0515 3416 C:\Windows\System32\cfgmgr32.dll - ok
21:45:57.0515 3416 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
21:45:57.0515 3416 C:\Windows\System32\KernelBase.dll - ok
21:45:57.0531 3416 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
21:45:57.0531 3416 C:\Windows\System32\msasn1.dll - ok
21:45:57.0531 3416 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:45:57.0531 3416 C:\Windows\SysWOW64\normaliz.dll - ok
21:45:57.0531 3416 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:45:57.0531 3416 C:\Windows\System32\drivers\dxapi.sys - ok
21:45:57.0547 3416 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
21:45:57.0547 3416 C:\Windows\System32\win32k.sys - ok
21:45:57.0547 3416 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:45:57.0547 3416 C:\Windows\System32\csrss.exe - ok
21:45:57.0562 3416 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
21:45:57.0562 3416 C:\Windows\System32\csrsrv.dll - ok
21:45:57.0562 3416 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:45:57.0562 3416 C:\Windows\System32\basesrv.dll - ok
21:45:57.0562 3416 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
21:45:57.0562 3416 C:\Windows\System32\winsrv.dll - ok
21:45:57.0578 3416 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:45:57.0578 3416 C:\Windows\System32\drivers\monitor.sys - ok
21:45:57.0578 3416 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:45:57.0578 3416 C:\Windows\System32\tsddd.dll - ok
21:45:57.0578 3416 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:45:57.0578 3416 C:\Windows\System32\sxssrv.dll - ok
21:45:57.0593 3416 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:45:57.0593 3416 C:\Windows\System32\wininit.exe - ok
21:45:57.0593 3416 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
21:45:57.0593 3416 C:\Windows\System32\cdd.dll - ok
21:45:57.0609 3416 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:45:57.0609 3416 C:\Windows\System32\profapi.dll - ok
21:45:57.0609 3416 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
21:45:57.0609 3416 C:\Windows\System32\RpcRtRemote.dll - ok
21:45:57.0609 3416 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
21:45:57.0609 3416 C:\Windows\System32\KBDUS.DLL - ok
21:45:57.0625 3416 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
21:45:57.0625 3416 C:\Windows\System32\winlogon.exe - ok
21:45:57.0625 3416 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
21:45:57.0625 3416 C:\Windows\System32\winsta.dll - ok
21:45:57.0640 3416 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:45:57.0640 3416 C:\Windows\System32\WlS0WndH.dll - ok
21:45:57.0640 3416 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
21:45:57.0640 3416 C:\Windows\System32\sxs.dll - ok
21:45:57.0640 3416 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:45:57.0640 3416 C:\Windows\System32\cryptbase.dll - ok
21:45:57.0656 3416 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
21:45:57.0656 3416 C:\Windows\System32\apphelp.dll - ok
21:45:57.0656 3416 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:45:57.0656 3416 C:\Windows\System32\services.exe - ok
21:45:57.0656 3416 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
21:45:57.0656 3416 C:\Windows\System32\lsass.exe - ok
21:45:57.0671 3416 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
21:45:57.0671 3416 C:\Windows\System32\sspisrv.dll - ok
21:45:57.0671 3416 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
21:45:57.0671 3416 C:\Windows\System32\lsm.exe - ok
21:45:57.0671 3416 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
21:45:57.0671 3416 C:\Windows\System32\sspicli.dll - ok
21:45:57.0687 3416 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
21:45:57.0687 3416 C:\Windows\System32\lsasrv.dll - ok
21:45:57.0687 3416 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:45:57.0687 3416 C:\Windows\System32\scext.dll - ok
21:45:57.0687 3416 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
21:45:57.0687 3416 C:\Windows\System32\secur32.dll - ok
21:45:57.0703 3416 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
21:45:57.0703 3416 C:\Windows\System32\scesrv.dll - ok
21:45:57.0703 3416 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:45:57.0703 3416 C:\Windows\System32\sysntfy.dll - ok
21:45:57.0703 3416 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
21:45:57.0703 3416 C:\Windows\System32\samsrv.dll - ok
21:45:57.0718 3416 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
21:45:57.0718 3416 C:\Windows\System32\srvcli.dll - ok
21:45:57.0718 3416 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:45:57.0718 3416 C:\Windows\System32\wmsgapi.dll - ok
21:45:57.0718 3416 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:45:57.0718 3416 C:\Windows\System32\cryptdll.dll - ok
21:45:57.0734 3416 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:45:57.0734 3416 C:\Windows\System32\wevtapi.dll - ok
21:45:57.0734 3416 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:45:57.0734 3416 C:\Windows\System32\cngaudit.dll - ok
21:45:57.0734 3416 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:45:57.0734 3416 C:\Windows\System32\authz.dll - ok
21:45:57.0749 3416 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
21:45:57.0749 3416 C:\Windows\System32\ncrypt.dll - ok
21:45:57.0749 3416 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:45:57.0749 3416 C:\Windows\System32\bcrypt.dll - ok
21:45:57.0765 3416 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:45:57.0765 3416 C:\Windows\System32\msprivs.dll - ok
21:45:57.0765 3416 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
21:45:57.0765 3416 C:\Windows\System32\netjoin.dll - ok
21:45:57.0781 3416 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:45:57.0781 3416 C:\Windows\System32\negoexts.dll - ok
21:45:57.0781 3416 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
21:45:57.0781 3416 C:\Windows\System32\kerberos.dll - ok
21:45:57.0781 3416 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:45:57.0781 3416 C:\Windows\System32\cryptsp.dll - ok
21:45:57.0796 3416 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
21:45:57.0796 3416 C:\Windows\System32\mswsock.dll - ok
21:45:57.0796 3416 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:45:57.0796 3416 C:\Windows\System32\wship6.dll - ok
21:45:57.0796 3416 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
21:45:57.0796 3416 C:\Windows\System32\msv1_0.dll - ok
21:45:57.0796 3416 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
21:45:57.0796 3416 C:\Windows\System32\netlogon.dll - ok
21:45:57.0812 3416 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
21:45:57.0812 3416 C:\Windows\System32\dnsapi.dll - ok
21:45:57.0812 3416 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
21:45:57.0812 3416 C:\Windows\System32\logoncli.dll - ok
21:45:57.0812 3416 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
21:45:57.0812 3416 C:\Windows\System32\schannel.dll - ok
21:45:57.0827 3416 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:45:57.0827 3416 C:\Windows\System32\wdigest.dll - ok
21:45:57.0827 3416 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:45:57.0827 3416 C:\Windows\System32\rsaenh.dll - ok
21:45:57.0843 3416 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
21:45:57.0843 3416 C:\Windows\System32\TSpkg.dll - ok
21:45:57.0843 3416 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:45:57.0843 3416 C:\Windows\System32\pku2u.dll - ok
21:45:57.0843 3416 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
21:45:57.0843 3416 C:\Windows\System32\LIVESSP.DLL - ok
21:45:57.0843 3416 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
21:45:57.0843 3416 C:\Windows\System32\bcryptprimitives.dll - ok
21:45:57.0859 3416 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:45:57.0859 3416 C:\Windows\System32\efslsaext.dll - ok
21:45:57.0859 3416 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
21:45:57.0859 3416 C:\Windows\System32\credssp.dll - ok
21:45:57.0859 3416 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:45:57.0859 3416 C:\Windows\System32\ubpm.dll - ok
21:45:57.0874 3416 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
21:45:57.0874 3416 C:\Windows\System32\scecli.dll - ok
21:45:57.0874 3416 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:45:57.0874 3416 C:\Windows\System32\svchost.exe - ok
21:45:57.0874 3416 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
21:45:57.0874 3416 C:\Windows\System32\umpnpmgr.dll - ok
21:45:57.0874 3416 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:45:57.0874 3416 C:\Windows\System32\SPInf.dll - ok
21:45:57.0890 3416 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:45:57.0890 3416 C:\Windows\System32\devrtl.dll - ok
21:45:57.0890 3416 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
21:45:57.0890 3416 C:\Windows\System32\userenv.dll - ok
21:45:57.0890 3416 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:45:57.0890 3416 C:\Windows\System32\gpapi.dll - ok
21:45:57.0905 3416 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:45:57.0905 3416 C:\Windows\System32\umpo.dll - ok
21:45:57.0905 3416 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:45:57.0905 3416 C:\Windows\System32\pcwum.dll - ok
21:45:57.0905 3416 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:45:57.0905 3416 C:\Windows\System32\powrprof.dll - ok
21:45:57.0921 3416 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:45:57.0921 3416 C:\Windows\System32\drivers\luafv.sys - ok
21:45:57.0921 3416 [ AA9FDE3D630160B47DAB21BF8250111C ] C:\Windows\System32\drivers\aswMonFlt.sys
21:45:57.0921 3416 C:\Windows\System32\drivers\aswMonFlt.sys - ok
21:45:57.0921 3416 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] C:\Windows\System32\drivers\aswFsBlk.sys
21:45:57.0921 3416 C:\Windows\System32\drivers\aswFsBlk.sys - ok
21:45:57.0937 3416 [ 26065327BB2AA358140381FC76520908 ] C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
21:45:57.0937 3416 C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe - ok
21:45:57.0937 3416 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
21:45:57.0937 3416 C:\Windows\SysWOW64\ntdll.dll - ok
21:45:57.0937 3416 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
21:45:57.0937 3416 C:\Windows\System32\wow64.dll - ok
21:45:57.0937 3416 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
21:45:57.0937 3416 C:\Windows\System32\wow64win.dll - ok
21:45:57.0952 3416 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
21:45:57.0952 3416 C:\Windows\System32\wow64cpu.dll - ok
21:45:57.0952 3416 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
21:45:57.0952 3416 C:\Windows\SysWOW64\kernel32.dll - ok
21:45:57.0952 3416 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
21:45:57.0952 3416 C:\Windows\SysWOW64\KernelBase.dll - ok
21:45:57.0968 3416 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
21:45:57.0968 3416 C:\Windows\SysWOW64\msvcrt.dll - ok
21:45:57.0968 3416 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
21:45:57.0968 3416 C:\Windows\SysWOW64\wtsapi32.dll - ok
21:45:57.0968 3416 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
21:45:57.0968 3416 C:\Windows\SysWOW64\userenv.dll - ok
21:45:57.0968 3416 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:45:57.0983 3416 C:\Windows\SysWOW64\rpcrt4.dll - ok
21:45:57.0983 3416 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
21:45:57.0983 3416 C:\Windows\SysWOW64\sspicli.dll - ok
21:45:57.0983 3416 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:45:57.0983 3416 C:\Windows\SysWOW64\cryptbase.dll - ok
21:45:57.0983 3416 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:45:57.0983 3416 C:\Windows\SysWOW64\sechost.dll - ok
21:45:57.0999 3416 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:45:57.0999 3416 C:\Windows\SysWOW64\profapi.dll - ok
21:45:57.0999 3416 [ 9480EDD0480F24B3915A472A751437DD ] C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll
21:45:57.0999 3416 C:\Program Files (x86)\HP SimplePass 2011\TSLog.dll - ok
21:45:57.0999 3416 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
21:45:57.0999 3416 C:\Windows\SysWOW64\user32.dll - ok
21:45:58.0015 3416 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
21:45:58.0015 3416 C:\Windows\SysWOW64\gdi32.dll - ok
21:45:58.0015 3416 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:45:58.0015 3416 C:\Windows\SysWOW64\lpk.dll - ok
21:45:58.0015 3416 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
21:45:58.0015 3416 C:\Windows\SysWOW64\usp10.dll - ok
21:45:58.0030 3416 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
21:45:58.0030 3416 C:\Windows\SysWOW64\advapi32.dll - ok
21:45:58.0030 3416 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
21:45:58.0030 3416 C:\Windows\SysWOW64\shell32.dll - ok
21:45:58.0030 3416 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
21:45:58.0030 3416 C:\Windows\SysWOW64\shlwapi.dll - ok
21:45:58.0030 3416 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
21:45:58.0030 3416 C:\Windows\SysWOW64\ole32.dll - ok
21:45:58.0046 3416 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
21:45:58.0046 3416 C:\Windows\SysWOW64\winspool.drv - ok
21:45:58.0046 3416 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
21:45:58.0046 3416 C:\Windows\SysWOW64\oleaut32.dll - ok
21:45:58.0046 3416 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
21:45:58.0046 3416 C:\Windows\SysWOW64\oleacc.dll - ok
21:45:58.0061 3416 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
21:45:58.0061 3416 C:\Windows\SysWOW64\imm32.dll - ok
21:45:58.0061 3416 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:45:58.0061 3416 C:\Windows\SysWOW64\msctf.dll - ok
21:45:58.0061 3416 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:45:58.0061 3416 C:\Windows\SysWOW64\ntmarta.dll - ok
21:45:58.0077 3416 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
21:45:58.0077 3416 C:\Windows\SysWOW64\Wldap32.dll - ok
21:45:58.0077 3416 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
21:45:58.0077 3416 C:\Windows\SysWOW64\winsta.dll - ok
21:45:58.0077 3416 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
21:45:58.0077 3416 C:\Windows\System32\drivers\Sftvollh.sys - ok
21:45:58.0093 3416 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
21:45:58.0093 3416 C:\Windows\System32\drivers\WUDFPf.sys - ok
21:45:58.0093 3416 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
21:45:58.0093 3416 C:\Windows\System32\rpcss.dll - ok
21:45:58.0093 3416 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:45:58.0093 3416 C:\Windows\System32\RpcEpMap.dll - ok
21:45:58.0108 3416 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:45:58.0108 3416 C:\Windows\System32\WSHTCPIP.DLL - ok
21:45:58.0108 3416 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:45:58.0108 3416 C:\Windows\System32\wshqos.dll - ok
21:45:58.0108 3416 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:45:58.0108 3416 C:\Windows\System32\FirewallAPI.dll - ok
21:45:58.0124 3416 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
21:45:58.0124 3416 C:\Windows\System32\LogonUI.exe - ok
21:45:58.0124 3416 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
21:45:58.0124 3416 C:\Windows\System32\authui.dll - ok
21:45:58.0124 3416 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:45:58.0124 3416 C:\Windows\System32\version.dll - ok
21:45:58.0139 3416 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
21:45:58.0139 3416 C:\Windows\System32\cryptui.dll - ok
21:45:58.0139 3416 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:45:58.0139 3416 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:45:58.0139 3416 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
21:45:58.0139 3416 C:\Windows\System32\wevtsvc.dll - ok
21:45:58.0155 3416 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:45:58.0155 3416 C:\Windows\System32\mmcss.dll - ok
21:45:58.0155 3416 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
21:45:58.0155 3416 C:\Windows\System32\audiosrv.dll - ok
21:45:58.0155 3416 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
21:45:58.0155 3416 C:\Windows\System32\shacct.dll - ok
21:45:58.0171 3416 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:45:58.0171 3416 C:\Windows\System32\avrt.dll - ok
21:45:58.0171 3416 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:45:58.0171 3416 C:\Windows\System32\samlib.dll - ok
21:45:58.0171 3416 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
21:45:58.0171 3416 C:\Windows\System32\propsys.dll - ok
21:45:58.0186 3416 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
21:45:58.0186 3416 C:\Windows\System32\profsvc.dll - ok
21:45:58.0186 3416 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:45:58.0186 3416 C:\Windows\System32\MMDevAPI.dll - ok
21:45:58.0186 3416 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:45:58.0186 3416 C:\Windows\System32\adtschema.dll - ok
21:45:58.0202 3416 [ 7BF818B11C1FEDC3E76D233124470A30 ] C:\Program Files\IDT\WDM\stacsv64.exe
21:45:58.0202 3416 C:\Program Files\IDT\WDM\stacsv64.exe - ok
21:45:58.0202 3416 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:45:58.0202 3416 C:\Windows\System32\uxtheme.dll - ok
21:45:58.0202 3416 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:45:58.0202 3416 C:\Windows\System32\atl.dll - ok
21:45:58.0217 3416 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
21:45:58.0217 3416 C:\Windows\System32\dsound.dll - ok
21:45:58.0217 3416 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:45:58.0217 3416 C:\Windows\System32\wlansvc.dll - ok
