Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer moving real slow lately [Closed]

Started by dch1314 , Oct 08 2012 07:34 AM

This topic is locked

#1
dch1314

Posted 08 October 2012 - 07:34 AM

Member

Member
238 posts

For some reason, my laptop has been moving very slow lately. I ran scanned on MBAM and it found 4 viruses, but I removed them all. However, it has still been going slow, what do I do?

#2
dch1314

Posted 08 October 2012 - 06:58 PM

Member

Topic Starter
Member
238 posts

help

#3
blmadara

Posted 10 October 2012 - 10:34 AM

Trusted Helper

Malware Removal
767 posts

Hi dch1314, welcome to Geeks to Go. My name is blmadara and I will be helping you with your problems. Please be patient with me as I am still in training and my responses will have to be reviewed by an expert before I can post them.

I'd like to go over some things that will help both of us.

Read each of my posts entirely before performing my instructions. It would be helpful if you printed my instructions so you can read and check the steps as you perform them.
Follow the steps exactly in the order posted.
Please don't be afraid to ask questions. If you don't understand something, let me know before continuing.
If you can't perform a certain step, or you're unsure about what to do, please stop and let me know.
It is very important that you stay with me until the end so we make sure that we have removed all the bad stuff.
Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.
Finally, never fix anything using other programs on your own. This can hinder my ability to see what is wrong with your computer and make it harder to clean your computer.

Step One: Run OTL Custom Scan

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

Under the Custom Scans/Fixes box at the bottom, paste in the following

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
qmgr.dll
consrv.dll
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemdrive%\$Recycle.Bin|@;true;true;true /fp 
C:\Windows\assembly\tmp\U\*.* /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
CREATERESTOREPOINT

Please select the Scan All Users checkbox.
Under Extra Registry heading, select Use Safelist.
Select LOP Check and Purity Check.
Then click the Run Scan button at the top
Let the program run unhindered, until it is done
Post the log it produces in your next reply.

Step Two: Run aswMBR

Download aswMBR.exe to your desktop.

Double click aswMBR.exe to run it.
When asked if you want to download Avast's virus definitions please select, No.
Click Scan to start the scan.
When the scan ends click Save Log and save it to your desktop.
Post the log in your next reply.

Step Three: Post the MBAM report

Run MBAM.
Click on the logs tab.
Select the scan that detected the 4 problems.
Copy & Paste the entire report in your next reply.

Step Four: Computer Symptoms

Please let me know what problems you are having with your computer.

What I need in your next post:
1. The reports from the OTL scan, OTL.txt and Extras.txt.
2. The log produced by aswMBR.exe.
3. The MBAM report.
4. Let me know what problems you are having with yout computer.

#4
dch1314

Posted 11 October 2012 - 09:13 AM

Member

Topic Starter
Member
238 posts

Twice while attempting to run aswMBR (midway through scan) I got the blue screen error. Never seen that before

However, I have attached the scans from OTL and MBAM. I don't want to do aswMBR again, since it seems like it would be a waste since it's giving me blue screen error.

My main problems is just that the computer sometimes move very slow and freeze for no apparent reason.

OTL logfile created on: 10/11/2012 8:21:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\chucky\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.86 Gb Total Physical Memory | 0.30 Gb Available Physical Memory | 16.04% Memory free
4.24 Gb Paging File | 1.10 Gb Available in Paging File | 25.95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.47 Gb Total Space | 210.95 Gb Free Space | 75.48% Space Free | Partition Type: NTFS
Drive D: | 14.46 Gb Total Space | 1.61 Gb Free Space | 11.12% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.33% Space Free | Partition Type: FAT32

Computer Name: CHUCKY-HP | User Name: chucky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/11 08:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
PRC - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/08/21 04:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/08/21 04:12:23 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/08/08 20:53:14 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012/01/03 16:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/01 17:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/28 04:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/06/14 17:11:46 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/06/07 08:40:32 | 005,728,072 | ---- | M] () -- C:\Program Files (x86)\LivePerson\hc.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/30 22:44:00 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/30 22:43:00 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/27 18:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 20:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/10 05:06:15 | 000,460,312 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012/10/10 05:06:13 | 012,435,992 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012/10/10 05:06:12 | 004,005,912 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012/10/10 05:04:57 | 000,578,072 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012/10/10 05:04:55 | 000,123,928 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012/10/10 05:04:44 | 000,156,712 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012/10/10 05:04:43 | 000,275,496 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012/10/10 05:04:42 | 002,168,360 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012/06/16 10:48:49 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012/06/16 08:21:43 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/16 08:20:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/16 08:20:29 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/18 12:58:24 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/11 08:21:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 08:20:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 08:19:53 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 08:19:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 08:19:47 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 08:19:38 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/23 21:09:35 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011/06/07 08:40:32 | 005,728,072 | ---- | M] () -- C:\Program Files (x86)\LivePerson\hc.exe
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/07/20 19:09:24 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\LivePerson\zlib1.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/08/21 04:12:23 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/02/17 00:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 20:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/08 17:11:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/08 20:53:14 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/09/01 17:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/06/14 17:11:46 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/30 22:44:00 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/30 22:43:00 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/27 18:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/08/21 04:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 04:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 04:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 04:13:12 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012/08/21 04:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 04:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 04:13:11 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012/08/21 04:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/08/21 04:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/06/27 15:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012/06/06 08:28:54 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012/06/01 07:31:54 | 001,863,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2012/05/20 16:06:34 | 000,006,784 | ---- | M] (DataWizard Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Extegrity\Exam4\Sockblkd.sys -- (Sockblkd)
DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/07/12 22:06:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/12 22:06:46 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/05 02:16:00 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/15 13:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/30 22:46:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/13 20:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - homepage: http://google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\chucky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Edit This Cookie = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.1.23_0\
CHR - Extension: Premium Cookie Injector (Multi-Server) = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hglhnookgghcefjamdoakhhfamnhodpd\1.4_0\
CHR - Extension: avast! WebRep = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Dropbox = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.2_0\
CHR - Extension: Google Mail Checker = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\

O1 HOSTS File: ([2009/06/10 16:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\chucky\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\chucky\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon: AllowMultipleTSSessions = 1
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9:64bit: - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\chucky\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\chucky\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {26EA04AA-50C9-4AD0-8037-951140AFE389} http://autoconnect.l...der_activex.ocx (xc_loader_activex.cntMain)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ED130EF-67C5-4492-8DF5-5485BD17CE67}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/11 08:19:53 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\chucky\Desktop\aswMBR.exe
[2012/10/11 08:19:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
[2012/10/08 17:08:37 | 009,575,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/10/04 21:26:42 | 000,000,000 | ---D | C] -- C:\Users\chucky\AppData\Local\ElevatedDiagnostics
[2012/09/23 08:11:08 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/09/23 08:11:08 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/09/23 08:11:06 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/09/23 08:11:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/09/23 08:11:05 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/09/23 08:11:05 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/09/23 08:11:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/09/23 08:11:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/09/23 08:11:01 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/09/23 08:11:01 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/09/23 08:11:00 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/09/23 08:10:59 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/09/23 08:10:54 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/09/23 08:10:53 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/09/23 08:10:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/09/21 19:28:01 | 000,000,000 | ---D | C] -- C:\Users\chucky\AppData\Local\{7A25F2DE-E084-4D1C-BB84-6BB8AD9BB490}
[2012/09/12 19:11:50 | 000,000,000 | ---D | C] -- C:\Users\chucky\AppData\Local\{3372C01E-B23C-4A5F-A19F-32F1BE293853}
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\chucky\Documents\*.tmp files -> C:\Users\chucky\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/11 08:31:42 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/11 08:20:07 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\chucky\Desktop\aswMBR.exe
[2012/10/11 08:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
[2012/10/11 08:12:03 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000UA.job
[2012/10/10 18:37:08 | 000,002,489 | ---- | M] () -- C:\Users\chucky\Desktop\Google Chrome.lnk
[2012/10/10 13:40:56 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000Core.job
[2012/10/10 08:25:24 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/10 08:25:24 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/10 08:10:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/10 08:10:37 | 1494,110,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/08 17:11:12 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/10/08 17:11:11 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/10/08 17:08:44 | 009,575,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/10/08 07:15:57 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/07 12:30:13 | 371,699,003 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/05 10:08:39 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForCHUCKY-HP$.job
[2012/10/02 07:47:23 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/02 07:47:23 | 000,624,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/02 07:47:23 | 000,106,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/30 08:53:41 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/25 07:47:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForchucky.job
[2012/09/19 10:07:10 | 003,243,975 | ---- | M] () -- C:\Users\chucky\Documents\NOOOOO.gif
[2012/09/12 11:58:40 | 000,095,617 | ---- | M] () -- C:\Users\chucky\Documents\dbresume.pdf
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\chucky\Documents\*.tmp files -> C:\Users\chucky\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/08 07:15:55 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/07 12:30:13 | 371,699,003 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/09/28 06:05:58 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForCHUCKY-HP$.job
[2012/09/25 00:02:11 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForchucky.job
[2012/09/19 10:07:47 | 003,243,975 | ---- | C] () -- C:\Users\chucky\Documents\NOOOOO.gif
[2012/09/12 11:58:36 | 000,095,617 | ---- | C] () -- C:\Users\chucky\Documents\dbresume.pdf
[2012/09/03 18:49:35 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/13 09:17:33 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012/08/13 09:17:33 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012/08/13 09:17:32 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012/08/13 09:17:32 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012/08/13 09:17:32 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012/08/13 09:10:20 | 000,000,000 | ---- | C] () -- C:\Users\chucky\format
[2012/06/01 07:31:34 | 000,026,024 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/03/21 11:49:23 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/09 21:17:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/05/13 09:33:18 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/04/04 23:07:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/18 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Auslogics
[2012/08/15 20:29:25 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Downloaded Installations
[2012/10/04 11:16:12 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Dropbox
[2012/07/27 09:12:21 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\NavNet Solutions
[2012/08/15 20:40:14 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Nitro PDF
[2012/09/04 12:47:53 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\SoftGrid Client
[2012/04/12 23:34:34 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Speckie
[2012/04/08 00:00:44 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Synaptics
[2012/09/03 18:51:34 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\TP
[2012/05/10 10:45:59 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Windows Live Writer
[2012/04/07 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Xerox
[2012/08/28 14:40:51 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\.minecraft
[2012/09/03 21:43:35 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\SoftGrid Client
[2012/05/04 18:19:43 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Synaptics
[2012/09/03 19:55:31 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Xerox

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2011/07/12 22:04:48 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/07/12 22:04:48 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/07/12 22:04:48 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/07/12 22:04:48 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 22:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/07/12 22:04:48 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/07/12 22:04:48 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/20 22:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: QMGR.DLL >
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\SysNative\qmgr.dll
[2010/11/20 22:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) MD5=1EA7969E3271CBC59E1730697DC74682 -- C:\Windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll

< MD5 for: SERVICES >
[2009/06/10 16:00:26 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\services

< MD5 for: SERVICES.ASFX >
[2012/04/04 00:54:08 | 000,002,637 | ---- | M] () MD5=016DFC4F3F133AE19338EECD1924886A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ro_RO\Services\Services.asfx
[2012/04/04 00:54:08 | 000,002,970 | ---- | M] () MD5=05A68D76420994EF8DF33184BFA98E04 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\uk_UA\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,555 | ---- | M] () MD5=272301585AC133486E70228DA27659AC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_TW\Services\Services.asfx
[2012/04/04 00:54:02 | 000,002,562 | ---- | M] () MD5=27CE9BD3209B549BB776B8C877455A91 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nb_NO\Services\Services.asfx
[2012/04/04 00:54:02 | 000,002,632 | ---- | M] () MD5=2998A4AE8D0EF5122CCB985CF7E9D9D3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ko_KR\Services\Services.asfx
[2012/04/04 00:54:02 | 000,002,545 | ---- | M] () MD5=2EEC9DDBD0B4EE5F65532322C383938A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\zh_CN\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,629 | ---- | M] () MD5=3A0082D76426A87FB4937D426C491C10 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\cs_CZ\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,590 | ---- | M] () MD5=448953BD0CF26CE03D9E7CC1A7B278BC -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\tr_TR\Services\Services.asfx
[2012/04/04 00:53:58 | 000,002,605 | ---- | M] () MD5=5A2C5D0DA3EAAB2AA77F16947D0E14FF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\it_IT\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,679 | ---- | M] () MD5=5DD2704563A6A79C466E44CD966B2655 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hu_HU\Services\Services.asfx
[2012/04/04 00:53:56 | 000,002,711 | ---- | M] () MD5=6B0E7B068BD530B8FCEBC04CC8844AA9 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ja_JP\Services\Services.asfx
[2012/04/04 00:54:08 | 000,002,582 | ---- | M] () MD5=797FC263D59784AD1498560C34FA7DA1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sl_SI\Services\Services.asfx
[2012/04/04 00:53:56 | 000,002,626 | ---- | M] () MD5=8073B18DC740B965256CE0957E363AC5 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fr_FR\Services\Services.asfx
[2012/04/04 00:54:02 | 000,002,634 | ---- | M] () MD5=912DD5C0C7C8D7572AD598414D56E24A -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pt_BR\Services\Services.asfx
[2012/04/04 00:53:56 | 000,002,655 | ---- | M] () MD5=ABFBB9D0398492D849690C344C1316BB -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\de_DE\Services\Services.asfx
[2012/04/04 00:54:08 | 000,002,638 | ---- | M] () MD5=C2C37202B0E55877A64ADDBDE738284E -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sk_SK\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,589 | ---- | M] () MD5=C313AD3602D4965A1918E86B9F3E84CF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\pl_PL\Services\Services.asfx
[2012/04/04 00:54:10 | 000,002,609 | ---- | M] () MD5=C7FA88C21103C70826F274A0E865AEDF -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ca_ES\Services\Services.asfx
[2012/04/04 00:54:10 | 000,002,576 | ---- | M] () MD5=D27D52045EB6A2EE031F7D2EA0349BC3 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\eu_ES\Services\Services.asfx
[2012/04/04 00:54:02 | 000,002,560 | ---- | M] () MD5=D5642B1BFE0A70231D14C11D3D3FD60D -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\da_DK\Services\Services.asfx
[2012/04/04 00:54:08 | 000,002,588 | ---- | M] () MD5=DB216743CDE75637621E2FD39431BBD4 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\hr_HR\Services\Services.asfx
[2012/04/04 00:53:58 | 000,002,620 | ---- | M] () MD5=DCF7A8843832327386B81ABD189AC236 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\es_ES\Services\Services.asfx
[2012/04/04 00:54:04 | 000,002,997 | ---- | M] () MD5=DD3F4DAF426555D8D85FF4D7C5A04F37 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\ru_RU\Services\Services.asfx
[2010/11/15 23:02:32 | 000,000,228 | R--- | M] () MD5=E09422BE0C7636A7B63A1527C4C1372D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx
[2012/04/04 00:54:02 | 000,002,599 | ---- | M] () MD5=F09D769A94767C3C7E7015A5C6C99A39 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\fi_FI\Services\Services.asfx
[2012/04/04 00:53:58 | 000,002,628 | ---- | M] () MD5=F844D742DB53C7D671BF7ED6517414D1 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\nl_NL\Services\Services.asfx
[2012/04/04 00:53:58 | 000,002,582 | ---- | M] () MD5=FED4BDA3B6A9EB9DB59C254D8C987495 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Locale\sv_SE\Services\Services.asfx

< MD5 for: SERVICES.ASFX1 >
[2010/11/15 23:02:32 | 000,000,228 | R--- | M] () MD5=A7B7A4CC1A717292474115CD3A4AC121 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx1

< MD5 for: SERVICES.ASFX10 >
[2010/11/15 23:02:34 | 000,000,233 | R--- | M] () MD5=3382FAB54FC906B0E40269D903A8D690 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx10

< MD5 for: SERVICES.ASFX11 >
[2010/11/15 23:02:26 | 000,000,227 | R--- | M] () MD5=F36865AB3B9813962B7EDBE66FA1C28A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx11

< MD5 for: SERVICES.ASFX12 >
[2010/11/15 23:02:30 | 000,000,225 | R--- | M] () MD5=9287C7268CC0F37F1DDE18CEBB128685 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx12

< MD5 for: SERVICES.ASFX13 >
[2010/11/15 23:02:30 | 000,000,228 | R--- | M] () MD5=95326C46AC2654AFF5C8543DFE22CCB3 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx13

< MD5 for: SERVICES.ASFX14 >
[2010/11/15 23:02:26 | 000,000,228 | R--- | M] () MD5=14DA84ECAF57B5ADA36B9093FF04CF32 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx14

< MD5 for: SERVICES.ASFX15 >
[2010/11/15 23:02:26 | 000,000,231 | R--- | M] () MD5=CF94F061685A38BABE0BBD463191EDE7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx15

< MD5 for: SERVICES.ASFX16 >
[2010/11/15 23:02:34 | 000,000,232 | R--- | M] () MD5=B6E63D87C73CED2D6B433C542C5C3965 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx16

< MD5 for: SERVICES.ASFX17 >
[2010/11/15 23:02:34 | 000,000,230 | R--- | M] () MD5=545E97C4F4CEA743A8D86B685EE2EDBB -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx17

< MD5 for: SERVICES.ASFX18 >
[2010/11/15 23:02:24 | 000,000,230 | R--- | M] () MD5=2577B66F38E0DEA25F328DA4A0FED322 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx18

< MD5 for: SERVICES.ASFX19 >
[2010/11/15 23:02:26 | 000,000,225 | R--- | M] () MD5=0A27F1D6595A69800A43CDE155B1E4A0 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx19

< MD5 for: SERVICES.ASFX2 >
[2010/11/15 23:02:36 | 000,000,264 | R--- | M] () MD5=0652D24D4E2799851A6DF1705E2BFFDA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx2

< MD5 for: SERVICES.ASFX20 >
[2010/11/15 23:02:38 | 000,000,231 | R--- | M] () MD5=C85F2519DC6AECF93F67AA613A320136 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx20

< MD5 for: SERVICES.ASFX21 >
[2010/11/15 23:02:26 | 000,000,231 | R--- | M] () MD5=8C95C0528EA7049A1DFC7A7342461D75 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx21

< MD5 for: SERVICES.ASFX22 >
[2010/11/15 23:02:24 | 000,000,231 | R--- | M] () MD5=9F2731666F5771CC5C1E4EEDC8FB8607 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx22

< MD5 for: SERVICES.ASFX23 >
[2010/11/15 23:02:26 | 000,000,225 | R--- | M] () MD5=0E89BE53F56B22390CF61584B649CE01 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx23

< MD5 for: SERVICES.ASFX24 >
[2010/11/15 23:02:32 | 000,000,229 | R--- | M] () MD5=E57594DB9B9D78AB4B53D34CAFEB8497 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx24

< MD5 for: SERVICES.ASFX25 >
[2010/11/15 23:02:36 | 000,000,232 | R--- | M] () MD5=611CB9CC21D2DDAD711690671F70EF39 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx25

< MD5 for: SERVICES.ASFX3 >
[2010/11/15 23:02:34 | 000,000,229 | R--- | M] () MD5=F9824728970AC8199BABDC9CBA5E038C -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx3

< MD5 for: SERVICES.ASFX4 >
[2010/11/15 23:02:26 | 000,000,226 | R--- | M] () MD5=55EA57D90AE22BDF0132597EF0D7C9C7 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx4

< MD5 for: SERVICES.ASFX5 >
[2010/11/15 23:02:34 | 000,000,233 | R--- | M] () MD5=846C265B751189E88B74F0155DB6B828 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx5

< MD5 for: SERVICES.ASFX6 >
[2010/11/15 23:02:36 | 000,000,231 | R--- | M] () MD5=89BD37C4118540FD5AA8CDD0C24D6C0A -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx6

< MD5 for: SERVICES.ASFX7 >
[2010/11/15 23:02:34 | 000,000,245 | R--- | M] () MD5=0B82FAB8FF5F988C5311DF1144A7D740 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx7

< MD5 for: SERVICES.ASFX8 >
[2010/11/15 23:02:34 | 000,000,231 | R--- | M] () MD5=5226417D3C8206000A8983BDC1243075 -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx8

< MD5 for: SERVICES.ASFX9 >
[2010/11/15 23:02:30 | 000,000,234 | R--- | M] () MD5=EBD8D036504F2935675F5F432F076DBA -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.asfx9

< MD5 for: SERVICES.CFG >
[2012/07/27 15:51:34 | 000,586,083 | ---- | M] () MD5=6DE4EA437EC1FE6DB27CADB0A7EA8DC2 -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2010/11/15 23:02:22 | 000,032,633 | R--- | M] () MD5=EA1C35DD541D60819D55482130BD585D -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744AA0000000010\10.0.0\services.cfg

< MD5 for: SERVICES.EXE >
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 20:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\SysNative\en-US\services.exe.mui
[2010/11/21 02:06:16 | 000,017,408 | ---- | M] (Microsoft Corporation) MD5=6507BF0DC2D1F5F32493C288EAA59277 -- C:\Windows\winsxs\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.1.7600.16385_en-us_c5f238be3fa63468\services.exe.mui

< MD5 for: SERVICES.LNK >
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2009/07/13 23:54:05 | 000,001,288 | ---- | M] () MD5=CA0D9F4743DFF86EBAF09D763139E958 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
[2009/06/10 15:44:06 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.mof

< MD5 for: SERVICES.MSC >
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\en-US\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysNative\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\en-US\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\SysWOW64\services.msc
[2010/11/21 02:06:14 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_003408aa160fce5b\services.msc
[2009/06/10 15:38:36 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_2b58d44b5f6beb8a\services.msc
[2010/11/21 02:06:17 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.1.7600.16385_en-us_a4156d265db25d25\services.msc
[2009/06/10 16:21:09 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.1.7600.16385_none_cf3a38c7a70e7a54\services.msc

< MD5 for: SERVICES.PTXML >
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
[2009/07/13 15:16:17 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\Services.ptxml

< MD5 for: SVCHOST.EXE >
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 20:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 22:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/20 22:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/20 22:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >

< C:\Windows\assembly\tmp\U\*.* /s >
[2009/07/14 00:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 00:08:49 | 000,032,624 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/04/08 19:22:18 | 000,000,860 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000Core.job
[2012/04/08 19:22:24 | 000,000,912 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000UA.job
[2012/07/27 07:39:42 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012/09/25 00:02:11 | 000,000,336 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForchucky.job
[2012/09/28 06:05:58 | 000,000,344 | ---- | C] () -- C:\Windows\Tasks\HPCeeScheduleForCHUCKY-HP$.job

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >
"DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
"ImagePath" = %SystemRoot%\System32\svchost.exe -k netsvcs -- [2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\qmgr.dll,-1001
"ObjectName" = LocalSystem
"ErrorControl" = 1
"Start" = 2
"DelayedAutoStart" = 1
"Type" = 32
"DependOnService" = RpcSsEventSystem [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeCreateGlobalPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
"ServiceDll" = %SystemRoot%\System32\qmgr.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
"Library" = bitsperf.dll -- [2010/11/20 22:24:01 | 000,019,456 | ---- | M] (Microsoft Corporation)
"Open" = PerfMon_Open
"Collect" = PerfMon_Collect
"Close" = PerfMon_Close
"InstallType" = 1
"PerfIniFile" = bitsctrs.ini
"First Counter" = 2156
"Last Counter" = 2172
"First Help" = 2157
"Last Help" = 2173
"Object List" = 2156
"PerfMMFileName" = Global\MMF_BITS_s
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
"Security" = 01 00 14 80 90 00 00 00 A0 00 00 00 14 00 00 00 34 00 00 00 02 00 20 00 01 00 00 00 02 C0 18 00 00 00 0C 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 5C 00 04 00 00 00 00 02 14 00 FF 01 0F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 [Binary data over 200 bytes]

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

< type c:\diskreport.txt /c >
Microsoft DiskPart version 6.1.7601
Copyright © 1999-2008 Microsoft Corporation.
On computer: CHUCKY-HP
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F DVD-ROM 0 B No Media
Volume 1 SYSTEM NTFS Partition 199 MB Healthy System
Volume 2 C NTFS Partition 279 GB Healthy Boot
Volume 3 D Recovery NTFS Partition 14 GB Healthy
Volume 4 E HP_TOOLS FAT32 Partition 4063 MB Healthy

< End of report >

Attached Files

Extras.Txt 82.18KB 79 downloads
OTL.Txt 149.78KB 43 downloads
mbam-log-2012-09-30 (10-49-58).txt 3KB 48 downloads

#5
blmadara

Posted 12 October 2012 - 03:43 PM

Trusted Helper

Malware Removal
767 posts

Hi dch1314, it's easier for me to view the logs when they are posted, not attached. Please only attach them if I request it.

Step One: OTL Fix

Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.

Right-click OTL and select Run as administrator.

Under the Custom Scans/Fixes box at the bottom, paste in the following - do not copy the word, quote.

:OTL
O2 - BHO: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\chucky\Documents\*.tmp files -> C:\Users\chucky\Documents\*.tmp -> ]

:Files
ipconfig /flushdns /c

:Commands
[resethosts]
[emptytemp]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done, and post the log it produces in your next reply.

Step Two: TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Right-click on TDSSKiller.exe and select Run as administrator to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

What I need in your next post:
1. The OTL log.
2. The TDSSKiller log, C:\TDSSKiller.[Version]_[Date]_[Time]_log.txt

#6
dch1314

Posted 13 October 2012 - 07:00 AM

Member

Topic Starter
Member
238 posts

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-3884020555-285224058-3069529385-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Registry value HKEY_USERS\S-1-5-21-3884020555-285224058-3069529385-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files (x86)\Ask.com\Updater\Updater.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ROC_roc_ssl_v12 not found.
Registry value HKEY_USERS\S-1-5-21-3884020555-285224058-3069529385-1000\Software\Microsoft\Windows\CurrentVersion\Run\\RESTART_STICKY_NOTES not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
File/Folder C:\Windows\SysWow64\*.tmp not found.
File/Folder C:\Users\chucky\Documents\*.tmp not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\chucky\Desktop\cmd.bat deleted successfully.
C:\Users\chucky\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: ABJR

User: All Users

User: chucky
->Temp folder emptied: 712001 bytes
->Temporary Internet Files folder emptied: 52451826 bytes
->Java cache emptied: 182135 bytes
->Google Chrome cache emptied: 386007468 bytes
->Flash cache emptied: 531 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 12493317 bytes
->Temporary Internet Files folder emptied: 185308036 bytes
->Java cache emptied: 350940 bytes
->Flash cache emptied: 7264 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 212264099 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50467 bytes
RecycleBin emptied: 3196149 bytes

Total Files Cleaned = 814.00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 10132012_074008

Files\Folders moved on Reboot...
C:\Users\chucky\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