21:45:58.0217 3416 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:45:58.0217 3416 C:\Windows\System32\winmm.dll - ok
21:45:58.0233 3416 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
21:45:58.0233 3416 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
21:45:58.0233 3416 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:45:58.0233 3416 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:45:58.0233 3416 [ 89069469AEB8DFBAA81ED11B7BE00775 ] C:\Windows\System32\stapi64.dll
21:45:58.0233 3416 C:\Windows\System32\stapi64.dll - ok
21:45:58.0249 3416 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
21:45:58.0249 3416 C:\Windows\System32\drivers\fltMgr.sys - ok
21:45:58.0249 3416 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:45:58.0249 3416 C:\Windows\System32\PSHED.DLL - ok
21:45:58.0249 3416 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:45:58.0249 3416 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:45:58.0264 3416 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:45:58.0264 3416 C:\Windows\System32\netprofm.dll - ok
21:45:58.0264 3416 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:45:58.0264 3416 C:\Windows\System32\dui70.dll - ok
21:45:58.0264 3416 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
21:45:58.0264 3416 C:\Windows\System32\MPSSVC.dll - ok
21:45:58.0280 3416 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:45:58.0280 3416 C:\Windows\System32\duser.dll - ok
21:45:58.0280 3416 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
21:45:58.0280 3416 C:\Windows\System32\SndVolSSO.dll - ok
21:45:58.0280 3416 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
21:45:58.0280 3416 C:\Windows\System32\audiodg.exe - ok
21:45:58.0295 3416 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:45:58.0295 3416 C:\Windows\System32\hid.dll - ok
21:45:58.0295 3416 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:45:58.0295 3416 C:\Windows\System32\dwmapi.dll - ok
21:45:58.0295 3416 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
21:45:58.0295 3416 C:\Windows\System32\xmllite.dll - ok
21:45:58.0311 3416 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
21:45:58.0311 3416 C:\Windows\System32\AudioSes.dll - ok
21:45:58.0311 3416 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:45:58.0311 3416 C:\Windows\System32\ntmarta.dll - ok
21:45:58.0311 3416 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
21:45:58.0311 3416 C:\Windows\System32\gpsvc.dll - ok
21:45:58.0327 3416 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:45:58.0327 3416 C:\Windows\System32\AudioEng.dll - ok
21:45:58.0327 3416 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:45:58.0327 3416 C:\Windows\System32\AUDIOKSE.dll - ok
21:45:58.0327 3416 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
21:45:58.0327 3416 C:\Windows\System32\WindowsCodecs.dll - ok
21:45:58.0342 3416 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
21:45:58.0342 3416 C:\Windows\System32\nlaapi.dll - ok
21:45:58.0342 3416 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:45:58.0342 3416 C:\Windows\System32\ksuser.dll - ok
21:45:58.0342 3416 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:45:58.0342 3416 C:\Windows\System32\themeservice.dll - ok
21:45:58.0358 3416 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:45:58.0358 3416 C:\Windows\System32\dsrole.dll - ok
21:45:58.0358 3416 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:45:58.0358 3416 C:\Windows\System32\es.dll - ok
21:45:58.0358 3416 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:45:58.0358 3416 C:\Windows\System32\slc.dll - ok
21:45:58.0358 3416 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:45:58.0358 3416 C:\Windows\System32\Sens.dll - ok
21:45:58.0373 3416 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:45:58.0373 3416 C:\Windows\System32\comres.dll - ok
21:45:58.0373 3416 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:45:58.0373 3416 C:\Windows\System32\uxsms.dll - ok
21:45:58.0373 3416 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:45:58.0373 3416 C:\Windows\System32\wtsapi32.dll - ok
21:45:58.0389 3416 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:45:58.0389 3416 C:\Windows\System32\winbrand.dll - ok
21:45:58.0389 3416 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
21:45:58.0389 3416 C:\Windows\System32\WUDFSvc.dll - ok
21:45:58.0389 3416 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
21:45:58.0389 3416 C:\Windows\System32\WUDFPlatform.dll - ok
21:45:58.0405 3416 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
21:45:58.0405 3416 C:\Windows\System32\VaultCredProvider.dll - ok
21:45:58.0405 3416 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:45:58.0405 3416 C:\Windows\System32\drivers\lltdio.sys - ok
21:45:58.0405 3416 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:45:58.0405 3416 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:45:58.0405 3416 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:45:58.0405 3416 C:\Windows\System32\drivers\nwifi.sys - ok
21:45:58.0420 3416 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:45:58.0420 3416 C:\Windows\System32\BioCredProv.dll - ok
21:45:58.0420 3416 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:45:58.0420 3416 C:\Windows\System32\winbio.dll - ok
21:45:58.0436 3416 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
21:45:58.0436 3416 C:\Windows\System32\credui.dll - ok
21:45:58.0436 3416 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
21:45:58.0436 3416 C:\Windows\System32\drivers\ndisuio.sys - ok
21:45:58.0436 3416 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:45:58.0436 3416 C:\Windows\System32\vaultcli.dll - ok
21:45:58.0436 3416 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:45:58.0436 3416 C:\Windows\System32\drivers\rspndr.sys - ok
21:45:58.0451 3416 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:45:58.0451 3416 C:\Windows\System32\nsisvc.dll - ok
21:45:58.0451 3416 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
21:45:58.0451 3416 C:\Windows\System32\netapi32.dll - ok
21:45:58.0451 3416 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:45:58.0451 3416 C:\Windows\System32\lmhsvc.dll - ok
21:45:58.0467 3416 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
21:45:58.0467 3416 C:\Windows\System32\netutils.dll - ok
21:45:58.0467 3416 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
21:45:58.0467 3416 C:\Windows\System32\IPHLPAPI.DLL - ok
21:45:58.0467 3416 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
21:45:58.0467 3416 C:\Windows\System32\wkscli.dll - ok
21:45:58.0483 3416 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
21:45:58.0483 3416 C:\Windows\System32\dnsrslvr.dll - ok
21:45:58.0483 3416 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:45:58.0483 3416 C:\Windows\System32\keyiso.dll - ok
21:45:58.0483 3416 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:45:58.0483 3416 C:\Windows\System32\winnsi.dll - ok
21:45:58.0498 3416 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:45:58.0498 3416 C:\Windows\System32\eapsvc.dll - ok
21:45:58.0498 3416 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
21:45:58.0498 3416 C:\Windows\System32\samcli.dll - ok
21:45:58.0498 3416 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
21:45:58.0498 3416 C:\Windows\System32\nrpsrv.dll - ok
21:45:58.0514 3416 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:45:58.0514 3416 C:\Windows\System32\certCredProvider.dll - ok
21:45:58.0514 3416 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
21:45:58.0514 3416 C:\Windows\System32\eapphost.dll - ok
21:45:58.0514 3416 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
21:45:58.0514 3416 C:\Windows\System32\dhcpcore.dll - ok
21:45:58.0529 3416 [ 82A96612528ACB3E7F90F88573647E82 ] C:\Windows\System32\stapo64.dll
21:45:58.0529 3416 C:\Windows\System32\stapo64.dll - ok
21:45:58.0529 3416 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:45:58.0529 3416 C:\Windows\System32\FWPUCLNT.DLL - ok
21:45:58.0529 3416 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
21:45:58.0529 3416 C:\Windows\System32\dhcpcore6.dll - ok
21:45:58.0545 3416 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:45:58.0545 3416 C:\Windows\System32\dnsext.dll - ok
21:45:58.0545 3416 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:45:58.0545 3416 C:\Windows\System32\dhcpcsvc.dll - ok
21:45:58.0545 3416 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
21:45:58.0545 3416 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
21:45:58.0545 3416 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
21:45:58.0545 3416 C:\Windows\System32\umb.dll - ok
21:45:58.0561 3416 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
21:45:58.0561 3416 C:\Windows\System32\wlanmsm.dll - ok
21:45:58.0561 3416 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
21:45:58.0561 3416 C:\Windows\System32\dhcpcsvc6.dll - ok
21:45:58.0561 3416 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:45:58.0561 3416 C:\Windows\System32\rasplap.dll - ok
21:45:58.0576 3416 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:45:58.0576 3416 C:\Windows\System32\wlansec.dll - ok
21:45:58.0576 3416 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
21:45:58.0576 3416 C:\Windows\System32\onex.dll - ok
21:45:58.0576 3416 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:45:58.0576 3416 C:\Windows\System32\rasapi32.dll - ok
21:45:58.0592 3416 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:45:58.0592 3416 C:\Windows\System32\eappprxy.dll - ok
21:45:58.0592 3416 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:45:58.0592 3416 C:\Windows\System32\eappcfg.dll - ok
21:45:58.0592 3416 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:45:58.0592 3416 C:\Windows\System32\rasman.dll - ok
21:45:58.0607 3416 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:45:58.0607 3416 C:\Windows\System32\wlgpclnt.dll - ok
21:45:58.0607 3416 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:45:58.0607 3416 C:\Windows\System32\l2gpstore.dll - ok
21:45:58.0623 3416 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:45:58.0623 3416 C:\Windows\System32\wlanutil.dll - ok
21:45:58.0623 3416 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
21:45:58.0623 3416 C:\Windows\System32\rtutils.dll - ok
21:45:58.0623 3416 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
21:45:58.0623 3416 C:\Windows\System32\WinSCard.dll - ok
21:45:58.0639 3416 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
21:45:58.0639 3416 C:\Windows\System32\msxml6.dll - ok
21:45:58.0639 3416 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:45:58.0639 3416 C:\Windows\System32\UXInit.dll - ok
21:45:58.0654 3416 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:45:58.0654 3416 C:\Windows\System32\imageres.dll - ok
21:45:58.0654 3416 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:45:58.0654 3416 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
21:45:58.0670 3416 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
21:45:58.0670 3416 C:\Windows\SysWOW64\ws2_32.dll - ok
21:45:58.0670 3416 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
21:45:58.0670 3416 C:\Windows\System32\netcfgx.dll - ok
21:45:58.0670 3416 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:45:58.0670 3416 C:\Windows\SysWOW64\nsi.dll - ok
21:45:58.0685 3416 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
21:45:58.0685 3416 C:\Windows\System32\drivers\vwifimp.sys - ok
21:45:58.0685 3416 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
21:45:58.0685 3416 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
21:45:58.0685 3416 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
21:45:58.0685 3416 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
21:45:58.0701 3416 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
21:45:58.0701 3416 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
21:45:58.0701 3416 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:45:58.0701 3416 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:45:58.0701 3416 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
21:45:58.0701 3416 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
21:45:58.0717 3416 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\AVAST Software\Avast\ashBase.dll
21:45:58.0717 3416 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
21:45:58.0717 3416 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:45:58.0717 3416 C:\Windows\SysWOW64\wsock32.dll - ok
21:45:58.0732 3416 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:45:58.0732 3416 C:\Windows\SysWOW64\version.dll - ok
21:45:58.0732 3416 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
21:45:58.0732 3416 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
21:45:58.0732 3416 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:45:58.0732 3416 C:\Windows\SysWOW64\psapi.dll - ok
21:45:58.0748 3416 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
21:45:58.0748 3416 C:\Windows\SysWOW64\dbghelp.dll - ok
21:45:58.0748 3416 [ 4CC47E4FEA86625FD5419D864E6A16D1 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
21:45:58.0748 3416 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
21:45:58.0748 3416 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
21:45:58.0748 3416 C:\Windows\SysWOW64\netapi32.dll - ok
21:45:58.0763 3416 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
21:45:58.0763 3416 C:\Windows\SysWOW64\netutils.dll - ok
21:45:58.0763 3416 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
21:45:58.0763 3416 C:\Windows\SysWOW64\srvcli.dll - ok
21:45:58.0763 3416 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
21:45:58.0763 3416 C:\Windows\SysWOW64\wkscli.dll - ok
21:45:58.0779 3416 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
21:45:58.0779 3416 C:\Windows\SysWOW64\cscapi.dll - ok
21:45:58.0779 3416 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
21:45:58.0779 3416 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
21:45:58.0779 3416 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
21:45:58.0779 3416 C:\Windows\System32\shsvcs.dll - ok
21:45:58.0779 3416 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
21:45:58.0779 3416 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
21:45:58.0795 3416 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
21:45:58.0795 3416 C:\Windows\System32\fveapi.dll - ok
21:45:58.0795 3416 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:45:58.0795 3416 C:\Windows\System32\tbs.dll - ok
21:45:58.0795 3416 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:45:58.0795 3416 C:\Windows\System32\fvecerts.dll - ok
21:45:58.0810 3416 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
21:45:58.0810 3416 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
21:45:58.0810 3416 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
21:45:58.0810 3416 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
21:45:58.0810 3416 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
21:45:58.0810 3416 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
21:45:58.0826 3416 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:45:58.0826 3416 C:\Windows\System32\wiarpc.dll - ok
21:45:58.0826 3416 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
21:45:58.0826 3416 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
21:45:58.0826 3416 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
21:45:58.0826 3416 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
21:45:58.0841 3416 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
21:45:58.0841 3416 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
21:45:58.0841 3416 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
21:45:58.0841 3416 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
21:45:58.0857 3416 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
21:45:58.0857 3416 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
21:45:58.0857 3416 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
21:45:58.0857 3416 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
21:45:58.0857 3416 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
21:45:58.0857 3416 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
21:45:58.0873 3416 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:45:58.0873 3416 C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:45:58.0873 3416 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
21:45:58.0873 3416 C:\Windows\System32\schedsvc.dll - ok
21:45:58.0888 3416 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:45:58.0888 3416 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:45:58.0888 3416 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:45:58.0888 3416 C:\Windows\System32\ktmw32.dll - ok
21:45:58.0888 3416 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
21:45:58.0888 3416 C:\Windows\SysWOW64\wscisvif.dll - ok
21:45:58.0904 3416 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
21:45:58.0904 3416 C:\Windows\SysWOW64\wscapi.dll - ok
21:45:58.0904 3416 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
21:45:58.0904 3416 C:\Windows\System32\taskcomp.dll - ok
21:45:58.0904 3416 [ 1869C1A8ABB6D3E0B7FA81EE4346DC14 ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswEngin.dll
21:45:58.0904 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswEngin.dll - ok
21:45:58.0919 3416 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
21:45:58.0919 3416 C:\Windows\System32\drivers\http.sys - ok
21:45:58.0919 3416 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
21:45:58.0919 3416 C:\Windows\System32\spoolsv.exe - ok