-----

07:53:08.0863 3712 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
07:53:09.0487 3712 ============================================================
07:53:09.0487 3712 Current date / time: 2012/10/13 07:53:09.0487
07:53:09.0487 3712 SystemInfo:
07:53:09.0487 3712
07:53:09.0534 3712 OS Version: 6.1.7601 ServicePack: 1.0
07:53:09.0534 3712 Product type: Workstation
07:53:09.0534 3712 ComputerName: CHUCKY-HP
07:53:09.0549 3712 UserName: chucky
07:53:09.0549 3712 Windows directory: C:\Windows
07:53:09.0549 3712 System windows directory: C:\Windows
07:53:09.0549 3712 Running under WOW64
07:53:09.0549 3712 Processor architecture: Intel x64
07:53:09.0549 3712 Number of processors: 2
07:53:09.0549 3712 Page size: 0x1000
07:53:09.0549 3712 Boot type: Normal boot
07:53:09.0549 3712 ============================================================
07:53:09.0612 3712 BG loaded
07:53:10.0329 3712 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:53:10.0329 3712 ============================================================
07:53:10.0329 3712 \Device\Harddisk0\DR0:
07:53:10.0329 3712 MBR partitions:
07:53:10.0329 3712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
07:53:10.0329 3712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22EF1000
07:53:10.0329 3712 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22F55000, BlocksNum 0x1CE9800
07:53:10.0329 3712 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24C3E800, BlocksNum 0x7EFAB0
07:53:10.0329 3712 ============================================================
07:53:10.0392 3712 C: <-> \Device\Harddisk0\DR0\Partition2
07:53:11.0499 3712 D: <-> \Device\Harddisk0\DR0\Partition3
07:53:11.0562 3712 E: <-> \Device\Harddisk0\DR0\Partition4
07:53:11.0562 3712 ============================================================
07:53:11.0593 3712 Initialize success
07:53:11.0593 3712 ============================================================
07:55:25.0719 0492 ============================================================
07:55:25.0719 0492 Scan started
07:55:25.0719 0492 Mode: Manual; SigCheck; TDLFS;
07:55:25.0719 0492 ============================================================
07:55:28.0090 0492 ================ Scan system memory ========================
07:55:28.0090 0492 System memory - ok
07:55:28.0090 0492 ================ Scan services =============================
07:55:28.0402 0492 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:55:28.0574 0492 1394ohci - ok
07:55:28.0636 0492 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:55:28.0667 0492 ACPI - ok
07:55:28.0714 0492 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:55:28.0917 0492 AcpiPmi - ok
07:55:29.0276 0492 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:55:29.0307 0492 AdobeARMservice - ok
07:55:29.0541 0492 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:55:29.0556 0492 AdobeFlashPlayerUpdateSvc - ok
07:55:29.0666 0492 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:55:29.0697 0492 adp94xx - ok
07:55:29.0853 0492 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:55:29.0900 0492 adpahci - ok
07:55:29.0931 0492 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:55:29.0962 0492 adpu320 - ok
07:55:30.0040 0492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:55:30.0352 0492 AeLookupSvc - ok
07:55:30.0508 0492 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
07:55:30.0539 0492 AERTFilters - ok
07:55:30.0664 0492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
07:55:30.0789 0492 AFD - ok
07:55:30.0851 0492 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
07:55:30.0898 0492 agp440 - ok
07:55:30.0945 0492 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
07:55:31.0054 0492 ALG - ok
07:55:31.0116 0492 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
07:55:31.0148 0492 aliide - ok
07:55:31.0194 0492 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
07:55:31.0226 0492 amdide - ok
07:55:31.0304 0492 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:55:31.0366 0492 AmdK8 - ok
07:55:31.0397 0492 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:55:31.0444 0492 AmdPPM - ok
07:55:31.0506 0492 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:55:31.0553 0492 amdsata - ok
07:55:31.0616 0492 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:55:31.0662 0492 amdsbs - ok
07:55:31.0694 0492 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:55:31.0725 0492 amdxata - ok
07:55:31.0787 0492 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
07:55:32.0006 0492 AppID - ok
07:55:32.0021 0492 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:55:32.0115 0492 AppIDSvc - ok
07:55:32.0146 0492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
07:55:32.0208 0492 Appinfo - ok
07:55:32.0255 0492 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
07:55:32.0286 0492 arc - ok
07:55:32.0333 0492 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:55:32.0364 0492 arcsas - ok
07:55:32.0411 0492 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
07:55:32.0458 0492 aswFsBlk - ok
07:55:32.0552 0492 [ 7B922B13ACFF9E4FBA24A6EACC417B78 ] aswFW C:\Windows\system32\drivers\aswFW.sys
07:55:32.0583 0492 aswFW - ok
07:55:32.0661 0492 [ F146F83E8F7AC22BD011D5942E4C155C ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
07:55:32.0692 0492 aswKbd - ok
07:55:32.0739 0492 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
07:55:32.0770 0492 aswMonFlt - ok
07:55:32.0832 0492 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
07:55:32.0848 0492 aswNdis - ok
07:55:32.0879 0492 [ 5693F48725D83510C5C2A60DB4137D85 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
07:55:32.0910 0492 aswNdis2 - ok
07:55:32.0942 0492 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
07:55:32.0957 0492 aswRdr - ok
07:55:33.0004 0492 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
07:55:33.0066 0492 aswSnx - ok
07:55:33.0082 0492 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
07:55:33.0113 0492 aswSP - ok
07:55:33.0129 0492 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
07:55:33.0144 0492 aswTdi - ok
07:55:33.0191 0492 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:55:33.0285 0492 AsyncMac - ok
07:55:33.0316 0492 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
07:55:33.0347 0492 atapi - ok
07:55:33.0425 0492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:55:33.0534 0492 AudioEndpointBuilder - ok
07:55:33.0550 0492 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:55:33.0612 0492 AudioSrv - ok
07:55:33.0706 0492 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:55:33.0737 0492 avast! Antivirus - ok
07:55:33.0815 0492 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
07:55:33.0846 0492 avast! Firewall - ok
07:55:33.0893 0492 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:55:34.0002 0492 AxInstSV - ok
07:55:34.0080 0492 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:55:34.0158 0492 b06bdrv - ok
07:55:34.0221 0492 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:55:34.0283 0492 b57nd60a - ok
07:55:34.0361 0492 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
07:55:34.0408 0492 BBSvc - ok
07:55:34.0486 0492 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
07:55:34.0595 0492 BCM43XX - ok
07:55:34.0626 0492 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
07:55:34.0673 0492 BDESVC - ok
07:55:34.0720 0492 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
07:55:34.0798 0492 Beep - ok
07:55:34.0845 0492 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
07:55:34.0970 0492 BFE - ok
07:55:35.0032 0492 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
07:55:35.0126 0492 BITS - ok
07:55:35.0188 0492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
07:55:35.0219 0492 blbdrive - ok
07:55:35.0250 0492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:55:35.0313 0492 bowser - ok
07:55:35.0360 0492 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:55:35.0406 0492 BrFiltLo - ok
07:55:35.0438 0492 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:55:35.0469 0492 BrFiltUp - ok
07:55:35.0500 0492 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
07:55:35.0562 0492 Browser - ok
07:55:35.0594 0492 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:55:35.0656 0492 Brserid - ok
07:55:35.0672 0492 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:55:35.0718 0492 BrSerWdm - ok
07:55:35.0765 0492 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:55:35.0812 0492 BrUsbMdm - ok
07:55:35.0828 0492 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:55:35.0874 0492 BrUsbSer - ok
07:55:35.0937 0492 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:55:35.0984 0492 BTHMODEM - ok
07:55:36.0030 0492 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
07:55:36.0140 0492 bthserv - ok
07:55:36.0171 0492 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:55:36.0233 0492 cdfs - ok
07:55:36.0264 0492 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:55:36.0327 0492 cdrom - ok
07:55:36.0358 0492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
07:55:36.0467 0492 CertPropSvc - ok
07:55:36.0514 0492 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
07:55:36.0561 0492 circlass - ok
07:55:36.0592 0492 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
07:55:36.0639 0492 CLFS - ok
07:55:36.0717 0492 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:55:36.0748 0492 clr_optimization_v2.0.50727_32 - ok
07:55:36.0795 0492 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:55:36.0826 0492 clr_optimization_v2.0.50727_64 - ok
07:55:36.0935 0492 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:55:37.0029 0492 clr_optimization_v4.0.30319_32 - ok
07:55:37.0044 0492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:55:37.0076 0492 clr_optimization_v4.0.30319_64 - ok
07:55:37.0138 0492 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
07:55:37.0169 0492 clwvd - ok
07:55:37.0216 0492 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:55:37.0278 0492 CmBatt - ok
07:55:37.0294 0492 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:55:37.0325 0492 cmdide - ok
07:55:37.0372 0492 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
07:55:37.0512 0492 CNG - ok
07:55:37.0575 0492 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:55:37.0606 0492 Compbatt - ok
07:55:37.0622 0492 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
07:55:37.0684 0492 CompositeBus - ok
07:55:37.0715 0492 COMSysApp - ok
07:55:37.0762 0492 [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:55:37.0809 0492 cphs - ok
07:55:37.0824 0492 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:55:37.0856 0492 crcdisk - ok
07:55:37.0902 0492 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:55:37.0965 0492 CryptSvc - ok
07:55:38.0121 0492 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
07:55:38.0214 0492 cvhsvc - ok
07:55:38.0261 0492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:55:38.0339 0492 DcomLaunch - ok
07:55:38.0433 0492 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
07:55:38.0526 0492 defragsvc - ok
07:55:38.0573 0492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:55:38.0651 0492 DfsC - ok
07:55:38.0698 0492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
07:55:38.0807 0492 Dhcp - ok
07:55:38.0823 0492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
07:55:38.0916 0492 discache - ok
07:55:38.0979 0492 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
07:55:39.0010 0492 Disk - ok
07:55:39.0041 0492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:55:39.0135 0492 Dnscache - ok
07:55:39.0166 0492 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
07:55:39.0275 0492 dot3svc - ok
07:55:39.0306 0492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
07:55:39.0369 0492 DPS - ok
07:55:39.0416 0492 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:55:39.0462 0492 drmkaud - ok
07:55:39.0509 0492 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:55:39.0603 0492 DXGKrnl - ok
07:55:39.0634 0492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
07:55:39.0728 0492 EapHost - ok
07:55:39.0837 0492 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:55:39.0993 0492 ebdrv - ok
07:55:40.0040 0492 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
07:55:40.0118 0492 EFS - ok
07:55:40.0211 0492 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:55:40.0320 0492 ehRecvr - ok
07:55:40.0352 0492 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
07:55:40.0398 0492 ehSched - ok
07:55:40.0461 0492 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:55:40.0523 0492 elxstor - ok
07:55:40.0570 0492 [ 9EAFB3B3B60B8AD958985152A9309ACA ] epmntdrv C:\Windows\system32\epmntdrv.sys
07:55:40.0632 0492 epmntdrv ( UnsignedFile.Multi.Generic ) - warning
07:55:40.0632 0492 epmntdrv - detected UnsignedFile.Multi.Generic (1)
07:55:40.0679 0492 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:55:40.0726 0492 ErrDev - ok
07:55:40.0773 0492 [ FB949ED2C93C878A189039F3D7730942 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
07:55:40.0804 0492 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning
07:55:40.0804 0492 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)
07:55:40.0851 0492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
07:55:40.0960 0492 EventSystem - ok
07:55:40.0976 0492 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
07:55:41.0038 0492 exfat - ok
07:55:41.0054 0492 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:55:41.0132 0492 fastfat - ok
07:55:41.0178 0492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
07:55:41.0256 0492 Fax - ok
07:55:41.0303 0492 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
07:55:41.0350 0492 fdc - ok
07:55:41.0381 0492 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
07:55:41.0459 0492 fdPHost - ok
07:55:41.0475 0492 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
07:55:41.0537 0492 FDResPub - ok
07:55:41.0568 0492 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:55:41.0615 0492 FileInfo - ok
07:55:41.0615 0492 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:55:41.0740 0492 Filetrace - ok
07:55:41.0787 0492 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:55:41.0818 0492 flpydisk - ok
07:55:41.0865 0492 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:55:41.0912 0492 FltMgr - ok
07:55:41.0958 0492 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
07:55:42.0036 0492 FontCache - ok
07:55:42.0083 0492 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:55:42.0114 0492 FontCache3.0.0.0 - ok
07:55:42.0130 0492 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:55:42.0161 0492 FsDepends - ok
07:55:42.0208 0492 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:55:42.0239 0492 Fs_Rec - ok
07:55:42.0286 0492 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:55:42.0333 0492 fvevol - ok
07:55:42.0380 0492 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:55:42.0411 0492 gagp30kx - ok
07:55:42.0723 0492 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:55:42.0754 0492 GamesAppService - ok
07:55:42.0988 0492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:55:43.0082 0492 gpsvc - ok
07:55:43.0128 0492 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:55:43.0206 0492 hcw85cir - ok
07:55:43.0316 0492 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:55:43.0378 0492 HdAudAddService - ok
07:55:43.0425 0492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
07:55:43.0503 0492 HDAudBus - ok
07:55:43.0550 0492 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:55:43.0612 0492 HidBatt - ok
07:55:43.0643 0492 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:55:43.0830 0492 HidBth - ok
07:55:43.0862 0492 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
07:55:43.0893 0492 HidIr - ok
07:55:43.0955 0492 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:55:44.0049 0492 hidserv - ok
07:55:44.0142 0492 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
07:55:44.0189 0492 HidUsb - ok
07:55:44.0298 0492 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:55:44.0439 0492 hkmsvc - ok
07:55:44.0532 0492 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:55:44.0642 0492 HomeGroupListener - ok
07:55:44.0735 0492 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:55:44.0798 0492 HomeGroupProvider - ok
07:55:44.0954 0492 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
07:55:44.0985 0492 HP Support Assistant Service - ok
07:55:45.0078 0492 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
07:55:45.0110 0492 HPAuto - ok
07:55:45.0188 0492 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
07:55:45.0234 0492 HPClientSvc - ok
07:55:45.0609 0492 [ 8F123D1FA65ADECEA0244C615EA95DFA ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
07:55:45.0671 0492 hpCMSrv - ok
07:55:45.0843 0492 [ B19FF523B533A3F198B9239E1749C940 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
07:55:45.0874 0492 HPDrvMntSvc.exe - ok
07:55:45.0983 0492 [ 01091B900E15878B4434F9C726C4541D ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
07:55:46.0030 0492 hpqwmiex - ok
07:55:46.0170 0492 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:55:46.0202 0492 HpSAMD - ok
07:55:46.0420 0492 [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
07:55:46.0436 0492 HPWMISVC - ok
07:55:46.0576 0492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:55:46.0701 0492 HTTP - ok
07:55:46.0794 0492 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:55:46.0826 0492 hwpolicy - ok
07:55:46.0935 0492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
07:55:46.0997 0492 i8042prt - ok
07:55:47.0216 0492 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
07:55:47.0325 0492 iaStor - ok
07:55:47.0637 0492 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:55:47.0652 0492 IAStorDataMgrSvc - ok
07:55:47.0840 0492 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:55:47.0886 0492 iaStorV - ok
07:55:48.0744 0492 [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
07:55:48.0854 0492 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
07:55:48.0854 0492 IconMan_R - detected UnsignedFile.Multi.Generic (1)
07:55:49.0259 0492 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:55:49.0368 0492 idsvc - ok
07:55:53.0487 0492 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
07:55:55.0187 0492 igfx - ok
07:55:55.0281 0492 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:55:55.0328 0492 iirsp - ok
07:55:55.0671 0492 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:55:55.0920 0492 IKEEXT - ok
07:55:56.0841 0492 [ 336C3A6BF14D5A9AF35AF07C6B6B29CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
07:55:56.0966 0492 IntcAzAudAddService - ok
07:55:57.0090 0492 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:55:57.0122 0492 intelide - ok
07:55:57.0215 0492 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:55:57.0324 0492 intelppm - ok
07:55:57.0434 0492 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:55:57.0574 0492 IPBusEnum - ok
07:55:57.0636 0492 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:55:57.0730 0492 IpFilterDriver - ok
07:55:57.0808 0492 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:55:57.0902 0492 iphlpsvc - ok
07:55:57.0980 0492 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:55:58.0026 0492 IPMIDRV - ok
07:55:58.0073 0492 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:55:58.0136 0492 IPNAT - ok
07:55:58.0198 0492 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:55:58.0229 0492 IRENUM - ok
07:55:58.0260 0492 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:55:58.0276 0492 isapnp - ok
07:55:58.0307 0492 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:55:58.0354 0492 iScsiPrt - ok
07:55:58.0401 0492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
07:55:58.0432 0492 kbdclass - ok
07:55:58.0494 0492 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
07:55:58.0541 0492 kbdhid - ok
07:55:58.0572 0492 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:55:58.0619 0492 KeyIso - ok
07:55:58.0666 0492 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:55:58.0775 0492 KSecDD - ok
07:55:59.0274 0492 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:55:59.0306 0492 KSecPkg - ok
07:55:59.0399 0492 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:55:59.0477 0492 ksthunk - ok
07:55:59.0586 0492 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:55:59.0680 0492 KtmRm - ok
07:55:59.0789 0492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:55:59.0914 0492 LanmanServer - ok
07:56:00.0382 0492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:56:00.0491 0492 LanmanWorkstation - ok
07:56:00.0569 0492 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:56:00.0647 0492 lltdio - ok
07:56:00.0725 0492 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:56:00.0866 0492 lltdsvc - ok
07:56:00.0928 0492 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:56:01.0006 0492 lmhosts - ok
07:56:01.0193 0492 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:56:01.0256 0492 LMS - ok
07:56:01.0318 0492 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:56:01.0334 0492 LSI_FC - ok
07:56:01.0396 0492 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:56:01.0412 0492 LSI_SAS - ok
07:56:01.0458 0492 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:56:01.0474 0492 LSI_SAS2 - ok
07:56:01.0599 0492 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:56:01.0614 0492 LSI_SCSI - ok
07:56:01.0739 0492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:56:01.0817 0492 luafv - ok
07:56:01.0958 0492 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:56:01.0989 0492 Mcx2Svc - ok
07:56:02.0036 0492 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
07:56:02.0051 0492 megasas - ok
07:56:02.0114 0492 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:56:02.0145 0492 MegaSR - ok
07:56:02.0207 0492 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:56:02.0223 0492 MEIx64 - ok
07:56:02.0488 0492 Microsoft SharePoint Workspace Audit Service - ok
07:56:02.0566 0492 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:56:02.0675 0492 MMCSS - ok
07:56:02.0738 0492 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:56:02.0831 0492 Modem - ok
07:56:02.0894 0492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:56:02.0940 0492 monitor - ok
07:56:02.0987 0492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:56:03.0018 0492 mouclass - ok
07:56:03.0112 0492 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
07:56:03.0190 0492 mouhid - ok
07:56:03.0221 0492 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:56:03.0268 0492 mountmgr - ok
07:56:03.0330 0492 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:56:03.0362 0492 mpio - ok
07:56:03.0377 0492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:56:03.0455 0492 mpsdrv - ok
07:56:03.0689 0492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:56:03.0861 0492 MpsSvc - ok
07:56:03.0908 0492 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:56:04.0048 0492 MRxDAV - ok
07:56:04.0142 0492 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:56:04.0251 0492 mrxsmb - ok
07:56:04.0344 0492 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:56:04.0376 0492 mrxsmb10 - ok
07:56:04.0407 0492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:56:04.0438 0492 mrxsmb20 - ok
07:56:04.0485 0492 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:56:04.0516 0492 msahci - ok
07:56:04.0610 0492 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:56:04.0641 0492 msdsm - ok
07:56:04.0672 0492 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:56:04.0719 0492 MSDTC - ok
07:56:04.0797 0492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:56:04.0890 0492 Msfs - ok
07:56:04.0937 0492 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:56:05.0031 0492 mshidkmdf - ok
07:56:05.0078 0492 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:56:05.0109 0492 msisadrv - ok
07:56:05.0202 0492 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:56:05.0296 0492 MSiSCSI - ok
07:56:05.0312 0492 msiserver - ok
07:56:05.0343 0492 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:56:05.0405 0492 MSKSSRV - ok
07:56:05.0452 0492 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:56:05.0514 0492 MSPCLOCK - ok
07:56:05.0514 0492 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:56:05.0592 0492 MSPQM - ok
07:56:05.0655 0492 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:56:05.0686 0492 MsRPC - ok
07:56:05.0702 0492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
07:56:05.0733 0492 mssmbios - ok
07:56:05.0764 0492 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:56:05.0826 0492 MSTEE - ok
07:56:05.0858 0492 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:56:05.0873 0492 MTConfig - ok
07:56:05.0904 0492 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:56:05.0920 0492 Mup - ok
07:56:06.0060 0492 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:56:06.0154 0492 napagent - ok
07:56:06.0216 0492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:56:06.0263 0492 NativeWifiP - ok
07:56:06.0372 0492 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:56:06.0435 0492 NDIS - ok
07:56:06.0497 0492 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:56:06.0560 0492 NdisCap - ok
07:56:06.0622 0492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:56:06.0669 0492 NdisTapi - ok
07:56:06.0700 0492 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:56:06.0747 0492 Ndisuio - ok
07:56:06.0762 0492 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:56:06.0825 0492 NdisWan - ok
07:56:06.0840 0492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:56:06.0887 0492 NDProxy - ok
07:56:06.0965 0492 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:56:07.0028 0492 NetBIOS - ok
07:56:07.0028 0492 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:56:07.0090 0492 NetBT - ok
07:56:07.0121 0492 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:56:07.0152 0492 Netlogon - ok
07:56:07.0184 0492 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:56:07.0262 0492 Netman - ok
07:56:07.0293 0492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:56:07.0371 0492 netprofm - ok
07:56:07.0418 0492 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:56:07.0433 0492 NetTcpPortSharing - ok
07:56:07.0511 0492 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:56:07.0527 0492 nfrd960 - ok
07:56:07.0542 0492 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:56:07.0620 0492 NlaSvc - ok
07:56:07.0854 0492 [ 5DA063C13D2E0850140F10AF4720CE78 ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE
07:56:07.0870 0492 nlsX86cc - ok
07:56:07.0917 0492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:56:07.0964 0492 Npfs - ok
07:56:08.0010 0492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:56:08.0088 0492 nsi - ok
07:56:08.0088 0492 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:56:08.0166 0492 nsiproxy - ok
07:56:08.0213 0492 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:56:08.0291 0492 Ntfs - ok
07:56:08.0322 0492 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:56:08.0369 0492 Null - ok
07:56:08.0416 0492 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
07:56:08.0478 0492 NVENETFD - ok
07:56:08.0510 0492 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:56:08.0541 0492 nvraid - ok
07:56:08.0556 0492 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:56:08.0572 0492 nvstor - ok
07:56:08.0634 0492 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:56:08.0650 0492 nv_agp - ok
07:56:08.0697 0492 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:56:08.0728 0492 ohci1394 - ok
07:56:08.0868 0492 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:56:08.0884 0492 ose - ok
07:56:09.0648 0492 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:56:09.0867 0492 osppsvc - ok
07:56:10.0023 0492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:56:10.0132 0492 p2pimsvc - ok
07:56:10.0210 0492 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:56:10.0272 0492 p2psvc - ok
07:56:10.0319 0492 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
07:56:10.0382 0492 Parport - ok
07:56:10.0413 0492 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:56:10.0460 0492 partmgr - ok
07:56:10.0475 0492 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:56:10.0569 0492 PcaSvc - ok
07:56:10.0584 0492 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:56:10.0631 0492 pci - ok
07:56:10.0662 0492 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:56:10.0694 0492 pciide - ok
07:56:10.0725 0492 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:56:10.0772 0492 pcmcia - ok
07:56:10.0803 0492 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:56:10.0818 0492 pcw - ok
07:56:10.0834 0492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:56:10.0943 0492 PEAUTH - ok
07:56:10.0990 0492 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:56:11.0052 0492 PerfHost - ok
07:56:11.0130 0492 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:56:11.0349 0492 pla - ok
07:56:11.0396 0492 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:56:11.0458 0492 PlugPlay - ok
07:56:11.0489 0492 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:56:11.0552 0492 PNRPAutoReg - ok
07:56:11.0598 0492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:56:11.0645 0492 PNRPsvc - ok
07:56:11.0676 0492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:56:11.0754 0492 PolicyAgent - ok
07:56:11.0801 0492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:56:11.0864 0492 Power - ok
07:56:11.0910 0492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:56:11.0988 0492 PptpMiniport - ok
07:56:12.0020 0492 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
07:56:12.0066 0492 Processor - ok
07:56:12.0129 0492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:56:12.0222 0492 ProfSvc - ok
07:56:12.0238 0492 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:56:12.0285 0492 ProtectedStorage - ok
07:56:12.0332 0492 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:56:12.0410 0492 Psched - ok
07:56:12.0488 0492 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:56:12.0581 0492 ql2300 - ok
07:56:12.0597 0492 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:56:12.0612 0492 ql40xx - ok
07:56:12.0659 0492 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:56:12.0722 0492 QWAVE - ok
07:56:12.0753 0492 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:56:12.0800 0492 QWAVEdrv - ok
07:56:12.0831 0492 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:56:12.0893 0492 RasAcd - ok
07:56:12.0924 0492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:56:13.0002 0492 RasAgileVpn - ok
07:56:13.0096 0492 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:56:13.0190 0492 RasAuto - ok
07:56:13.0221 0492 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:56:13.0314 0492 Rasl2tp - ok
07:56:13.0470 0492 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:56:13.0564 0492 RasMan - ok
07:56:13.0580 0492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:56:13.0642 0492 RasPppoe - ok
07:56:13.0658 0492 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:56:13.0704 0492 RasSstp - ok
07:56:13.0720 0492 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:56:13.0798 0492 rdbss - ok
07:56:13.0814 0492 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:56:13.0845 0492 rdpbus - ok
07:56:13.0876 0492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:56:13.0923 0492 RDPCDD - ok
07:56:13.0954 0492 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:56:14.0032 0492 RDPENCDD - ok
07:56:14.0079 0492 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:56:14.0126 0492 RDPREFMP - ok
07:56:14.0172 0492 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:56:14.0235 0492 RDPWD - ok
07:56:14.0266 0492 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:56:14.0313 0492 rdyboost - ok
07:56:14.0344 0492 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:56:14.0453 0492 RemoteAccess - ok
07:56:14.0500 0492 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:56:14.0578 0492 RemoteRegistry - ok
07:56:14.0625 0492 [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
07:56:14.0672 0492 RimUsb - ok
07:56:14.0750 0492 [ 085D18C71AB2611A3D61528132B6501E ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
07:56:14.0812 0492 RoxioNow Service - ok
07:56:14.0859 0492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:56:14.0952 0492 RpcEptMapper - ok
07:56:14.0999 0492 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:56:15.0046 0492 RpcLocator - ok
07:56:15.0077 0492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:56:15.0155 0492 RpcSs - ok
07:56:15.0280 0492 [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
07:56:15.0311 0492 RSPCIESTOR - ok
07:56:15.0374 0492 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:56:15.0467 0492 rspndr - ok
07:56:15.0530 0492 [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
07:56:15.0561 0492 RTL8167 - ok
07:56:15.0623 0492 [ 508D997A5E9F400FADE6C85251BF13DF ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
07:56:15.0654 0492 RTL8192Ce - ok
07:56:15.0670 0492 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:56:15.0686 0492 SamSs - ok
07:56:15.0717 0492 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:56:15.0732 0492 sbp2port - ok
07:56:15.0779 0492 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:56:15.0857 0492 SCardSvr - ok
07:56:15.0888 0492 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:56:15.0951 0492 scfilter - ok
07:56:15.0998 0492 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:56:16.0138 0492 Schedule - ok
07:56:16.0216 0492 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:56:16.0294 0492 SCPolicySvc - ok
07:56:16.0341 0492 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
07:56:16.0372 0492 sdbus - ok
07:56:16.0403 0492 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:56:16.0450 0492 SDRSVC - ok
07:56:16.0512 0492 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
07:56:16.0559 0492 SeaPort - ok
07:56:16.0606 0492 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:56:16.0700 0492 secdrv - ok
07:56:16.0715 0492 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:56:16.0793 0492 seclogon - ok
07:56:16.0840 0492 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:56:16.0949 0492 SENS - ok
07:56:16.0980 0492 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:56:17.0058 0492 SensrSvc - ok
07:56:17.0105 0492 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
07:56:17.0152 0492 Serenum - ok
07:56:17.0199 0492 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
07:56:17.0246 0492 Serial - ok
07:56:17.0308 0492 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:56:17.0355 0492 sermouse - ok
07:56:17.0386 0492 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:56:17.0464 0492 SessionEnv - ok
07:56:17.0495 0492 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:56:17.0573 0492 sffdisk - ok
07:56:17.0620 0492 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:56:17.0698 0492 sffp_mmc - ok
07:56:17.0760 0492 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:56:17.0823 0492 sffp_sd - ok
07:56:17.0870 0492 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:56:17.0916 0492 sfloppy - ok
07:56:18.0135 0492 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
07:56:18.0182 0492 Sftfs - ok
07:56:18.0431 0492 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
07:56:18.0478 0492 sftlist - ok
07:56:18.0572 0492 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
07:56:18.0603 0492 Sftplay - ok
07:56:18.0650 0492 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
07:56:18.0681 0492 Sftredir - ok
07:56:18.0696 0492 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
07:56:18.0728 0492 Sftvol - ok
07:56:18.0759 0492 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
07:56:18.0774 0492 sftvsa - ok
07:56:18.0899 0492 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:56:18.0993 0492 SharedAccess - ok
07:56:19.0102 0492 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:56:19.0211 0492 ShellHWDetection - ok
07:56:19.0274 0492 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:56:19.0305 0492 SiSRaid2 - ok
07:56:19.0367 0492 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:56:19.0398 0492 SiSRaid4 - ok
07:56:19.0445 0492 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:56:19.0539 0492 Smb - ok
07:56:19.0601 0492 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:56:19.0664 0492 SNMPTRAP - ok
07:56:19.0851 0492 [ 3325D6E50E52CC05C5F8228288DF2A4C ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
07:56:19.0960 0492 SNP2UVC - ok
07:56:20.0100 0492 [ 02AB5AC03A1E66C8E8ED764FF8EFFC68 ] Sockblkd C:\Program Files\Extegrity\Exam4\Sockblkd.sys
07:56:20.0100 0492 Sockblkd ( UnsignedFile.Multi.Generic ) - warning
07:56:20.0116 0492 Sockblkd - detected UnsignedFile.Multi.Generic (1)
07:56:20.0147 0492 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:56:20.0178 0492 spldr - ok
07:56:20.0397 0492 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
07:56:20.0506 0492 Spooler - ok
07:56:20.0974 0492 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:56:21.0161 0492 sppsvc - ok
07:56:21.0192 0492 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:56:21.0255 0492 sppuinotify - ok
07:56:21.0395 0492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:56:21.0489 0492 srv - ok
07:56:21.0567 0492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:56:21.0629 0492 srv2 - ok
07:56:21.0754 0492 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
07:56:21.0816 0492 SrvHsfHDA - ok
07:56:21.0910 0492 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
07:56:21.0988 0492 SrvHsfV92 - ok
07:56:22.0004 0492 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
07:56:22.0050 0492 SrvHsfWinac - ok
07:56:22.0097 0492 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:56:22.0113 0492 srvnet - ok
07:56:22.0191 0492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:56:22.0300 0492 SSDPSRV - ok
07:56:22.0316 0492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:56:22.0378 0492 SstpSvc - ok
07:56:22.0394 0492 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:56:22.0409 0492 stexstor - ok
07:56:22.0612 0492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:56:22.0674 0492 stisvc - ok
07:56:22.0706 0492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
07:56:22.0721 0492 swenum - ok
07:56:22.0846 0492 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:56:22.0971 0492 swprv - ok
07:56:23.0205 0492 [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
07:56:23.0298 0492 SynTP - ok
07:56:23.0673 0492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:56:23.0798 0492 SysMain - ok
07:56:23.0844 0492 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:56:23.0907 0492 TabletInputService - ok
07:56:23.0922 0492 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:56:24.0000 0492 TapiSrv - ok
07:56:24.0047 0492 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:56:24.0110 0492 TBS - ok
07:56:24.0609 0492 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:56:24.0702 0492 Tcpip - ok
07:56:24.0780 0492 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:56:24.0843 0492 TCPIP6 - ok
07:56:24.0890 0492 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:56:24.0999 0492 tcpipreg - ok
07:56:25.0046 0492 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:56:25.0124 0492 TDPIPE - ok
07:56:25.0170 0492 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:56:25.0217 0492 TDTCP - ok
07:56:25.0248 0492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:56:25.0295 0492 tdx - ok
07:56:25.0373 0492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
07:56:25.0404 0492 TermDD - ok
07:56:25.0498 0492 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:56:25.0607 0492 TermService - ok
07:56:25.0623 0492 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:56:25.0670 0492 Themes - ok
07:56:25.0670 0492 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:56:25.0732 0492 THREADORDER - ok
07:56:25.0779 0492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:56:25.0841 0492 TrkWks - ok
07:56:25.0904 0492 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:56:26.0013 0492 TrustedInstaller - ok
07:56:26.0044 0492 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:56:26.0106 0492 tssecsrv - ok
07:56:26.0153 0492 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:56:26.0216 0492 TsUsbFlt - ok
07:56:26.0262 0492 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:56:26.0294 0492 TsUsbGD - ok
07:56:26.0325 0492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:56:26.0418 0492 tunnel - ok
07:56:26.0450 0492 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:56:26.0481 0492 uagp35 - ok
07:56:26.0512 0492 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:56:26.0606 0492 udfs - ok
07:56:26.0637 0492 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:56:26.0668 0492 UI0Detect - ok
07:56:26.0730 0492 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:56:26.0762 0492 uliagpkx - ok
07:56:26.0808 0492 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:56:26.0871 0492 umbus - ok
07:56:26.0871 0492 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
07:56:26.0918 0492 UmPass - ok
07:56:27.0058 0492 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:56:27.0120 0492 UNS - ok
07:56:27.0167 0492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:56:27.0230 0492 upnphost - ok
07:56:27.0261 0492 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:56:27.0292 0492 usbccgp - ok
07:56:27.0339 0492 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:56:27.0386 0492 usbcir - ok
07:56:27.0401 0492 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
07:56:27.0432 0492 usbehci - ok
07:56:27.0479 0492 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:56:27.0542 0492 usbhub - ok
07:56:27.0557 0492 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:56:27.0604 0492 usbohci - ok
07:56:27.0651 0492 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
07:56:27.0713 0492 usbprint - ok
07:56:27.0760 0492 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:56:27.0822 0492 USBSTOR - ok
07:56:27.0838 0492 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:56:27.0900 0492 usbuhci - ok
07:56:27.0947 0492 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
07:56:27.0994 0492 usbvideo - ok
07:56:28.0025 0492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:56:28.0134 0492 UxSms - ok
07:56:28.0181 0492 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:56:28.0197 0492 VaultSvc - ok
07:56:28.0212 0492 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:56:28.0228 0492 vdrvroot - ok
07:56:28.0275 0492 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:56:28.0400 0492 vds - ok
07:56:28.0446 0492 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:56:28.0493 0492 vga - ok
07:56:28.0509 0492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:56:28.0602 0492 VgaSave - ok
07:56:28.0696 0492 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:56:28.0743 0492 vhdmp - ok
07:56:28.0758 0492 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:56:28.0774 0492 viaide - ok
07:56:28.0836 0492 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:56:28.0883 0492 volmgr - ok
07:56:28.0899 0492 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:56:28.0930 0492 volmgrx - ok
07:56:29.0008 0492 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:56:29.0039 0492 volsnap - ok
07:56:29.0086 0492 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:56:29.0117 0492 vsmraid - ok
07:56:29.0258 0492 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:56:29.0398 0492 VSS - ok
07:56:29.0429 0492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:56:29.0476 0492 vwifibus - ok
07:56:29.0507 0492 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:56:29.0554 0492 vwififlt - ok
07:56:29.0554 0492 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
07:56:29.0585 0492 vwifimp - ok
07:56:29.0616 0492 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:56:29.0679 0492 W32Time - ok
07:56:29.0741 0492 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:56:29.0804 0492 WacomPen - ok
07:56:29.0882 0492 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:56:29.0975 0492 WANARP - ok
07:56:30.0006 0492 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:56:30.0053 0492 Wanarpv6 - ok
07:56:30.0131 0492 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:56:30.0225 0492 WatAdminSvc - ok
07:56:30.0303 0492 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:56:30.0396 0492 wbengine - ok
07:56:30.0396 0492 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:56:30.0443 0492 WbioSrvc - ok
07:56:30.0459 0492 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:56:30.0521 0492 wcncsvc - ok
07:56:30.0537 0492 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:56:30.0584 0492 WcsPlugInService - ok
07:56:30.0615 0492 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
07:56:30.0630 0492 Wd - ok
07:56:30.0677 0492 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:56:30.0708 0492 Wdf01000 - ok
07:56:30.0724 0492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:56:30.0849 0492 WdiServiceHost - ok
07:56:30.0849 0492 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:56:30.0896 0492 WdiSystemHost - ok
07:56:30.0911 0492 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:56:30.0958 0492 WebClient - ok
07:56:30.0989 0492 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:56:31.0083 0492 Wecsvc - ok
07:56:31.0098 0492 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:56:31.0161 0492 wercplsupport - ok
07:56:31.0192 0492 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:56:31.0254 0492 WerSvc - ok
07:56:31.0301 0492 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:56:31.0364 0492 WfpLwf - ok
07:56:31.0395 0492 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:56:31.0410 0492 WIMMount - ok
07:56:31.0442 0492 WinDefend - ok
07:56:31.0457 0492 WinHttpAutoProxySvc - ok
07:56:31.0520 0492 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:56:31.0582 0492 Winmgmt - ok
07:56:31.0644 0492 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:56:31.0800 0492 WinRM - ok
07:56:31.0863 0492 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:56:31.0894 0492 WinUsb - ok
07:56:31.0941 0492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:56:32.0019 0492 Wlansvc - ok
07:56:32.0081 0492 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:56:32.0112 0492 wlcrasvc - ok
07:56:32.0253 0492 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:56:32.0346 0492 wlidsvc - ok
07:56:32.0440 0492 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:56:32.0487 0492 WmiAcpi - ok
07:56:32.0502 0492 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:56:32.0549 0492 wmiApSrv - ok
07:56:32.0612 0492 WMPNetworkSvc - ok
07:56:32.0627 0492 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:56:32.0690 0492 WPCSvc - ok
07:56:32.0705 0492 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:56:32.0783 0492 WPDBusEnum - ok
07:56:32.0814 0492 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:56:32.0908 0492 ws2ifsl - ok
07:56:32.0939 0492 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:56:32.0986 0492 wscsvc - ok
07:56:33.0002 0492 WSearch - ok
07:56:33.0251 0492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:56:33.0329 0492 wuauserv - ok
07:56:33.0345 0492 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:56:33.0407 0492 WudfPf - ok
07:56:33.0454 0492 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:56:33.0548 0492 WUDFRd - ok
07:56:33.0610 0492 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:56:33.0657 0492 wudfsvc - ok
07:56:33.0750 0492 [ CE8CF9DE9CBFDAA318BD04D8BE3FCADA ] WwanSvc C:\Windows\System32\wwansvc.dll
07:56:33.0797 0492 WwanSvc - ok
07:56:33.0844 0492 ================ Scan global ===============================
07:56:33.0891 0492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:56:33.0938 0492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:56:33.0969 0492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
07:56:34.0016 0492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:56:34.0062 0492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:56:34.0078 0492 [Global] - ok
07:56:34.0078 0492 ================ Scan MBR ==================================
07:56:34.0094 0492 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:56:35.0030 0492 \Device\Harddisk0\DR0 - ok
07:56:35.0030 0492 ================ Scan VBR ==================================
07:56:35.0061 0492 [ 21CCB40A232502973F75B1AECB846C97 ] \Device\Harddisk0\DR0\Partition1
07:56:35.0061 0492 \Device\Harddisk0\DR0\Partition1 - ok
07:56:35.0092 0492 [ CA30C01EB1C2458EA5CA62AE8A49D772 ] \Device\Harddisk0\DR0\Partition2
07:56:35.0092 0492 \Device\Harddisk0\DR0\Partition2 - ok
07:56:35.0123 0492 [ 63BFE970AC5DAD221C76AF1A205817C2 ] \Device\Harddisk0\DR0\Partition3
07:56:35.0139 0492 \Device\Harddisk0\DR0\Partition3 - ok
07:56:35.0186 0492 [ 5CAAB030FEC321259E9988113FDF2DC6 ] \Device\Harddisk0\DR0\Partition4
07:56:35.0186 0492 \Device\Harddisk0\DR0\Partition4 - ok
07:56:35.0186 0492 ================ Scan active images ========================
07:56:35.0186 0492 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
07:56:35.0186 0492 C:\Windows\System32\drivers\crashdmp.sys - ok
07:56:35.0201 0492 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] C:\Windows\System32\drivers\iaStor.sys
07:56:35.0201 0492 C:\Windows\System32\drivers\iaStor.sys - ok
07:56:35.0201 0492 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
07:56:35.0201 0492 C:\Windows\System32\drivers\dumpfve.sys - ok
07:56:35.0217 0492 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
07:56:35.0217 0492 C:\Windows\System32\drivers\cdrom.sys - ok
07:56:35.0217 0492 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] C:\Windows\System32\drivers\aswSnx.sys
07:56:35.0217 0492 C:\Windows\System32\drivers\aswSnx.sys - ok
07:56:35.0232 0492 [ F146F83E8F7AC22BD011D5942E4C155C ] C:\Windows\System32\drivers\aswKbd.sys
07:56:35.0232 0492 C:\Windows\System32\drivers\aswKbd.sys - ok
07:56:35.0232 0492 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
07:56:35.0248 0492 C:\Windows\System32\drivers\beep.sys - ok
07:56:35.0248 0492 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
07:56:35.0248 0492 C:\Windows\System32\drivers\null.sys - ok
07:56:35.0248 0492 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
07:56:35.0248 0492 C:\Windows\System32\drivers\msfs.sys - ok
07:56:35.0264 0492 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
07:56:35.0264 0492 C:\Windows\System32\drivers\RDPCDD.sys - ok
07:56:35.0264 0492 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
07:56:35.0264 0492 C:\Windows\System32\drivers\RDPENCDD.sys - ok
07:56:35.0264 0492 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
07:56:35.0264 0492 C:\Windows\System32\drivers\RDPREFMP.sys - ok
07:56:35.0279 0492 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
07:56:35.0279 0492 C:\Windows\System32\drivers\vga.sys - ok
07:56:35.0279 0492 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
07:56:35.0279 0492 C:\Windows\System32\drivers\videoprt.sys - ok
07:56:35.0279 0492 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
07:56:35.0279 0492 C:\Windows\System32\drivers\watchdog.sys - ok
07:56:35.0295 0492 [ 7B922B13ACFF9E4FBA24A6EACC417B78 ] C:\Windows\System32\drivers\aswFW.sys
07:56:35.0295 0492 C:\Windows\System32\drivers\aswFW.sys - ok
07:56:35.0295 0492 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
07:56:35.0295 0492 C:\Windows\System32\drivers\npfs.sys - ok
07:56:35.0295 0492 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
07:56:35.0295 0492 C:\Windows\System32\drivers\tdi.sys - ok
07:56:35.0310 0492 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
07:56:35.0310 0492 C:\Windows\System32\drivers\tdx.sys - ok
07:56:35.0310 0492 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
07:56:35.0310 0492 C:\Windows\System32\drivers\afd.sys - ok
07:56:35.0310 0492 [ C3EC420451AC5300A22190AE38418FBA ] C:\Windows\System32\drivers\aswTdi.sys
07:56:35.0310 0492 C:\Windows\System32\drivers\aswTdi.sys - ok
07:56:35.0326 0492 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] C:\Windows\System32\drivers\aswRdr2.sys
07:56:35.0326 0492 C:\Windows\System32\drivers\aswRdr2.sys - ok
07:56:35.0326 0492 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
07:56:35.0326 0492 C:\Windows\System32\drivers\netbt.sys - ok
07:56:35.0326 0492 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
07:56:35.0326 0492 C:\Windows\System32\drivers\wfplwf.sys - ok
07:56:35.0342 0492 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
07:56:35.0342 0492 C:\Windows\System32\drivers\netbios.sys - ok
07:56:35.0342 0492 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
07:56:35.0342 0492 C:\Windows\System32\drivers\pacer.sys - ok
07:56:35.0342 0492 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
07:56:35.0342 0492 C:\Windows\System32\drivers\vwififlt.sys - ok
07:56:35.0357 0492 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
07:56:35.0357 0492 C:\Windows\System32\drivers\wanarp.sys - ok
07:56:35.0357 0492 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
07:56:35.0357 0492 C:\Windows\System32\drivers\mssmbios.sys - ok
07:56:35.0357 0492 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
07:56:35.0357 0492 C:\Windows\System32\drivers\nsiproxy.sys - ok
07:56:35.0373 0492 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
07:56:35.0373 0492 C:\Windows\System32\drivers\rdbss.sys - ok
07:56:35.0373 0492 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
07:56:35.0373 0492 C:\Windows\System32\drivers\termdd.sys - ok
07:56:35.0373 0492 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
07:56:35.0373 0492 C:\Windows\System32\drivers\blbdrive.sys - ok
07:56:35.0388 0492 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
07:56:35.0388 0492 C:\Windows\System32\drivers\dfsc.sys - ok
07:56:35.0388 0492 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
07:56:35.0388 0492 C:\Windows\System32\drivers\discache.sys - ok
07:56:35.0388 0492 [ 9A49D80D65451AF22913AEF772CC3DA9 ] C:\Windows\System32\drivers\aswSP.sys
07:56:35.0388 0492 C:\Windows\System32\drivers\aswSP.sys - ok
07:56:35.0404 0492 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
07:56:35.0404 0492 C:\Windows\System32\drivers\tunnel.sys - ok
07:56:35.0404 0492 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
07:56:35.0404 0492 C:\Windows\System32\ntdll.dll - ok
07:56:35.0404 0492 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
07:56:35.0404 0492 C:\Windows\System32\smss.exe - ok
07:56:35.0420 0492 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
07:56:35.0420 0492 C:\Windows\System32\autochk.exe - ok
07:56:35.0420 0492 [ 371D7F91C0D2314EB984A4A6CBEABC92 ] C:\Windows\System32\drivers\igdkmd64.sys
07:56:35.0420 0492 C:\Windows\System32\drivers\igdkmd64.sys - ok
07:56:35.0435 0492 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
07:56:35.0435 0492 C:\Windows\System32\drivers\fastfat.sys - ok
07:56:35.0435 0492 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
07:56:35.0435 0492 C:\Windows\System32\drivers\dxgkrnl.sys - ok
07:56:35.0435 0492 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
07:56:35.0435 0492 C:\Windows\System32\drivers\dxgmms1.sys - ok
07:56:35.0451 0492 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
07:56:35.0451 0492 C:\Windows\System32\drivers\HECIx64.sys - ok
07:56:35.0451 0492 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
07:56:35.0451 0492 C:\Windows\System32\drivers\usbport.sys - ok
07:56:35.0451 0492 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
07:56:35.0451 0492 C:\Windows\System32\drivers\hdaudbus.sys - ok
07:56:35.0466 0492 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
07:56:35.0466 0492 C:\Windows\System32\drivers\usbehci.sys - ok
07:56:35.0466 0492 [ 3372196F61AF48503656EF6AA3E92D1B ] C:\Windows\System32\drivers\Rt64win7.sys
07:56:35.0466 0492 C:\Windows\System32\drivers\Rt64win7.sys - ok
07:56:35.0466 0492 [ 508D997A5E9F400FADE6C85251BF13DF ] C:\Windows\System32\drivers\rtl8192ce.sys
07:56:35.0466 0492 C:\Windows\System32\drivers\rtl8192ce.sys - ok
07:56:35.0482 0492 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
07:56:35.0482 0492 C:\Windows\System32\drivers\vwifibus.sys - ok
07:56:35.0482 0492 [ 546D7F426776090B90EF5F195B6AE662 ] C:\Windows\System32\drivers\RtsPStor.sys
07:56:35.0482 0492 C:\Windows\System32\drivers\RtsPStor.sys - ok
07:56:35.0482 0492 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
07:56:35.0482 0492 C:\Windows\System32\drivers\i8042prt.sys - ok
07:56:35.0498 0492 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
07:56:35.0498 0492 C:\Windows\System32\drivers\kbdclass.sys - ok
07:56:35.0498 0492 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
07:56:35.0498 0492 C:\Windows\System32\drivers\usbd.sys - ok
07:56:35.0498 0492 [ C447977ED2A4AE9346FE3A0579A34D7C ] C:\Windows\System32\drivers\SynTP.sys
07:56:35.0498 0492 C:\Windows\System32\drivers\SynTP.sys - ok
07:56:35.0513 0492 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
07:56:35.0513 0492 C:\Windows\System32\comdlg32.dll - ok
07:56:35.0513 0492 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
07:56:35.0513 0492 C:\Windows\System32\user32.dll - ok
07:56:35.0513 0492 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
07:56:35.0513 0492 C:\Windows\System32\imm32.dll - ok
07:56:35.0529 0492 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
07:56:35.0529 0492 C:\Windows\System32\msvcrt.dll - ok
07:56:35.0529 0492 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
07:56:35.0529 0492 C:\Windows\System32\clbcatq.dll - ok
07:56:35.0529 0492 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
07:56:35.0529 0492 C:\Windows\System32\shell32.dll - ok
07:56:35.0544 0492 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
07:56:35.0544 0492 C:\Windows\System32\rpcrt4.dll - ok
07:56:35.0544 0492 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
07:56:35.0544 0492 C:\Windows\System32\lpk.dll - ok
07:56:35.0560 0492 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
07:56:35.0560 0492 C:\Windows\System32\nsi.dll - ok
07:56:35.0560 0492 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
07:56:35.0560 0492 C:\Windows\System32\normaliz.dll - ok
07:56:35.0560 0492 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
07:56:35.0560 0492 C:\Windows\System32\shlwapi.dll - ok
07:56:35.0576 0492 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
07:56:35.0576 0492 C:\Windows\System32\iertutil.dll - ok
07:56:35.0576 0492 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
07:56:35.0576 0492 C:\Windows\System32\ws2_32.dll - ok
07:56:35.0576 0492 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
07:56:35.0576 0492 C:\Windows\System32\oleaut32.dll - ok
07:56:35.0591 0492 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
07:56:35.0591 0492 C:\Windows\System32\usp10.dll - ok
07:56:35.0591 0492 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
07:56:35.0591 0492 C:\Windows\System32\kernel32.dll - ok
07:56:35.0591 0492 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
07:56:35.0591 0492 C:\Windows\System32\psapi.dll - ok
07:56:35.0607 0492 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
07:56:35.0607 0492 C:\Windows\System32\drivers\CmBatt.sys - ok
07:56:35.0607 0492 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
07:56:35.0607 0492 C:\Windows\System32\drivers\mouclass.sys - ok
07:56:35.0607 0492 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
07:56:35.0607 0492 C:\Windows\System32\drivers\CompositeBus.sys - ok
07:56:35.0622 0492 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
07:56:35.0622 0492 C:\Windows\System32\drivers\intelppm.sys - ok
07:56:35.0622 0492 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
07:56:35.0622 0492 C:\Windows\System32\drivers\wmiacpi.sys - ok
07:56:35.0622 0492 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
07:56:35.0638 0492 C:\Windows\System32\drivers\agilevpn.sys - ok
07:56:35.0638 0492 [ 50F92C943F18B070F166D019DFAB3D9A ] C:\Windows\System32\drivers\clwvd.sys
07:56:35.0638 0492 C:\Windows\System32\drivers\clwvd.sys - ok
07:56:35.0638 0492 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
07:56:35.0638 0492 C:\Windows\System32\drivers\ks.sys - ok
07:56:35.0654 0492 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
07:56:35.0654 0492 C:\Windows\System32\drivers\ksthunk.sys - ok
07:56:35.0654 0492 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
07:56:35.0654 0492 C:\Windows\System32\drivers\ndistapi.sys - ok
07:56:35.0654 0492 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
07:56:35.0654 0492 C:\Windows\System32\drivers\ndiswan.sys - ok
07:56:35.0669 0492 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
07:56:35.0669 0492 C:\Windows\System32\drivers\rasl2tp.sys - ok
07:56:35.0669 0492 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
07:56:35.0669 0492 C:\Windows\System32\drivers\raspppoe.sys - ok
07:56:35.0669 0492 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
07:56:35.0669 0492 C:\Windows\System32\drivers\raspptp.sys - ok
07:56:35.0685 0492 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
07:56:35.0685 0492 C:\Windows\System32\drivers\rassstp.sys - ok
07:56:35.0685 0492 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
07:56:35.0685 0492 C:\Windows\System32\drivers\swenum.sys - ok
07:56:35.0685 0492 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
07:56:35.0685 0492 C:\Windows\System32\drivers\umbus.sys - ok
07:56:35.0700 0492 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
07:56:35.0700 0492 C:\Windows\System32\drivers\usbhub.sys - ok
07:56:35.0700 0492 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
07:56:35.0700 0492 C:\Windows\System32\urlmon.dll - ok
07:56:35.0716 0492 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
07:56:35.0716 0492 C:\Windows\System32\setupapi.dll - ok
07:56:35.0716 0492 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
07:56:35.0716 0492 C:\Windows\System32\wininet.dll - ok
07:56:35.0716 0492 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
07:56:35.0716 0492 C:\Windows\System32\ole32.dll - ok
07:56:35.0732 0492 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
07:56:35.0732 0492 C:\Windows\System32\drivers\ndproxy.sys - ok
07:56:35.0732 0492 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
07:56:35.0732 0492 C:\Windows\System32\msctf.dll - ok
07:56:35.0747 0492 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
07:56:35.0747 0492 C:\Windows\System32\advapi32.dll - ok
07:56:35.0747 0492 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
07:56:35.0747 0492 C:\Windows\System32\drivers\drmk.sys - ok
07:56:35.0763 0492 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
07:56:35.0763 0492 C:\Windows\System32\drivers\portcls.sys - ok
07:56:35.0763 0492 [ 336C3A6BF14D5A9AF35AF07C6B6B29CD ] C:\Windows\System32\drivers\RTKVHD64.sys
07:56:35.0763 0492 C:\Windows\System32\drivers\RTKVHD64.sys - ok
07:56:35.0778 0492 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
07:56:35.0778 0492 C:\Windows\System32\difxapi.dll - ok
07:56:35.0778 0492 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
07:56:35.0778 0492 C:\Windows\System32\sechost.dll - ok
07:56:35.0778 0492 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
07:56:35.0778 0492 C:\Windows\System32\gdi32.dll - ok
07:56:35.0794 0492 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
07:56:35.0794 0492 C:\Windows\System32\imagehlp.dll - ok
07:56:35.0794 0492 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
07:56:35.0794 0492 C:\Windows\System32\Wldap32.dll - ok
07:56:35.0810 0492 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
07:56:35.0810 0492 C:\Windows\System32\devobj.dll - ok
07:56:35.0810 0492 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
07:56:35.0810 0492 C:\Windows\System32\KernelBase.dll - ok
07:56:35.0825 0492 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
07:56:35.0825 0492 C:\Windows\System32\cfgmgr32.dll - ok
07:56:35.0825 0492 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
07:56:35.0825 0492 C:\Windows\System32\crypt32.dll - ok
07:56:35.0825 0492 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
07:56:35.0825 0492 C:\Windows\System32\wintrust.dll - ok
07:56:35.0841 0492 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
07:56:35.0841 0492 C:\Windows\System32\comctl32.dll - ok
07:56:35.0841 0492 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
07:56:35.0841 0492 C:\Windows\System32\msasn1.dll - ok
07:56:35.0841 0492 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
07:56:35.0841 0492 C:\Windows\SysWOW64\normaliz.dll - ok
07:56:35.0856 0492 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
07:56:35.0856 0492 C:\Windows\System32\drivers\dxapi.sys - ok
07:56:35.0856 0492 [ 511166D3F5D7EBA36DE48C4F5E195886 ] C:\Windows\System32\win32k.sys
07:56:35.0856 0492 C:\Windows\System32\win32k.sys - ok
07:56:35.0856 0492 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
07:56:35.0856 0492 C:\Windows\System32\csrsrv.dll - ok
07:56:35.0872 0492 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
07:56:35.0872 0492 C:\Windows\System32\csrss.exe - ok
07:56:35.0872 0492 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
07:56:35.0872 0492 C:\Windows\System32\basesrv.dll - ok
07:56:35.0872 0492 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
07:56:35.0872 0492 C:\Windows\System32\winsrv.dll - ok
07:56:35.0888 0492 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
07:56:35.0888 0492 C:\Windows\System32\drivers\usbccgp.sys - ok
07:56:35.0888 0492 [ 3325D6E50E52CC05C5F8228288DF2A4C ] C:\Windows\System32\drivers\snp2uvc.sys
07:56:35.0888 0492 C:\Windows\System32\drivers\snp2uvc.sys - ok
07:56:35.0903 0492 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
07:56:35.0903 0492 C:\Windows\System32\drivers\monitor.sys - ok
07:56:35.0903 0492 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
07:56:35.0903 0492 C:\Windows\System32\tsddd.dll - ok
07:56:35.0903 0492 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
07:56:35.0903 0492 C:\Windows\System32\profapi.dll - ok
07:56:35.0919 0492 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
07:56:35.0919 0492 C:\Windows\System32\sxssrv.dll - ok
07:56:35.0919 0492 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
07:56:35.0919 0492 C:\Windows\System32\wininit.exe - ok
07:56:35.0919 0492 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
07:56:35.0919 0492 C:\Windows\System32\KBDUS.DLL - ok
07:56:35.0934 0492 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
07:56:35.0934 0492 C:\Windows\System32\RpcRtRemote.dll - ok
07:56:35.0934 0492 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
07:56:35.0934 0492 C:\Windows\System32\cdd.dll - ok
07:56:35.0950 0492 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
07:56:35.0950 0492 C:\Windows\System32\WlS0WndH.dll - ok
07:56:35.0950 0492 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
07:56:35.0950 0492 C:\Windows\System32\sxs.dll - ok
07:56:35.0950 0492 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
07:56:35.0950 0492 C:\Windows\System32\cryptbase.dll - ok
07:56:35.0966 0492 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
07:56:35.0966 0492 C:\Windows\System32\apphelp.dll - ok
07:56:35.0966 0492 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
07:56:35.0966 0492 C:\Windows\System32\lsass.exe - ok
07:56:35.0966 0492 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
07:56:35.0966 0492 C:\Windows\System32\lsm.exe - ok
07:56:35.0981 0492 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
07:56:35.0981 0492 C:\Windows\System32\services.exe - ok
07:56:35.0981 0492 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
07:56:35.0981 0492 C:\Windows\System32\sspisrv.dll - ok
07:56:35.0981 0492 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
07:56:35.0981 0492 C:\Windows\System32\scesrv.dll - ok
07:56:35.0997 0492 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
07:56:35.0997 0492 C:\Windows\System32\scext.dll - ok
07:56:35.0997 0492 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
07:56:35.0997 0492 C:\Windows\System32\secur32.dll - ok
07:56:35.0997 0492 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
07:56:35.0997 0492 C:\Windows\System32\sspicli.dll - ok
07:56:36.0012 0492 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
07:56:36.0012 0492 C:\Windows\System32\sysntfy.dll - ok
07:56:36.0012 0492 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
07:56:36.0012 0492 C:\Windows\System32\wmsgapi.dll - ok
07:56:36.0028 0492 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
07:56:36.0028 0492 C:\Windows\System32\srvcli.dll - ok
07:56:36.0028 0492 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
07:56:36.0028 0492 C:\Windows\System32\winlogon.exe - ok
07:56:36.0028 0492 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
07:56:36.0028 0492 C:\Windows\System32\winsta.dll - ok
07:56:36.0044 0492 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
07:56:36.0044 0492 C:\Windows\System32\lsasrv.dll - ok
07:56:36.0044 0492 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
07:56:36.0044 0492 C:\Windows\System32\samsrv.dll - ok
07:56:36.0044 0492 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
07:56:36.0044 0492 C:\Windows\System32\cryptdll.dll - ok
07:56:36.0059 0492 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
07:56:36.0059 0492 C:\Windows\System32\authz.dll - ok
07:56:36.0059 0492 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
07:56:36.0059 0492 C:\Windows\System32\cngaudit.dll - ok
07:56:36.0075 0492 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
07:56:36.0075 0492 C:\Windows\System32\wevtapi.dll - ok
07:56:36.0075 0492 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
07:56:36.0075 0492 C:\Windows\System32\bcrypt.dll - ok
07:56:36.0075 0492 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
07:56:36.0075 0492 C:\Windows\System32\ncrypt.dll - ok
07:56:36.0090 0492 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
07:56:36.0090 0492 C:\Windows\System32\msprivs.dll - ok
07:56:36.0090 0492 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
07:56:36.0090 0492 C:\Windows\System32\netjoin.dll - ok
07:56:36.0090 0492 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
07:56:36.0090 0492 C:\Windows\System32\negoexts.dll - ok
07:56:36.0106 0492 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
07:56:36.0106 0492 C:\Windows\System32\kerberos.dll - ok
07:56:36.0106 0492 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
07:56:36.0106 0492 C:\Windows\System32\cryptsp.dll - ok
07:56:36.0106 0492 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
07:56:36.0106 0492 C:\Windows\System32\mswsock.dll - ok
07:56:36.0122 0492 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
07:56:36.0122 0492 C:\Windows\System32\msv1_0.dll - ok
07:56:36.0122 0492 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
07:56:36.0122 0492 C:\Windows\System32\wship6.dll - ok
07:56:36.0122 0492 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
07:56:36.0122 0492 C:\Windows\System32\netlogon.dll - ok
07:56:36.0137 0492 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
07:56:36.0137 0492 C:\Windows\System32\dnsapi.dll - ok
07:56:36.0137 0492 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
07:56:36.0137 0492 C:\Windows\System32\logoncli.dll - ok
07:56:36.0137 0492 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
07:56:36.0137 0492 C:\Windows\System32\schannel.dll - ok
07:56:36.0153 0492 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
07:56:36.0153 0492 C:\Windows\System32\wdigest.dll - ok
07:56:36.0153 0492 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
07:56:36.0153 0492 C:\Windows\System32\rsaenh.dll - ok
07:56:36.0153 0492 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
07:56:36.0153 0492 C:\Windows\System32\TSpkg.dll - ok
07:56:36.0168 0492 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
07:56:36.0168 0492 C:\Windows\System32\pku2u.dll - ok
07:56:36.0168 0492 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
07:56:36.0168 0492 C:\Windows\System32\LIVESSP.DLL - ok
07:56:36.0168 0492 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
07:56:36.0168 0492 C:\Windows\System32\bcryptprimitives.dll - ok
07:56:36.0184 0492 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
07:56:36.0184 0492 C:\Windows\System32\efslsaext.dll - ok
07:56:36.0184 0492 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
07:56:36.0184 0492 C:\Windows\System32\credssp.dll - ok
07:56:36.0200 0492 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
07:56:36.0200 0492 C:\Windows\System32\scecli.dll - ok
07:56:36.0200 0492 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
07:56:36.0200 0492 C:\Windows\System32\ubpm.dll - ok
07:56:36.0200 0492 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
07:56:36.0200 0492 C:\Windows\System32\svchost.exe - ok
07:56:36.0215 0492 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
07:56:36.0215 0492 C:\Windows\System32\umpnpmgr.dll - ok
07:56:36.0215 0492 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
07:56:36.0215 0492 C:\Windows\System32\devrtl.dll - ok
07:56:36.0215 0492 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
07:56:36.0215 0492 C:\Windows\System32\SPInf.dll - ok
07:56:36.0231 0492 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
07:56:36.0231 0492 C:\Windows\System32\gpapi.dll - ok
07:56:36.0231 0492 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
07:56:36.0231 0492 C:\Windows\System32\userenv.dll - ok
07:56:36.0231 0492 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
07:56:36.0231 0492 C:\Windows\System32\umpo.dll - ok
07:56:36.0246 0492 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
07:56:36.0246 0492 C:\Windows\System32\pcwum.dll - ok
07:56:36.0246 0492 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
07:56:36.0246 0492 C:\Windows\System32\powrprof.dll - ok
07:56:36.0246 0492 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
07:56:36.0246 0492 C:\Windows\System32\drivers\luafv.sys - ok
07:56:36.0262 0492 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] C:\Windows\System32\drivers\aswFsBlk.sys
07:56:36.0262 0492 C:\Windows\System32\drivers\aswFsBlk.sys - ok
07:56:36.0262 0492 [ AA9FDE3D630160B47DAB21BF8250111C ] C:\Windows\System32\drivers\aswMonFlt.sys
07:56:36.0262 0492 C:\Windows\System32\drivers\aswMonFlt.sys - ok
07:56:36.0278 0492 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
07:56:36.0278 0492 C:\Windows\System32\drivers\Sftvollh.sys - ok
07:56:36.0278 0492 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
07:56:36.0278 0492 C:\Windows\System32\drivers\WUDFPf.sys - ok
07:56:36.0278 0492 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
07:56:36.0278 0492 C:\Windows\System32\rpcss.dll - ok
07:56:36.0293 0492 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
07:56:36.0293 0492 C:\Windows\System32\RpcEpMap.dll - ok
07:56:36.0293 0492 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
07:56:36.0293 0492 C:\Windows\System32\WSHTCPIP.DLL - ok
07:56:36.0309 0492 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
07:56:36.0309 0492 C:\Windows\System32\wshqos.dll - ok
07:56:36.0309 0492 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
07:56:36.0309 0492 C:\Windows\System32\FirewallAPI.dll - ok
07:56:36.0309 0492 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
07:56:36.0309 0492 C:\Windows\System32\LogonUI.exe - ok
07:56:36.0324 0492 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
07:56:36.0324 0492 C:\Windows\System32\version.dll - ok
07:56:36.0324 0492 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
07:56:36.0324 0492 C:\Windows\System32\wevtsvc.dll - ok
07:56:36.0324 0492 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
07:56:36.0324 0492 C:\Windows\System32\audiosrv.dll - ok
07:56:36.0340 0492 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
07:56:36.0340 0492 C:\Windows\System32\avrt.dll - ok
07:56:36.0340 0492 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
07:56:36.0340 0492 C:\Windows\System32\mmcss.dll - ok
07:56:36.0340 0492 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
07:56:36.0340 0492 C:\Windows\System32\authui.dll - ok
07:56:36.0356 0492 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
07:56:36.0356 0492 C:\Windows\System32\cryptui.dll - ok
07:56:36.0356 0492 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
07:56:36.0356 0492 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
07:56:36.0356 0492 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
07:56:36.0356 0492 C:\Windows\System32\samlib.dll - ok
07:56:36.0371 0492 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
07:56:36.0371 0492 C:\Windows\System32\shacct.dll - ok
07:56:36.0371 0492 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
07:56:36.0371 0492 C:\Windows\System32\MMDevAPI.dll - ok
07:56:36.0387 0492 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
07:56:36.0387 0492 C:\Windows\System32\ntmarta.dll - ok
07:56:36.0387 0492 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
07:56:36.0387 0492 C:\Windows\System32\propsys.dll - ok
07:56:36.0387 0492 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
07:56:36.0387 0492 C:\Windows\System32\uxtheme.dll - ok
07:56:36.0402 0492 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
07:56:36.0402 0492 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
07:56:36.0402 0492 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
07:56:36.0402 0492 C:\Windows\System32\audiodg.exe - ok
07:56:36.0402 0492 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
07:56:36.0402 0492 C:\Windows\System32\dui70.dll - ok
07:56:36.0418 0492 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
07:56:36.0418 0492 C:\Windows\System32\duser.dll - ok
07:56:36.0418 0492 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
07:56:36.0418 0492 C:\Windows\System32\SndVolSSO.dll - ok
07:56:36.0418 0492 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
07:56:36.0418 0492 C:\Windows\System32\gpsvc.dll - ok
07:56:36.0434 0492 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
07:56:36.0434 0492 C:\Windows\System32\hid.dll - ok
07:56:36.0434 0492 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
07:56:36.0434 0492 C:\Windows\System32\winmm.dll - ok
07:56:36.0434 0492 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
07:56:36.0434 0492 C:\Windows\System32\wdmaud.drv - ok
07:56:36.0449 0492 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
07:56:36.0449 0492 C:\Windows\System32\nlaapi.dll - ok
07:56:36.0449 0492 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
07:56:36.0449 0492 C:\Windows\System32\profsvc.dll - ok
07:56:36.0449 0492 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
07:56:36.0449 0492 C:\Windows\System32\atl.dll - ok
07:56:36.0465 0492 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
07:56:36.0465 0492 C:\Windows\System32\themeservice.dll - ok
07:56:36.0465 0492 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
07:56:36.0465 0492 C:\Windows\System32\es.dll - ok
07:56:36.0480 0492 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
07:56:36.0480 0492 C:\Windows\System32\dwmapi.dll - ok
07:56:36.0480 0492 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
07:56:36.0480 0492 C:\Windows\System32\ksuser.dll - ok
07:56:36.0480 0492 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