21:45:58.0919 3416 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnOS.dll
21:45:58.0919 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnOS.dll - ok
21:45:58.0935 3416 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnIS.dll
21:45:58.0935 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnIS.dll - ok
21:45:58.0935 3416 [ 16D72F62FBF97AFD0511BCFE4C732EA9 ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnBS.dll
21:45:58.0935 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswCmnBS.dll - ok
21:45:58.0951 3416 [ 45551558282528DD5AD76606D51E6F09 ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswScan.dll
21:45:58.0951 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswScan.dll - ok
21:45:58.0951 3416 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
21:45:58.0951 3416 C:\Windows\System32\BFE.DLL - ok
21:45:58.0951 3416 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:45:58.0951 3416 C:\Windows\System32\dllhost.exe - ok
21:45:58.0966 3416 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
21:45:58.0966 3416 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
21:45:58.0966 3416 [ E2D37F405E21BE2534FF4A84F5032ECA ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswRep.dll
21:45:58.0966 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswRep.dll - ok
21:45:58.0966 3416 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:45:58.0966 3416 C:\Windows\System32\IDStore.dll - ok
21:45:58.0982 3416 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
21:45:58.0982 3416 C:\Windows\System32\drivers\bowser.sys - ok
21:45:58.0982 3416 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
21:45:58.0982 3416 C:\Windows\System32\taskhost.exe - ok
21:45:58.0982 3416 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:45:58.0982 3416 C:\Windows\System32\wbem\wbemprox.dll - ok
21:45:58.0997 3416 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:45:58.0997 3416 C:\Windows\System32\drivers\mpsdrv.sys - ok
21:45:58.0997 3416 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
21:45:58.0997 3416 C:\Windows\System32\wbemcomn.dll - ok
21:45:59.0013 3416 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:45:59.0013 3416 C:\Windows\System32\MsCtfMonitor.dll - ok
21:45:59.0013 3416 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
21:45:59.0013 3416 C:\Windows\System32\drivers\mrxsmb.sys - ok
21:45:59.0013 3416 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:45:59.0013 3416 C:\Windows\System32\msutb.dll - ok
21:45:59.0029 3416 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
21:45:59.0029 3416 C:\Windows\System32\wfapigp.dll - ok
21:45:59.0029 3416 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:45:59.0029 3416 C:\Windows\System32\PlaySndSrv.dll - ok
21:45:59.0029 3416 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
21:45:59.0029 3416 C:\Windows\System32\HotStartUserAgent.dll - ok
21:45:59.0044 3416 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:45:59.0044 3416 C:\Windows\System32\mpr.dll - ok
21:45:59.0044 3416 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
21:45:59.0044 3416 C:\Windows\SysWOW64\apphelp.dll - ok
21:45:59.0060 3416 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
21:45:59.0060 3416 C:\Windows\System32\mscms.dll - ok
21:45:59.0060 3416 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
21:45:59.0060 3416 C:\Windows\System32\userinit.exe - ok
21:45:59.0060 3416 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:45:59.0060 3416 C:\Windows\System32\dwm.exe - ok
21:45:59.0075 3416 [ 933DA9F57AE907CBC353CEF122AB8694 ] C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
21:45:59.0075 3416 C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe - ok
21:45:59.0075 3416 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
21:45:59.0075 3416 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
21:45:59.0091 3416 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:45:59.0091 3416 C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:45:59.0091 3416 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:45:59.0091 3416 C:\Windows\System32\pcasvc.dll - ok
21:45:59.0091 3416 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
21:45:59.0091 3416 C:\Windows\System32\dwmredir.dll - ok
21:45:59.0107 3416 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
21:45:59.0107 3416 C:\Windows\SysWOW64\powrprof.dll - ok
21:45:59.0107 3416 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
21:45:59.0107 3416 C:\Windows\SysWOW64\setupapi.dll - ok
21:45:59.0122 3416 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
21:45:59.0122 3416 C:\Windows\explorer.exe - ok
21:45:59.0122 3416 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
21:45:59.0122 3416 C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:45:59.0138 3416 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
21:45:59.0138 3416 C:\Windows\System32\dwmcore.dll - ok
21:45:59.0138 3416 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
21:45:59.0138 3416 C:\Windows\System32\wkssvc.dll - ok
21:45:59.0138 3416 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
21:45:59.0138 3416 C:\Windows\System32\snmptrap.exe - ok
21:45:59.0153 3416 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
21:45:59.0153 3416 C:\Windows\SysWOW64\devobj.dll - ok
21:45:59.0153 3416 [ C71A884DD6F8CFFA87D70FB75857449C ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswFiDb.dll
21:45:59.0153 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswFiDb.dll - ok
21:45:59.0169 3416 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
21:45:59.0169 3416 C:\Windows\SysWOW64\comdlg32.dll - ok
21:45:59.0169 3416 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:45:59.0169 3416 C:\Windows\SysWOW64\msimg32.dll - ok
21:45:59.0185 3416 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
21:45:59.0185 3416 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
21:45:59.0185 3416 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:45:59.0185 3416 C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:45:59.0200 3416 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
21:45:59.0200 3416 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
21:45:59.0200 3416 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
21:45:59.0200 3416 C:\Windows\System32\d3d10_1.dll - ok
21:45:59.0200 3416 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:45:59.0200 3416 C:\Windows\System32\rasadhlp.dll - ok
21:45:59.0216 3416 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
21:45:59.0216 3416 C:\Windows\System32\d3d10_1core.dll - ok
21:45:59.0216 3416 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
21:45:59.0216 3416 C:\Windows\System32\localspl.dll - ok
21:45:59.0216 3416 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:45:59.0216 3416 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:45:59.0231 3416 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
21:45:59.0231 3416 C:\Windows\System32\sstpsvc.dll - ok
21:45:59.0231 3416 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:45:59.0231 3416 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
21:45:59.0231 3416 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
21:45:59.0231 3416 C:\Windows\System32\dxgi.dll - ok
21:45:59.0247 3416 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
21:45:59.0247 3416 C:\Windows\System32\provsvc.dll - ok
21:45:59.0247 3416 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
21:45:59.0247 3416 C:\Windows\SysWOW64\crypt32.dll - ok
21:45:59.0263 3416 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:45:59.0263 3416 C:\Windows\SysWOW64\oledlg.dll - ok
21:45:59.0263 3416 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
21:45:59.0263 3416 C:\Windows\SysWOW64\WerFault.exe - ok
21:45:59.0263 3416 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
21:45:59.0263 3416 C:\Windows\SysWOW64\msasn1.dll - ok
21:45:59.0278 3416 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
21:45:59.0278 3416 C:\Windows\SysWOW64\wintrust.dll - ok
21:45:59.0278 3416 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
21:45:59.0278 3416 C:\Windows\System32\spoolss.dll - ok
21:45:59.0294 3416 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
21:45:59.0294 3416 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
21:45:59.0294 3416 [ 8A71476309AD2765391C8DDF4D2A5BEE ] C:\Windows\System32\igd10umd64.dll
21:45:59.0294 3416 C:\Windows\System32\igd10umd64.dll - ok
21:45:59.0294 3416 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
21:45:59.0294 3416 C:\Windows\SysWOW64\wer.dll - ok
21:45:59.0309 3416 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
21:45:59.0309 3416 C:\Windows\System32\ExplorerFrame.dll - ok
21:45:59.0309 3416 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
21:45:59.0309 3416 C:\Windows\System32\winspool.drv - ok
21:45:59.0309 3416 [ C9B0C8458E7F639E81527D42E7C5CB89 ] C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll
21:45:59.0309 3416 C:\Program Files (x86)\HP SimplePass 2011\BioLayer.dll - ok
21:45:59.0325 3416 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
21:45:59.0325 3416 C:\Windows\SysWOW64\Faultrep.dll - ok
21:45:59.0325 3416 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
21:45:59.0325 3416 C:\Windows\System32\PrintIsolationProxy.dll - ok
21:45:59.0325 3416 [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:45:59.0325 3416 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:45:59.0341 3416 [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\SysWOW64\dbgeng.dll
21:45:59.0341 3416 C:\Windows\SysWOW64\dbgeng.dll - ok
21:45:59.0341 3416 [ DCF81B0BF6988C500E70AA108AF4C24B ] C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll
21:45:59.0341 3416 C:\Program Files (x86)\HP SimplePass 2011\TokenMachine.dll - ok
21:45:59.0341 3416 [ 45501DD2CE1BF22E7F7C2ED568D478CA ] C:\Windows\System32\hpinkstsa011LM.dll
21:45:59.0341 3416 C:\Windows\System32\hpinkstsa011LM.dll - ok
21:45:59.0356 3416 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
21:45:59.0356 3416 C:\Windows\SysWOW64\winbio.dll - ok
21:45:59.0356 3416 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
21:45:59.0356 3416 C:\Windows\SysWOW64\credui.dll - ok
21:45:59.0356 3416 [ 10FE6FDCA89ECF5098C4B73809E26A96 ] C:\Program Files (x86)\HP SimplePass 2011\TrueSuite.AutoSoftwareUpdate.dll
21:45:59.0356 3416 C:\Program Files (x86)\HP SimplePass 2011\TrueSuite.AutoSoftwareUpdate.dll - ok
21:45:59.0372 3416 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
21:45:59.0372 3416 C:\Windows\SysWOW64\winhttp.dll - ok
21:45:59.0372 3416 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
21:45:59.0372 3416 C:\Windows\SysWOW64\webio.dll - ok
21:45:59.0372 3416 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\SysWOW64\wininet.dll
21:45:59.0372 3416 C:\Windows\SysWOW64\wininet.dll - ok
21:45:59.0372 3416 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\SysWOW64\iertutil.dll
21:45:59.0372 3416 C:\Windows\SysWOW64\iertutil.dll - ok
21:45:59.0387 3416 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:45:59.0387 3416 C:\Windows\SysWOW64\SensApi.dll - ok
21:45:59.0387 3416 [ C83816213C3C0CC3A35CE726A6C90375 ] C:\Windows\System32\HPDiscoPMa011.dll
21:45:59.0387 3416 C:\Windows\System32\HPDiscoPMa011.dll - ok
21:45:59.0387 3416 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
21:45:59.0387 3416 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
21:45:59.0403 3416 [ 6E02069488E65CD0A8E87D9B5C54E0D2 ] C:\Program Files (x86)\HP SimplePass 2011\AppLogon.dll
21:45:59.0403 3416 C:\Program Files (x86)\HP SimplePass 2011\AppLogon.dll - ok
21:45:59.0403 3416 [ 6B75634076C83AB3A334ABCAD42DBC00 ] C:\Program Files (x86)\HP SimplePass 2011\AppLogonShell.exe
21:45:59.0403 3416 C:\Program Files (x86)\HP SimplePass 2011\AppLogonShell.exe - ok
21:45:59.0403 3416 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\SysWOW64\urlmon.dll
21:45:59.0403 3416 C:\Windows\SysWOW64\urlmon.dll - ok
21:45:59.0403 3416 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:45:59.0403 3416 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:45:59.0419 3416 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
21:45:59.0419 3416 C:\Windows\System32\wsnmp32.dll - ok
21:45:59.0419 3416 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
21:45:59.0419 3416 C:\Windows\System32\FXSMON.dll - ok
21:45:59.0419 3416 [ 6917C0276BCE4B66D075053E5ABC6054 ] C:\Program Files (x86)\HP SimplePass 2011\BioLayerAdapter.dll
21:45:59.0419 3416 C:\Program Files (x86)\HP SimplePass 2011\BioLayerAdapter.dll - ok
21:45:59.0434 3416 [ 0D0ED8BC2655459E33E5D7F2218AAF62 ] C:\Windows\System32\nitrolocalmon.dll
21:45:59.0434 3416 C:\Windows\System32\nitrolocalmon.dll - ok
21:45:59.0434 3416 [ C58687487F15A3C14B6A18416F055A5B ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
21:45:59.0434 3416 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
21:45:59.0434 3416 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
21:45:59.0434 3416 C:\Windows\System32\tcpmon.dll - ok
21:45:59.0450 3416 [ C133CBAA99F958E3052D26F80638F94F ] C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
21:45:59.0450 3416 C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe - ok
21:45:59.0450 3416 [ 80AE302334892CAFBA684171498DA2F1 ] C:\Program Files (x86)\HP SimplePass 2011\BrowserLaunch.exe
21:45:59.0450 3416 C:\Program Files (x86)\HP SimplePass 2011\BrowserLaunch.exe - ok
21:45:59.0450 3416 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:45:59.0450 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:45:59.0465 3416 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:45:59.0465 3416 C:\Windows\SysWOW64\clbcatq.dll - ok
21:45:59.0465 3416 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
21:45:59.0465 3416 C:\Windows\System32\snmpapi.dll - ok
21:45:59.0465 3416 [ 4D49D7D58875012AEC1CEF15D8307744 ] C:\Program Files\AVAST Software\Avast\defs\12091201\algo.dll
21:45:59.0465 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\algo.dll - ok
21:45:59.0465 3416 [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:45:59.0465 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:45:59.0481 3416 [ 9A51DB3621B14B4873E35C411B7C40CA ] C:\Program Files (x86)\HP SimplePass 2011\CheckUpdate.exe
21:45:59.0481 3416 C:\Program Files (x86)\HP SimplePass 2011\CheckUpdate.exe - ok
21:45:59.0481 3416 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
21:45:59.0481 3416 C:\Windows\System32\usbmon.dll - ok
21:45:59.0481 3416 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:45:59.0481 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:45:59.0497 3416 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
21:45:59.0497 3416 C:\Windows\System32\WSDMon.dll - ok
21:45:59.0497 3416 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:45:59.0497 3416 C:\Windows\SysWOW64\cryptsp.dll - ok
21:45:59.0497 3416 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
21:45:59.0497 3416 C:\Windows\System32\WSDApi.dll - ok
21:45:59.0497 3416 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:45:59.0497 3416 C:\Windows\SysWOW64\rsaenh.dll - ok
21:45:59.0512 3416 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:45:59.0512 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:45:59.0512 3416 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
21:45:59.0512 3416 C:\Windows\SysWOW64\sxs.dll - ok
21:45:59.0512 3416 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:45:59.0512 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:45:59.0528 3416 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:45:59.0528 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:45:59.0528 3416 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
21:45:59.0528 3416 C:\Windows\System32\msi.dll - ok
21:45:59.0528 3416 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
21:45:59.0528 3416 C:\Windows\SysWOW64\winmm.dll - ok
21:45:59.0543 3416 [ CDB67B5568CEEAEF1B0D0A41326D0EF9 ] C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll
21:45:59.0543 3416 C:\Program Files (x86)\HP SimplePass 2011\DataManager.dll - ok
21:45:59.0543 3416 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
21:45:59.0543 3416 C:\Windows\System32\webservices.dll - ok
21:45:59.0543 3416 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:45:59.0543 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:45:59.0559 3416 [ 80872D2D5431F1FDF2593B745BDBD0B9 ] C:\Program Files (x86)\HP SimplePass 2011\HighContrast.Theme.dll
21:45:59.0559 3416 C:\Program Files (x86)\HP SimplePass 2011\HighContrast.Theme.dll - ok
21:45:59.0559 3416 [ 50AF8C4DA2EBBE80A63B85E3E8BE1D78 ] C:\Program Files (x86)\HP SimplePass 2011\HP.Theme.dll
21:45:59.0559 3416 C:\Program Files (x86)\HP SimplePass 2011\HP.Theme.dll - ok
21:45:59.0559 3416 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:45:59.0559 3416 C:\Windows\System32\fundisc.dll - ok
21:45:59.0575 3416 [ 4770CACF47316974CBE249ECC6A5E5A0 ] C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
21:45:59.0575 3416 C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll - ok
21:45:59.0575 3416 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
21:45:59.0575 3416 C:\Windows\System32\fdPnp.dll - ok
21:45:59.0575 3416 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:45:59.0575 3416 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:45:59.0575 3416 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
21:45:59.0575 3416 C:\Windows\System32\win32spl.dll - ok
21:45:59.0590 3416 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:45:59.0590 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:45:59.0590 3416 [ A293179BBE4CFCD75C02A275B7752998 ] C:\Program Files (x86)\HP SimplePass 2011\ProfileManagement.dll
21:45:59.0590 3416 C:\Program Files (x86)\HP SimplePass 2011\ProfileManagement.dll - ok
21:45:59.0590 3416 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
21:45:59.0590 3416 C:\Windows\System32\inetpp.dll - ok
21:45:59.0606 3416 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
21:45:59.0606 3416 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
21:45:59.0606 3416 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:45:59.0606 3416 C:\Windows\System32\EhStorShell.dll - ok
21:45:59.0606 3416 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:45:59.0606 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:45:59.0606 3416 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
21:45:59.0606 3416 C:\Windows\System32\ntshrui.dll - ok
21:45:59.0621 3416 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
21:45:59.0621 3416 C:\Windows\System32\cscapi.dll - ok
21:45:59.0621 3416 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:45:59.0621 3416 C:\Windows\System32\IconCodecService.dll - ok
21:45:59.0621 3416 [ A1323591EB2790614ACB81027BD002BE ] C:\Program Files (x86)\HP SimplePass 2011\SimplePass.exe
21:45:59.0621 3416 C:\Program Files (x86)\HP SimplePass 2011\SimplePass.exe - ok
21:45:59.0637 3416 [ F0C6A924CAED0D26E7150F4009384AA6 ] C:\Windows\System32\desk.cpl
21:45:59.0637 3416 C:\Windows\System32\desk.cpl - ok
21:45:59.0637 3416 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
21:45:59.0637 3416 C:\Windows\System32\themeui.dll - ok
21:45:59.0637 3416 [ 6986CFAD3355DB25B3516D81CFFC48F1 ] C:\Program Files (x86)\HP SimplePass 2011\Splash.exe
21:45:59.0637 3416 C:\Program Files (x86)\HP SimplePass 2011\Splash.exe - ok
21:45:59.0637 3416 [ E04E2EF7951A580F246C9D618E8B4FA5 ] C:\Program Files (x86)\HP SimplePass 2011\TrueSuite.EnumWindowsUsers.dll
21:45:59.0637 3416 C:\Program Files (x86)\HP SimplePass 2011\TrueSuite.EnumWindowsUsers.dll - ok
21:45:59.0653 3416 [ 8A7F8793F4B972DF62981F7901388B72 ] C:\Program Files (x86)\HP SimplePass 2011\TSLogAdapter.dll
21:45:59.0653 3416 C:\Program Files (x86)\HP SimplePass 2011\TSLogAdapter.dll - ok
21:45:59.0653 3416 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
21:45:59.0653 3416 C:\Windows\System32\ntprint.dll - ok
21:45:59.0653 3416 [ 63DCB151A9EEC07D616F6EE787095D0E ] C:\Program Files (x86)\HP SimplePass 2011\UserFeedback.exe
21:45:59.0653 3416 C:\Program Files (x86)\HP SimplePass 2011\UserFeedback.exe - ok
21:45:59.0668 3416 [ 300EA5489261E1E5555BDC97E3BF3059 ] C:\Program Files (x86)\HP SimplePass 2011\ar\HighContrast.Theme.resources.dll
21:45:59.0668 3416 C:\Program Files (x86)\HP SimplePass 2011\ar\HighContrast.Theme.resources.dll - ok
21:45:59.0668 3416 [ 52E712A80BD797CA83350A5CBFAA7326 ] C:\Program Files (x86)\HP SimplePass 2011\ar\TrueSuite.resources.dll
21:45:59.0668 3416 C:\Program Files (x86)\HP SimplePass 2011\ar\TrueSuite.resources.dll - ok
21:45:59.0668 3416 [ 0ED93F9C6911BC443B826ABF3B92FECA ] C:\Program Files (x86)\HP SimplePass 2011\bg\HighContrast.Theme.resources.dll
21:45:59.0668 3416 C:\Program Files (x86)\HP SimplePass 2011\bg\HighContrast.Theme.resources.dll - ok
21:45:59.0684 3416 [ D0DF08C28A523739EB808B270002C744 ] C:\Program Files (x86)\HP SimplePass 2011\bg\TrueSuite.resources.dll
21:45:59.0684 3416 C:\Program Files (x86)\HP SimplePass 2011\bg\TrueSuite.resources.dll - ok
21:45:59.0684 3416 [ CD362B42FA51DE671B7D348B81351D92 ] C:\Program Files (x86)\HP SimplePass 2011\cs\HighContrast.Theme.resources.dll
21:45:59.0684 3416 C:\Program Files (x86)\HP SimplePass 2011\cs\HighContrast.Theme.resources.dll - ok
21:45:59.0684 3416 [ 89171050F3E9EC3BD744F31F95A56E3E ] C:\Program Files (x86)\HP SimplePass 2011\cs\TrueSuite.resources.dll
21:45:59.0684 3416 C:\Program Files (x86)\HP SimplePass 2011\cs\TrueSuite.resources.dll - ok
21:45:59.0684 3416 [ D96310BAF9771D93B7A5D1698192616A ] C:\Program Files (x86)\HP SimplePass 2011\da\HighContrast.Theme.resources.dll
21:45:59.0684 3416 C:\Program Files (x86)\HP SimplePass 2011\da\HighContrast.Theme.resources.dll - ok
21:45:59.0699 3416 [ 3C02D7634E89F30E9ECF557C02570474 ] C:\Program Files (x86)\HP SimplePass 2011\da\TrueSuite.resources.dll
21:45:59.0699 3416 C:\Program Files (x86)\HP SimplePass 2011\da\TrueSuite.resources.dll - ok
21:45:59.0699 3416 [ 0FA9B1E93952EEF954EA2562CB9A7CFD ] C:\Program Files (x86)\HP SimplePass 2011\de\HighContrast.Theme.resources.dll
21:45:59.0699 3416 C:\Program Files (x86)\HP SimplePass 2011\de\HighContrast.Theme.resources.dll - ok
21:45:59.0699 3416 [ 7E9E6F552DAF502986648F8B302DC9EC ] C:\Program Files (x86)\HP SimplePass 2011\de\TrueSuite.resources.dll
21:45:59.0699 3416 C:\Program Files (x86)\HP SimplePass 2011\de\TrueSuite.resources.dll - ok
21:45:59.0715 3416 [ 486B488096192CDD991006539EA7CA5B ] C:\Program Files (x86)\HP SimplePass 2011\el\HighContrast.Theme.resources.dll
21:45:59.0715 3416 C:\Program Files (x86)\HP SimplePass 2011\el\HighContrast.Theme.resources.dll - ok
21:45:59.0715 3416 [ 22F35387093FEFE8B59C80BCD920F058 ] C:\Program Files (x86)\HP SimplePass 2011\el\TrueSuite.resources.dll
21:45:59.0715 3416 C:\Program Files (x86)\HP SimplePass 2011\el\TrueSuite.resources.dll - ok
21:45:59.0715 3416 [ CFA504931860B66885C44CCF9677787F ] C:\Program Files (x86)\HP SimplePass 2011\es\HighContrast.Theme.resources.dll
21:45:59.0715 3416 C:\Program Files (x86)\HP SimplePass 2011\es\HighContrast.Theme.resources.dll - ok
21:45:59.0731 3416 [ 0B4A2867C89527695469F62935AC4246 ] C:\Program Files (x86)\HP SimplePass 2011\es\TrueSuite.resources.dll
21:45:59.0731 3416 C:\Program Files (x86)\HP SimplePass 2011\es\TrueSuite.resources.dll - ok
21:45:59.0731 3416 [ 77ACF84105B0B486C14E316DC5E290AB ] C:\Program Files (x86)\HP SimplePass 2011\et\HighContrast.Theme.resources.dll
21:45:59.0731 3416 C:\Program Files (x86)\HP SimplePass 2011\et\HighContrast.Theme.resources.dll - ok
21:45:59.0731 3416 [ D6CA17787EC621101F9CEA50FD5D64C4 ] C:\Program Files (x86)\HP SimplePass 2011\et\TrueSuite.resources.dll
21:45:59.0731 3416 C:\Program Files (x86)\HP SimplePass 2011\et\TrueSuite.resources.dll - ok
21:45:59.0746 3416 [ 6A9CDA3DB4DB85223E23E2416C66E247 ] C:\Program Files (x86)\HP SimplePass 2011\FF3\[email protected]\components\FFXPCOM.dll
21:45:59.0746 3416 C:\Program Files (x86)\HP SimplePass 2011\FF3\[email protected]\components\FFXPCOM.dll - ok
21:45:59.0746 3416 [ 83F0A0DC8A2A9BC00EEA0D84C146F90E ] C:\Program Files (x86)\HP SimplePass 2011\FF4\[email protected]\components\FFXPCOM.dll
21:45:59.0746 3416 C:\Program Files (x86)\HP SimplePass 2011\FF4\[email protected]\components\FFXPCOM.dll - ok
21:45:59.0746 3416 [ 2585FE82ADEA039610B02A87D0EF7205 ] C:\Program Files (x86)\HP SimplePass 2011\fi\HighContrast.Theme.resources.dll
21:45:59.0746 3416 C:\Program Files (x86)\HP SimplePass 2011\fi\HighContrast.Theme.resources.dll - ok
21:45:59.0746 3416 [ F3F2CF3E5557D7F6908677058FA606EA ] C:\Program Files (x86)\HP SimplePass 2011\fi\TrueSuite.resources.dll
21:45:59.0746 3416 C:\Program Files (x86)\HP SimplePass 2011\fi\TrueSuite.resources.dll - ok
21:45:59.0762 3416 [ FE7586C4E7598E4B83F95AF3A202DAB1 ] C:\Program Files (x86)\HP SimplePass 2011\fr\HighContrast.Theme.resources.dll
21:45:59.0762 3416 C:\Program Files (x86)\HP SimplePass 2011\fr\HighContrast.Theme.resources.dll - ok
21:45:59.0762 3416 [ 9F29EFC086238FE2B58D10561AC440C3 ] C:\Program Files (x86)\HP SimplePass 2011\fr\TrueSuite.resources.dll
21:45:59.0762 3416 C:\Program Files (x86)\HP SimplePass 2011\fr\TrueSuite.resources.dll - ok
21:45:59.0762 3416 [ B5FAAF434C11B29C18197B79ABED7F68 ] C:\Program Files (x86)\HP SimplePass 2011\he\HighContrast.Theme.resources.dll
21:45:59.0762 3416 C:\Program Files (x86)\HP SimplePass 2011\he\HighContrast.Theme.resources.dll - ok
21:45:59.0777 3416 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:45:59.0777 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:45:59.0777 3416 [ 8DC7A8C51FF9FF35446766A18B858666 ] C:\Program Files (x86)\HP SimplePass 2011\he\TrueSuite.resources.dll
21:45:59.0777 3416 C:\Program Files (x86)\HP SimplePass 2011\he\TrueSuite.resources.dll - ok
21:45:59.0777 3416 [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:45:59.0777 3416 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:45:59.0793 3416 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
21:45:59.0793 3416 C:\Windows\SysWOW64\dnssd.dll - ok
21:45:59.0793 3416 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
21:45:59.0793 3416 C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:45:59.0793 3416 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
21:45:59.0793 3416 C:\Windows\SysWOW64\mswsock.dll - ok
21:45:59.0793 3416 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:45:59.0793 3416 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:45:59.0809 3416 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
21:45:59.0809 3416 C:\Windows\System32\cryptsvc.dll - ok
21:45:59.0809 3416 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
21:45:59.0809 3416 C:\Windows\System32\dps.dll - ok
21:45:59.0809 3416 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
21:45:59.0809 3416 C:\Windows\System32\cryptnet.dll - ok
21:45:59.0824 3416 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:45:59.0824 3416 C:\Windows\System32\FDResPub.dll - ok
21:45:59.0824 3416 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
21:45:59.0824 3416 C:\Windows\System32\taskschd.dll - ok
21:45:59.0824 3416 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
21:45:59.0824 3416 C:\Windows\System32\vssapi.dll - ok
21:45:59.0840 3416 [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:45:59.0840 3416 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:45:59.0840 3416 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
21:45:59.0840 3416 C:\Windows\System32\winhttp.dll - ok
21:45:59.0840 3416 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
21:45:59.0840 3416 C:\Windows\System32\webio.dll - ok
21:45:59.0840 3416 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:45:59.0840 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:45:59.0855 3416 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
21:45:59.0855 3416 C:\Windows\System32\httpapi.dll - ok
21:45:59.0855 3416 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
21:45:59.0855 3416 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
21:45:59.0855 3416 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:45:59.0855 3416 C:\Windows\System32\vsstrace.dll - ok
21:45:59.0871 3416 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:45:59.0871 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:45:59.0871 3416 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
21:45:59.0871 3416 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
21:45:59.0871 3416 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:45:59.0871 3416 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:45:59.0871 3416 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:45:59.0871 3416 C:\Windows\SysWOW64\winnsi.dll - ok
21:45:59.0887 3416 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:45:59.0887 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:45:59.0887 3416 [ 73862FF693168369A90F046E7F227B83 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:45:59.0887 3416 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:45:59.0887 3416 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
21:45:59.0887 3416 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
21:45:59.0902 3416 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
21:45:59.0902 3416 C:\Windows\System32\msimg32.dll - ok
21:45:59.0902 3416 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
21:45:59.0902 3416 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
21:45:59.0902 3416 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
21:45:59.0902 3416 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
21:45:59.0918 3416 [ 8EB0813B7760BBE161BACF8043322186 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
21:45:59.0918 3416 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
21:45:59.0918 3416 [ B7F7586C4F3080DE0CCB05C9382CBE03 ] C:\Program Files (x86)\HP SimplePass 2011\hr\HighContrast.Theme.resources.dll
21:45:59.0918 3416 C:\Program Files (x86)\HP SimplePass 2011\hr\HighContrast.Theme.resources.dll - ok
21:45:59.0918 3416 [ E64D7056AE98A71D471C919AB09A176D ] C:\Program Files (x86)\HP SimplePass 2011\hr\TrueSuite.resources.dll
21:45:59.0918 3416 C:\Program Files (x86)\HP SimplePass 2011\hr\TrueSuite.resources.dll - ok
21:45:59.0918 3416 [ A7A3B33394015941CF73B0785FE32779 ] C:\Program Files (x86)\HP SimplePass 2011\hu\HighContrast.Theme.resources.dll
21:45:59.0918 3416 C:\Program Files (x86)\HP SimplePass 2011\hu\HighContrast.Theme.resources.dll - ok
21:45:59.0933 3416 [ F8304CBC86FEB0789794943340585724 ] C:\Program Files (x86)\HP SimplePass 2011\hu\TrueSuite.resources.dll
21:45:59.0933 3416 C:\Program Files (x86)\HP SimplePass 2011\hu\TrueSuite.resources.dll - ok
21:45:59.0933 3416 [ 2BEC76BDCD1BC080210325E7B5094834 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
21:45:59.0933 3416 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
21:45:59.0933 3416 [ 77CFDBC5E7D6DCA2D7F9F4FE48322BE0 ] C:\Program Files (x86)\HP SimplePass 2011\it\HighContrast.Theme.resources.dll
21:45:59.0933 3416 C:\Program Files (x86)\HP SimplePass 2011\it\HighContrast.Theme.resources.dll - ok
21:45:59.0949 3416 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
21:45:59.0949 3416 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
21:45:59.0949 3416 [ ABB5F8333F88C3CD0AF68888039386DF ] C:\Program Files (x86)\HP SimplePass 2011\it\TrueSuite.resources.dll
21:45:59.0949 3416 C:\Program Files (x86)\HP SimplePass 2011\it\TrueSuite.resources.dll - ok
21:45:59.0949 3416 [ 5BE12EAD873B5E918D103252F57491B6 ] C:\Program Files (x86)\HP SimplePass 2011\ja\TrueSuite.resources.dll
21:45:59.0949 3416 C:\Program Files (x86)\HP SimplePass 2011\ja\TrueSuite.resources.dll - ok
21:45:59.0965 3416 [ 26395824A4C52D9B1ECBC3561D86AEF4 ] C:\Program Files (x86)\HP SimplePass 2011\ko\HighContrast.Theme.resources.dll
21:45:59.0965 3416 C:\Program Files (x86)\HP SimplePass 2011\ko\HighContrast.Theme.resources.dll - ok
21:45:59.0965 3416 [ 2D206808195C9216CF20F195AD9DF188 ] C:\Program Files (x86)\HP SimplePass 2011\ko\TrueSuite.resources.dll
21:45:59.0965 3416 C:\Program Files (x86)\HP SimplePass 2011\ko\TrueSuite.resources.dll - ok
21:45:59.0965 3416 [ A86053ED728EAC4AC2FA8809CA998FCD ] C:\Program Files (x86)\HP SimplePass 2011\lt\HighContrast.Theme.resources.dll
21:45:59.0965 3416 C:\Program Files (x86)\HP SimplePass 2011\lt\HighContrast.Theme.resources.dll - ok
21:45:59.0980 3416 [ 9E1E1A0FA53CF50DE577E39E6622886C ] C:\Program Files (x86)\HP SimplePass 2011\lt\TrueSuite.resources.dll
21:45:59.0980 3416 C:\Program Files (x86)\HP SimplePass 2011\lt\TrueSuite.resources.dll - ok
21:45:59.0980 3416 [ 3F86F7803F98D8B4706BFD1D9377AC6B ] C:\Program Files (x86)\HP SimplePass 2011\lv\HighContrast.Theme.resources.dll
21:45:59.0980 3416 C:\Program Files (x86)\HP SimplePass 2011\lv\HighContrast.Theme.resources.dll - ok
21:45:59.0980 3416 [ C2BE20643C5C94ECC3F1854559C1281B ] C:\Program Files (x86)\HP SimplePass 2011\lv\TrueSuite.resources.dll
21:45:59.0980 3416 C:\Program Files (x86)\HP SimplePass 2011\lv\TrueSuite.resources.dll - ok
21:45:59.0996 3416 [ 5FA0A07A666EC4095939606B91F7777C ] C:\Program Files (x86)\HP SimplePass 2011\nl\HighContrast.Theme.resources.dll
21:45:59.0996 3416 C:\Program Files (x86)\HP SimplePass 2011\nl\HighContrast.Theme.resources.dll - ok
21:45:59.0996 3416 [ D09CD1985699A1989BE26C11CD43576E ] C:\Program Files (x86)\HP SimplePass 2011\nl\TrueSuite.resources.dll
21:45:59.0996 3416 C:\Program Files (x86)\HP SimplePass 2011\nl\TrueSuite.resources.dll - ok
21:45:59.0996 3416 [ 875429106DDB53E284966D273FACD50F ] C:\Program Files (x86)\HP SimplePass 2011\no\HighContrast.Theme.resources.dll
21:45:59.0996 3416 C:\Program Files (x86)\HP SimplePass 2011\no\HighContrast.Theme.resources.dll - ok
21:46:00.0011 3416 [ 6F00DD8B508168061A287DEE7B37B833 ] C:\Program Files (x86)\HP SimplePass 2011\no\TrueSuite.resources.dll
21:46:00.0011 3416 C:\Program Files (x86)\HP SimplePass 2011\no\TrueSuite.resources.dll - ok
21:46:00.0011 3416 [ A5BAEF3E40C22B9B46973868698467EF ] C:\Program Files (x86)\HP SimplePass 2011\pl\HighContrast.Theme.resources.dll
21:46:00.0011 3416 C:\Program Files (x86)\HP SimplePass 2011\pl\HighContrast.Theme.resources.dll - ok
21:46:00.0011 3416 [ D22D82D74FD1B6C77E7556DBDC3EA9D2 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
21:46:00.0011 3416 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - ok
21:46:00.0027 3416 [ 60692D7D1C11A8CA3EDB6AEC5969AE14 ] C:\Program Files (x86)\HP SimplePass 2011\pl\TrueSuite.resources.dll
21:46:00.0027 3416 C:\Program Files (x86)\HP SimplePass 2011\pl\TrueSuite.resources.dll - ok
21:46:00.0027 3416 [ DF370DCCA0387FC4DF81C04AF9C484EF ] C:\Program Files (x86)\HP SimplePass 2011\pt-BR\HighContrast.Theme.resources.dll
21:46:00.0027 3416 C:\Program Files (x86)\HP SimplePass 2011\pt-BR\HighContrast.Theme.resources.dll - ok
21:46:00.0027 3416 [ 4D52DA729C99ED4063CC46D848EE6335 ] C:\Program Files (x86)\HP SimplePass 2011\pt-BR\TrueSuite.resources.dll
21:46:00.0027 3416 C:\Program Files (x86)\HP SimplePass 2011\pt-BR\TrueSuite.resources.dll - ok
21:46:00.0043 3416 [ 63816E31929121614EF2391CA88734C1 ] C:\Program Files (x86)\HP SimplePass 2011\pt-PT\HighContrast.Theme.resources.dll