07:56:36.0480 0492 C:\Windows\System32\xmllite.dll - ok
07:56:36.0496 0492 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
07:56:36.0496 0492 C:\Windows\System32\WindowsCodecs.dll - ok
07:56:36.0496 0492 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
07:56:36.0496 0492 C:\Windows\System32\AudioSes.dll - ok
07:56:36.0512 0492 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
07:56:36.0512 0492 C:\Windows\System32\dsrole.dll - ok
07:56:36.0512 0492 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
07:56:36.0512 0492 C:\Windows\System32\Sens.dll - ok
07:56:36.0527 0492 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
07:56:36.0527 0492 C:\Windows\System32\slc.dll - ok
07:56:36.0527 0492 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
07:56:36.0527 0492 C:\Windows\System32\uxsms.dll - ok
07:56:36.0543 0492 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
07:56:36.0543 0492 C:\Windows\System32\wtsapi32.dll - ok
07:56:36.0543 0492 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
07:56:36.0543 0492 C:\Windows\System32\WUDFPlatform.dll - ok
07:56:36.0558 0492 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
07:56:36.0558 0492 C:\Windows\System32\WUDFSvc.dll - ok
07:56:36.0558 0492 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
07:56:36.0558 0492 C:\Windows\System32\drivers\lltdio.sys - ok
07:56:36.0558 0492 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
07:56:36.0558 0492 C:\Windows\System32\drivers\nwifi.sys - ok
07:56:36.0574 0492 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
07:56:36.0574 0492 C:\Windows\System32\drivers\ndisuio.sys - ok
07:56:36.0574 0492 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
07:56:36.0574 0492 C:\Windows\System32\drivers\rspndr.sys - ok
07:56:36.0590 0492 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
07:56:36.0590 0492 C:\Windows\System32\IPHLPAPI.DLL - ok
07:56:36.0590 0492 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
07:56:36.0590 0492 C:\Windows\System32\lmhsvc.dll - ok
07:56:36.0605 0492 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
07:56:36.0605 0492 C:\Windows\System32\nsisvc.dll - ok
07:56:36.0605 0492 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
07:56:36.0605 0492 C:\Windows\System32\midimap.dll - ok
07:56:36.0621 0492 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
07:56:36.0621 0492 C:\Windows\System32\msacm32.dll - ok
07:56:36.0621 0492 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
07:56:36.0621 0492 C:\Windows\System32\msacm32.drv - ok
07:56:36.0621 0492 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
07:56:36.0621 0492 C:\Windows\System32\eapsvc.dll - ok
07:56:36.0636 0492 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
07:56:36.0636 0492 C:\Windows\System32\keyiso.dll - ok
07:56:36.0636 0492 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
07:56:36.0636 0492 C:\Windows\System32\VaultCredProvider.dll - ok
07:56:36.0652 0492 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
07:56:36.0652 0492 C:\Windows\System32\winbrand.dll - ok
07:56:36.0652 0492 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
07:56:36.0652 0492 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
07:56:36.0668 0492 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
07:56:36.0668 0492 C:\Windows\System32\BioCredProv.dll - ok
07:56:36.0668 0492 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
07:56:36.0668 0492 C:\Windows\System32\credui.dll - ok
07:56:36.0668 0492 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
07:56:36.0668 0492 C:\Windows\System32\winbio.dll - ok
07:56:36.0683 0492 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
07:56:36.0683 0492 C:\Windows\System32\netapi32.dll - ok
07:56:36.0683 0492 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
07:56:36.0683 0492 C:\Windows\System32\vaultcli.dll - ok
07:56:36.0683 0492 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
07:56:36.0683 0492 C:\Windows\System32\netutils.dll - ok
07:56:36.0699 0492 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
07:56:36.0699 0492 C:\Windows\System32\wkscli.dll - ok
07:56:36.0699 0492 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
07:56:36.0699 0492 C:\Windows\System32\samcli.dll - ok
07:56:36.0699 0492 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
07:56:36.0699 0492 C:\Windows\System32\certCredProvider.dll - ok
07:56:36.0714 0492 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
07:56:36.0714 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
07:56:36.0714 0492 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
07:56:36.0714 0492 C:\Windows\System32\rasplap.dll - ok
07:56:36.0714 0492 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
07:56:36.0714 0492 C:\Windows\System32\rasapi32.dll - ok
07:56:36.0730 0492 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
07:56:36.0730 0492 C:\Windows\System32\rasman.dll - ok
07:56:36.0730 0492 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
07:56:36.0730 0492 C:\Windows\System32\rtutils.dll - ok
07:56:36.0746 0492 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
07:56:36.0746 0492 C:\Windows\System32\eapphost.dll - ok
07:56:36.0746 0492 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
07:56:36.0746 0492 C:\Windows\System32\netprofm.dll - ok
07:56:36.0746 0492 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
07:56:36.0746 0492 C:\Windows\System32\dhcpcore.dll - ok
07:56:36.0761 0492 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
07:56:36.0761 0492 C:\Windows\System32\nrpsrv.dll - ok
07:56:36.0761 0492 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
07:56:36.0761 0492 C:\Windows\System32\winnsi.dll - ok
07:56:36.0761 0492 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
07:56:36.0761 0492 C:\Windows\System32\dhcpcore6.dll - ok
07:56:36.0777 0492 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
07:56:36.0777 0492 C:\Windows\System32\AudioEng.dll - ok
07:56:36.0777 0492 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
07:56:36.0777 0492 C:\Windows\System32\AUDIOKSE.dll - ok
07:56:36.0777 0492 [ 3F6E2DFE01183B44DD298801CAB4FCF2 ] C:\Windows\System32\RtkAPO64.dll
07:56:36.0777 0492 C:\Windows\System32\RtkAPO64.dll - ok
07:56:36.0792 0492 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
07:56:36.0792 0492 C:\Windows\System32\adtschema.dll - ok
07:56:36.0792 0492 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
07:56:36.0792 0492 C:\Windows\System32\comres.dll - ok
07:56:36.0792 0492 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
07:56:36.0792 0492 C:\Windows\System32\dnsrslvr.dll - ok
07:56:36.0792 0492 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
07:56:36.0792 0492 C:\Windows\System32\FWPUCLNT.DLL - ok
07:56:36.0808 0492 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
07:56:36.0808 0492 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
07:56:36.0808 0492 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
07:56:36.0808 0492 C:\Windows\System32\dnsext.dll - ok
07:56:36.0824 0492 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
07:56:36.0824 0492 C:\Windows\System32\dhcpcsvc.dll - ok
07:56:36.0824 0492 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
07:56:36.0824 0492 C:\Windows\System32\dhcpcsvc6.dll - ok
07:56:36.0824 0492 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
07:56:36.0824 0492 C:\Windows\System32\UXInit.dll - ok
07:56:36.0839 0492 [ 973ADB6AD47AC047F900C0D760AB6BE2 ] C:\Windows\System32\AERTAR64.dll
07:56:36.0839 0492 C:\Windows\System32\AERTAR64.dll - ok
07:56:36.0839 0492 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
07:56:36.0839 0492 C:\Windows\System32\oleacc.dll - ok
07:56:36.0839 0492 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
07:56:36.0839 0492 C:\Windows\System32\WMALFXGFXDSP.dll - ok
07:56:36.0855 0492 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
07:56:36.0855 0492 C:\Windows\System32\UIAutomationCore.dll - ok
07:56:36.0855 0492 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
07:56:36.0855 0492 C:\Windows\System32\mfplat.dll - ok
07:56:36.0855 0492 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
07:56:36.0855 0492 C:\Windows\System32\umb.dll - ok
07:56:36.0870 0492 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
07:56:36.0870 0492 C:\Windows\System32\wlansvc.dll - ok
07:56:36.0870 0492 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
07:56:36.0870 0492 C:\Windows\System32\imageres.dll - ok
07:56:36.0886 0492 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
07:56:36.0886 0492 C:\Windows\System32\wlanmsm.dll - ok
07:56:36.0886 0492 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
07:56:36.0886 0492 C:\Windows\System32\wlansec.dll - ok
07:56:36.0886 0492 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
07:56:36.0886 0492 C:\Windows\System32\onex.dll - ok
07:56:36.0902 0492 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
07:56:36.0902 0492 C:\Windows\System32\eappcfg.dll - ok
07:56:36.0902 0492 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
07:56:36.0902 0492 C:\Windows\System32\eappprxy.dll - ok
07:56:36.0902 0492 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
07:56:36.0902 0492 C:\Windows\System32\l2gpstore.dll - ok
07:56:36.0917 0492 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
07:56:36.0917 0492 C:\Windows\System32\WinSCard.dll - ok
07:56:36.0917 0492 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
07:56:36.0917 0492 C:\Windows\System32\wlanutil.dll - ok
07:56:36.0933 0492 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
07:56:36.0933 0492 C:\Windows\System32\wlgpclnt.dll - ok
07:56:36.0933 0492 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
07:56:36.0933 0492 C:\Windows\System32\msxml6.dll - ok
07:56:36.0933 0492 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
07:56:36.0933 0492 C:\Windows\System32\wlanext.exe - ok
07:56:36.0948 0492 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
07:56:36.0948 0492 C:\Windows\System32\conhost.exe - ok
07:56:36.0948 0492 [ 04AC21E821F259845BD7367CEE057290 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:56:36.0948 0492 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
07:56:36.0948 0492 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
07:56:36.0948 0492 C:\Windows\SysWOW64\ntdll.dll - ok
07:56:36.0964 0492 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
07:56:36.0964 0492 C:\Windows\System32\wow64.dll - ok
07:56:36.0964 0492 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
07:56:36.0964 0492 C:\Windows\System32\wow64win.dll - ok
07:56:36.0964 0492 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
07:56:36.0964 0492 C:\Windows\System32\wow64cpu.dll - ok
07:56:36.0980 0492 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
07:56:36.0980 0492 C:\Windows\SysWOW64\kernel32.dll - ok
07:56:36.0980 0492 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
07:56:36.0980 0492 C:\Windows\SysWOW64\KernelBase.dll - ok
07:56:36.0995 0492 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
07:56:36.0995 0492 C:\Windows\SysWOW64\ws2_32.dll - ok
07:56:36.0995 0492 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
07:56:36.0995 0492 C:\Windows\SysWOW64\msvcrt.dll - ok
07:56:37.0011 0492 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
07:56:37.0011 0492 C:\Windows\SysWOW64\rpcrt4.dll - ok
07:56:37.0011 0492 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
07:56:37.0011 0492 C:\Windows\SysWOW64\cryptbase.dll - ok
07:56:37.0011 0492 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
07:56:37.0011 0492 C:\Windows\SysWOW64\nsi.dll - ok
07:56:37.0026 0492 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
07:56:37.0026 0492 C:\Windows\SysWOW64\sechost.dll - ok
07:56:37.0026 0492 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
07:56:37.0026 0492 C:\Windows\SysWOW64\sspicli.dll - ok
07:56:37.0026 0492 [ 46856447F0EBF2F7B2473660B056B419 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
07:56:37.0026 0492 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
07:56:37.0042 0492 [ 061E11A56CDCAB73188E216280C05D66 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
07:56:37.0042 0492 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
07:56:37.0042 0492 [ 3C1EE2FFFCBEF877934EFDF3A5C3BCB1 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
07:56:37.0042 0492 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
07:56:37.0042 0492 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
07:56:37.0042 0492 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
07:56:37.0058 0492 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
07:56:37.0058 0492 C:\Windows\SysWOW64\user32.dll - ok
07:56:37.0073 0492 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
07:56:37.0073 0492 C:\Windows\SysWOW64\gdi32.dll - ok
07:56:37.0073 0492 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
07:56:37.0073 0492 C:\Windows\SysWOW64\lpk.dll - ok
07:56:37.0073 0492 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
07:56:37.0073 0492 C:\Windows\SysWOW64\usp10.dll - ok
07:56:37.0073 0492 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
07:56:37.0073 0492 C:\Windows\SysWOW64\advapi32.dll - ok
07:56:37.0089 0492 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
07:56:37.0089 0492 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
07:56:37.0089 0492 [ 1D716EB7BCC07F5B1EF442B13A5FDDFE ] C:\Program Files\AVAST Software\Avast\ashBase.dll
07:56:37.0089 0492 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
07:56:37.0104 0492 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
07:56:37.0104 0492 C:\Windows\SysWOW64\wsock32.dll - ok
07:56:37.0104 0492 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
07:56:37.0104 0492 C:\Windows\System32\MPSSVC.dll - ok
07:56:37.0104 0492 [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
07:56:37.0104 0492 C:\Windows\System32\rastls.dll - ok
07:56:37.0120 0492 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
07:56:37.0120 0492 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
07:56:37.0120 0492 [ 42A6DC8B861EF5BD6AF8DC2CBD7DF321 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
07:56:37.0120 0492 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
07:56:37.0120 0492 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
07:56:37.0120 0492 C:\Windows\SysWOW64\version.dll - ok
07:56:37.0136 0492 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
07:56:37.0136 0492 C:\Windows\SysWOW64\imm32.dll - ok
07:56:37.0136 0492 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
07:56:37.0136 0492 C:\Windows\SysWOW64\psapi.dll - ok
07:56:37.0136 0492 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
07:56:37.0136 0492 C:\Windows\System32\drivers\fltMgr.sys - ok
07:56:37.0151 0492 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
07:56:37.0151 0492 C:\Windows\SysWOW64\msctf.dll - ok
07:56:37.0151 0492 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
07:56:37.0151 0492 C:\Windows\System32\PSHED.DLL - ok
07:56:37.0151 0492 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
07:56:37.0151 0492 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
07:56:37.0167 0492 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
07:56:37.0167 0492 C:\Windows\SysWOW64\dbghelp.dll - ok
07:56:37.0167 0492 [ 4CC47E4FEA86625FD5419D864E6A16D1 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
07:56:37.0167 0492 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
07:56:37.0167 0492 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
07:56:37.0167 0492 C:\Windows\SysWOW64\netapi32.dll - ok
07:56:37.0182 0492 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
07:56:37.0182 0492 C:\Windows\SysWOW64\netutils.dll - ok
07:56:37.0182 0492 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
07:56:37.0182 0492 C:\Windows\SysWOW64\cscapi.dll - ok
07:56:37.0182 0492 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
07:56:37.0182 0492 C:\Windows\SysWOW64\srvcli.dll - ok
07:56:37.0198 0492 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
07:56:37.0198 0492 C:\Windows\SysWOW64\wkscli.dll - ok
07:56:37.0198 0492 [ 7E118D66ECACCF3299F732ED0F3CE467 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
07:56:37.0198 0492 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
07:56:37.0198 0492 [ 3C1513365EFF8D185C5BB2BDEBBE5D3A ] C:\Program Files\AVAST Software\Avast\aswAux.dll
07:56:37.0198 0492 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
07:56:37.0214 0492 [ DEA2847BFCD2BCCE777C27DB47A69EB8 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
07:56:37.0214 0492 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
07:56:37.0214 0492 [ DD4C61CB3CDBC8B0A7D2107C6944DC71 ] C:\Program Files\AVAST Software\Avast\afwServ.exe
07:56:37.0214 0492 C:\Program Files\AVAST Software\Avast\afwServ.exe - ok
07:56:37.0229 0492 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
07:56:37.0229 0492 C:\Windows\System32\raschap.dll - ok
07:56:37.0229 0492 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
07:56:37.0229 0492 C:\Windows\System32\netcfgx.dll - ok
07:56:37.0229 0492 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
07:56:37.0229 0492 C:\Windows\System32\drivers\vwifimp.sys - ok
07:56:37.0245 0492 [ 2566C94919F8F46215E38F3357011EBF ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
07:56:37.0245 0492 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
07:56:37.0245 0492 [ 3079F9345ED39D0E9DA1D5E8CC407235 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
07:56:37.0245 0492 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
07:56:37.0245 0492 [ 1D445E0FD43BE0F81C07DFFBF6AB92EC ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
07:56:37.0245 0492 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
07:56:37.0260 0492 [ 8FBF543044BF243F55D7C6D5529860D8 ] C:\Program Files\AVAST Software\Avast\afwCore.dll
07:56:37.0260 0492 C:\Program Files\AVAST Software\Avast\afwCore.dll - ok
07:56:37.0260 0492 [ 662E62F776A508CA4C997F7DA8007769 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
07:56:37.0260 0492 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
07:56:37.0260 0492 [ 3A2CF698443EAD2C14CF528B4F2A51A0 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
07:56:37.0260 0492 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
07:56:37.0276 0492 [ C5DBD35CF4EB0CB8E72A7B6DA2EDEA51 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
07:56:37.0276 0492 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
07:56:37.0276 0492 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
07:56:37.0276 0492 C:\Windows\SysWOW64\ole32.dll - ok
07:56:37.0292 0492 [ 315CDF1CA934523B478AD8B08C690706 ] C:\Program Files\AVAST Software\Avast\afwCoreServ.dll
07:56:37.0292 0492 C:\Program Files\AVAST Software\Avast\afwCoreServ.dll - ok
07:56:37.0292 0492 [ 0F84219E9FC89D4FEC963F78E4983E0B ] C:\Program Files\AVAST Software\Avast\aswDld.dll
07:56:37.0292 0492 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
07:56:37.0292 0492 [ 35BD2AABE21E86D760D4FB93225D8BB4 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
07:56:37.0292 0492 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
07:56:37.0307 0492 [ 65F03310F9C43A240D38944267BB627F ] C:\Program Files\AVAST Software\Avast\afwCoreClient.dll
07:56:37.0307 0492 C:\Program Files\AVAST Software\Avast\afwCoreClient.dll - ok
07:56:37.0307 0492 [ 8059EFB9E7505F3B7DF552979BA0670D ] C:\Program Files\AVAST Software\Avast\afwRpc.dll
07:56:37.0307 0492 C:\Program Files\AVAST Software\Avast\afwRpc.dll - ok
07:56:37.0307 0492 [ 3B3AD17FAAA838CC0368F0947B5D43DB ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
07:56:37.0307 0492 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
07:56:37.0323 0492 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
07:56:37.0323 0492 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
07:56:37.0323 0492 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
07:56:37.0323 0492 C:\Windows\SysWOW64\winnsi.dll - ok
07:56:37.0323 0492 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
07:56:37.0323 0492 C:\Windows\SysWOW64\rasapi32.dll - ok
07:56:37.0338 0492 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
07:56:37.0338 0492 C:\Windows\SysWOW64\shlwapi.dll - ok
07:56:37.0338 0492 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
07:56:37.0338 0492 C:\Windows\SysWOW64\wtsapi32.dll - ok
07:56:37.0338 0492 [ 02C6C335DB9CA2D169BFA991CBF696F3 ] C:\Program Files\AVAST Software\Avast\afwGeoIP.dll
07:56:37.0338 0492 C:\Program Files\AVAST Software\Avast\afwGeoIP.dll - ok
07:56:37.0354 0492 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
07:56:37.0354 0492 C:\Windows\SysWOW64\cfgmgr32.dll - ok
07:56:37.0354 0492 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
07:56:37.0354 0492 C:\Windows\SysWOW64\rasman.dll - ok
07:56:37.0354 0492 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
07:56:37.0354 0492 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
07:56:37.0370 0492 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
07:56:37.0370 0492 C:\Windows\SysWOW64\wscisvif.dll - ok
07:56:37.0370 0492 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
07:56:37.0370 0492 C:\Windows\SysWOW64\oleaut32.dll - ok
07:56:37.0370 0492 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
07:56:37.0370 0492 C:\Windows\SysWOW64\wscapi.dll - ok
07:56:37.0385 0492 [ 1869C1A8ABB6D3E0B7FA81EE4346DC14 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswEngin.dll
07:56:37.0385 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswEngin.dll - ok
07:56:37.0385 0492 [ 2935740E9E6B71C6D28CDA78E2ECDABD ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnIS.dll
07:56:37.0385 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnIS.dll - ok
07:56:37.0385 0492 [ 9AB833956EB46BA28FAE9611569AB921 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnOS.dll
07:56:37.0385 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnOS.dll - ok
07:56:37.0401 0492 [ AA11564CF8C3A8C70D707135264703A8 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnBS.dll
07:56:37.0401 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswCmnBS.dll - ok
07:56:37.0401 0492 [ 9AE6FE1CBC6D3654D1BE931B331176EC ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswRep.dll
07:56:37.0401 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswRep.dll - ok
07:56:37.0416 0492 [ 45551558282528DD5AD76606D51E6F09 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswScan.dll
07:56:37.0416 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswScan.dll - ok
07:56:37.0416 0492 [ 6F870133450801AAAF72AAB95AB58F95 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswFiDb.dll
07:56:37.0416 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswFiDb.dll - ok
07:56:37.0416 0492 [ 4C0AA446737F94B1E183EAB592D00CE6 ] C:\Program Files\AVAST Software\Avast\defs\12101300\algo.dll
07:56:37.0416 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\algo.dll - ok
07:56:37.0432 0492 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
07:56:37.0432 0492 C:\Windows\SysWOW64\secur32.dll - ok
07:56:37.0432 0492 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
07:56:37.0432 0492 C:\Windows\System32\shsvcs.dll - ok
07:56:37.0432 0492 [ CEBE7C43277E5CC8120A0E99C27CFEC6 ] C:\Program Files\AVAST Software\Avast\defs\12101300\fwAux.dll
07:56:37.0432 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\fwAux.dll - ok
07:56:37.0448 0492 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
07:56:37.0448 0492 C:\Windows\System32\schedsvc.dll - ok
07:56:37.0448 0492 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
07:56:37.0448 0492 C:\Windows\System32\ktmw32.dll - ok
07:56:37.0463 0492 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
07:56:37.0463 0492 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
07:56:37.0463 0492 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
07:56:37.0463 0492 C:\Windows\System32\fveapi.dll - ok
07:56:37.0463 0492 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
07:56:37.0463 0492 C:\Windows\System32\fvecerts.dll - ok
07:56:37.0479 0492 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
07:56:37.0479 0492 C:\Windows\System32\tbs.dll - ok
07:56:37.0479 0492 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
07:56:37.0479 0492 C:\Windows\System32\taskcomp.dll - ok
07:56:37.0494 0492 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
07:56:37.0494 0492 C:\Windows\System32\drivers\http.sys - ok
07:56:37.0494 0492 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
07:56:37.0494 0492 C:\Windows\System32\wiarpc.dll - ok
07:56:37.0494 0492 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
07:56:37.0494 0492 C:\Windows\System32\spoolsv.exe - ok
07:56:37.0510 0492 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
07:56:37.0510 0492 C:\Windows\System32\BFE.DLL - ok
07:56:37.0510 0492 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
07:56:37.0510 0492 C:\Windows\System32\drivers\bowser.sys - ok
07:56:37.0526 0492 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
07:56:37.0526 0492 C:\Windows\System32\drivers\mpsdrv.sys - ok
07:56:37.0526 0492 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
07:56:37.0526 0492 C:\Windows\System32\drivers\mrxsmb.sys - ok
07:56:37.0526 0492 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
07:56:37.0526 0492 C:\Windows\System32\drivers\mrxsmb10.sys - ok
07:56:37.0541 0492 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
07:56:37.0541 0492 C:\Windows\System32\drivers\mrxsmb20.sys - ok
07:56:37.0541 0492 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
07:56:37.0541 0492 C:\Windows\System32\wkssvc.dll - ok
07:56:37.0557 0492 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
07:56:37.0557 0492 C:\Windows\System32\wfapigp.dll - ok
07:56:37.0557 0492 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:56:37.0557 0492 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
07:56:37.0557 0492 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
07:56:37.0557 0492 C:\Windows\SysWOW64\shell32.dll - ok
07:56:37.0572 0492 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
07:56:37.0572 0492 C:\Windows\System32\mscms.dll - ok
07:56:37.0572 0492 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
07:56:37.0572 0492 C:\Windows\System32\pcasvc.dll - ok
07:56:37.0572 0492 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
07:56:37.0572 0492 C:\Windows\System32\snmptrap.exe - ok
07:56:37.0588 0492 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
07:56:37.0588 0492 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
07:56:37.0588 0492 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
07:56:37.0588 0492 C:\Windows\System32\sstpsvc.dll - ok
07:56:37.0588 0492 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
07:56:37.0588 0492 C:\Windows\System32\provsvc.dll - ok
07:56:37.0604 0492 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
07:56:37.0604 0492 C:\Windows\SysWOW64\fltLib.dll - ok
07:56:37.0604 0492 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
07:56:37.0604 0492 C:\Windows\SysWOW64\winsta.dll - ok
07:56:37.0604 0492 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
07:56:37.0604 0492 C:\Windows\SysWOW64\crypt32.dll - ok
07:56:37.0619 0492 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
07:56:37.0619 0492 C:\Windows\SysWOW64\msasn1.dll - ok
07:56:37.0619 0492 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
07:56:37.0619 0492 C:\Windows\SysWOW64\wintrust.dll - ok
07:56:37.0619 0492 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
07:56:37.0619 0492 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
07:56:37.0635 0492 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
07:56:37.0635 0492 C:\Windows\System32\cryptsvc.dll - ok
07:56:37.0635 0492 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
07:56:37.0635 0492 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
07:56:37.0650 0492 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
07:56:37.0650 0492 C:\Windows\System32\cryptnet.dll - ok
07:56:37.0650 0492 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
07:56:37.0650 0492 C:\Windows\System32\dps.dll - ok
07:56:37.0666 0492 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
07:56:37.0666 0492 C:\Windows\System32\vssapi.dll - ok
07:56:37.0666 0492 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
07:56:37.0666 0492 C:\Windows\System32\winhttp.dll - ok
07:56:37.0682 0492 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
07:56:37.0682 0492 C:\Windows\System32\taskschd.dll - ok
07:56:37.0682 0492 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
07:56:37.0682 0492 C:\Windows\System32\webio.dll - ok
07:56:37.0682 0492 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
07:56:37.0682 0492 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
07:56:37.0697 0492 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
07:56:37.0697 0492 C:\Windows\System32\vsstrace.dll - ok
07:56:37.0697 0492 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
07:56:37.0697 0492 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
07:56:37.0713 0492 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
07:56:37.0713 0492 C:\Windows\System32\msimg32.dll - ok
07:56:37.0713 0492 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
07:56:37.0713 0492 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
07:56:37.0728 0492 [ B19FF523B533A3F198B9239E1749C940 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
07:56:37.0728 0492 C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe - ok
07:56:37.0728 0492 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
07:56:37.0728 0492 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
07:56:37.0744 0492 [ 2BEC76BDCD1BC080210325E7B5094834 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
07:56:37.0744 0492 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
07:56:37.0744 0492 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll
07:56:37.0744 0492 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcr100.dll - ok
07:56:37.0760 0492 [ E4693409D06785477A49FB34AFAE1B92 ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
07:56:37.0760 0492 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - ok
07:56:37.0760 0492 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
07:56:37.0760 0492 C:\Windows\SysWOW64\setupapi.dll - ok
07:56:37.0775 0492 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
07:56:37.0775 0492 C:\Windows\SysWOW64\comdlg32.dll - ok
07:56:37.0775 0492 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
07:56:37.0775 0492 C:\Windows\SysWOW64\devobj.dll - ok
07:56:37.0775 0492 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
07:56:37.0775 0492 C:\Windows\SysWOW64\msimg32.dll - ok
07:56:37.0791 0492 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
07:56:37.0791 0492 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
07:56:37.0791 0492 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
07:56:37.0791 0492 C:\Windows\SysWOW64\winspool.drv - ok
07:56:37.0806 0492 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
07:56:37.0806 0492 C:\Windows\SysWOW64\oleacc.dll - ok
07:56:37.0806 0492 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
07:56:37.0806 0492 C:\Windows\SysWOW64\oledlg.dll - ok
07:56:37.0822 0492 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
07:56:37.0822 0492 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
07:56:37.0822 0492 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
07:56:37.0822 0492 C:\Windows\SysWOW64\winmm.dll - ok
07:56:37.0838 0492 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
07:56:37.0838 0492 C:\Windows\SysWOW64\uxtheme.dll - ok
07:56:37.0838 0492 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
07:56:37.0838 0492 C:\Windows\SysWOW64\dwmapi.dll - ok
07:56:37.0853 0492 [ 6601AF3F800D8AB08387618AAFA869DB ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
07:56:37.0853 0492 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll - ok
07:56:37.0853 0492 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
07:56:37.0853 0492 C:\Windows\System32\IKEEXT.DLL - ok
07:56:37.0853 0492 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
07:56:37.0853 0492 C:\Windows\System32\nlasvc.dll - ok
07:56:37.0869 0492 [ 5DA063C13D2E0850140F10AF4720CE78 ] C:\Windows\SysWOW64\NLSSRV32.EXE
07:56:37.0869 0492 C:\Windows\SysWOW64\NLSSRV32.EXE - ok
07:56:37.0869 0492 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
07:56:37.0869 0492 C:\Windows\System32\ncsi.dll - ok
07:56:37.0884 0492 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
07:56:37.0884 0492 C:\Windows\System32\aepic.dll - ok
07:56:37.0884 0492 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
07:56:37.0884 0492 C:\Windows\System32\ssdpapi.dll - ok
07:56:37.0900 0492 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
07:56:37.0900 0492 C:\Windows\SysWOW64\ntmarta.dll - ok
07:56:37.0900 0492 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
07:56:37.0900 0492 C:\Windows\System32\drivers\PEAuth.sys - ok
07:56:37.0900 0492 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
07:56:37.0900 0492 C:\Windows\System32\sfc.dll - ok
07:56:37.0916 0492 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
07:56:37.0916 0492 C:\Windows\System32\sfc_os.dll - ok
07:56:37.0916 0492 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
07:56:37.0916 0492 C:\Windows\SysWOW64\Wldap32.dll - ok
07:56:37.0931 0492 [ 085D18C71AB2611A3D61528132B6501E ] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
07:56:37.0931 0492 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe - ok
07:56:37.0931 0492 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
07:56:37.0931 0492 C:\Windows\SysWOW64\wininet.dll - ok
07:56:37.0947 0492 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
07:56:37.0947 0492 C:\Windows\SysWOW64\iertutil.dll - ok
07:56:37.0947 0492 [ 545DE96D552AEDCDE95D1C86BDC9B95B ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
07:56:37.0947 0492 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
07:56:37.0962 0492 [ 9B1B3C9FC4011CB5A6C6423ABEEB3793 ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
07:56:37.0962 0492 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
07:56:37.0962 0492 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
07:56:37.0962 0492 C:\Windows\System32\vpnikeapi.dll - ok
07:56:37.0962 0492 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
07:56:37.0962 0492 C:\Windows\System32\aeevts.dll - ok
07:56:37.0978 0492 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
07:56:37.0978 0492 C:\Windows\System32\dllhost.exe - ok
07:56:37.0978 0492 [ D7BF4E050440CF0B7B2A2596F0F370F3 ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
07:56:37.0978 0492 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
07:56:37.0994 0492 [ 37DAD7CA011038616E067C8F62029FD0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
07:56:37.0994 0492 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
07:56:37.0994 0492 [ 8122EE05F327EF470670E2CDDFFEB929 ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
07:56:37.0994 0492 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
07:56:38.0009 0492 [ EFFA04908678EF527EA32B2E2EE6EC93 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
07:56:38.0009 0492 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
07:56:38.0009 0492 [ A5905C582C88AE8D56834CE4A3627FD1 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
07:56:38.0009 0492 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
07:56:38.0025 0492 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
07:56:38.0025 0492 C:\Windows\System32\IDStore.dll - ok
07:56:38.0025 0492 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
07:56:38.0025 0492 C:\Windows\System32\taskhost.exe - ok
07:56:38.0025 0492 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
07:56:38.0025 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
07:56:38.0040 0492 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
07:56:38.0040 0492 C:\Windows\System32\AtBroker.exe - ok
07:56:38.0040 0492 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
07:56:38.0040 0492 C:\Windows\System32\mpr.dll - ok
07:56:38.0056 0492 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
07:56:38.0056 0492 C:\Windows\System32\PlaySndSrv.dll - ok
07:56:38.0056 0492 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
07:56:38.0056 0492 C:\Windows\System32\userinit.exe - ok
07:56:38.0056 0492 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
07:56:38.0056 0492 C:\Windows\System32\rasadhlp.dll - ok
07:56:38.0072 0492 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
07:56:38.0072 0492 C:\Windows\System32\dwm.exe - ok
07:56:38.0072 0492 [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll
07:56:38.0072 0492 C:\Windows\System32\localspl.dll - ok
07:56:38.0087 0492 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
07:56:38.0087 0492 C:\Windows\System32\dwmredir.dll - ok
07:56:38.0087 0492 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
07:56:38.0087 0492 C:\Windows\System32\spoolss.dll - ok
07:56:38.0103 0492 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
07:56:38.0103 0492 C:\Windows\System32\winspool.drv - ok
07:56:38.0103 0492 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
07:56:38.0103 0492 C:\Windows\System32\HotStartUserAgent.dll - ok
07:56:38.0103 0492 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
07:56:38.0103 0492 C:\Windows\System32\dwmcore.dll - ok
07:56:38.0118 0492 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
07:56:38.0118 0492 C:\Windows\System32\MsCtfMonitor.dll - ok
07:56:38.0118 0492 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
07:56:38.0118 0492 C:\Windows\System32\msutb.dll - ok
07:56:38.0134 0492 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
07:56:38.0134 0492 C:\Windows\System32\PrintIsolationProxy.dll - ok
07:56:38.0134 0492 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
07:56:38.0134 0492 C:\Windows\System32\FXSMON.dll - ok
07:56:38.0150 0492 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
07:56:38.0150 0492 C:\Windows\System32\tcpmon.dll - ok
07:56:38.0150 0492 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
07:56:38.0150 0492 C:\Windows\System32\snmpapi.dll - ok
07:56:38.0165 0492 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
07:56:38.0165 0492 C:\Windows\System32\wsnmp32.dll - ok
07:56:38.0165 0492 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
07:56:38.0165 0492 C:\Windows\System32\d3d10_1.dll - ok
07:56:38.0181 0492 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
07:56:38.0181 0492 C:\Windows\System32\d3d10_1core.dll - ok
07:56:38.0181 0492 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
07:56:38.0181 0492 C:\Windows\System32\usbmon.dll - ok
07:56:38.0181 0492 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
07:56:38.0181 0492 C:\Windows\System32\WSDMon.dll - ok
07:56:38.0196 0492 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
07:56:38.0196 0492 C:\Windows\System32\dxgi.dll - ok
07:56:38.0196 0492 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
07:56:38.0196 0492 C:\Windows\System32\WSDApi.dll - ok
07:56:38.0212 0492 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
07:56:38.0212 0492 C:\Windows\explorer.exe - ok
07:56:38.0212 0492 [ 1261A900CF73B8E3DC05EF8220282D8E ] C:\Windows\System32\igd10umd64.dll
07:56:38.0212 0492 C:\Windows\System32\igd10umd64.dll - ok
07:56:38.0228 0492 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
07:56:38.0228 0492 C:\Windows\System32\webservices.dll - ok
07:56:38.0228 0492 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
07:56:38.0228 0492 C:\Windows\System32\fdPnp.dll - ok
07:56:38.0228 0492 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
07:56:38.0228 0492 C:\Windows\System32\fundisc.dll - ok
07:56:38.0243 0492 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
07:56:38.0243 0492 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