21:46:00.0043 3416 C:\Program Files (x86)\HP SimplePass 2011\pt-PT\HighContrast.Theme.resources.dll - ok
21:46:00.0043 3416 [ 064046B083AF8044987217EB00002E61 ] C:\Program Files (x86)\HP SimplePass 2011\pt-PT\TrueSuite.resources.dll
21:46:00.0043 3416 C:\Program Files (x86)\HP SimplePass 2011\pt-PT\TrueSuite.resources.dll - ok
21:46:00.0058 3416 [ A3555FD761369CCAED879D9600E9C969 ] C:\Program Files (x86)\HP SimplePass 2011\ro\HighContrast.Theme.resources.dll
21:46:00.0058 3416 C:\Program Files (x86)\HP SimplePass 2011\ro\HighContrast.Theme.resources.dll - ok
21:46:00.0058 3416 [ 6EC0922CE19FC98090519AAC73645279 ] C:\Program Files (x86)\HP SimplePass 2011\ro\TrueSuite.resources.dll
21:46:00.0058 3416 C:\Program Files (x86)\HP SimplePass 2011\ro\TrueSuite.resources.dll - ok
21:46:00.0058 3416 [ 7C09638CD51CB659F6B903844916916B ] C:\Program Files (x86)\HP SimplePass 2011\ru\HighContrast.Theme.resources.dll
21:46:00.0058 3416 C:\Program Files (x86)\HP SimplePass 2011\ru\HighContrast.Theme.resources.dll - ok
21:46:00.0058 3416 [ B4119A3D2C30AD9C8C114869839FECD6 ] C:\Program Files (x86)\HP SimplePass 2011\ru\TrueSuite.resources.dll
21:46:00.0058 3416 C:\Program Files (x86)\HP SimplePass 2011\ru\TrueSuite.resources.dll - ok
21:46:00.0074 3416 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
21:46:00.0074 3416 C:\Windows\System32\oleacc.dll - ok
21:46:00.0074 3416 [ EA236FA3B4EFFE70866BDD9A50F9CAE8 ] C:\Program Files (x86)\HP SimplePass 2011\sk\HighContrast.Theme.resources.dll
21:46:00.0074 3416 C:\Program Files (x86)\HP SimplePass 2011\sk\HighContrast.Theme.resources.dll - ok
21:46:00.0074 3416 [ E2887B6B5C89DBB08E0845602789BD0E ] C:\Program Files (x86)\HP SimplePass 2011\sk\TrueSuite.resources.dll
21:46:00.0074 3416 C:\Program Files (x86)\HP SimplePass 2011\sk\TrueSuite.resources.dll - ok
21:46:00.0089 3416 [ 126ECD6D1F2D6D8E52C0767709BC548D ] C:\Program Files (x86)\HP SimplePass 2011\sl\HighContrast.Theme.resources.dll
21:46:00.0089 3416 C:\Program Files (x86)\HP SimplePass 2011\sl\HighContrast.Theme.resources.dll - ok
21:46:00.0089 3416 [ 3733904B4C1AC92F70EB8C1E7F859C53 ] C:\Program Files (x86)\HP SimplePass 2011\sl\TrueSuite.resources.dll
21:46:00.0089 3416 C:\Program Files (x86)\HP SimplePass 2011\sl\TrueSuite.resources.dll - ok
21:46:00.0089 3416 [ B008BE006631DADBC24B45CE4A709EA0 ] C:\Program Files (x86)\HP SimplePass 2011\sr\HighContrast.Theme.resources.dll
21:46:00.0089 3416 C:\Program Files (x86)\HP SimplePass 2011\sr\HighContrast.Theme.resources.dll - ok
21:46:00.0105 3416 [ 5A9894E80575647DC77A7D1954B05CE7 ] C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
21:46:00.0105 3416 C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe - ok
21:46:00.0105 3416 [ 8D99ACD0AC1750E98AAA41E5DCB83E10 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
21:46:00.0105 3416 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll - ok
21:46:00.0105 3416 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
21:46:00.0105 3416 C:\Windows\System32\IKEEXT.DLL - ok
21:46:00.0121 3416 [ BA7575A28DE515BCE153D908EDBC5B40 ] C:\Program Files (x86)\HP SimplePass 2011\sr\TrueSuite.resources.dll
21:46:00.0121 3416 C:\Program Files (x86)\HP SimplePass 2011\sr\TrueSuite.resources.dll - ok
21:46:00.0121 3416 [ AEDF662A8CF5BC723BA01F4D986503A3 ] C:\Program Files (x86)\HP SimplePass 2011\sv\HighContrast.Theme.resources.dll
21:46:00.0121 3416 C:\Program Files (x86)\HP SimplePass 2011\sv\HighContrast.Theme.resources.dll - ok
21:46:00.0121 3416 [ 8903C5530DBF3BE55BF7651E32197134 ] C:\Program Files (x86)\HP SimplePass 2011\sv\TrueSuite.resources.dll
21:46:00.0121 3416 C:\Program Files (x86)\HP SimplePass 2011\sv\TrueSuite.resources.dll - ok
21:46:00.0136 3416 [ 254258363D472A232FD50CC941492466 ] C:\Program Files (x86)\HP SimplePass 2011\tr\HighContrast.Theme.resources.dll
21:46:00.0136 3416 C:\Program Files (x86)\HP SimplePass 2011\tr\HighContrast.Theme.resources.dll - ok
21:46:00.0136 3416 [ CDC02D5C39C1012A4CF5592F2065AC2D ] C:\Program Files (x86)\HP SimplePass 2011\tr\TrueSuite.resources.dll
21:46:00.0136 3416 C:\Program Files (x86)\HP SimplePass 2011\tr\TrueSuite.resources.dll - ok
21:46:00.0136 3416 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
21:46:00.0136 3416 C:\Windows\System32\vpnikeapi.dll - ok
21:46:00.0152 3416 [ 7F98566A311CEB1FE2994F8C2A05FBC1 ] C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe
21:46:00.0152 3416 C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe - ok
21:46:00.0152 3416 [ 8BF61A9C4D297F447CB87C369EA6D169 ] C:\Program Files (x86)\HP SimplePass 2011\x64\AppLogon.dll
21:46:00.0152 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\AppLogon.dll - ok
21:46:00.0152 3416 [ 8DC75F34204EE156C04002CA089B99E5 ] C:\Program Files (x86)\HP SimplePass 2011\x64\AppLogonShell.exe
21:46:00.0152 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\AppLogonShell.exe - ok
21:46:00.0167 3416 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
21:46:00.0167 3416 C:\Windows\System32\nlasvc.dll - ok
21:46:00.0167 3416 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
21:46:00.0167 3416 C:\Windows\System32\ncsi.dll - ok
21:46:00.0167 3416 [ 7BFA0C5D8A4A2F1C46A6A3A698BDE3E5 ] C:\Windows\SysWOW64\NLSSRV32.EXE
21:46:00.0167 3416 C:\Windows\SysWOW64\NLSSRV32.EXE - ok
21:46:00.0183 3416 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:46:00.0183 3416 C:\Windows\System32\aepic.dll - ok
21:46:00.0183 3416 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:46:00.0183 3416 C:\Windows\System32\ssdpapi.dll - ok
21:46:00.0183 3416 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:46:00.0183 3416 C:\Windows\System32\sfc.dll - ok
21:46:00.0183 3416 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:46:00.0183 3416 C:\Windows\System32\sfc_os.dll - ok
21:46:00.0199 3416 [ 835C9E6DABE2C12038456DD672DE60D4 ] C:\Program Files (x86)\HP SimplePass 2011\x64\BioLayer.dll
21:46:00.0199 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\BioLayer.dll - ok
21:46:00.0199 3416 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:46:00.0199 3416 C:\Windows\System32\drivers\PEAuth.sys - ok
21:46:00.0199 3416 [ 2CDC65C450E8F0E2716D5662DA0923F3 ] C:\Program Files (x86)\HP SimplePass 2011\x64\DataManager.dll
21:46:00.0199 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\DataManager.dll - ok
21:46:00.0214 3416 [ 1B71E99DF53E72FF1B37F19554C96FF9 ] C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
21:46:00.0214 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll - ok
21:46:00.0214 3416 [ 085D18C71AB2611A3D61528132B6501E ] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
21:46:00.0214 3416 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe - ok
21:46:00.0214 3416 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:46:00.0214 3416 C:\Windows\System32\drivers\secdrv.sys - ok
21:46:00.0230 3416 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
21:46:00.0230 3416 C:\Windows\System32\drivers\Sftfslh.sys - ok
21:46:00.0230 3416 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:46:00.0230 3416 C:\Windows\System32\aeevts.dll - ok
21:46:00.0230 3416 [ 248E6D42B952281B98EE5A6201E33855 ] C:\Program Files (x86)\HP SimplePass 2011\x64\TokenMachine.dll
21:46:00.0230 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\TokenMachine.dll - ok
21:46:00.0245 3416 [ 9C69904CDC16628EDC1C4E9934CEC1B4 ] C:\Program Files (x86)\HP SimplePass 2011\x64\TSLog.dll
21:46:00.0245 3416 C:\Program Files (x86)\HP SimplePass 2011\x64\TSLog.dll - ok
21:46:00.0245 3416 [ 18B76945ED5F99DBE85F5E4F9BAD576A ] C:\Program Files (x86)\HP SimplePass 2011\zh-CHS\HighContrast.Theme.resources.dll
21:46:00.0245 3416 C:\Program Files (x86)\HP SimplePass 2011\zh-CHS\HighContrast.Theme.resources.dll - ok
21:46:00.0245 3416 [ F9549C98F2F43B79EC79430920A3BCB4 ] C:\Program Files (x86)\HP SimplePass 2011\zh-CHS\TrueSuite.resources.dll
21:46:00.0245 3416 C:\Program Files (x86)\HP SimplePass 2011\zh-CHS\TrueSuite.resources.dll - ok
21:46:00.0261 3416 [ D76968FBDC30EB503F04EF9F3764EF18 ] C:\Program Files (x86)\HP SimplePass 2011\zh-CHT\HighContrast.Theme.resources.dll
21:46:00.0261 3416 C:\Program Files (x86)\HP SimplePass 2011\zh-CHT\HighContrast.Theme.resources.dll - ok
21:46:00.0261 3416 [ B1C977FECF2D16E5F2381C3F6EF7B64F ] C:\Program Files (x86)\HP SimplePass 2011\zh-CHT\TrueSuite.resources.dll
21:46:00.0261 3416 C:\Program Files (x86)\HP SimplePass 2011\zh-CHT\TrueSuite.resources.dll - ok
21:46:00.0261 3416 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
21:46:00.0261 3416 C:\Windows\System32\drivers\Sftplaylh.sys - ok
21:46:00.0277 3416 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
21:46:00.0277 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
21:46:00.0277 3416 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
21:46:00.0277 3416 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
21:46:00.0277 3416 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
21:46:00.0277 3416 C:\Windows\SysWOW64\secur32.dll - ok
21:46:00.0292 3416 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
21:46:00.0292 3416 C:\Windows\SysWOW64\credssp.dll - ok
21:46:00.0292 3416 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
21:46:00.0292 3416 C:\Windows\System32\drivers\srvnet.sys - ok
21:46:00.0292 3416 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
21:46:00.0292 3416 C:\Windows\System32\wiaservc.dll - ok
21:46:00.0292 3416 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
21:46:00.0292 3416 C:\Windows\System32\drivers\tcpipreg.sys - ok
21:46:00.0308 3416 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
21:46:00.0308 3416 C:\Windows\System32\sysmain.dll - ok
21:46:00.0308 3416 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
21:46:00.0308 3416 C:\Windows\System32\wiatrace.dll - ok
21:46:00.0308 3416 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
21:46:00.0308 3416 C:\Windows\System32\wsdchngr.dll - ok
21:46:00.0323 3416 [ 732D2ED1E7447FE10792206FAD9CC39E ] C:\Windows\System32\HPWia2_DJ3050A_J611.dll
21:46:00.0323 3416 C:\Windows\System32\HPWia2_DJ3050A_J611.dll - ok
21:46:00.0323 3416 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:46:00.0323 3416 C:\Windows\System32\wbem\WMIsvc.dll - ok
21:46:00.0323 3416 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:46:00.0323 3416 C:\Windows\System32\trkwks.dll - ok
21:46:00.0339 3416 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:46:00.0339 3416 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
21:46:00.0339 3416 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:46:00.0339 3416 C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:46:00.0339 3416 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
21:46:00.0339 3416 C:\Windows\System32\wbem\wbemcore.dll - ok
21:46:00.0355 3416 [ 3598B4287BCEB85E06B5087299FD78C7 ] C:\Windows\System32\HPScanTRDrv_DJ3050A_J611.dll
21:46:00.0355 3416 C:\Windows\System32\HPScanTRDrv_DJ3050A_J611.dll - ok
21:46:00.0355 3416 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:46:00.0355 3416 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:46:00.0355 3416 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:46:00.0355 3416 C:\Windows\System32\wbem\fastprox.dll - ok
21:46:00.0355 3416 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:46:00.0355 3416 C:\Windows\System32\SensApi.dll - ok
21:46:00.0370 3416 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
21:46:00.0370 3416 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
21:46:00.0370 3416 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:46:00.0370 3416 C:\Windows\System32\wbem\esscli.dll - ok
21:46:00.0370 3416 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:46:00.0370 3416 C:\Windows\System32\wer.dll - ok
21:46:00.0386 3416 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:46:00.0386 3416 C:\Windows\System32\ntdsapi.dll - ok
21:46:00.0386 3416 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:46:00.0386 3416 C:\Windows\System32\wbem\wbemsvc.dll - ok
21:46:00.0386 3416 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
21:46:00.0386 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
21:46:00.0401 3416 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:46:00.0401 3416 C:\Windows\System32\wbem\wmiutils.dll - ok
21:46:00.0401 3416 [ 08F0BE836428436724EE15964AE8A2E1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
21:46:00.0401 3416 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
21:46:00.0401 3416 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
21:46:00.0401 3416 C:\Windows\System32\iphlpsvc.dll - ok
21:46:00.0417 3416 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
21:46:00.0417 3416 C:\Windows\System32\msxml3.dll - ok
21:46:00.0417 3416 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
21:46:00.0417 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
21:46:00.0417 3416 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
21:46:00.0417 3416 C:\Windows\System32\sqmapi.dll - ok
21:46:00.0433 3416 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
21:46:00.0433 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
21:46:00.0433 3416 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
21:46:00.0433 3416 C:\Windows\System32\wdscore.dll - ok
21:46:00.0433 3416 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:46:00.0433 3416 C:\Windows\System32\hnetcfg.dll - ok
21:46:00.0448 3416 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:46:00.0448 3416 C:\Windows\SysWOW64\mpr.dll - ok
21:46:00.0448 3416 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:46:00.0448 3416 C:\Windows\System32\wbem\repdrvfs.dll - ok
21:46:00.0448 3416 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
21:46:00.0448 3416 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
21:46:00.0464 3416 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
21:46:00.0464 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
21:46:00.0464 3416 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
21:46:00.0464 3416 C:\Windows\System32\p2pcollab.dll - ok
21:46:00.0479 3416 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
21:46:00.0479 3416 C:\Windows\System32\QAGENTRT.DLL - ok
21:46:00.0479 3416 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
21:46:00.0479 3416 C:\Windows\System32\fveui.dll - ok
21:46:00.0479 3416 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
21:46:00.0479 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
21:46:00.0495 3416 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
21:46:00.0495 3416 C:\Windows\System32\dssenh.dll - ok
21:46:00.0495 3416 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
21:46:00.0495 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
21:46:00.0495 3416 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
21:46:00.0495 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
21:46:00.0511 3416 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
21:46:00.0511 3416 C:\Windows\SysWOW64\logoncli.dll - ok
21:46:00.0511 3416 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
21:46:00.0511 3416 C:\Windows\SysWOW64\fltLib.dll - ok
21:46:00.0511 3416 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
21:46:00.0511 3416 C:\Windows\SysWOW64\msi.dll - ok
21:46:00.0526 3416 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
21:46:00.0526 3416 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
21:46:00.0526 3416 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
21:46:00.0526 3416 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
21:46:00.0526 3416 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
21:46:00.0526 3416 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
21:46:00.0542 3416 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
21:46:00.0542 3416 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
21:46:00.0542 3416 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
21:46:00.0542 3416 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
21:46:00.0542 3416 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
21:46:00.0542 3416 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
21:46:00.0542 3416 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
21:46:00.0542 3416 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
21:46:00.0557 3416 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
21:46:00.0557 3416 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
21:46:00.0557 3416 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12091201\ArPot.dll
21:46:00.0557 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\ArPot.dll - ok
21:46:00.0557 3416 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
21:46:00.0557 3416 C:\Windows\System32\drivers\srv2.sys - ok
21:46:00.0573 3416 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
21:46:00.0573 3416 C:\Windows\System32\drivers\Sftredirlh.sys - ok
21:46:00.0573 3416 [ 285AC1245590372A88B75144A8656A5F ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
21:46:00.0573 3416 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
21:46:00.0573 3416 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
21:46:00.0573 3416 C:\Windows\SysWOW64\schannel.dll - ok
21:46:00.0573 3416 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
21:46:00.0573 3416 C:\Windows\System32\drivers\srv.sys - ok
21:46:00.0589 3416 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
21:46:00.0589 3416 C:\Windows\SysWOW64\nlaapi.dll - ok
21:46:00.0589 3416 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:46:00.0589 3416 C:\Windows\SysWOW64\NapiNSP.dll - ok
21:46:00.0589 3416 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:46:00.0589 3416 C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:46:00.0604 3416 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
21:46:00.0604 3416 C:\Windows\SysWOW64\dnsapi.dll - ok
21:46:00.0604 3416 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:46:00.0604 3416 C:\Windows\SysWOW64\winrnr.dll - ok
21:46:00.0620 3416 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
21:46:00.0620 3416 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
21:46:00.0620 3416 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:46:00.0620 3416 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:46:00.0620 3416 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12091201\exts.dll
21:46:00.0620 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\exts.dll - ok
21:46:00.0635 3416 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:46:00.0635 3416 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:46:00.0635 3416 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
21:46:00.0635 3416 C:\Windows\SysWOW64\msxml6.dll - ok
21:46:00.0635 3416 [ F787D427F7EB96FBA1E495600BB8CD30 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
21:46:00.0635 3416 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
21:46:00.0651 3416 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:46:00.0651 3416 C:\Windows\SysWOW64\rasadhlp.dll - ok
21:46:00.0651 3416 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
21:46:00.0651 3416 C:\Windows\SysWOW64\security.dll - ok
21:46:00.0651 3416 [ 4130D86B0642EFCBB65AD6B2C9BD022E ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
21:46:00.0651 3416 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
21:46:00.0651 3416 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswAR.dll
21:46:00.0651 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswAR.dll - ok
21:46:00.0667 3416 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12091201\aswRawFS.dll
21:46:00.0667 3416 C:\Program Files\AVAST Software\Avast\defs\12091201\aswRawFS.dll - ok
21:46:00.0667 3416 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:46:00.0667 3416 C:\Windows\SysWOW64\wship6.dll - ok
21:46:00.0667 3416 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:46:00.0667 3416 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:46:00.0667 3416 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:46:00.0667 3416 C:\Windows\System32\ncobjapi.dll - ok
21:46:00.0682 3416 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:46:00.0682 3416 C:\Windows\System32\wbem\wbemess.dll - ok
21:46:00.0682 3416 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
21:46:00.0682 3416 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
21:46:00.0682 3416 [ 2B460CA1AC9A2249C92E54E39A8ACF42 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
21:46:00.0682 3416 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
21:46:00.0698 3416 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
21:46:00.0698 3416 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
21:46:00.0698 3416 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
21:46:00.0698 3416 C:\Windows\SysWOW64\hlink.dll - ok
21:46:00.0698 3416 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
21:46:00.0698 3416 C:\Windows\System32\srvsvc.dll - ok
21:46:00.0698 3416 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
21:46:00.0698 3416 C:\Windows\System32\browser.dll - ok
21:46:00.0713 3416 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
21:46:00.0713 3416 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
21:46:00.0713 3416 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:46:00.0713 3416 C:\Windows\System32\netmsg.dll - ok
21:46:00.0713 3416 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
21:46:00.0713 3416 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
21:46:00.0713 3416 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
21:46:00.0713 3416 C:\Windows\System32\sscore.dll - ok
21:46:00.0729 3416 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
21:46:00.0729 3416 C:\Windows\System32\clusapi.dll - ok
21:46:00.0729 3416 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
21:46:00.0729 3416 C:\Windows\SysWOW64\msv1_0.dll - ok
21:46:00.0729 3416 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:46:00.0729 3416 C:\Windows\System32\resutils.dll - ok
21:46:00.0729 3416 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
21:46:00.0729 3416 C:\Windows\SysWOW64\cryptdll.dll - ok
21:46:00.0745 3416 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
21:46:00.0745 3416 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
21:46:00.0745 3416 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
21:46:00.0745 3416 C:\Windows\SysWOW64\msxml3.dll - ok
21:46:00.0745 3416 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
21:46:00.0745 3416 C:\Windows\AppPatch\AcGenral.dll - ok
21:46:00.0745 3416 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:46:00.0745 3416 C:\Windows\System32\wdi.dll - ok
21:46:00.0760 3416 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:46:00.0760 3416 C:\Windows\System32\perftrack.dll - ok
21:46:00.0760 3416 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
21:46:00.0760 3416 C:\Windows\System32\vaultsvc.dll - ok
21:46:00.0760 3416 [ 1B399CC9E24C9D65CEBA5A807C4036D7 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
21:46:00.0760 3416 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
21:46:00.0760 3416 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:46:00.0760 3416 C:\Windows\System32\npmproxy.dll - ok
21:46:00.0776 3416 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
21:46:00.0776 3416 C:\Windows\System32\wbiosrvc.dll - ok
21:46:00.0776 3416 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
21:46:00.0776 3416 C:\Windows\System32\diagperf.dll - ok
21:46:00.0776 3416 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:46:00.0776 3416 C:\Windows\System32\NapiNSP.dll - ok
21:46:00.0776 3416 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
21:46:00.0776 3416 C:\Windows\System32\wpdbusenum.dll - ok
21:46:00.0791 3416 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:46:00.0791 3416 C:\Windows\System32\pnrpnsp.dll - ok
21:46:00.0791 3416 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:46:00.0791 3416 C:\Windows\SysWOW64\uxtheme.dll - ok
21:46:00.0791 3416 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
21:46:00.0791 3416 C:\Windows\System32\PortableDeviceApi.dll - ok
21:46:00.0791 3416 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:46:00.0791 3416 C:\Windows\System32\winrnr.dll - ok
21:46:00.0807 3416 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
21:46:00.0807 3416 C:\Windows\SysWOW64\samcli.dll - ok
21:46:00.0807 3416 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
21:46:00.0807 3416 C:\Windows\SysWOW64\msacm32.dll - ok
21:46:00.0807 3416 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:46:00.0807 3416 C:\Windows\SysWOW64\sfc.dll - ok
21:46:00.0807 3416 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:46:00.0807 3416 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:46:00.0823 3416 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:46:00.0823 3416 C:\Windows\SysWOW64\sfc_os.dll - ok
21:46:00.0823 3416 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:46:00.0823 3416 C:\Windows\System32\pnpts.dll - ok
21:46:00.0823 3416 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:46:00.0823 3416 C:\Windows\SysWOW64\dwmapi.dll - ok
21:46:00.0823 3416 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:46:00.0823 3416 C:\Windows\System32\radardt.dll - ok
21:46:00.0838 3416 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:46:00.0838 3416 C:\Windows\System32\Apphlpdm.dll - ok
21:46:00.0838 3416 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
21:46:00.0838 3416 C:\Windows\System32\IPSECSVC.DLL - ok
21:46:00.0838 3416 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
21:46:00.0838 3416 C:\Windows\System32\wersvc.dll - ok
21:46:00.0838 3416 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:46:00.0838 3416 C:\Windows\System32\aelupsvc.dll - ok
21:46:00.0854 3416 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
21:46:00.0854 3416 C:\Windows\System32\FwRemoteSvr.dll - ok
21:46:00.0854 3416 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
21:46:00.0854 3416 C:\Windows\System32\ndiscapCfg.dll - ok
21:46:00.0854 3416 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
21:46:00.0854 3416 C:\Windows\System32\rascfg.dll - ok
21:46:00.0854 3416 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
21:46:00.0854 3416 C:\Windows\System32\dimsjob.dll - ok
21:46:00.0869 3416 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
21:46:00.0869 3416 C:\Windows\System32\mprapi.dll - ok
21:46:00.0869 3416 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
21:46:00.0869 3416 C:\Windows\System32\mprmsg.dll - ok
21:46:00.0869 3416 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
21:46:00.0869 3416 C:\Windows\System32\pautoenr.dll - ok
21:46:00.0869 3416 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
21:46:00.0869 3416 C:\Windows\System32\certcli.dll - ok
21:46:00.0885 3416 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
21:46:00.0885 3416 C:\Windows\System32\tcpipcfg.dll - ok
21:46:00.0885 3416 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
21:46:00.0885 3416 C:\Windows\System32\CertEnroll.dll - ok
21:46:00.0885 3416 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
21:46:00.0885 3416 C:\Windows\System32\appinfo.dll - ok
21:46:00.0901 3416 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
21:46:00.0901 3416 C:\Windows\System32\taskeng.exe - ok
21:46:00.0901 3416 [ 80D99851441783123891FBDDF800BEB6 ] C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll
21:46:00.0901 3416 C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll - ok
21:46:00.0901 3416 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
21:46:00.0901 3416 C:\Windows\System32\TSChannel.dll - ok
21:46:00.0901 3416 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
21:46:00.0901 3416 C:\Windows\System32\wdiasqmmodule.dll - ok
21:46:00.0916 3416 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
21:46:00.0916 3416 C:\Windows\SysWOW64\imagehlp.dll - ok
21:46:00.0916 3416 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
21:46:00.0916 3416 C:\Windows\SysWOW64\ncrypt.dll - ok
21:46:00.0916 3416 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
21:46:00.0916 3416 C:\Windows\System32\runonce.exe - ok
21:46:00.0916 3416 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
21:46:00.0916 3416 C:\Windows\SysWOW64\bcrypt.dll - ok
21:46:00.0932 3416 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:46:00.0932 3416 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:46:00.0932 3416 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
21:46:00.0932 3416 C:\Windows\SysWOW64\runonce.exe - ok
21:46:00.0932 3416 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
21:46:00.0932 3416 C:\Windows\SysWOW64\gpapi.dll - ok
21:46:00.0932 3416 [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
21:46:00.0932 3416 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
21:46:00.0947 3416 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
21:46:00.0947 3416 C:\Windows\SysWOW64\cryptnet.dll - ok
21:46:00.0947 3416 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
21:46:00.0947 3416 C:\Windows\SysWOW64\propsys.dll - ok
21:46:00.0947 3416 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:46:00.0947 3416 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:46:00.0947 3416 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:46:00.0947 3416 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:46:00.0963 3416 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
21:46:00.0963 3416 C:\Windows\SysWOW64\devenum.dll - ok
21:46:00.0963 3416 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
21:46:00.0963 3416 C:\Windows\SysWOW64\cmd.exe - ok
21:46:00.0963 3416 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
21:46:00.0963 3416 C:\Windows\SysWOW64\msdmo.dll - ok
21:46:00.0979 3416 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
21:46:00.0979 3416 C:\Windows\SysWOW64\avicap32.dll - ok
21:46:00.0979 3416 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
21:46:00.0979 3416 C:\Windows\SysWOW64\msvfw32.dll - ok
21:46:00.0979 3416 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
21:46:00.0979 3416 C:\Windows\System32\nci.dll - ok
21:46:00.0979 3416 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
21:46:00.0979 3416 C:\Windows\System32\wlaninst.dll - ok
21:46:00.0994 3416 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
21:46:00.0994 3416 C:\Windows\SysWOW64\vfwwdm32.dll - ok
21:46:00.0994 3416 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
21:46:00.0994 3416 C:\Windows\System32\wwaninst.dll - ok
21:46:00.0994 3416 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
21:46:00.0994 3416 C:\Windows\System32\conhost.exe - ok
21:46:00.0994 3416 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
21:46:00.0994 3416 C:\Windows\System32\rundll32.exe - ok
21:46:01.0010 3416 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
21:46:01.0010 3416 C:\Windows\System32\actxprxy.dll - ok
21:46:01.0010 3416 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:46:01.0010 3416 C:\Windows\SysWOW64\winbrand.dll - ok
21:46:01.0010 3416 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\SysWOW64\ieframe.dll
21:46:01.0010 3416 C:\Windows\SysWOW64\ieframe.dll - ok
21:46:01.0025 3416 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Users\Wayne\AppData\Local\temp\A7E00AF5-50C4-4AA6-8EC2-BB81C5929DD0.exe
21:46:01.0025 3416 C:\Users\Wayne\AppData\Local\temp\A7E00AF5-50C4-4AA6-8EC2-BB81C5929DD0.exe - ok
21:46:01.0025 3416 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
21:46:01.0025 3416 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
21:46:01.0025 3416 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
21:46:01.0025 3416 C:\Windows\SysWOW64\wbemcomn.dll - ok
21:46:01.0025 3416 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
21:46:01.0025 3416 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
21:46:01.0041 3416 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
21:46:01.0041 3416 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
21:46:01.0041 3416 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
21:46:01.0041 3416 C:\Windows\SysWOW64\ntdsapi.dll - ok
21:46:01.0041 3416 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
21:46:01.0041 3416 C:\Windows\System32\esent.dll - ok
21:46:01.0041 3416 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
21:46:01.0041 3416 C:\Windows\System32\spfileq.dll - ok
21:46:01.0057 3416 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
21:46:01.0057 3416 C:\Windows\SysWOW64\rasapi32.dll - ok
21:46:01.0057 3416 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
21:46:01.0057 3416 C:\Windows\SysWOW64\rasman.dll - ok
21:46:01.0057 3416 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
21:46:01.0057 3416 C:\Windows\SysWOW64\rtutils.dll - ok
21:46:01.0057 3416 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
21:46:01.0057 3416 C:\Windows\SysWOW64\netprofm.dll - ok
21:46:01.0072 3416 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
21:46:01.0072 3416 C:\Windows\SysWOW64\npmproxy.dll - ok
21:46:01.0072 3416 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
21:46:01.0072 3416 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
21:46:01.0072 3416 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
21:46:01.0072 3416 C:\Windows\System32\wbem\wmiprov.dll - ok
21:46:01.0072 3416 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
21:46:01.0072 3416 C:\Windows\System32\wbem\NCProv.dll - ok
21:46:01.0088 3416 [ 679E82F9D5BE28F5B05064A2F46CE4F2 ] C:\Windows\System32\wbem\mofd.dll
21:46:01.0088 3416 C:\Windows\System32\wbem\mofd.dll - ok
21:46:01.0088 3416 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
21:46:01.0088 3416 C:\Windows\SysWOW64\shdocvw.dll - ok
21:46:01.0088 3416 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
21:46:01.0088 3416 C:\Windows\System32\wbem\unsecapp.exe - ok
21:46:01.0088 3416 [ 56EDCFB115804565601D2E9E648E776F ] C:\Program Files (x86)\Common Files\AuthenTec\TrueOTPIntel.dll
21:46:01.0088 3416 C:\Program Files (x86)\Common Files\AuthenTec\TrueOTPIntel.dll - ok
21:46:01.0103 3416 [ 496C6A87947CDF1028323041D4CABF83 ] C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll
21:46:01.0103 3416 C:\Program Files\Symantec\VIP Access SDK\VIPOTPProv.dll - ok
21:46:01.0103 3416 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
21:46:01.0103 3416 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
21:46:01.0103 3416 [ DE36A1308E4F4632249559D542653EEE ] C:\Program Files (x86)\Intel\Services\IPT\otpIha.dll
21:46:01.0103 3416 C:\Program Files (x86)\Intel\Services\IPT\otpIha.dll - ok
21:46:01.0103 3416 [ E62E3FA9F6317C3A12779768F2F9093C ] C:\Program Files (x86)\Intel\Services\IPT\jhi.dll
21:46:01.0103 3416 C:\Program Files (x86)\Intel\Services\IPT\jhi.dll - ok
21:46:01.0119 3416 [ 4332A1DCADDB05AE1E859C98540E90EA ] C:\Program Files (x86)\Intel\Services\IPT\jhi_servicePS.dll
21:46:01.0119 3416 C:\Program Files (x86)\Intel\Services\IPT\jhi_servicePS.dll - ok
21:46:01.0119 3416 [ 1C3D0C8B5BBCF551614C32CBE5311005 ] C:\Program Files (x86)\Intel\Services\IPT\EPIDProv.dll
21:46:01.0119 3416 C:\Program Files (x86)\Intel\Services\IPT\EPIDProv.dll - ok