07:56:38.0243 0492 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
07:56:38.0243 0492 C:\Windows\System32\win32spl.dll - ok
07:56:38.0259 0492 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
07:56:38.0259 0492 C:\Windows\System32\inetpp.dll - ok
07:56:38.0259 0492 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
07:56:38.0259 0492 C:\Windows\System32\ExplorerFrame.dll - ok
07:56:38.0274 0492 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
07:56:38.0274 0492 C:\Windows\System32\cscapi.dll - ok
07:56:38.0274 0492 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
07:56:38.0274 0492 C:\Windows\System32\uDWM.dll - ok
07:56:38.0290 0492 [ 9699DB0085C06D5E1D03089D88CA13B9 ] C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL
07:56:38.0290 0492 C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL - ok
07:56:38.0290 0492 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
07:56:38.0290 0492 C:\Windows\System32\mgmtapi.dll - ok
07:56:38.0290 0492 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
07:56:38.0290 0492 C:\Windows\System32\tcpmib.dll - ok
07:56:38.0306 0492 [ 211A1CFF92CF7F70EB61606ABB729615 ] C:\Windows\System32\spool\drivers\x64\3\PSCRIPT5.DLL
07:56:38.0306 0492 C:\Windows\System32\spool\drivers\x64\3\PSCRIPT5.DLL - ok
07:56:38.0306 0492 [ FEE2E196952B539E956504B86DEDAA6B ] C:\Windows\System32\spool\drivers\x64\3\x2upDG.dll
07:56:38.0306 0492 C:\Windows\System32\spool\drivers\x64\3\x2upDG.dll - ok
07:56:38.0321 0492 [ 2D4890819D405D05240ADF3C4A299D87 ] C:\Windows\System32\spool\drivers\x64\3\x2utilDG.dll
07:56:38.0321 0492 C:\Windows\System32\spool\drivers\x64\3\x2utilDG.dll - ok
07:56:38.0321 0492 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
07:56:38.0321 0492 C:\Windows\System32\cabinet.dll - ok
07:56:38.0337 0492 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
07:56:38.0337 0492 C:\Windows\System32\SensApi.dll - ok
07:56:38.0337 0492 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
07:56:38.0337 0492 C:\Windows\System32\shfolder.dll - ok
07:56:38.0337 0492 [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
07:56:38.0337 0492 C:\Windows\System32\newdev.dll - ok
07:56:38.0352 0492 [ AF4B24A61F2858AA7BD0C6A51FAC9815 ] C:\Program Files\AVAST Software\Avast\AhResSPM.dll
07:56:38.0352 0492 C:\Program Files\AVAST Software\Avast\AhResSPM.dll - ok
07:56:38.0352 0492 [ 9207F1A1440EAF18BE0D0C1D487E4F02 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
07:56:38.0352 0492 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
07:56:38.0368 0492 [ 4509D54DF9276534AC433F80E8392206 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
07:56:38.0368 0492 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
07:56:38.0368 0492 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12101300\ArPot.dll
07:56:38.0368 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\ArPot.dll - ok
07:56:38.0384 0492 [ 285AC1245590372A88B75144A8656A5F ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
07:56:38.0384 0492 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
07:56:38.0384 0492 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12101300\exts.dll
07:56:38.0384 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\exts.dll - ok
07:56:38.0384 0492 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
07:56:38.0384 0492 C:\Windows\SysWOW64\cryptsp.dll - ok
07:56:38.0399 0492 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
07:56:38.0399 0492 C:\Windows\SysWOW64\urlmon.dll - ok
07:56:38.0399 0492 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
07:56:38.0399 0492 C:\Windows\SysWOW64\profapi.dll - ok
07:56:38.0399 0492 [ CC781378E7EDA615D2CDCA3B17829FA4 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
07:56:38.0399 0492 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
07:56:38.0415 0492 [ 2B460CA1AC9A2249C92E54E39A8ACF42 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
07:56:38.0415 0492 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
07:56:38.0415 0492 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
07:56:38.0415 0492 C:\Windows\SysWOW64\winhttp.dll - ok
07:56:38.0430 0492 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
07:56:38.0430 0492 C:\Windows\SysWOW64\webio.dll - ok
07:56:38.0430 0492 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
07:56:38.0430 0492 C:\Windows\SysWOW64\SensApi.dll - ok
07:56:38.0430 0492 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
07:56:38.0430 0492 C:\Windows\SysWOW64\clbcatq.dll - ok
07:56:38.0446 0492 [ F787D427F7EB96FBA1E495600BB8CD30 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
07:56:38.0446 0492 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
07:56:38.0446 0492 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
07:56:38.0446 0492 C:\Windows\SysWOW64\mswsock.dll - ok
07:56:38.0446 0492 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
07:56:38.0446 0492 C:\Windows\SysWOW64\rsaenh.dll - ok
07:56:38.0462 0492 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
07:56:38.0462 0492 C:\Windows\SysWOW64\NapiNSP.dll - ok
07:56:38.0462 0492 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
07:56:38.0462 0492 C:\Windows\SysWOW64\nlaapi.dll - ok
07:56:38.0477 0492 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
07:56:38.0477 0492 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
07:56:38.0477 0492 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
07:56:38.0477 0492 C:\Windows\SysWOW64\dnsapi.dll - ok
07:56:38.0493 0492 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
07:56:38.0493 0492 C:\Windows\SysWOW64\pnrpnsp.dll - ok
07:56:38.0493 0492 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
07:56:38.0493 0492 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
07:56:38.0493 0492 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
07:56:38.0493 0492 C:\Windows\SysWOW64\winrnr.dll - ok
07:56:38.0508 0492 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
07:56:38.0508 0492 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
07:56:38.0508 0492 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
07:56:38.0508 0492 C:\Windows\SysWOW64\rasadhlp.dll - ok
07:56:38.0524 0492 [ 87F664BF0B8728382D03B2126127DC98 ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswAR.dll
07:56:38.0524 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswAR.dll - ok
07:56:38.0524 0492 [ 4130D86B0642EFCBB65AD6B2C9BD022E ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
07:56:38.0524 0492 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
07:56:38.0540 0492 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12101300\aswRawFS.dll
07:56:38.0540 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\aswRawFS.dll - ok
07:56:38.0540 0492 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
07:56:38.0540 0492 C:\Windows\SysWOW64\security.dll - ok
07:56:38.0555 0492 [ C58687487F15A3C14B6A18416F055A5B ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
07:56:38.0555 0492 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
07:56:38.0555 0492 [ C96F49CB5705E8F22DF2746165476ACC ] C:\Program Files\AVAST Software\Avast\aswSpam.dll
07:56:38.0555 0492 C:\Program Files\AVAST Software\Avast\aswSpam.dll - ok
07:56:38.0571 0492 [ C363295621BF0CD8C2E05D62DBBE1A8C ] C:\Program Files\AVAST Software\Avast\winspamcatcher.dll
07:56:38.0571 0492 C:\Program Files\AVAST Software\Avast\winspamcatcher.dll - ok
07:56:38.0571 0492 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
07:56:38.0571 0492 C:\Windows\System32\msi.dll - ok
07:56:38.0571 0492 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
07:56:38.0571 0492 C:\Windows\SysWOW64\wship6.dll - ok
07:56:38.0586 0492 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\chucky\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
07:56:38.0586 0492 C:\Users\chucky\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok
07:56:38.0586 0492 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
07:56:38.0586 0492 C:\Windows\System32\dbghelp.dll - ok
07:56:38.0602 0492 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
07:56:38.0602 0492 C:\Windows\SysWOW64\apphelp.dll - ok
07:56:38.0602 0492 [ B47BC7138241E1B836384D5211AE34C8 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
07:56:38.0602 0492 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
07:56:38.0618 0492 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
07:56:38.0618 0492 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
07:56:38.0618 0492 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
07:56:38.0618 0492 C:\Windows\SysWOW64\powrprof.dll - ok
07:56:38.0633 0492 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
07:56:38.0633 0492 C:\Windows\SysWOW64\msxml6.dll - ok
07:56:38.0633 0492 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
07:56:38.0633 0492 C:\Windows\SysWOW64\credssp.dll - ok
07:56:38.0633 0492 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
07:56:38.0633 0492 C:\Windows\System32\drivers\secdrv.sys - ok
07:56:38.0649 0492 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
07:56:38.0649 0492 C:\Windows\System32\drivers\Sftfslh.sys - ok
07:56:38.0649 0492 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
07:56:38.0649 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
07:56:38.0664 0492 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
07:56:38.0664 0492 C:\Windows\System32\drivers\Sftplaylh.sys - ok
07:56:38.0664 0492 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
07:56:38.0664 0492 C:\Windows\SysWOW64\userenv.dll - ok
07:56:38.0680 0492 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
07:56:38.0680 0492 C:\Windows\System32\msvcp60.dll - ok
07:56:38.0680 0492 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
07:56:38.0680 0492 C:\Windows\AppPatch\AcGenral.dll - ok
07:56:38.0696 0492 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
07:56:38.0696 0492 C:\Windows\SysWOW64\msacm32.dll - ok
07:56:38.0696 0492 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
07:56:38.0696 0492 C:\Windows\SysWOW64\samcli.dll - ok
07:56:38.0711 0492 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
07:56:38.0711 0492 C:\Windows\SysWOW64\mpr.dll - ok
07:56:38.0711 0492 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
07:56:38.0711 0492 C:\Windows\SysWOW64\sfc.dll - ok
07:56:38.0727 0492 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
07:56:38.0727 0492 C:\Windows\SysWOW64\sfc_os.dll - ok
07:56:38.0727 0492 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
07:56:38.0727 0492 C:\Windows\System32\EhStorShell.dll - ok
07:56:38.0727 0492 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
07:56:38.0727 0492 C:\Windows\System32\drivers\srvnet.sys - ok
07:56:38.0742 0492 [ 1B399CC9E24C9D65CEBA5A807C4036D7 ] C:\Program Files\AVAST Software\Avast\snxhk64.dll
07:56:38.0742 0492 C:\Program Files\AVAST Software\Avast\snxhk64.dll - ok
07:56:38.0742 0492 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
07:56:38.0742 0492 C:\Windows\System32\drivers\tcpipreg.sys - ok
07:56:38.0758 0492 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
07:56:38.0758 0492 C:\Windows\System32\wiaservc.dll - ok
07:56:38.0758 0492 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
07:56:38.0758 0492 C:\Windows\System32\wiatrace.dll - ok
07:56:38.0774 0492 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
07:56:38.0774 0492 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
07:56:38.0774 0492 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
07:56:38.0774 0492 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
07:56:38.0789 0492 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
07:56:38.0789 0492 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
07:56:38.0789 0492 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
07:56:38.0789 0492 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
07:56:38.0805 0492 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
07:56:38.0805 0492 C:\Windows\System32\IconCodecService.dll - ok
07:56:38.0805 0492 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
07:56:38.0805 0492 C:\Windows\System32\sysmain.dll - ok
07:56:38.0805 0492 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
07:56:38.0805 0492 C:\Windows\System32\trkwks.dll - ok
07:56:38.0820 0492 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
07:56:38.0820 0492 C:\Windows\System32\wbemcomn.dll - ok
07:56:38.0820 0492 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
07:56:38.0820 0492 C:\Windows\System32\wbem\WMIsvc.dll - ok
07:56:38.0836 0492 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
07:56:38.0836 0492 C:\Windows\System32\wbem\fastprox.dll - ok
07:56:38.0836 0492 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
07:56:38.0836 0492 C:\Windows\System32\wbem\WinMgmtR.dll - ok
07:56:38.0852 0492 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
07:56:38.0852 0492 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
07:56:38.0852 0492 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
07:56:38.0852 0492 C:\Windows\System32\ntdsapi.dll - ok
07:56:38.0867 0492 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
07:56:38.0867 0492 C:\Windows\System32\wbem\wbemprox.dll - ok
07:56:38.0867 0492 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:56:38.0867 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
07:56:38.0867 0492 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
07:56:38.0867 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
07:56:38.0883 0492 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
07:56:38.0883 0492 C:\Windows\System32\wer.dll - ok
07:56:38.0883 0492 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
07:56:38.0883 0492 C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe - ok
07:56:38.0898 0492 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
07:56:38.0898 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
07:56:38.0898 0492 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
07:56:38.0898 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
07:56:38.0914 0492 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
07:56:38.0914 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
07:56:38.0930 0492 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
07:56:38.0930 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
07:56:38.0930 0492 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
07:56:38.0930 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
07:56:38.0945 0492 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
07:56:38.0945 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
07:56:38.0945 0492 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
07:56:38.0945 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
07:56:38.0945 0492 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
07:56:38.0945 0492 C:\Windows\SysWOW64\logoncli.dll - ok
07:56:38.0961 0492 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
07:56:38.0961 0492 C:\Windows\SysWOW64\msi.dll - ok
07:56:38.0961 0492 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
07:56:38.0961 0492 C:\Windows\System32\wbem\wbemcore.dll - ok
07:56:38.0976 0492 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
07:56:38.0976 0492 C:\Windows\System32\iphlpsvc.dll - ok
07:56:38.0976 0492 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
07:56:38.0976 0492 C:\Windows\System32\wbem\esscli.dll - ok
07:56:38.0992 0492 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
07:56:38.0992 0492 C:\Windows\System32\sqmapi.dll - ok
07:56:38.0992 0492 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
07:56:38.0992 0492 C:\Windows\System32\wdscore.dll - ok
07:56:39.0008 0492 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
07:56:39.0008 0492 C:\Windows\System32\wbem\wbemsvc.dll - ok
07:56:39.0008 0492 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
07:56:39.0008 0492 C:\Windows\System32\wbem\repdrvfs.dll - ok
07:56:39.0023 0492 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
07:56:39.0023 0492 C:\Windows\System32\wbem\wmiutils.dll - ok
07:56:39.0023 0492 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
07:56:39.0023 0492 C:\Windows\System32\nci.dll - ok
07:56:39.0023 0492 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
07:56:39.0023 0492 C:\Windows\System32\hnetcfg.dll - ok
07:56:39.0039 0492 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
07:56:39.0039 0492 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
07:56:39.0039 0492 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
07:56:39.0039 0492 C:\Windows\System32\ncobjapi.dll - ok
07:56:39.0054 0492 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
07:56:39.0054 0492 C:\Windows\System32\wbem\wbemess.dll - ok
07:56:39.0054 0492 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
07:56:39.0054 0492 C:\Windows\System32\wbem\unsecapp.exe - ok
07:56:39.0054 0492 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
07:56:39.0054 0492 C:\Windows\System32\wbem\NCProv.dll - ok
07:56:39.0070 0492 [ 27419D555F04036279C5CBF289236A88 ] C:\Windows\System32\wbem\KrnlProv.dll
07:56:39.0070 0492 C:\Windows\System32\wbem\KrnlProv.dll - ok
07:56:39.0070 0492 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
07:56:39.0070 0492 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
07:56:39.0070 0492 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
07:56:39.0070 0492 C:\Windows\System32\drivers\srv.sys - ok
07:56:39.0086 0492 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
07:56:39.0086 0492 C:\Windows\System32\drivers\srv2.sys - ok
07:56:39.0086 0492 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
07:56:39.0086 0492 C:\Windows\System32\drivers\Sftredirlh.sys - ok
07:56:39.0101 0492 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
07:56:39.0101 0492 C:\Windows\SysWOW64\schannel.dll - ok
07:56:39.0101 0492 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
07:56:39.0101 0492 C:\Windows\System32\msxml3.dll - ok
07:56:39.0101 0492 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
07:56:39.0101 0492 C:\Windows\System32\dssenh.dll - ok
07:56:39.0117 0492 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
07:56:39.0117 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
07:56:39.0117 0492 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
07:56:39.0117 0492 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
07:56:39.0132 0492 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
07:56:39.0132 0492 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
07:56:39.0132 0492 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
07:56:39.0132 0492 C:\Windows\SysWOW64\credui.dll - ok
07:56:39.0148 0492 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
07:56:39.0148 0492 C:\Windows\SysWOW64\hlink.dll - ok
07:56:39.0148 0492 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
07:56:39.0148 0492 C:\Windows\System32\srvsvc.dll - ok
07:56:39.0148 0492 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll
07:56:39.0148 0492 C:\Windows\System32\browser.dll - ok
07:56:39.0164 0492 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
07:56:39.0164 0492 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
07:56:39.0164 0492 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
07:56:39.0164 0492 C:\Windows\System32\netmsg.dll - ok
07:56:39.0164 0492 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
07:56:39.0164 0492 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
07:56:39.0179 0492 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
07:56:39.0179 0492 C:\Windows\SysWOW64\msv1_0.dll - ok
07:56:39.0179 0492 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
07:56:39.0179 0492 C:\Windows\SysWOW64\cryptdll.dll - ok
07:56:39.0179 0492 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
07:56:39.0179 0492 C:\Windows\SysWOW64\ncrypt.dll - ok
07:56:39.0195 0492 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
07:56:39.0195 0492 C:\Windows\SysWOW64\bcrypt.dll - ok
07:56:39.0195 0492 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
07:56:39.0195 0492 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
07:56:39.0210 0492 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
07:56:39.0210 0492 C:\Windows\SysWOW64\gpapi.dll - ok
07:56:39.0210 0492 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
07:56:39.0210 0492 C:\Windows\SysWOW64\cryptnet.dll - ok
07:56:39.0226 0492 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
07:56:39.0226 0492 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
07:56:39.0226 0492 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
07:56:39.0226 0492 C:\Windows\System32\clusapi.dll - ok
07:56:39.0242 0492 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
07:56:39.0242 0492 C:\Windows\System32\ndiscapCfg.dll - ok
07:56:39.0242 0492 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
07:56:39.0242 0492 C:\Windows\System32\sscore.dll - ok
07:56:39.0242 0492 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
07:56:39.0242 0492 C:\Windows\System32\rascfg.dll - ok
07:56:39.0257 0492 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
07:56:39.0257 0492 C:\Windows\System32\mprapi.dll - ok
07:56:39.0257 0492 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
07:56:39.0257 0492 C:\Windows\System32\resutils.dll - ok
07:56:39.0273 0492 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
07:56:39.0273 0492 C:\Windows\System32\mprmsg.dll - ok
07:56:39.0273 0492 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
07:56:39.0273 0492 C:\Windows\System32\tcpipcfg.dll - ok
07:56:39.0288 0492 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
07:56:39.0288 0492 C:\Windows\System32\appinfo.dll - ok
07:56:39.0288 0492 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
07:56:39.0288 0492 C:\Windows\System32\wdi.dll - ok
07:56:39.0304 0492 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
07:56:39.0304 0492 C:\Windows\System32\wpdbusenum.dll - ok
07:56:39.0304 0492 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
07:56:39.0304 0492 C:\Windows\System32\npmproxy.dll - ok
07:56:39.0304 0492 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
07:56:39.0304 0492 C:\Windows\System32\Apphlpdm.dll - ok
07:56:39.0320 0492 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
07:56:39.0320 0492 C:\Windows\System32\diagperf.dll - ok
07:56:39.0320 0492 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
07:56:39.0320 0492 C:\Windows\System32\NapiNSP.dll - ok
07:56:39.0335 0492 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
07:56:39.0335 0492 C:\Windows\System32\PortableDeviceApi.dll - ok
07:56:39.0335 0492 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
07:56:39.0335 0492 C:\Windows\System32\perftrack.dll - ok
07:56:39.0351 0492 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
07:56:39.0351 0492 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
07:56:39.0351 0492 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
07:56:39.0351 0492 C:\Windows\System32\pnpts.dll - ok
07:56:39.0351 0492 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
07:56:39.0351 0492 C:\Windows\System32\radardt.dll - ok
07:56:39.0366 0492 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
07:56:39.0366 0492 C:\Windows\System32\wdiasqmmodule.dll - ok
07:56:39.0366 0492 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
07:56:39.0366 0492 C:\Windows\System32\runonce.exe - ok
07:56:39.0366 0492 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
07:56:39.0366 0492 C:\Windows\SysWOW64\runonce.exe - ok
07:56:39.0382 0492 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
07:56:39.0382 0492 C:\Windows\System32\pnrpnsp.dll - ok
07:56:39.0382 0492 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
07:56:39.0382 0492 C:\Windows\System32\winrnr.dll - ok
07:56:39.0382 0492 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
07:56:39.0398 0492 C:\Windows\SysWOW64\propsys.dll - ok
07:56:39.0398 0492 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
07:56:39.0398 0492 C:\Windows\System32\dimsjob.dll - ok
07:56:39.0398 0492 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
07:56:39.0398 0492 C:\Windows\System32\pautoenr.dll - ok
07:56:39.0413 0492 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
07:56:39.0413 0492 C:\Windows\System32\certcli.dll - ok
07:56:39.0413 0492 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
07:56:39.0413 0492 C:\Windows\System32\CertEnroll.dll - ok
07:56:39.0429 0492 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
07:56:39.0429 0492 C:\Windows\System32\IPSECSVC.DLL - ok
07:56:39.0429 0492 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
07:56:39.0429 0492 C:\Windows\System32\aelupsvc.dll - ok
07:56:39.0444 0492 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
07:56:39.0444 0492 C:\Windows\System32\FwRemoteSvr.dll - ok
07:56:39.0444 0492 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
07:56:39.0444 0492 C:\Windows\System32\wlaninst.dll - ok
07:56:39.0460 0492 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
07:56:39.0460 0492 C:\Windows\System32\wwaninst.dll - ok
07:56:39.0460 0492 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
07:56:39.0460 0492 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
07:56:39.0460 0492 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
07:56:39.0460 0492 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
07:56:39.0476 0492 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
07:56:39.0476 0492 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
07:56:39.0476 0492 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
07:56:39.0476 0492 C:\Windows\SysWOW64\cmd.exe - ok
07:56:39.0476 0492 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
07:56:39.0476 0492 C:\Windows\SysWOW64\winbrand.dll - ok
07:56:39.0491 0492 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
07:56:39.0491 0492 C:\Windows\System32\taskeng.exe - ok
07:56:39.0491 0492 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
07:56:39.0491 0492 C:\Windows\SysWOW64\ieframe.dll - ok
07:56:39.0507 0492 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
07:56:39.0507 0492 C:\Windows\SysWOW64\shdocvw.dll - ok
07:56:39.0507 0492 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\chucky\AppData\Local\Temp\0B58C925-1884-49C2-956A-966D6465AFC0.exe
07:56:39.0507 0492 C:\Users\chucky\AppData\Local\Temp\0B58C925-1884-49C2-956A-966D6465AFC0.exe - ok
07:56:39.0507 0492 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
07:56:39.0507 0492 C:\Windows\System32\TSChannel.dll - ok
07:56:39.0522 0492 [ B7F55E2AE978D3D34F7876EE5D689AAE ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
07:56:39.0522 0492 C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
07:56:39.0522 0492 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
07:56:39.0522 0492 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
07:56:39.0522 0492 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
07:56:39.0538 0492 C:\Windows\SysWOW64\devenum.dll - ok
07:56:39.0538 0492 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
07:56:39.0538 0492 C:\Windows\SysWOW64\avicap32.dll - ok
07:56:39.0538 0492 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
07:56:39.0538 0492 C:\Windows\SysWOW64\msdmo.dll - ok
07:56:39.0554 0492 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
07:56:39.0554 0492 C:\Windows\SysWOW64\msvfw32.dll - ok
07:56:39.0554 0492 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
07:56:39.0554 0492 C:\Windows\SysWOW64\vfwwdm32.dll - ok
07:56:39.0569 0492 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
07:56:39.0569 0492 C:\Windows\SysWOW64\rtutils.dll - ok
07:56:39.0569 0492 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
07:56:39.0569 0492 C:\Windows\SysWOW64\netprofm.dll - ok
07:56:39.0569 0492 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
07:56:39.0569 0492 C:\Windows\SysWOW64\npmproxy.dll - ok
07:56:39.0585 0492 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
07:56:39.0585 0492 C:\Windows\SysWOW64\imagehlp.dll - ok
07:56:39.0585 0492 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
07:56:39.0585 0492 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
07:56:39.0585 0492 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
07:56:39.0585 0492 C:\Windows\SysWOW64\EhStorShell.dll - ok
07:56:39.0600 0492 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
07:56:39.0600 0492 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
07:56:39.0600 0492 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
07:56:39.0600 0492 C:\Windows\SysWOW64\ntshrui.dll - ok
07:56:39.0600 0492 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
07:56:39.0600 0492 C:\Windows\SysWOW64\imageres.dll - ok
07:56:39.0616 0492 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
07:56:39.0616 0492 C:\Windows\SysWOW64\slc.dll - ok
07:56:39.0616 0492 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
07:56:39.0616 0492 C:\Windows\SysWOW64\devrtl.dll - ok
07:56:39.0616 0492 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
07:56:39.0616 0492 C:\Windows\System32\ie4uinit.exe - ok
07:56:39.0632 0492 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
07:56:39.0632 0492 C:\Windows\System32\iedkcs32.dll - ok
07:56:39.0632 0492 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
07:56:39.0632 0492 C:\Windows\System32\timedate.cpl - ok
07:56:39.0647 0492 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
07:56:39.0647 0492 C:\Windows\System32\actxprxy.dll - ok
07:56:39.0647 0492 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
07:56:39.0647 0492 C:\Windows\System32\shdocvw.dll - ok
07:56:39.0663 0492 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
07:56:39.0663 0492 C:\Windows\System32\linkinfo.dll - ok
07:56:39.0663 0492 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
07:56:39.0663 0492 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
07:56:39.0678 0492 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
07:56:39.0678 0492 C:\Windows\System32\gameux.dll - ok
07:56:39.0678 0492 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
07:56:39.0678 0492 C:\Windows\System32\msftedit.dll - ok
07:56:39.0694 0492 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
07:56:39.0694 0492 C:\Windows\System32\msls31.dll - ok
07:56:39.0694 0492 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
07:56:39.0694 0492 C:\Windows\System32\msiltcfg.dll - ok
07:56:39.0694 0492 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
07:56:39.0694 0492 C:\Windows\System32\DeviceCenter.dll - ok
07:56:39.0710 0492 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
07:56:39.0710 0492 C:\Windows\System32\ieframe.dll - ok
07:56:39.0725 0492 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\80640774.sys
07:56:39.0725 0492 C:\Windows\System32\drivers\80640774.sys - ok
07:56:39.0725 0492 [ B3BCDF8DB13D529261745FD8DDCE8A5B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
07:56:39.0725 0492 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
07:56:39.0725 0492 [ 67BB817D8D76963E9E4281E9823ADEAF ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
07:56:39.0725 0492 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
07:56:39.0741 0492 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
07:56:39.0741 0492 C:\Windows\System32\thumbcache.dll - ok
07:56:39.0741 0492 [ C50911A387912D1397E777E24EFD36EB ] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
07:56:39.0741 0492 C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe - ok
07:56:39.0756 0492 [ ABAEEE966953092F013902849495E588 ] C:\Windows\System32\igfxtray.exe
07:56:39.0756 0492 C:\Windows\System32\igfxtray.exe - ok
07:56:39.0756 0492 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
07:56:39.0756 0492 C:\Windows\System32\networkexplorer.dll - ok
07:56:39.0756 0492 [ 5B75BAA81DBF40373CFD0E3252777C9A ] C:\Windows\System32\SynTPAPI.dll
07:56:39.0756 0492 C:\Windows\System32\SynTPAPI.dll - ok
07:56:39.0772 0492 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
07:56:39.0772 0492 C:\Windows\System32\msvcp100.dll - ok
07:56:39.0772 0492 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
07:56:39.0772 0492 C:\Windows\System32\opengl32.dll - ok
07:56:39.0788 0492 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
07:56:39.0788 0492 C:\Windows\System32\msvcr100.dll - ok
07:56:39.0788 0492 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
07:56:39.0788 0492 C:\Windows\System32\glu32.dll - ok
07:56:39.0788 0492 [ 58BAB71B1BF4132C06A6E05A7A8347B4 ] C:\Windows\System32\SynCOM.dll
07:56:39.0788 0492 C:\Windows\System32\SynCOM.dll - ok
07:56:39.0803 0492 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
07:56:39.0803 0492 C:\Windows\System32\ddraw.dll - ok
07:56:39.0803 0492 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
07:56:39.0803 0492 C:\Windows\System32\dciman32.dll - ok
07:56:39.0819 0492 [ 6200A37004340CBC2BA7BD585285513D ] C:\Windows\System32\hkcmd.exe
07:56:39.0819 0492 C:\Windows\System32\hkcmd.exe - ok
07:56:39.0819 0492 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
07:56:39.0819 0492 C:\Windows\System32\dsound.dll - ok
07:56:39.0819 0492 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
07:56:39.0819 0492 C:\Windows\System32\ntshrui.dll - ok
07:56:39.0834 0492 [ 33B25AFE2D6658E7681D929BC8B23858 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
07:56:39.0834 0492 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
07:56:39.0834 0492 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
07:56:39.0834 0492 C:\Windows\System32\consent.exe - ok
07:56:39.0850 0492 [ 6055A92F0773B2E51839EBA2C09EC180 ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
07:56:39.0850 0492 C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
07:56:39.0850 0492 [ 1ABD836197E38318A744E5C40C49EC46 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
07:56:39.0850 0492 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe - ok
07:56:39.0866 0492 [ 6EC8D8BA1E37F89CB127DF8A21FE5566 ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
07:56:39.0866 0492 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe - ok
07:56:39.0866 0492 [ 8E9FEFF971F3679F7D4A122A21901A8A ] C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe
07:56:39.0866 0492 C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar3.exe - ok
07:56:39.0881 0492 [ C0798E90F54A10E37001CE26E51D3793 ] C:\Windows\System32\igfxpers.exe
07:56:39.0881 0492 C:\Windows\System32\igfxpers.exe - ok
07:56:39.0881 0492 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Users\chucky\AppData\Local\Google\Update\GoogleUpdate.exe
07:56:39.0881 0492 C:\Users\chucky\AppData\Local\Google\Update\GoogleUpdate.exe - ok
07:56:39.0897 0492 [ C4D30FAB57F1D68DE13DA93FDB5CA719 ] C:\Windows\System32\hccutils.dll
07:56:39.0897 0492 C:\Windows\System32\hccutils.dll - ok
07:56:39.0897 0492 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
07:56:39.0897 0492 C:\Windows\System32\UIAnimation.dll - ok
07:56:39.0897 0492 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
07:56:39.0897 0492 C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
07:56:39.0912 0492 [ DA6C4B5FEEEA4DC7162B5D0C055EB967 ] C:\Windows\System32\imaadp32.acm
07:56:39.0912 0492 C:\Windows\System32\imaadp32.acm - ok
07:56:39.0912 0492 [ 1C81E1BEA4847F406BBDB74D19721CE6 ] C:\Windows\System32\msg711.acm
07:56:39.0912 0492 C:\Windows\System32\msg711.acm - ok
07:56:39.0928 0492 [ E5B9A2FA94D21C44DA2B898DC326B0C2 ] C:\Windows\System32\msgsm32.acm
07:56:39.0928 0492 C:\Windows\System32\msgsm32.acm - ok
07:56:39.0928 0492 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
07:56:39.0928 0492 C:\Windows\SysWOW64\riched20.dll - ok
07:56:39.0944 0492 [ 47CBC23DBA11B96DEB11288549FBA66F ] C:\Windows\System32\igfxsrvc.exe
07:56:39.0944 0492 C:\Windows\System32\igfxsrvc.exe - ok
07:56:39.0944 0492 [ 329FEB3452982A377726DEDAFE9BBDF0 ] C:\Windows\System32\msadp32.acm
07:56:39.0944 0492 C:\Windows\System32\msadp32.acm - ok
07:56:39.0959 0492 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
07:56:39.0959 0492 C:\Windows\System32\l3codeca.acm - ok
07:56:39.0959 0492 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
07:56:39.0959 0492 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
07:56:39.0959 0492 [ C0B97E53A0E39A48EEA2DCD500EEA07A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
07:56:39.0959 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
07:56:39.0975 0492 [ 53966C74A69B0CFE51C8BF01C94028F3 ] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
07:56:39.0975 0492 C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe - ok
07:56:39.0975 0492 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
07:56:39.0975 0492 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
07:56:39.0990 0492 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
07:56:39.0990 0492 C:\Windows\SysWOW64\duser.dll - ok
07:56:39.0990 0492 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:56:39.0990 0492 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
07:56:39.0990 0492 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
07:56:39.0990 0492 C:\Windows\SysWOW64\dui70.dll - ok
07:56:40.0006 0492 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
07:56:40.0006 0492 C:\Windows\SysWOW64\mscoree.dll - ok
07:56:40.0006 0492 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
07:56:40.0006 0492 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
07:56:40.0006 0492 [ 8A3B69683E63808719D24E1C68C21CC7 ] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
07:56:40.0006 0492 C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe - ok
07:56:40.0022 0492 [ 9A5E96115657AB81528AAFB642D7C5CB ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
07:56:40.0022 0492 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe - ok
07:56:40.0022 0492 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
07:56:40.0022 0492 C:\Windows\System32\RtkCfg64.dll - ok
07:56:40.0037 0492 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
07:56:40.0037 0492 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
07:56:40.0037 0492 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
07:56:40.0037 0492 C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
07:56:40.0037 0492 [ 8192B2E274607D1D530F5C191698C544 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
07:56:40.0037 0492 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
07:56:40.0053 0492 [ BAD0D303EF0A519409C625738F3E10A3 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
07:56:40.0053 0492 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
07:56:40.0053 0492 [ 96155A8E11B042FF2CA75B67C3B561FD ] C:\Windows\System32\igfxsrvc.dll
07:56:40.0053 0492 C:\Windows\System32\igfxsrvc.dll - ok
07:56:40.0053 0492 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
07:56:40.0053 0492 C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
07:56:40.0068 0492 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
07:56:40.0068 0492 C:\Windows\SysWOW64\mstask.dll - ok
07:56:40.0068 0492 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
07:56:40.0068 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
07:56:40.0068 0492 [ 9B0F7C94A71E4C781900B6C8F923682F ] C:\Windows\System32\igfxdev.dll
07:56:40.0068 0492 C:\Windows\System32\igfxdev.dll - ok
07:56:40.0084 0492 [ 28F9344A4ADFE21D1BE8D05B2529DF4A ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
07:56:40.0084 0492 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
07:56:40.0084 0492 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
07:56:40.0084 0492 C:\Windows\SysWOW64\d2d1.dll - ok
07:56:40.0084 0492 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
07:56:40.0084 0492 C:\Windows\SysWOW64\samlib.dll - ok
07:56:40.0100 0492 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
07:56:40.0100 0492 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
07:56:40.0100 0492 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
07:56:40.0100 0492 C:\Windows\SysWOW64\msvcr100.dll - ok
07:56:40.0100 0492 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
07:56:40.0100 0492 C:\Windows\SysWOW64\sxs.dll - ok
07:56:40.0115 0492 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
07:56:40.0115 0492 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
07:56:40.0115 0492 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
07:56:40.0115 0492 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
07:56:40.0115 0492 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
07:56:40.0115 0492 C:\Windows\SysWOW64\wbemcomn.dll - ok
07:56:40.0131 0492 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
07:56:40.0131 0492 C:\Windows\System32\IccLibDll_x64.dll - ok
07:56:40.0131 0492 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
07:56:40.0131 0492 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
07:56:40.0131 0492 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
07:56:40.0131 0492 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
07:56:40.0146 0492 [ A5CB3D0F6A96136D2C96EB62A9BE47B1 ] C:\Windows\System32\igfxrenu.lrc
07:56:40.0146 0492 C:\Windows\System32\igfxrenu.lrc - ok
07:56:40.0146 0492 [ A58C7DF1C006A0A06B141087D8FD6292 ] C:\Windows\System32\igfxress.dll
07:56:40.0146 0492 C:\Windows\System32\igfxress.dll - ok
07:56:40.0162 0492 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
07:56:40.0162 0492 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
07:56:40.0162 0492 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
07:56:40.0162 0492 C:\Windows\SysWOW64\ntdsapi.dll - ok
07:56:40.0162 0492 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
07:56:40.0162 0492 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
07:56:40.0178 0492 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
07:56:40.0178 0492 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
07:56:40.0178 0492 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
07:56:40.0178 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
07:56:40.0193 0492 [ D77B93504CAFE32D9051A241BDC21B33 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
07:56:40.0193 0492 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
07:56:40.0193 0492 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
07:56:40.0193 0492 C:\Windows\System32\wbem\wmiprov.dll - ok
07:56:40.0193 0492 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\SysWOW64\icmp.dll
07:56:40.0193 0492 C:\Windows\SysWOW64\icmp.dll - ok
07:56:40.0209 0492 [ 8BBAFA446D73AF1D1DE8979DD7A17C24 ] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\HPSWManagedDLL.dll
07:56:40.0209 0492 C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\HPSWManagedDLL.dll - ok
07:56:40.0209 0492 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
07:56:40.0209 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
07:56:40.0224 0492 [ D5BF4794962075DA6A6AE38419491012 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
07:56:40.0224 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
07:56:40.0224 0492 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
07:56:40.0224 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
07:56:40.0224 0492 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
07:56:40.0224 0492 C:\Windows\System32\stobject.dll - ok
07:56:40.0240 0492 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
07:56:40.0240 0492 C:\Windows\SysWOW64\MMDevAPI.dll - ok
07:56:40.0240 0492 [ 1838D3ECDDD78BCAFB092FA31C7AFD2D ] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hp.mobile.shared.dll
07:56:40.0240 0492 C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hp.mobile.shared.dll - ok
07:56:40.0240 0492 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
07:56:40.0240 0492 C:\Windows\System32\batmeter.dll - ok
07:56:40.0256 0492 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
07:56:40.0256 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
07:56:40.0256 0492 [ F091F3BB4CD90D29C8556F62CFBD24DF ] C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
07:56:40.0256 0492 C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll - ok
07:56:40.0256 0492 [ E8B30FB0C41D13A48A8F8022A5EAE6D2 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
07:56:40.0256 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
07:56:40.0271 0492 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
07:56:40.0271 0492 C:\Windows\SysWOW64\shfolder.dll - ok
07:56:40.0271 0492 [ 80DD2FB91983941B207C36ECC4F82948 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFVersion.dll
07:56:40.0271 0492 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFVersion.dll - ok
07:56:40.0271 0492 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
07:56:40.0271 0492 C:\Windows\System32\wbem\cimwin32.dll - ok
07:56:40.0287 0492 [ A4865DD58110A6455921D9B4F2D6D991 ] C:\Program Files\AVAST Software\Avast\aswData.dll
07:56:40.0287 0492 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
07:56:40.0287 0492 [ 6DBFCD6270BC91EAEE1CCDFCB02E4378 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
07:56:40.0287 0492 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
07:56:40.0302 0492 [ C678F64DC988A4AACECDDB459FDB7A25 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
07:56:40.0302 0492 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
07:56:40.0302 0492 [ AC169F72E7BB73F86CE16E3B82C291B4 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
07:56:40.0302 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll - ok
07:56:40.0302 0492 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
07:56:40.0302 0492 C:\Windows\System32\prnfldr.dll - ok
07:56:40.0318 0492 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
07:56:40.0318 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
07:56:40.0318 0492 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
07:56:40.0318 0492 C:\Windows\System32\DXP.dll - ok
07:56:40.0318 0492 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
07:56:40.0318 0492 C:\Windows\System32\Syncreg.dll - ok
07:56:40.0334 0492 [ 88B834DE886C8BE77B6A704C3086B77A ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
07:56:40.0334 0492 C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
07:56:40.0334 0492 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
07:56:40.0334 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok
07:56:40.0349 0492 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
07:56:40.0349 0492 C:\Windows\ehome\ehSSO.dll - ok
07:56:40.0349 0492 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
07:56:40.0349 0492 C:\Windows\System32\netshell.dll - ok
07:56:40.0349 0492 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
07:56:40.0349 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok
07:56:40.0365 0492 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
07:56:40.0365 0492 C:\Windows\System32\framedynos.dll - ok
07:56:40.0365 0492 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
07:56:40.0365 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok
07:56:40.0365 0492 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
07:56:40.0365 0492 C:\Windows\System32\wmi.dll - ok
07:56:40.0380 0492 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
07:56:40.0380 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
07:56:40.0380 0492 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
07:56:40.0380 0492 C:\Windows\System32\AltTab.dll - ok
07:56:40.0380 0492 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
07:56:40.0380 0492 C:\Windows\System32\pnidui.dll - ok
07:56:40.0396 0492 [ A5A70AF023570C1D26501B14338C1D6C ] C:\Windows\System32\browcli.dll
07:56:40.0396 0492 C:\Windows\System32\browcli.dll - ok
07:56:40.0396 0492 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
07:56:40.0396 0492 C:\Windows\System32\schedcli.dll - ok
07:56:40.0396 0492 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
07:56:40.0396 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
07:56:40.0412 0492 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
07:56:40.0412 0492 C:\Windows\SysWOW64\d3d10_1.dll - ok
07:56:40.0412 0492 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
07:56:40.0412 0492 C:\Windows\SysWOW64\d3d10_1core.dll - ok
07:56:40.0412 0492 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
07:56:40.0412 0492 C:\Windows\SysWOW64\dxgi.dll - ok
07:56:40.0427 0492 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
07:56:40.0427 0492 C:\Windows\SysWOW64\d3d10warp.dll - ok
07:56:40.0427 0492 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
07:56:40.0427 0492 C:\Windows\System32\QUTIL.DLL - ok
07:56:40.0427 0492 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
07:56:40.0427 0492 C:\Windows\System32\WPDShServiceObj.dll - ok
07:56:40.0443 0492 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
07:56:40.0443 0492 C:\Windows\System32\PortableDeviceTypes.dll - ok
07:56:40.0443 0492 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
07:56:40.0443 0492 C:\Windows\System32\ActionCenter.dll - ok
07:56:40.0443 0492 [ 01091B900E15878B4434F9C726C4541D ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
07:56:40.0443 0492 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
07:56:40.0458 0492 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
07:56:40.0458 0492 C:\Windows\System32\srchadmin.dll - ok
07:56:40.0458 0492 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
07:56:40.0458 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
07:56:40.0474 0492 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
07:56:40.0474 0492 C:\Windows\System32\bthprops.cpl - ok
07:56:40.0474 0492 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
07:56:40.0474 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
07:56:40.0474 0492 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
07:56:40.0474 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
07:56:40.0490 0492 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
07:56:40.0490 0492 C:\Windows\System32\SearchIndexer.exe - ok
07:56:40.0490 0492 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
07:56:40.0490 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
07:56:40.0490 0492 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
07:56:40.0490 0492 C:\Windows\System32\tquery.dll - ok
07:56:40.0505 0492 [ F7F49C8A29FCF523F98FEBAD010F0FC8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
07:56:40.0505 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
07:56:40.0505 0492 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
07:56:40.0505 0492 C:\Windows\System32\mssrch.dll - ok
07:56:40.0505 0492 [ 8B1E277F554228A84126402BBBDC32F4 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_4_402_287.ocx
07:56:40.0505 0492 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_4_402_287.ocx - ok
07:56:40.0521 0492 [ 689EBD0C6D6D28FFCAA7A132F5F988AC ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe
07:56:40.0521 0492 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\WirelessOffMsg.exe - ok
07:56:40.0521 0492 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
07:56:40.0521 0492 C:\Windows\SysWOW64\DWrite.dll - ok
07:56:40.0521 0492 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
07:56:40.0521 0492 C:\Windows\SysWOW64\xmllite.dll - ok
07:56:40.0536 0492 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
07:56:40.0536 0492 C:\Windows\System32\esent.dll - ok
07:56:40.0536 0492 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll
07:56:40.0536 0492 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\msvcp100.dll - ok
07:56:40.0552 0492 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
07:56:40.0552 0492 C:\Windows\System32\netman.dll - ok
07:56:40.0552 0492 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
07:56:40.0552 0492 C:\Windows\System32\msidle.dll - ok
07:56:40.0568 0492 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
07:56:40.0568 0492 C:\Windows\System32\FXSST.dll - ok
07:56:40.0568 0492 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
07:56:40.0568 0492 C:\Windows\System32\FXSAPI.dll - ok
07:56:40.0583 0492 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
07:56:40.0583 0492 C:\Windows\SysWOW64\dsound.dll - ok
07:56:40.0583 0492 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
07:56:40.0583 0492 C:\Windows\System32\mssprxy.dll - ok
07:56:40.0583 0492 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
07:56:40.0583 0492 C:\Windows\System32\FXSRESM.dll - ok
07:56:40.0599 0492 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
07:56:40.0599 0492 C:\Windows\System32\en-US\tquery.dll.mui - ok
07:56:40.0599 0492 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
07:56:40.0599 0492 C:\Windows\SysWOW64\mscms.dll - ok
07:56:40.0599 0492 [ 695106DF3C15A9EA30069CCECEEC2B66 ] C:\Program Files\AVAST Software\Avast\defs\12101300\uiext.dll
07:56:40.0599 0492 C:\Program Files\AVAST Software\Avast\defs\12101300\uiext.dll - ok
07:56:40.0614 0492 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
07:56:40.0614 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok
07:56:40.0614 0492 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
07:56:40.0614 0492 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
07:56:40.0614 0492 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
07:56:40.0614 0492 C:\Windows\System32\FXSSVC.exe - ok
07:56:40.0630 0492 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
07:56:40.0630 0492 C:\Windows\System32\rasdlg.dll - ok
07:56:40.0630 0492 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
07:56:40.0630 0492 C:\Windows\System32\dot3api.dll - ok
07:56:40.0646 0492 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
07:56:40.0646 0492 C:\Windows\System32\wlanhlp.dll - ok
07:56:40.0646 0492 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
07:56:40.0646 0492 C:\Windows\System32\wlanapi.dll - ok
07:56:40.0646 0492 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
07:56:40.0646 0492 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
07:56:40.0661 0492 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
07:56:40.0661 0492 C:\Windows\System32\WWanAPI.dll - ok
07:56:40.0661 0492 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
07:56:40.0661 0492 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
07:56:40.0677 0492 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
07:56:40.0677 0492 C:\Windows\System32\wwapi.dll - ok
07:56:40.0677 0492 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
07:56:40.0677 0492 C:\Windows\System32\SearchProtocolHost.exe - ok
07:56:40.0677 0492 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
07:56:40.0677 0492 C:\Windows\System32\webcheck.dll - ok
07:56:40.0692 0492 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
07:56:40.0692 0492 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
07:56:40.0692 0492 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
07:56:40.0692 0492 C:\Windows\System32\mlang.dll - ok
07:56:40.0692 0492 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
07:56:40.0692 0492 C:\Windows\System32\QAGENT.DLL - ok
07:56:40.0708 0492 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
07:56:40.0708 0492 C:\Windows\System32\msshooks.dll - ok
07:56:40.0708 0492 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
07:56:40.0708 0492 C:\Windows\System32\SearchFilterHost.exe - ok
07:56:40.0708 0492 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
07:56:40.0708 0492 C:\Windows\System32\mscoree.dll - ok
07:56:40.0724 0492 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
07:56:40.0724 0492 C:\Windows\System32\SyncCenter.dll - ok
07:56:40.0739 0492 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
07:56:40.0739 0492 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
07:56:40.0739 0492 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
07:56:40.0739 0492 C:\Windows\System32\mssph.dll - ok
07:56:40.0739 0492 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
07:56:40.0739 0492 C:\Windows\System32\wsock32.dll - ok
07:56:40.0755 0492 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
07:56:40.0755 0492 C:\Windows\System32\mapi32.dll - ok
07:56:40.0755 0492 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
07:56:40.0755 0492 C:\Windows\System32\wmdrmdev.dll - ok
07:56:40.0770 0492 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
07:56:40.0770 0492 C:\Windows\System32\drmv2clt.dll - ok
07:56:40.0770 0492 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
07:56:40.0770 0492 C:\Windows\System32\blackbox.dll - ok
07:56:40.0786 0492 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
07:56:40.0786 0492 C:\Windows\System32\imapi2.dll - ok
07:56:40.0786 0492 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
07:56:40.0786 0492 C:\Windows\System32\upnp.dll - ok
07:56:40.0802 0492 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
07:56:40.0802 0492 C:\Windows\System32\ssdpsrv.dll - ok
07:56:40.0802 0492 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
07:56:40.0802 0492 C:\Windows\System32\wmp.dll - ok
07:56:40.0817 0492 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
07:56:40.0817 0492 C:\Windows\System32\hgcpl.dll - ok
07:56:40.0817 0492 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
07:56:40.0817 0492 C:\Windows\System32\fdPHost.dll - ok
07:56:40.0817 0492 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
07:56:40.0817 0492 C:\Windows\System32\FDResPub.dll - ok
07:56:40.0833 0492 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
07:56:40.0833 0492 C:\Windows\System32\fdWSD.dll - ok
07:56:40.0833 0492 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
07:56:40.0833 0492 C:\Windows\System32\fdSSDP.dll - ok
07:56:40.0848 0492 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
07:56:40.0848 0492 C:\Windows\System32\httpapi.dll - ok
07:56:40.0848 0492 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
07:56:40.0848 0492 C:\Windows\System32\wmploc.DLL - ok
07:56:40.0864 0492 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
07:56:40.0864 0492 C:\Windows\System32\fdProxy.dll - ok
07:56:40.0864 0492 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
07:56:40.0864 0492 C:\Windows\System32\ListSvc.dll - ok
07:56:40.0880 0492 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
07:56:40.0880 0492 C:\Windows\System32\P2P.dll - ok
07:56:40.0880 0492 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
07:56:40.0880 0492 C:\Windows\System32\p2pcollab.dll - ok
07:56:40.0880 0492 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
07:56:40.0880 0492 C:\Windows\System32\IdListen.dll - ok
07:56:40.0895 0492 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
07:56:40.0895 0492 C:\Windows\System32\hgprint.dll - ok
07:56:40.0895 0492 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
07:56:40.0895 0492 C:\Windows\System32\pnrpsvc.dll - ok
07:56:40.0911 0492 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
07:56:40.0911 0492 C:\Program Files\Internet Explorer\ieproxy.dll - ok
07:56:40.0911 0492 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
07:56:40.0911 0492 C:\Windows\System32\wmpps.dll - ok
07:56:40.0926 0492 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
07:56:40.0926 0492 C:\Windows\System32\wmpmde.dll - ok
07:56:40.0926 0492 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
07:56:40.0926 0492 C:\Windows\System32\QAGENTRT.DLL - ok
07:56:40.0942 0492 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
07:56:40.0942 0492 C:\Windows\System32\WinSATAPI.dll - ok
07:56:40.0942 0492 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
07:56:40.0942 0492 C:\Windows\System32\fveui.dll - ok
07:56:40.0942 0492 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
07:56:40.0942 0492 C:\Windows\System32\p2psvc.dll - ok
07:56:40.0958 0492 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
07:56:40.0958 0492 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
07:56:40.0958 0492 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
07:56:40.0958 0492 C:\Windows\System32\P2PGraph.dll - ok
07:56:40.0973 0492 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
07:56:40.0973 0492 C:\Windows\System32\MSMPEG2ENC.DLL - ok
07:56:40.0973 0492 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
07:56:40.0973 0492 C:\Windows\System32\devenum.dll - ok
07:56:40.0989 0492 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
07:56:40.0989 0492 C:\Windows\System32\msdmo.dll - ok
07:56:40.0989 0492 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
07:56:40.0989 0492 C:\Windows\System32\upnphost.dll - ok
07:56:40.0989 0492 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
07:56:40.0989 0492 C:\Windows\System32\udhisapi.dll - ok
07:56:41.0004 0492 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
07:56:41.0004 0492 C:\Windows\System32\drprov.dll - ok
07:56:41.0004 0492 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
07:56:41.0004 0492 C:\Windows\System32\ntlanman.dll - ok
07:56:41.0004 0492 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
07:56:41.0004 0492 C:\Windows\System32\davclnt.dll - ok
07:56:41.0020 0492 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
07:56:41.0020 0492 C:\Windows\System32\davhlpr.dll - ok
07:56:41.0020 0492 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
07:56:41.0020 0492 C:\Windows\System32\drttransport.dll - ok
07:56:41.0036 0492 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
07:56:41.0036 0492 C:\Windows\System32\drt.dll - ok
07:56:41.0036 0492 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
07:56:41.0036 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
07:56:41.0036 0492 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
07:56:41.0036 0492 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
07:56:41.0051 0492 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
07:56:41.0051 0492 C:\Windows\System32\FntCache.dll - ok
07:56:41.0051 0492 [ 1DB8C2220EFDBA97F671F46F6A8DE51E ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe
07:56:41.0051 0492 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe - ok
07:56:41.0067 0492 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
07:56:41.0067 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
07:56:41.0067 0492 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
07:56:41.0067 0492 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
07:56:41.0082 0492 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
07:56:41.0082 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
07:56:41.0082 0492 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
07:56:41.0082 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
07:56:41.0098 0492 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
07:56:41.0098 0492 C:\Windows\System32\riched20.dll - ok
07:56:41.0098 0492 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
07:56:41.0098 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
07:56:41.0114 0492 [ 92CBA4EBF1EAC5329662A967C079F660 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll
07:56:41.0114 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll - ok
07:56:41.0114 0492 [ 383661D710295D2DA3FDFBA0C3ED4BCF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll
07:56:41.0114 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll - ok
07:56:41.0129 0492 [ 77D23D333BF27515EA51A23E96A63D6C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll
07:56:41.0129 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll - ok
07:56:41.0129 0492 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
07:56:41.0129 0492 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
07:56:41.0129 0492 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
07:56:41.0129 0492 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
07:56:41.0145 0492 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
07:56:41.0145 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
07:56:41.0145 0492 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
07:56:41.0145 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
07:56:41.0145 0492 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
07:56:41.0145 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
07:56:41.0160 0492 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
07:56:41.0160 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
07:56:41.0160 0492 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
07:56:41.0160 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
07:56:41.0176 0492 [ 7673BF5E055468A08DF750334D93340B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll
07:56:41.0176 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\f74b2d1b8cf279ff6bfe479f79e70fe9\System.ServiceModel.ni.dll - ok
07:56:41.0176 0492 [ D6F5F47CD1C61CA8993C8BBC8F59C7D7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll
07:56:41.0176 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\SMDiagnostics\2eac9c598de3341eba5c16787c74f220\SMDiagnostics.ni.dll - ok
07:56:41.0176 0492 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
07:56:41.0176 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
07:56:41.0192 0492 [ 59D5398F85127D0035542D6218F50A2C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll
07:56:41.0192 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\265531568722647aab229a2cec195b3d\System.Runtime.Serialization.ni.dll - ok
07:56:41.0192 0492 [ 59F79A4E4094080AD2F9206B434C02D1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll
07:56:41.0192 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.IdentityModel\d1f21a29e79e73b5401fae156f339f67\System.IdentityModel.ni.dll - ok
07:56:41.0192 0492 [ 0510403E7774E7C1FA4197E514120375 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll
07:56:41.0192 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\766ce7ee1a2e4f2a85fd90e7572f5d53\System.Core.ni.dll - ok
07:56:41.0207 0492 [ A69ADA4394AAE67AE653956C05149BC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll
07:56:41.0207 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml.Linq\de45d043775d8c805f6feca40d7a9ed2\System.Xml.Linq.ni.dll - ok
07:56:41.0207 0492 [ 4370B54FC11742DC5A88DC8602729459 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
07:56:41.0207 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll - ok
07:56:41.0223 0492 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
07:56:41.0223 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
07:56:41.0223 0492 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
07:56:41.0223 0492 C:\Windows\System32\schtasks.exe - ok
07:56:41.0223 0492 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
07:56:41.0223 0492 C:\Windows\System32\qmgr.dll - ok
07:56:41.0238 0492 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
07:56:41.0238 0492 C:\Windows\System32\bitsperf.dll - ok
07:56:41.0238 0492 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
07:56:41.0238 0492 C:\Windows\System32\bitsigd.dll - ok
07:56:41.0238 0492 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:56:41.0238 0492 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
07:56:41.0254 0492 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
07:56:41.0254 0492 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
07:56:41.0254 0492 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:56:41.0254 0492 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
07:56:41.0254 0492 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
07:56:41.0254 0492 C:\Windows\System32\msvcr100_clr0400.dll - ok
07:56:41.0270 0492 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
07:56:41.0270 0492 C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe - ok
07:56:41.0270 0492 [ 87204B04A63E684D3FD02A7BC10741CD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
07:56:41.0270 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll - ok
07:56:41.0285 0492 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
07:56:41.0285 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
07:56:41.0285 0492 [ B25F192EA1F84A316EB7C19EFCCCF33D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
07:56:41.0285 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
07:56:41.0285 0492 [ 87AC51679B00164C3E234BD77C25C2A9 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
07:56:41.0285 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
07:56:41.0301 0492 [ 14E42CB76C7B36E8667C61DA78B0B13C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\fbe1527e15407ac366ccc5707796b58f\IAStorDataMgrSvc.ni.exe
07:56:41.0301 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\fbe1527e15407ac366ccc5707796b58f\IAStorDataMgrSvc.ni.exe - ok
07:56:41.0301 0492 [ 17FADECB631FF8DBE735BA33409885C2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
07:56:41.0301 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll - ok
07:56:41.0316 0492 [ BF67CE48DC3A41249766B2956F0A07E9 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
07:56:41.0316 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
07:56:41.0316 0492 [ 71CF761BD4B2FFDC0FC604A6DF53291B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\7587af1399f8ca354b4205df9ba0ae0b\IAStorDataMgr.ni.dll
07:56:41.0316 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\7587af1399f8ca354b4205df9ba0ae0b\IAStorDataMgr.ni.dll - ok
07:56:41.0332 0492 [ 415694A54448E54626618E5AC95242FE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\005e39dd4fc7c1bda871002fd7d32f4b\IsdiInterop.ni.dll
07:56:41.0332 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\005e39dd4fc7c1bda871002fd7d32f4b\IsdiInterop.ni.dll - ok
07:56:41.0332 0492 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
07:56:41.0332 0492 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
07:56:41.0332 0492 [ 43D1D2B62DD400240565725829083A82 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
07:56:41.0332 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
07:56:41.0348 0492 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
07:56:41.0348 0492 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
07:56:41.0348 0492 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
07:56:41.0348 0492 C:\Windows\System32\sppsvc.exe - ok
07:56:41.0363 0492 [ 01D585C95A0E752EFFB11EA899B0E387 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
07:56:41.0363 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll - ok
07:56:41.0363 0492 [ EEB868125EB592877FB8EDE1A44C1F1B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
07:56:41.0363 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll - ok
07:56:41.0379 0492 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
07:56:41.0379 0492 C:\Windows\System32\drivers\spsys.sys - ok
07:56:41.0379 0492 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
07:56:41.0379 0492 C:\Program Files\Windows Defender\MpSvc.dll - ok
07:56:41.0394 0492 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
07:56:41.0394 0492 C:\Program Files\Windows Defender\MpClient.dll - ok
07:56:41.0394 0492 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
07:56:41.0394 0492 C:\Windows\System32\sppwinob.dll - ok
07:56:41.0410 0492 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
07:56:41.0410 0492 C:\Windows\System32\wscsvc.dll - ok
07:56:41.0410 0492 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
07:56:41.0410 0492 C:\Windows\System32\wuaueng.dll - ok
07:56:41.0410 0492 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
07:56:41.0410 0492 C:\Windows\SysWOW64\wscproxystub.dll - ok
07:56:41.0426 0492 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
07:56:41.0426 0492 C:\Windows\System32\wuapi.dll - ok
07:56:41.0426 0492 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
07:56:41.0426 0492 C:\Windows\System32\mspatcha.dll - ok
07:56:41.0441 0492 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
07:56:41.0441 0492 C:\Windows\System32\wups.dll - ok
07:56:41.0441 0492 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
07:56:41.0441 0492 C:\Windows\System32\wups2.dll - ok
07:56:41.0457 0492 [ FAB18E11587305BF8039EA6F8F731207 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
07:56:41.0457 0492 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll - ok
07:56:41.0457 0492 [ 3E789A9A77366AA9E13F31DD5EC296B8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
07:56:41.0457 0492 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
07:56:41.0472 0492 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
07:56:41.0472 0492 C:\Windows\System32\sppobjs.dll - ok
07:56:41.0472 0492 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
07:56:41.0472 0492 C:\Program Files\Windows Defender\MpRTP.dll - ok
07:56:41.0472 0492 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
07:56:41.0472 0492 C:\Windows\System32\tdh.dll - ok
07:56:41.0488 0492 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
07:56:41.0488 0492 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
07:56:41.0488 0492 [ 78555E35CD15785B9EE62B8C8167A861 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpengine.dll
07:56:41.0488 0492 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpengine.dll - ok
07:56:41.0504 0492 [ 8BE5B9C034415C5E4232F109E514A49A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpasbase.vdm
07:56:41.0504 0492 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpasbase.vdm - ok
07:56:41.0504 0492 [ A678E5DDD974903DD71F503BDCACA218 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
07:56:41.0504 0492 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
07:56:41.0519 0492 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
07:56:41.0519 0492 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
07:56:41.0519 0492 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
07:56:41.0519 0492 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
07:56:41.0535 0492 [ 5F0A5D45810590AAA7EF86881C79BB3C ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpasdlta.vdm
07:56:41.0535 0492 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8C0084BE-E5BC-4F3B-B594-14E2378A1C78}\mpasdlta.vdm - ok
07:56:41.0535 0492 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
07:56:41.0535 0492 C:\Program Files\Windows Defender\MsMpLics.dll - ok
07:56:41.0550 0492 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
07:56:41.0550 0492 C:\Windows\System32\wscapi.dll - ok
07:56:41.0550 0492 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
07:56:41.0550 0492 C:\Windows\System32\wscisvif.dll - ok
07:56:41.0550 0492 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
07:56:41.0550 0492 C:\Windows\System32\wscproxystub.dll - ok
07:56:41.0566 0492 [ 0474C9872A153D9F83EB44C18628D3E2 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
07:56:41.0566 0492 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe - ok
07:56:41.0582 0492 [ 8F123D1FA65ADECEA0244C615EA95DFA ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
07:56:41.0582 0492 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe - ok
07:56:41.0582 0492 [ 438A55C69D66D9DAF7DD1EAEB6251EA3 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
07:56:41.0582 0492 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll - ok
07:56:41.0582 0492 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
07:56:41.0582 0492 C:\Windows\SysWOW64\wlanapi.dll - ok
07:56:41.0597 0492 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
07:56:41.0597 0492 C:\Windows\SysWOW64\wlanutil.dll - ok
07:56:41.0597 0492 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
07:56:41.0597 0492 C:\Windows\SysWOW64\msxml3.dll - ok
07:56:41.0597 0492 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
07:56:41.0597 0492 C:\Windows\System32\wscinterop.dll - ok
07:56:41.0613 0492 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
07:56:41.0613 0492 C:\Windows\System32\wscui.cpl - ok
07:56:41.0613 0492 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
07:56:41.0613 0492 C:\Windows\System32\werconcpl.dll - ok
07:56:41.0628 0492 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
07:56:41.0628 0492 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
07:56:41.0628 0492 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
07:56:41.0628 0492 C:\Windows\System32\wercplsupport.dll - ok
07:56:41.0628 0492 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
07:56:41.0628 0492 C:\Windows\System32\hcproviders.dll - ok
07:56:41.0644 0492 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
07:56:41.0644 0492 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
07:56:41.0644 0492 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
07:56:41.0644 0492 C:\Windows\System32\tapi32.dll - ok
07:56:41.0660 0492 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
07:56:41.0660 0492 C:\Windows\System32\d3d9.dll - ok
07:56:41.0660 0492 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
07:56:41.0660 0492 C:\Windows\System32\d3d8thk.dll - ok
07:56:41.0675 0492 [ 1135B6BFB6F47240736A38FF1721F267 ] C:\Windows\System32\igdumd64.dll
07:56:41.0675 0492 C:\Windows\System32\igdumd64.dll - ok
07:56:41.0675 0492 [ BE63879E3ED6893F84309DF1EBECF26D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll
07:56:41.0675 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll - ok
07:56:41.0675 0492 [ 146B0BD6A29650D7016B54B0352601AB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll
07:56:41.0675 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data.Entity\daaff9fe9c85fc171d426a3cb6766dbb\System.Data.Entity.ni.dll - ok
07:56:41.0691 0492 [ 4DF1FC22D97CD905D5E046C06EE4B036 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
07:56:41.0691 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll - ok
07:56:41.0691 0492 [ 98D53BB2DB8E11762D30C3CF41FA140B ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
07:56:41.0691 0492 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
07:56:41.0706 0492 [ 9F71303BDDECF888CC77C2A486769C9D ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.DLL
07:56:41.0706 0492 C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.DLL - ok
07:56:41.0706 0492 [ C17DFE97C4F5835505BBF6D6C1DEAC7F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll
07:56:41.0706 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\ec95ad2463c5588fc8ef552b3f375ee6\System.Transactions.ni.dll - ok
07:56:41.0722 0492 [ E4806AC8BE2D890193252D4BEE7EA95C ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
07:56:41.0722 0492 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
07:56:41.0738 0492 [ 62427A3A76CDAAED50C699FA94BE3DCA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll
07:56:41.0738 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\95f38e7485bbe2b73b6055c45196fedd\System.Web.ni.dll - ok
07:56:41.0738 0492 [ 83763D5C3C8232C3F9FF2C72DEE32443 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll
07:56:41.0738 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\d50cde53634ccbb5e0231738784ff4b8\System.EnterpriseServices.ni.dll - ok
07:56:41.0753 0492 [ 94E3CCB0F0DC7DB0535DAF7519262981 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll
07:56:41.0753 0492 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Speech\ca51f026916139f886519fdf6d6c73e9\System.Speech.ni.dll - ok
07:56:41.0753 0492 ============================================================
07:56:41.0753 0492 Scan finished
07:56:41.0753 0492 ============================================================
07:56:41.0769 5056 Detected object count: 4
07:56:41.0769 5056 Actual detected object count: 4
07:56:52.0346 5056 epmntdrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:56:52.0346 5056 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:56:52.0346 5056 EuGdiDrv ( UnsignedFile.Multi.Generic ) - skipped by user
07:56:52.0346 5056 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:56:52.0346 5056 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
07:56:52.0346 5056 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
07:56:52.0346 5056 Sockblkd ( UnsignedFile.Multi.Generic ) - skipped by user
07:56:52.0346 5056 Sockblkd ( UnsignedFile.Multi.Generic ) - User select action: Skip