21:46:01.0119 3416 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:46:01.0119 3416 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:46:01.0135 3416 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
21:46:01.0135 3416 C:\Windows\SysWOW64\EhStorShell.dll - ok
21:46:01.0135 3416 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
21:46:01.0135 3416 C:\Windows\SysWOW64\ntshrui.dll - ok
21:46:01.0135 3416 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
21:46:01.0135 3416 C:\Windows\SysWOW64\slc.dll - ok
21:46:01.0135 3416 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
21:46:01.0135 3416 C:\Windows\SysWOW64\imageres.dll - ok
21:46:01.0150 3416 [ 1DB8C2220EFDBA97F671F46F6A8DE51E ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
21:46:01.0150 3416 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe - ok
21:46:01.0150 3416 [ B174DE0DE6C9AA8AFFD3B926653E625F ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
21:46:01.0150 3416 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
21:46:01.0150 3416 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
21:46:01.0150 3416 C:\Windows\System32\mscoree.dll - ok
21:46:01.0150 3416 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:46:01.0150 3416 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:46:01.0166 3416 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:46:01.0166 3416 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:46:01.0166 3416 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
21:46:01.0166 3416 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
21:46:01.0166 3416 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
21:46:01.0166 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
21:46:01.0181 3416 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
21:46:01.0181 3416 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
21:46:01.0181 3416 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
21:46:01.0181 3416 C:\Windows\System32\riched20.dll - ok
21:46:01.0181 3416 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
21:46:01.0181 3416 C:\Windows\SysWOW64\devrtl.dll - ok
21:46:01.0181 3416 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
21:46:01.0181 3416 C:\Windows\System32\wmploc.DLL - ok
21:46:01.0197 3416 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\SysWOW64\ie4uinit.exe
21:46:01.0197 3416 C:\Windows\SysWOW64\ie4uinit.exe - ok
21:46:01.0197 3416 [ ED6F6FBBCDEC95483B7351E23F4FCDF6 ] C:\Windows\SysWOW64\IEAdvpack.dll
21:46:01.0197 3416 C:\Windows\SysWOW64\IEAdvpack.dll - ok
21:46:01.0197 3416 [ 50BB4FBC720D23497EEB5C9DAC497405 ] C:\Windows\SysWOW64\mydocs.dll
21:46:01.0197 3416 C:\Windows\SysWOW64\mydocs.dll - ok
21:46:01.0197 3416 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
21:46:01.0197 3416 C:\Windows\SysWOW64\SPInf.dll - ok
21:46:01.0213 3416 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\SysWOW64\spfileq.dll
21:46:01.0213 3416 C:\Windows\SysWOW64\spfileq.dll - ok
21:46:01.0213 3416 [ A664679445BFF4FA5A39D933F1AD7F12 ] C:\Windows\SysWOW64\inetcpl.cpl
21:46:01.0213 3416 C:\Windows\SysWOW64\inetcpl.cpl - ok
21:46:01.0213 3416 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
21:46:01.0213 3416 C:\Windows\SysWOW64\cryptui.dll - ok
21:46:01.0213 3416 [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\SysWOW64\mshtml.dll
21:46:01.0213 3416 C:\Windows\SysWOW64\mshtml.dll - ok
21:46:01.0228 3416 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
21:46:01.0228 3416 C:\Windows\SysWOW64\mlang.dll - ok
21:46:01.0228 3416 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
21:46:01.0228 3416 C:\Windows\SysWOW64\rundll32.exe - ok
21:46:01.0228 3416 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
21:46:01.0228 3416 C:\Windows\AppPatch\AcLayers.dll - ok
21:46:01.0228 3416 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll
21:46:01.0228 3416 C:\Windows\AppPatch\acwow64.dll - ok
21:46:01.0244 3416 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
21:46:01.0244 3416 C:\Windows\SysWOW64\advpack.dll - ok
21:46:01.0244 3416 [ 802B0229D904E28C1EA9A5274AB457FC ] C:\Windows\SysWOW64\iesetup.dll
21:46:01.0244 3416 C:\Windows\SysWOW64\iesetup.dll - ok
21:46:01.0244 3416 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
21:46:01.0244 3416 C:\Windows\System32\regsvr32.exe - ok
21:46:01.0244 3416 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
21:46:01.0244 3416 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
21:46:01.0259 3416 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\86016785.sys
21:46:01.0259 3416 C:\Windows\System32\drivers\86016785.sys - ok
21:46:01.0259 3416 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
21:46:01.0259 3416 C:\Windows\System32\uDWM.dll - ok
21:46:01.0259 3416 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
21:46:01.0259 3416 C:\Windows\SysWOW64\riched20.dll - ok
21:46:01.0259 3416 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:46:01.0259 3416 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:46:01.0275 3416 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:46:01.0275 3416 C:\Windows\SysWOW64\duser.dll - ok
21:46:01.0275 3416 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:46:01.0275 3416 C:\Windows\SysWOW64\dui70.dll - ok
21:46:01.0275 3416 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
21:46:01.0275 3416 C:\Windows\System32\SearchFolder.dll - ok
21:46:01.0275 3416 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
21:46:01.0275 3416 C:\Windows\System32\StructuredQuery.dll - ok
21:46:01.0291 3416 [ B8CAF23886F336DD148B4C2003C8D200 ] C:\Windows\System32\mmres.dll
21:46:01.0291 3416 C:\Windows\System32\mmres.dll - ok
21:46:01.0291 3416 [ 6E90B7A6C66355AA8DDC5CABF6073DE1 ] C:\Windows\System32\main.cpl
21:46:01.0291 3416 C:\Windows\System32\main.cpl - ok
21:46:01.0291 3416 [ 2BF10B03F6845661ED8BD58A8CB34B2F ] C:\Program Files (x86)\Windows Mail\WinMail.exe
21:46:01.0291 3416 C:\Program Files (x86)\Windows Mail\WinMail.exe - ok
21:46:01.0291 3416 [ B7592E80772071D66336B3EC9B82101D ] C:\Windows\SysWOW64\msoert2.dll
21:46:01.0291 3416 C:\Windows\SysWOW64\msoert2.dll - ok
21:46:01.0306 3416 [ C5237836978F9FAFB933FFE41256D66A ] C:\Program Files (x86)\Common Files\System\wab32.dll
21:46:01.0306 3416 C:\Program Files (x86)\Common Files\System\wab32.dll - ok
21:46:01.0306 3416 [ 1AF22468786A58B11F6601ADEADC162A ] C:\Windows\SysWOW64\cryptdlg.dll
21:46:01.0306 3416 C:\Windows\SysWOW64\cryptdlg.dll - ok
21:46:01.0306 3416 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
21:46:01.0306 3416 C:\Windows\SysWOW64\msftedit.dll - ok
21:46:01.0306 3416 [ 2723652E8757255E6A55499494932123 ] C:\Program Files (x86)\Common Files\System\wab32res.dll
21:46:01.0306 3416 C:\Program Files (x86)\Common Files\System\wab32res.dll - ok
21:46:01.0322 3416 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
21:46:01.0322 3416 C:\Windows\SysWOW64\shacct.dll - ok
21:46:01.0322 3416 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
21:46:01.0322 3416 C:\Windows\SysWOW64\samlib.dll - ok
21:46:01.0322 3416 [ A576E5A113193FACFDC533FF2475530D ] C:\Program Files\Windows Mail\WinMail.exe
21:46:01.0322 3416 C:\Program Files\Windows Mail\WinMail.exe - ok
21:46:01.0337 3416 [ 82D2C191740D13DCBD2A6EF5F209FB3A ] C:\Windows\System32\msoert2.dll
21:46:01.0337 3416 C:\Windows\System32\msoert2.dll - ok
21:46:01.0337 3416 [ 5706954D1E7EBB0C254FF6DDCD5D7B4E ] C:\Program Files\Common Files\System\wab32.dll
21:46:01.0337 3416 C:\Program Files\Common Files\System\wab32.dll - ok
21:46:01.0337 3416 [ 0C468376C80AEBF7BB6E19E118C88204 ] C:\Windows\System32\cryptdlg.dll
21:46:01.0337 3416 C:\Windows\System32\cryptdlg.dll - ok
21:46:01.0337 3416 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
21:46:01.0337 3416 C:\Windows\System32\msftedit.dll - ok
21:46:01.0353 3416 [ 55934080B2ED262D13455578DD5E50C9 ] C:\Program Files\Common Files\System\wab32res.dll
21:46:01.0353 3416 C:\Program Files\Common Files\System\wab32res.dll - ok
21:46:01.0353 3416 [ 6567E9E14D7BF45D01C299C6DD9E4343 ] C:\Program Files\Windows Mail\msoe.dll
21:46:01.0353 3416 C:\Program Files\Windows Mail\msoe.dll - ok
21:46:01.0353 3416 [ 44E2A60ADD08DCC3DCC0827497B92880 ] C:\Windows\System32\msoeacct.dll
21:46:01.0353 3416 C:\Windows\System32\msoeacct.dll - ok
21:46:01.0353 3416 [ 142E90CF1A4C5B6E7505810E38B07B9F ] C:\Windows\System32\inetcomm.dll
21:46:01.0353 3416 C:\Windows\System32\inetcomm.dll - ok
21:46:01.0369 3416 [ 381514A6712D879B7281DBEC55D1A1EA ] C:\Windows\System32\msidcrl30.dll
21:46:01.0369 3416 C:\Windows\System32\msidcrl30.dll - ok
21:46:01.0369 3416 [ 70D8B5C2A5DC62AF0FB5504B2E2233D7 ] C:\Windows\System32\INETRES.dll
21:46:01.0369 3416 C:\Windows\System32\INETRES.dll - ok
21:46:01.0369 3416 [ 540147995D966C87DD562F6EF67C7ED1 ] C:\Windows\System32\ACCTRES.dll
21:46:01.0369 3416 C:\Windows\System32\ACCTRES.dll - ok
21:46:01.0369 3416 [ 030DC6F7808240F66E11FD734CA9D922 ] C:\Program Files\Windows Mail\MSOERES.dll
21:46:01.0369 3416 C:\Program Files\Windows Mail\MSOERES.dll - ok
21:46:01.0384 3416 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
21:46:01.0384 3416 C:\Windows\System32\mlang.dll - ok
21:46:01.0384 3416 [ 6833ABEC81DCCD4E27A1851426FBD2A8 ] C:\Windows\System32\msident.dll
21:46:01.0384 3416 C:\Windows\System32\msident.dll - ok
21:46:01.0384 3416 [ 33FD2D719594DC9F49B80CE125D4B433 ] C:\Windows\System32\pstorec.dll
21:46:01.0384 3416 C:\Windows\System32\pstorec.dll - ok
21:46:01.0384 3416 [ 35BA5AA671887FE8A62B88A9A6229FD5 ] C:\Windows\System32\pstorsvc.dll
21:46:01.0384 3416 C:\Windows\System32\pstorsvc.dll - ok
21:46:01.0400 3416 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
21:46:01.0400 3416 C:\Windows\System32\psbase.dll - ok
21:46:01.0400 3416 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
21:46:01.0400 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
21:46:01.0400 3416 [ 64B328D52DFC8CDA123093E3F6E4C37C ] C:\Windows\System32\unregmp2.exe
21:46:01.0400 3416 C:\Windows\System32\unregmp2.exe - ok
21:46:01.0400 3416 [ 92CBA4EBF1EAC5329662A967C079F660 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
21:46:01.0400 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll - ok
21:46:01.0415 3416 [ 3BDCBB29D727C49DC3E3256253467281 ] C:\Windows\System32\wmdrmsdk.dll
21:46:01.0415 3416 C:\Windows\System32\wmdrmsdk.dll - ok
21:46:01.0415 3416 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
21:46:01.0415 3416 C:\Windows\System32\mfplat.dll - ok
21:46:01.0415 3416 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
21:46:01.0415 3416 C:\Windows\System32\wmp.dll - ok
21:46:01.0415 3416 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
21:46:01.0415 3416 C:\Windows\System32\WMVCORE.DLL - ok
21:46:01.0431 3416 [ 383661D710295D2DA3FDFBA0C3ED4BCF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
21:46:01.0431 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll - ok
21:46:01.0431 3416 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
21:46:01.0431 3416 C:\Windows\System32\WMASF.DLL - ok
21:46:01.0431 3416 [ 2383B9314592FEC47900BC5A6C7AEC83 ] C:\Windows\System32\WMNetMgr.dll
21:46:01.0431 3416 C:\Windows\System32\WMNetMgr.dll - ok
21:46:01.0431 3416 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
21:46:01.0431 3416 C:\Windows\System32\shdocvw.dll - ok
21:46:01.0447 3416 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
21:46:01.0447 3416 C:\Windows\System32\wmpps.dll - ok
21:46:01.0447 3416 [ 77D23D333BF27515EA51A23E96A63D6C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
21:46:01.0447 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll - ok
21:46:01.0447 3416 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:46:01.0447 3416 C:\Windows\System32\linkinfo.dll - ok
21:46:01.0462 3416 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
21:46:01.0462 3416 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
21:46:01.0462 3416 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
21:46:01.0462 3416 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
21:46:01.0462 3416 [ C8994E2703410F8DFE19DE5BF82994C0 ] C:\Windows\System32\mydocs.dll
21:46:01.0462 3416 C:\Windows\System32\mydocs.dll - ok
21:46:01.0462 3416 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:46:01.0462 3416 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:46:01.0478 3416 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
21:46:01.0478 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
21:46:01.0478 3416 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
21:46:01.0478 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
21:46:01.0478 3416 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
21:46:01.0478 3416 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
21:46:01.0478 3416 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
21:46:01.0478 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
21:46:01.0493 3416 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
21:46:01.0493 3416 C:\Windows\System32\SearchIndexer.exe - ok
21:46:01.0493 3416 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
21:46:01.0493 3416 C:\Windows\System32\tquery.dll - ok
21:46:01.0493 3416 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
21:46:01.0493 3416 C:\Windows\System32\mssrch.dll - ok
21:46:01.0493 3416 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
21:46:01.0493 3416 C:\Windows\System32\msidle.dll - ok
21:46:01.0509 3416 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:46:01.0509 3416 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:46:01.0509 3416 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
21:46:01.0509 3416 C:\Windows\System32\mssprxy.dll - ok
21:46:01.0509 3416 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
21:46:01.0509 3416 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
21:46:01.0509 3416 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
21:46:01.0509 3416 C:\Windows\System32\en-US\tquery.dll.mui - ok
21:46:01.0525 3416 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
21:46:01.0525 3416 C:\Windows\SysWOW64\mscoree.dll - ok
21:46:01.0525 3416 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:46:01.0525 3416 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
21:46:01.0525 3416 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
21:46:01.0525 3416 C:\Windows\System32\msvcr100_clr0400.dll - ok
21:46:01.0540 3416 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
21:46:01.0540 3416 C:\Windows\System32\SearchProtocolHost.exe - ok
21:46:01.0540 3416 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
21:46:01.0540 3416 C:\Windows\System32\FntCache.dll - ok
21:46:01.0540 3416 [ 75C59DFB82BBB997EB702BE0770619C2 ] C:\Windows\SysWOW64\mscories.dll
21:46:01.0540 3416 C:\Windows\SysWOW64\mscories.dll - ok
21:46:01.0540 3416 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
21:46:01.0540 3416 C:\Windows\SysWOW64\linkinfo.dll - ok
21:46:01.0556 3416 [ 1223ACBFC1093852DFF039E189599BBD ] C:\Program Files\Internet Explorer\iexplore.exe
21:46:01.0556 3416 C:\Program Files\Internet Explorer\iexplore.exe - ok
21:46:01.0556 3416 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
21:46:01.0556 3416 C:\Windows\System32\msshooks.dll - ok
21:46:01.0556 3416 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
21:46:01.0556 3416 C:\Windows\System32\SearchFilterHost.exe - ok
21:46:01.0556 3416 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
21:46:01.0556 3416 C:\Windows\System32\mssph.dll - ok
21:46:01.0571 3416 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\SysWOW64\iedkcs32.dll
21:46:01.0571 3416 C:\Windows\SysWOW64\iedkcs32.dll - ok
21:46:01.0571 3416 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
21:46:01.0571 3416 C:\Windows\System32\mapi32.dll - ok
21:46:01.0571 3416 [ 7940C04CE581288A3498D57EC4EE47D2 ] C:\Windows\SysWOW64\msfeeds.dll
21:46:01.0571 3416 C:\Windows\SysWOW64\msfeeds.dll - ok
21:46:01.0571 3416 [ 7673BF5E055468A08DF750334D93340B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
21:46:01.0571 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll - ok
21:46:01.0587 3416 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
21:46:01.0587 3416 C:\Windows\System32\NaturalLanguage6.dll - ok
21:46:01.0587 3416 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
21:46:01.0587 3416 C:\Windows\System32\NlsData0009.dll - ok
21:46:01.0587 3416 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
21:46:01.0587 3416 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
21:46:01.0603 3416 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
21:46:01.0603 3416 C:\Windows\System32\NlsLexicons0009.dll - ok
21:46:01.0603 3416 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
21:46:01.0603 3416 C:\Windows\System32\ELSCore.dll - ok
21:46:01.0603 3416 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
21:46:01.0603 3416 C:\Windows\System32\elsTrans.dll - ok
21:46:01.0603 3416 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
21:46:01.0603 3416 C:\Windows\System32\elslad.dll - ok
21:46:01.0618 3416 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
21:46:01.0618 3416 C:\Windows\System32\NlsData0000.dll - ok
21:46:01.0618 3416 [ D6F5F47CD1C61CA8993C8BBC8F59C7D7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
21:46:01.0618 3416 C:\Windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll - ok
21:46:01.0618 3416 ============================================================
21:46:01.0618 3416 Scan finished
21:46:01.0618 3416 ============================================================
21:46:01.0634 1500 Detected object count: 0
21:46:01.0634 1500 Actual detected object count: 0
21:46:53.0042 3928 Deinitialize success