#7
blmadara

Posted 14 October 2012 - 12:45 PM

Trusted Helper

Malware Removal
767 posts

Hi dch1314,

Step One: Run CKScanner

Download CKScanner from here

Important : Save it to your desktop.

Right-Click CKScanner.exe and select Run as administrator. If the User Account Ccontrol warning is displayed, select Yes to allow CKScanner to make changes to your computer.
Click Search For Files.
After a very short time, when the cursor hourglass disappears, click Save List To File.
A message box will verify that the file is saved.
Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

What I need in your next post:
1. The CKScanner log, CKFiles.txt.

#8
dch1314

Posted 14 October 2012 - 07:34 PM

Member

Topic Starter
Member
238 posts

CKScanner - Additional Security Risks - These are not necessarily bad
scanner sequence 3.RP.11.MNNATV
----- EOF -----

#9
blmadara

Posted 15 October 2012 - 03:17 PM

Trusted Helper

Malware Removal
767 posts

Hi dch1314,

You are using a cracked professional version of Auslogics Disk Defrag.

The use of cracks and keygens is a major cause of malware infections and is against our Terms of Use.

We will be unable to assist you further, unless your cracked programs are removed. Please read our Terms of Use, specifically section 4-f.

Step One: OTL Fix

Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following (do not copy the word "quote")

:OTL
O2 - BHO: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000\..\Toolbar\WebBrowser: (MediaFire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 File not found
O4 - HKU\S-1-5-21-3884020555-285224058-3069529385-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Users\chucky\Documents\*.tmp files -> C:\Users\chucky\Documents\*.tmp -> ]

:Files
C:\Program Files (x86)\Auslogics\Auslogics Disk Defrag Professional\auslogics.disk.defrag.professional.4.0.1.50-PSA.exe
C:\Users\chucky\Desktop\PSA Patch\auslogics.disk.defrag.professional.4.0.1.50-PSA.exe

:Commands
[emptytemp]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done and post the log it produces in your next reply.
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step Two: How is your computer running?

Please let me know how your computer is running and what problems remain.

What I need in your next post:
1. Both logs produced by the OTL fix.
2. How is your computer running and what problems remain?

#10
dch1314

Posted 15 October 2012 - 06:32 PM

Member

Topic Starter
Member
238 posts

Would the OTL fix you just told me remove the cracked version? Otherwise how do I get rid of it?

#11
blmadara

Posted 15 October 2012 - 07:34 PM

Trusted Helper

Malware Removal
767 posts

Yes, the OTL fix should take care of it.

#12
dch1314

Posted 17 October 2012 - 07:55 PM

Member

Topic Starter
Member
238 posts

#13
blmadara

Posted 18 October 2012 - 10:27 AM

Trusted Helper

Malware Removal
767 posts

Please do the last step in the OTL Fix that I posted:

Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

#14
dch1314

Posted 18 October 2012 - 07:38 PM

Member

Topic Starter
Member
238 posts

OTL logfile created on: 10/18/2012 8:19:22 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\chucky\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.86 Gb Total Physical Memory | 0.38 Gb Available Physical Memory | 20.50% Memory free
3.71 Gb Paging File | 1.05 Gb Available in Paging File | 28.27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279.47 Gb Total Space | 205.85 Gb Free Space | 73.66% Space Free | Partition Type: NTFS
Drive D: | 14.46 Gb Total Space | 1.61 Gb Free Space | 11.12% Space Free | Partition Type: NTFS
Drive E: | 3.96 Gb Total Space | 1.08 Gb Free Space | 27.33% Space Free | Partition Type: FAT32

Computer Name: CHUCKY-HP | User Name: chucky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/11 08:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
PRC - [2012/08/21 04:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/08/21 04:12:23 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/08/08 20:53:14 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\NLSSRV32.EXE
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/03/05 13:38:38 | 000,578,944 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/01 17:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/08/19 14:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011/06/28 04:41:08 | 000,168,504 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
PRC - [2011/06/15 19:58:28 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011/06/14 17:11:46 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/12/30 22:44:00 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/12/30 22:43:00 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/12/27 18:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
PRC - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
PRC - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/09/13 20:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

========== Modules (No Company Name) ==========

MOD - [2012/10/10 05:06:15 | 000,460,312 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012/10/10 05:06:13 | 012,435,992 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012/10/10 05:06:12 | 004,005,912 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012/10/10 05:04:57 | 000,578,072 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012/10/10 05:04:55 | 000,123,928 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012/10/10 05:04:44 | 000,156,712 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012/10/10 05:04:43 | 000,275,496 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012/10/10 05:04:42 | 002,168,360 | ---- | M] () -- C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012/06/16 10:48:49 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\09557e6c5a83a1cb68c7c50a841c8064\IAStorUtil.ni.dll
MOD - [2012/06/16 08:21:43 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/16 08:20:49 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/16 08:20:29 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/18 12:58:24 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\220b0516e45e7f9bbf6a631490c1243a\IAStorCommon.ni.dll
MOD - [2012/05/11 08:21:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 08:20:02 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 08:19:53 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 08:19:48 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 08:19:47 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 08:19:38 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/23 21:09:35 | 000,877,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.SupportFramework\1.0.0.0__2a4860322af7ba08\HP.SupportFramework.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/08/21 04:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/08/21 04:12:23 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2011/02/17 00:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010/10/11 04:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 20:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/11/17 20:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/08 17:11:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/08 20:53:14 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/19 23:44:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/05 13:38:38 | 000,035,200 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/09/01 17:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/06/14 17:11:46 | 001,098,296 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011/03/01 23:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 12:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/12/30 22:44:00 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/30 22:43:00 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/12/27 18:30:00 | 001,817,088 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2010/11/26 09:09:12 | 000,399,344 | ---- | M] (Roxio) [Auto | Running] -- C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe -- (RoxioNow Service)
SRV - [2010/10/12 12:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/13 20:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 04:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 04:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 04:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 04:13:12 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012/08/21 04:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 04:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 04:13:11 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012/08/21 04:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/08/21 04:13:11 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/06/27 15:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012/06/06 08:28:54 | 000,878,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2012/06/01 07:31:54 | 001,863,720 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2012/05/20 16:06:34 | 000,006,784 | ---- | M] (DataWizard Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Extegrity\Exam4\Sockblkd.sys -- (Sockblkd)
DRV:64bit: - [2012/03/19 23:32:04 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/07/29 13:54:56 | 000,016,776 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2011/07/29 13:54:56 | 000,009,096 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2011/07/12 22:06:46 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/07/12 22:06:46 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/09 21:19:54 | 001,451,056 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/03/05 02:16:00 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/02/15 13:37:00 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010/12/30 22:46:00 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 22:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/13 20:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/28 11:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 16:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 16:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 15:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 15:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/16 14:49:34 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2011/07/29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2011/07/29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/CQNOT/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/CQNOT/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{38BFA212-8872-47B0-8750-0D4C5246B644}: "URL" = http://www.amazon.co...s={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://search.yahoo....psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = http://rover.ebay.co...w={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\chucky\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

========== Chrome ==========

CHR - homepage: http://google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\chucky\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\chucky\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Translate = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Edit This Cookie = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\1.1.24_0\
CHR - Extension: Premium Cookie Injector (Multi-Server) = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hglhnookgghcefjamdoakhhfamnhodpd\1.4_0\
CHR - Extension: avast! WebRep = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Dropbox = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.2_0\
CHR - Extension: Google Mail Checker = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\chucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\

O1 HOSTS File: ([2012/10/13 07:40:13 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\chucky\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\chucky\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SetDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPQuickWebProxy] C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon: AllowMultipleTSSessions = 1
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9:64bit: - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\chucky\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Speckie Settings - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\chucky\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {26EA04AA-50C9-4AD0-8037-951140AFE389} http://autoconnect.l...der_activex.ocx (xc_loader_activex.cntMain)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ED130EF-67C5-4492-8DF5-5485BD17CE67}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/13 07:49:35 | 002,212,440 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\chucky\Desktop\tdsskiller.exe
[2012/10/13 07:35:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LOCALAPPDATA%
[2012/10/13 07:25:12 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/11 08:19:53 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\chucky\Desktop\aswMBR.exe
[2012/10/11 08:19:20 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
[2012/10/04 21:26:42 | 000,000,000 | ---D | C] -- C:\Users\chucky\AppData\Local\ElevatedDiagnostics
[2012/09/21 19:28:01 | 000,000,000 | ---D | C] -- C:\Users\chucky\AppData\Local\{7A25F2DE-E084-4D1C-BB84-6BB8AD9BB490}
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/18 20:09:03 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000UA.job
[2012/10/18 19:46:45 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 19:46:45 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/18 19:32:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/18 19:32:36 | 1494,110,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/18 19:31:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/18 13:32:37 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3884020555-285224058-3069529385-1000Core.job
[2012/10/17 22:46:27 | 000,000,017 | ---- | M] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/14 20:29:57 | 000,458,240 | ---- | M] () -- C:\Users\chucky\Desktop\CKScanner.exe
[2012/10/13 22:42:31 | 397,888,827 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/13 07:49:36 | 002,212,440 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\chucky\Desktop\tdsskiller.exe
[2012/10/13 07:40:13 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2012/10/13 07:34:08 | 000,727,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/13 07:34:08 | 000,624,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/13 07:34:08 | 000,106,708 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/11 08:20:07 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\chucky\Desktop\aswMBR.exe
[2012/10/11 08:19:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\chucky\Desktop\OTL.exe
[2012/10/10 18:37:08 | 000,002,489 | ---- | M] () -- C:\Users\chucky\Desktop\Google Chrome.lnk
[2012/10/05 10:08:39 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForCHUCKY-HP$.job
[2012/09/25 07:47:41 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForchucky.job
[2012/09/19 10:07:10 | 003,243,975 | ---- | M] () -- C:\Users\chucky\Documents\NOOOOO.gif
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/17 22:46:25 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012/10/14 20:29:44 | 000,458,240 | ---- | C] () -- C:\Users\chucky\Desktop\CKScanner.exe
[2012/10/07 12:30:13 | 397,888,827 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/09/28 06:05:58 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForCHUCKY-HP$.job
[2012/09/25 00:02:11 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForchucky.job
[2012/09/19 10:07:47 | 003,243,975 | ---- | C] () -- C:\Users\chucky\Documents\NOOOOO.gif
[2012/09/03 18:49:35 | 000,743,534 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/13 09:17:33 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2012/08/13 09:17:33 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2012/08/13 09:17:32 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2012/08/13 09:17:32 | 000,014,216 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2012/08/13 09:17:32 | 000,008,456 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2012/08/13 09:10:20 | 000,000,000 | ---- | C] () -- C:\Users\chucky\format
[2012/06/01 07:31:34 | 000,026,024 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2012/03/21 11:49:23 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/03/19 23:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/03/19 23:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/03/19 23:25:58 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/03/19 22:21:14 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/06/09 21:17:36 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011/05/13 09:33:18 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2011/04/04 23:07:00 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

========== ZeroAccess Check ==========

[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 22:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/07/18 21:11:31 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Auslogics
[2012/08/15 20:29:25 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Downloaded Installations
[2012/10/04 11:16:12 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Dropbox
[2012/07/27 09:12:21 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\NavNet Solutions
[2012/08/15 20:40:14 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Nitro PDF
[2012/09/04 12:47:53 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\SoftGrid Client
[2012/04/12 23:34:34 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Speckie
[2012/04/08 00:00:44 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Synaptics
[2012/09/03 18:51:34 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\TP
[2012/05/10 10:45:59 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Windows Live Writer
[2012/04/07 20:28:40 | 000,000,000 | ---D | M] -- C:\Users\chucky\AppData\Roaming\Xerox

========== Purity Check ==========

< End of report >

#15
blmadara

Posted 19 October 2012 - 01:24 PM

Trusted Helper

Malware Removal
767 posts

Hi dch1314,

Step One: Malwarebytes Anti-Malware

Run Malwarebytes' Anti-Malware.
Select the Update tab.
Select the Check for Updates button.
Select the Scanner tab.
Select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy & Paste the entire report in your next reply.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step Two: ESET Online Scanner

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer running in admin mode for this scan. To do this right click on Internet Explorer and pick Run as administrator.

Tick the box next to YES, I accept the Terms of Use
Click Start
When asked, allow the ActiveX control to install
Click Start
Make sure that the option Remove found threats is not checked.
Make sure that the option Scan unwanted applications is checked
Click Scan (This scan can take several hours, so please be patient)
Once the scan is completed, you may close the window
Use Notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
Copy and paste that log as a reply to this topic

Step Three: Security Check

Download Security Check by screen317 from here or here.

Save it to your Desktop.
Right click SecurityCheck.exe, select Run as administrator, and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

What I need in your next post:
1. The MBAM log.
2, The ESET log, C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
3. The Security Check log, checkup.txt.