  • 0

#20
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
What do you mean by the temp version?

What user accounts do you have on the machine?

When you try to access or log on with a user account what error message do you get?
  • 0

#21
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
IT WORKS! :thumbsup:
I rebooted several times. I shut down and then booted back up. I get the proper desktop.
  • 0

#22
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Re run OTL
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt
  • Post the log


Step 2.

Scanning with GMER

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan

Posted Image
Download GMER Rootkit Scanner from here or here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

Posted Image
Click here to see enlarge it

  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...

  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)

  • Then click the Scan button & wait for it to finish.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop, and attach it in your reply.


Notes:
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

-- If you encounter any problems, try running GMER in safe mode.
-- If GMER crashes or keeps resulting in a BSODs, uncheck Devices on the right side before scanning


Step 3.

Please post:

OTL.txt
GMER log


Also update me on how the computer is running.
  • 1

#23
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
computer seems to be running fine.

otl log gmer was blank.

Except for a few min in the morning I will be tied up for the next couple of days and won't have my computer.

OTL logfile created on: 9/12/2012 11:06:22 PM - Run 6
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\Wayne\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.95 Gb Total Physical Memory | 2.60 Gb Available Physical Memory | 65.80% Memory free
7.90 Gb Paging File | 6.39 Gb Available in Paging File | 80.86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446.21 Gb Total Space | 388.58 Gb Free Space | 87.08% Space Free | Partition Type: NTFS
Drive D: | 15.38 Gb Total Space | 1.70 Gb Free Space | 11.05% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.22% Space Free | Partition Type: FAT32

Computer Name: WAYNE-HP | User Name: Wayne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/10 20:02:34 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
PRC - [2012/08/21 04:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/04/25 16:07:46 | 000,197,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/09/24 15:03:42 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2011/06/28 03:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/05/06 01:06:46 | 000,263,496 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011/05/06 01:06:28 | 000,653,128 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011/05/06 01:06:02 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/04/30 02:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/01/27 14:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/13 09:00:49 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll
MOD - [2012/06/13 07:17:02 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/13 07:16:15 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/13 07:15:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/12 07:58:55 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll
MOD - [2012/05/08 22:00:54 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/08 21:59:36 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/08 21:59:22 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/08 21:59:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/08 21:59:13 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/08 21:59:00 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/15 14:36:29 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/12/11 11:39:45 | 000,305,152 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2011/09/24 15:03:32 | 000,341,312 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe -- (NitroDriverReadSpool)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/09/12 22:00:07 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/01 08:37:07 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/25 16:07:46 | 000,197,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/28 16:18:02 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/09/24 15:03:42 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/05/06 01:06:46 | 000,263,496 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011/04/30 02:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/02/18 17:37:00 | 002,372,096 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/02/01 16:41:24 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/01 16:41:20 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 04:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 04:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 04:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 04:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 04:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 04:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/04/12 19:45:04 | 001,860,672 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/11 11:41:38 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/11 11:39:46 | 000,535,040 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/12/11 11:38:33 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/16 00:20:20 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/16 00:20:20 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/05/10 12:57:26 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/04/26 13:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/02/15 14:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011/02/14 03:42:36 | 000,028,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64diag.sys -- (UsbDiag)
DRV:64bit: - [2011/02/14 03:42:30 | 000,034,816 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64modem.sys -- (USBModem)
DRV:64bit: - [2011/02/14 03:42:28 | 000,017,920 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgx64bus.sys -- (usbbus)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{53222949-EFB5-49B3-88E7-364E4A6524CF}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{52D29614-184F-38A2-F7CB-7814A59284BD}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{53222949-EFB5-49B3-88E7-364E4A6524CF}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://msn.com/
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AB AC 0C 30 A3 88 CD 01 [binary data]
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes,Backup.Old.DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{52D29614-184F-38A2-F7CB-7814A59284BD}: "URL" = http://us.yhs.search...p={searchTerms}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{53222949-EFB5-49B3-88E7-364E4A6524CF}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\7\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Wayne\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Wayne\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011/01/26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/09/11 18:20:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/12 22:00:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/10/23 09:57:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wayne\AppData\Roaming\Mozilla\Extensions
[2012/09/12 17:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wayne\AppData\Roaming\Mozilla\Firefox\Profiles\r1w8x71x.default\extensions
[2012/09/12 22:20:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/09/12 22:20:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/09/12 22:00:08 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/12 22:00:06 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/12 22:00:06 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Wayne\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Wayne\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Wayne\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Wayne\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java™ Platform SE 6 U35 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\SysWOW64\npdeployJava1.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Wayne\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\Wayne\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\

O1 HOSTS File: ([2012/09/12 12:36:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001..\Run: [HP Deskjet 3050A J611 series (NET)] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-3881042110-2516124880-1174796713-1001\..Trusted Domains: gmrconline.com ([pers] https in Trusted sites)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} http://zone.msn.com/...on.cab64162.cab (MSN Games – Backgammon)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{61752F94-E624-41CC-B57D-1B241BE741BA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/12 22:27:55 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{2E1D7A68-00F4-4246-A406-8C1E38713202}
[2012/09/12 22:00:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/09/12 21:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/12 21:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/09/12 21:33:32 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Wayne\Desktop\tdsskiller.exe
[2012/09/12 12:43:57 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\temp
[2012/09/12 12:36:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/09/12 12:20:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/09/12 12:20:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/09/12 12:20:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/09/12 12:16:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/09/12 12:16:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/09/12 12:11:00 | 004,749,988 | R--- | C] (Swearware) -- C:\Users\Wayne\Desktop\ComboFix.exe
[2012/09/11 20:43:13 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/11 12:38:45 | 000,000,000 | ---D | C] -- C:\Users\Wayne\Desktop\RK_Quarantine
[2012/09/10 19:57:44 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
[2012/09/10 19:43:19 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2012/09/08 00:15:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{FE1521D5-DADA-4183-911A-EF6A43B62EB1}
[2012/09/07 23:53:05 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{9D611FA1-81EC-4C1E-A5FF-21025008358E}
[2012/09/07 07:28:51 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{7BDB5955-1C7F-469B-A89E-277AC81D144D}
[2012/09/06 20:57:05 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{81CA97D3-726B-4914-B3AA-78E2699FDADB}
[2012/09/06 20:55:32 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{BA5C312F-6BB9-4691-8507-1AA31ACC0F35}
[2012/09/05 08:22:30 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{0120C881-8B40-423D-8A0E-3DA0AACEB672}
[2012/09/04 20:14:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{0480FC5C-3A1C-448F-8EE1-59E0A7174A7E}
[2012/09/04 06:05:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{F090488B-1FAD-4776-8B5D-12F8D62D071D}
[2012/09/03 20:35:33 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{2CC0BC10-542C-4C2F-80E4-DDA3E4A5E7BA}
[2012/09/03 08:35:09 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{C4BA090B-8929-4190-99DA-0661032B0EB4}
[2012/09/02 20:34:45 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{8DFFAAD1-CB96-4457-A152-ABD3202AAF93}
[2012/09/02 20:02:38 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/02 15:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/09/02 14:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/09/02 14:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/09/02 14:45:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DownloadManager
[2012/09/02 14:44:32 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\Google
[2012/09/02 08:34:21 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{04B1A052-3B3F-40AC-A289-3EAB843041F4}
[2012/09/01 20:33:54 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{2311B19A-3C35-4A16-A368-CD62AA31150A}
[2012/09/01 08:33:30 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{FD87365C-5916-415B-A788-5B63C9432326}
[2012/08/31 17:20:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{467732E6-E2CE-4908-92C3-367D38FCF4EC}
[2012/08/30 20:36:38 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{6E91C5BB-7BD6-4607-BA5C-777AA4FF937C}
[2012/08/29 22:08:07 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{33AA0F36-E6BA-482B-AE2B-E586E0A60B60}
[2012/08/29 07:00:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{CD91710F-5C6D-4304-8718-D8299AA189B2}
[2012/08/28 12:18:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{FE65E97F-3BE5-4C6E-AD50-A19E543B1CAD}
[2012/08/27 19:45:58 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{95B14A2E-680E-4D87-B319-B96F0270EA38}
[2012/08/27 07:45:34 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{92E5B221-586F-4F5A-9D17-4464F800A7F5}
[2012/08/26 19:45:10 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{8F4A21D9-C9E5-46B4-9A5B-56573E6E52B3}
[2012/08/26 07:44:46 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{C930D05A-A1B5-495E-8D45-26CB34D474F9}
[2012/08/25 19:44:18 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{14E45FEE-EDB9-4527-8374-C4AEA60F2812}
[2012/08/25 07:43:55 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{1A1A0596-0B28-4B09-B09F-0DEDE2D84225}
[2012/08/24 19:06:01 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{651F7331-AB3E-422A-B401-2F4A1C3041D1}
[2012/08/24 07:05:36 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{0E71E090-928E-42BA-A19C-4D5BA45D8CE0}
[2012/08/23 19:03:43 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{BE11910A-F1B1-4C4E-BC1F-41AEBBA3BBC2}
[2012/08/22 21:56:00 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{B1A30BFB-94AA-4BFD-AEBF-5620CFB61BFE}
[2012/08/22 06:31:31 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{3780388D-BD50-4FA0-816F-CA69D02CFE1E}
[2012/08/21 12:30:26 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{1EF81B47-E235-460E-A3AB-57145FCBABFA}
[2012/08/20 19:53:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{7DCE0557-1C1E-4F0E-B506-7E0F9BF1A4C3}
[2012/08/20 07:52:50 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{0054F5C3-54D0-4EB4-9763-340ABAFD1C83}
[2012/08/19 07:52:15 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{DFFE056F-86AF-476F-A40C-B68DD8BD13E8}
[2012/08/18 19:51:39 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{FB8FDED2-ECC0-4ED1-8820-B0688A3B3FF6}
[2012/08/18 07:09:30 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{8108E88C-C6A7-4850-8D8B-D53E247C7314}
[2012/08/18 07:09:18 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{6F7CB613-CB32-4848-B3A4-FBC339D8CB11}
[2012/08/17 11:47:06 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{4D8E07D3-FAE3-4740-95FE-08C745440615}
[2012/08/17 11:46:46 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{F19853FB-C00A-4730-8052-DEA6DCF0A584}
[2012/08/16 13:12:37 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{1A468551-3175-45F4-B52D-0493FF4B3165}
[2012/08/16 13:12:25 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{79AE7334-6237-4EA7-A641-B9E2B7FA8B77}
[2012/08/15 21:46:40 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{DA2A9565-C6DC-44A5-993E-88375A176348}
[2012/08/15 21:46:27 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{E29D7D27-A544-469E-8A2D-ACFB66FCC396}
[2012/08/15 21:46:14 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{383B221A-355B-4FF1-BC3A-5D9CFA24E792}
[2012/08/15 07:05:09 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{30FC5C3A-F689-41DF-9860-103EB74783D4}
[2012/08/15 07:04:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{B50A39CB-6DEE-40B1-945A-8B0F54EB86E8}
[2012/08/15 07:04:49 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{7A4B99B3-7415-4B2F-8339-0EE752D9A4E9}
[2012/08/15 07:04:35 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{E13CD934-15EC-4BA1-8CE5-D0C8BE6E05E3}
[2012/08/14 11:42:13 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{43120427-8DB6-4200-B5CC-18B0039D8B07}
[2012/08/14 11:41:59 | 000,000,000 | ---D | C] -- C:\Users\Wayne\AppData\Local\{4916F9A4-41C4-4747-9404-2D6D1298130B}
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/12 22:50:23 | 000,294,216 | ---- | M] () -- C:\Users\Wayne\Desktop\gmer.zip
[2012/09/12 22:46:55 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/12 22:46:55 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/12 22:43:39 | 000,780,172 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/12 22:43:39 | 000,660,990 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/12 22:43:39 | 000,121,628 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/12 22:38:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/12 22:38:49 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/12 22:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/12 21:33:40 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Wayne\Desktop\tdsskiller.exe
[2012/09/12 12:36:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/09/12 12:11:13 | 004,749,988 | R--- | M] (Swearware) -- C:\Users\Wayne\Desktop\ComboFix.exe
[2012/09/12 07:12:06 | 000,512,399 | ---- | M] () -- C:\Users\Wayne\Desktop\adwcleaner.exe
[2012/09/12 07:09:07 | 001,378,816 | ---- | M] () -- C:\Users\Wayne\Desktop\RogueKiller.exe
[2012/09/11 18:20:25 | 000,000,350 | -H-- | M] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/09/11 18:20:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/09/11 18:15:43 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/10 20:02:34 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Wayne\Desktop\OTL.exe
[2012/09/09 22:38:08 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWayne.job
[2012/09/08 09:38:10 | 000,000,274 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1B619010-4F83-4A6F-8F1F-328EC1921A69}.job
[2012/09/04 22:52:57 | 000,140,489 | ---- | M] () -- C:\Users\Wayne\Desktop\Frontier.com Bill Payment.pdf
[2012/09/04 22:50:52 | 000,135,119 | ---- | M] () -- C:\Users\Wayne\Desktop\Verizon Wireless - Pay Bill Confirmation.pdf
[2012/09/04 22:47:26 | 000,096,806 | ---- | M] () -- C:\Users\Wayne\Desktop\Make a Payment - Payment Confirmation.pdf
[2012/09/04 22:45:41 | 000,088,805 | ---- | M] () -- C:\Users\Wayne\Desktop\DIRECTV.pdf
[2012/09/02 14:46:50 | 000,002,041 | ---- | M] () -- C:\Users\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2012/08/31 19:43:29 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/21 04:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/21 04:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/21 04:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/21 04:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/21 04:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/21 04:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/21 04:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/21 04:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/21 04:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/08/19 17:30:39 | 000,029,508 | ---- | M] () -- C:\Users\Wayne\Desktop\0816122055a.jpg
[2012/08/19 17:30:33 | 000,021,316 | ---- | M] () -- C:\Users\Wayne\Desktop\0816122056a.jpg
[2012/08/19 17:30:22 | 000,030,596 | ---- | M] () -- C:\Users\Wayne\Desktop\0816122055.jpg
[2012/08/17 11:53:02 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/08/16 08:26:53 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/15 22:39:05 | 000,031,812 | ---- | M] () -- C:\Users\Wayne\Desktop\0815121944a.jpg
[2012/08/15 22:38:48 | 000,033,348 | ---- | M] () -- C:\Users\Wayne\Desktop\0815121944.jpg
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/12 22:50:21 | 000,294,216 | ---- | C] () -- C:\Users\Wayne\Desktop\gmer.zip
[2012/09/12 12:20:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/09/12 12:20:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/09/12 12:20:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/09/12 12:20:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/09/12 12:20:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/09/12 07:12:01 | 000,512,399 | ---- | C] () -- C:\Users\Wayne\Desktop\adwcleaner.exe
[2012/09/12 07:09:06 | 001,378,816 | ---- | C] () -- C:\Users\Wayne\Desktop\RogueKiller.exe
[2012/09/11 18:20:25 | 000,000,350 | -H-- | C] () -- C:\Windows\tasks\avast! Emergency Update.job
[2012/09/08 09:38:10 | 000,000,274 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{1B619010-4F83-4A6F-8F1F-328EC1921A69}.job
[2012/09/04 22:52:50 | 000,140,489 | ---- | C] () -- C:\Users\Wayne\Desktop\Frontier.com Bill Payment.pdf
[2012/09/04 22:50:48 | 000,135,119 | ---- | C] () -- C:\Users\Wayne\Desktop\Verizon Wireless - Pay Bill Confirmation.pdf
[2012/09/04 22:47:23 | 000,096,806 | ---- | C] () -- C:\Users\Wayne\Desktop\Make a Payment - Payment Confirmation.pdf
[2012/09/04 22:45:37 | 000,088,805 | ---- | C] () -- C:\Users\Wayne\Desktop\DIRECTV.pdf
[2012/09/02 14:46:50 | 000,002,041 | ---- | C] () -- C:\Users\Wayne\Application Data\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk
[2012/08/19 17:30:39 | 000,029,508 | ---- | C] () -- C:\Users\Wayne\Desktop\0816122055a.jpg
[2012/08/19 17:30:32 | 000,021,316 | ---- | C] () -- C:\Users\Wayne\Desktop\0816122056a.jpg
[2012/08/19 17:30:20 | 000,030,596 | ---- | C] () -- C:\Users\Wayne\Desktop\0816122055.jpg
[2012/08/15 22:39:03 | 000,031,812 | ---- | C] () -- C:\Users\Wayne\Desktop\0815121944a.jpg
[2012/08/15 22:38:48 | 000,033,348 | ---- | C] () -- C:\Users\Wayne\Desktop\0815121944.jpg
[2012/04/01 14:08:36 | 000,014,119 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat
[2012/02/25 14:14:35 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/02/24 08:33:37 | 000,002,427 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011/12/11 11:41:54 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/12/11 11:41:54 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011/12/11 11:41:53 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/10/24 23:31:21 | 000,774,388 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/13 09:33:18 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/05/10 12:57:12 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/05/10 12:57:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== LOP Check ==========

[2012/03/16 08:22:18 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Blio
[2011/10/23 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Downloaded Installations
[2012/02/10 00:13:38 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\funkitron
[2012/09/05 22:36:45 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Nitro PDF
[2012/09/08 07:54:09 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\SoftGrid Client
[2011/10/22 12:44:52 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Synaptics
[2011/11/30 17:07:39 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\SystemRequirementsLab
[2011/10/24 23:31:59 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\TP
[2012/06/03 22:36:22 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\WildTangent
[2011/10/23 22:12:51 | 000,000,000 | ---D | M] -- C:\Users\Wayne\AppData\Roaming\Windows Live Writer
[2012/09/11 18:20:25 | 000,000,350 | -H-- | M] () -- C:\Windows\Tasks\avast! Emergency Update.job
[2012/09/10 23:07:05 | 000,032,614 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/08 09:38:10 | 000,000,274 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{1B619010-4F83-4A6F-8F1F-328EC1921A69}.job

========== Purity Check ==========



< End of report >



  • 0

#24
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now. We just want to run it on demand.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.


Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



Step 2.

Run ESET Online Scan

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 3.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 4.

Please post:


mbam log
eset log
security check log


Please give me an update on how your computer is doing!
  • 1

#25
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
sorry for the delay in responding. I was out of town.

The computer is responding very well.
There was nothing found when I ran the eset program. It did not create a log. Here are the other two.

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.13.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wayne :: WAYNE-HP [administrator]

9/13/2012 7:29:06 AM
mbam-log-2012-09-13 (07-29-06).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 225605
Time elapsed: 4 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


Results of screen317's Security Check version 0.99.50
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
Java™ 6 Update 35
Java version out of Date!
Adobe Flash Player 11.4.402.265
Adobe Reader X (10.1.4)
Mozilla Firefox (15.0.1)
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````


  • 0

Advertisements


#26
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Clear the Java Cache by following the instructions here


Step 2.

Update Java

Please download JavaRa to your desktop and unzip it to its own folder

Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
Accept any prompts.
Open JavaRa.exe again and select Search For Updates.
Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.


Step 3.

Please let me know when you have completed the update and give me an update on computer performance!
  • 1

#27
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
Java installed. Appears to be running correctly. Very pleased. :thumbsup:
  • 0

#28
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Make sure Avast! On access scanning is enabled.

Now the good news!

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Your log now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the Cleanup button. It will remove all the programs we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 1

#29
wpr

wpr

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 104 posts
ran programs and downloaded all the last items.

do I need both Avast and Malwarebytes? I thought having two programs would cause a conflict on my computer. What about Defender. Doesn't that come with the computer? Isn't that 3 virus protection programs? I have always been reluctant to do new things as I don't want to cause new issues.

The a firewall. I thought that was something that come with the computer.

I'll check back in tomorrow night and let you know how it doing. I really do appreciate your assistance.
  • 0

#30
CompCav

CompCav

    Member 5k

  • Expert
  • 12,454 posts

do I need both Avast and Malwarebytes?

Yes Avast is antivirus and MalwareBytes' is antispyware they coexist very well.

What about Defender. Doesn't that come with the computer? Isn't that 3 virus protection programs?

Defender is turned off on many machines when the AV installs.

The a firewall. I thought that was something that come with the computer.

Yes you have one and do not need the added one.


Regards,

CompCav
  • 1






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP