Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Trojan:JS/Medfos.B removal ISSUES [Solved]

Started by coots , Dec 31 2012 10:11 AM

  • This topic is locked This topic is locked

#16
coots
Posted 01 January 2013 - 10:18 AM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
tdskiller part 2:

10:06:45.0335 5932 ================ Scan active images ========================
10:06:45.0339 5932 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
10:06:45.0339 5932 C:\Windows\System32\drivers\crashdmp.sys - ok
10:06:45.0348 5932 [ D0F0D7A97C90FE72A79732812E65F822 ] C:\Windows\System32\drivers\Diskdump.sys
10:06:45.0348 5932 C:\Windows\System32\drivers\Diskdump.sys - ok
10:06:45.0357 5932 [ 4380E59A170D88C4F1022EFF6719A8A4 ] C:\Windows\System32\drivers\nvstor.sys
10:06:45.0357 5932 C:\Windows\System32\drivers\nvstor.sys - ok
10:06:45.0366 5932 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
10:06:45.0366 5932 C:\Windows\System32\drivers\dumpfve.sys - ok
10:06:45.0375 5932 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
10:06:45.0375 5932 C:\Windows\System32\drivers\beep.sys - ok
10:06:45.0384 5932 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
10:06:45.0384 5932 C:\Windows\System32\drivers\cdrom.sys - ok
10:06:45.0393 5932 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
10:06:45.0393 5932 C:\Windows\System32\drivers\null.sys - ok
10:06:45.0402 5932 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
10:06:45.0402 5932 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:06:45.0411 5932 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
10:06:45.0411 5932 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:06:45.0420 5932 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
10:06:45.0420 5932 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:06:45.0429 5932 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
10:06:45.0429 5932 C:\Windows\System32\drivers\vga.sys - ok
10:06:45.0437 5932 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
10:06:45.0438 5932 C:\Windows\System32\drivers\videoprt.sys - ok
10:06:45.0447 5932 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
10:06:45.0447 5932 C:\Windows\System32\drivers\watchdog.sys - ok
10:06:45.0456 5932 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
10:06:45.0456 5932 C:\Windows\System32\drivers\msfs.sys - ok
10:06:45.0465 5932 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
10:06:45.0465 5932 C:\Windows\System32\drivers\npfs.sys - ok
10:06:45.0474 5932 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
10:06:45.0474 5932 C:\Windows\System32\drivers\tdi.sys - ok
10:06:45.0483 5932 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
10:06:45.0483 5932 C:\Windows\System32\drivers\tdx.sys - ok
10:06:45.0492 5932 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
10:06:45.0492 5932 C:\Windows\System32\drivers\netbt.sys - ok
10:06:45.0503 5932 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
10:06:45.0503 5932 C:\Windows\System32\drivers\afd.sys - ok
10:06:45.0510 5932 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
10:06:45.0510 5932 C:\Windows\System32\drivers\ws2ifsl.sys - ok
10:06:45.0516 5932 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
10:06:45.0516 5932 C:\Windows\System32\drivers\wfplwf.sys - ok
10:06:45.0524 5932 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
10:06:45.0524 5932 C:\Windows\System32\drivers\pacer.sys - ok
10:06:45.0533 5932 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
10:06:45.0533 5932 C:\Windows\System32\drivers\netbios.sys - ok
10:06:45.0542 5932 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
10:06:45.0542 5932 C:\Windows\System32\drivers\wanarp.sys - ok
10:06:45.0551 5932 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
10:06:45.0551 5932 C:\Windows\System32\drivers\termdd.sys - ok
10:06:45.0560 5932 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
10:06:45.0560 5932 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:06:45.0569 5932 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
10:06:45.0569 5932 C:\Windows\System32\drivers\rdbss.sys - ok
10:06:45.0577 5932 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
10:06:45.0577 5932 C:\Windows\System32\drivers\discache.sys - ok
10:06:45.0587 5932 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
10:06:45.0587 5932 C:\Windows\System32\drivers\mssmbios.sys - ok
10:06:45.0595 5932 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
10:06:45.0595 5932 C:\Windows\System32\drivers\dfsc.sys - ok
10:06:45.0605 5932 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
10:06:45.0605 5932 C:\Windows\System32\drivers\blbdrive.sys - ok
10:06:45.0613 5932 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
10:06:45.0614 5932 C:\Windows\System32\drivers\tunnel.sys - ok
10:06:45.0623 5932 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] C:\Windows\System32\drivers\amdk8.sys
10:06:45.0623 5932 C:\Windows\System32\drivers\amdk8.sys - ok
10:06:45.0632 5932 [ C172F0D0329E46513B09E1FC60A27B9D ] C:\Windows\System32\drivers\CPQBttn.sys
10:06:45.0632 5932 C:\Windows\System32\drivers\CPQBttn.sys - ok
10:06:45.0641 5932 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
10:06:45.0641 5932 C:\Windows\System32\drivers\hidclass.sys - ok
10:06:45.0650 5932 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
10:06:45.0650 5932 C:\Windows\System32\drivers\hidparse.sys - ok
10:06:45.0659 5932 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
10:06:45.0659 5932 C:\Windows\System32\drivers\wmiacpi.sys - ok
10:06:45.0667 5932 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
10:06:45.0668 5932 C:\Windows\System32\ntdll.dll - ok
10:06:45.0677 5932 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
10:06:45.0677 5932 C:\Windows\System32\smss.exe - ok
10:06:45.0685 5932 [ 34A0A6386256080F52C74076C6157026 ] C:\Windows\System32\drivers\BCMWL6.SYS
10:06:45.0685 5932 C:\Windows\System32\drivers\BCMWL6.SYS - ok
10:06:45.0695 5932 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
10:06:45.0695 5932 C:\Windows\System32\autochk.exe - ok
10:06:45.0703 5932 [ 05B288B25C2EBD9A4E9E5114AE790876 ] C:\Windows\System32\drivers\nvlddmkm.sys
10:06:45.0703 5932 C:\Windows\System32\drivers\nvlddmkm.sys - ok
10:06:45.0713 5932 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
10:06:45.0713 5932 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:06:45.0721 5932 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
10:06:45.0721 5932 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:06:45.0731 5932 [ ADFDD343B1D3A9E061F17C730F1E83DC ] C:\Windows\System32\drivers\nvsmu.sys
10:06:45.0731 5932 C:\Windows\System32\drivers\nvsmu.sys - ok
10:06:45.0740 5932 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
10:06:45.0740 5932 C:\Windows\System32\drivers\usbehci.sys - ok
10:06:45.0749 5932 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
10:06:45.0749 5932 C:\Windows\System32\drivers\usbohci.sys - ok
10:06:45.0758 5932 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
10:06:45.0758 5932 C:\Windows\System32\drivers\usbport.sys - ok
10:06:45.0763 5932 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] C:\Windows\System32\drivers\1394ohci.sys
10:06:45.0763 5932 C:\Windows\System32\drivers\1394ohci.sys - ok
10:06:45.0772 5932 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] C:\Windows\System32\drivers\rimmptsk.sys
10:06:45.0772 5932 C:\Windows\System32\drivers\rimmptsk.sys - ok
10:06:45.0781 5932 [ 0328BE1C7F1CBA23848179F8762E391C ] C:\Windows\System32\drivers\sdbus.sys
10:06:45.0781 5932 C:\Windows\System32\drivers\sdbus.sys - ok
10:06:45.0790 5932 [ DB8EB01C58C9FADA00C70B1775278AE0 ] C:\Windows\System32\drivers\rimsptsk.sys
10:06:45.0790 5932 C:\Windows\System32\drivers\rimsptsk.sys - ok
10:06:45.0798 5932 [ 6C1F93C0760C9F79A1869D07233DF39D ] C:\Windows\System32\drivers\rixdptsk.sys
10:06:45.0798 5932 C:\Windows\System32\drivers\rixdptsk.sys - ok
10:06:45.0808 5932 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
10:06:45.0808 5932 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:06:45.0816 5932 [ B5E37E31C053BC9950455A257526514B ] C:\Windows\System32\drivers\nvm62x32.sys
10:06:45.0816 5932 C:\Windows\System32\drivers\nvm62x32.sys - ok
10:06:45.0825 5932 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
10:06:45.0825 5932 C:\Windows\System32\drivers\i8042prt.sys - ok
10:06:45.0834 5932 [ 1210960FF8928950D2A786895B0C424A ] C:\Windows\System32\drivers\HpqKbFiltr.sys
10:06:45.0834 5932 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
10:06:45.0843 5932 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
10:06:45.0843 5932 C:\Windows\System32\drivers\kbdclass.sys - ok
10:06:45.0852 5932 [ F5D926807BD9BC0AF68F9376144DE425 ] C:\Windows\System32\drivers\SynTP.sys
10:06:45.0852 5932 C:\Windows\System32\drivers\SynTP.sys - ok
10:06:45.0861 5932 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
10:06:45.0861 5932 C:\Windows\System32\drivers\usbd.sys - ok
10:06:45.0870 5932 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
10:06:45.0870 5932 C:\Windows\System32\nsi.dll - ok
10:06:45.0879 5932 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
10:06:45.0879 5932 C:\Windows\System32\psapi.dll - ok
10:06:45.0887 5932 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
10:06:45.0888 5932 C:\Windows\System32\shlwapi.dll - ok
10:06:45.0897 5932 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
10:06:45.0897 5932 C:\Windows\System32\setupapi.dll - ok
10:06:45.0905 5932 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
10:06:45.0906 5932 C:\Windows\System32\comdlg32.dll - ok
10:06:45.0915 5932 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
10:06:45.0915 5932 C:\Windows\System32\urlmon.dll - ok
10:06:45.0923 5932 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
10:06:45.0923 5932 C:\Windows\System32\rpcrt4.dll - ok
10:06:45.0933 5932 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
10:06:45.0933 5932 C:\Windows\System32\difxapi.dll - ok
10:06:45.0941 5932 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
10:06:45.0941 5932 C:\Windows\System32\wininet.dll - ok
10:06:45.0951 5932 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
10:06:45.0951 5932 C:\Windows\System32\ws2_32.dll - ok
10:06:45.0959 5932 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
10:06:45.0959 5932 C:\Windows\System32\imagehlp.dll - ok
10:06:45.0969 5932 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
10:06:45.0969 5932 C:\Windows\System32\sechost.dll - ok
10:06:45.0977 5932 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
10:06:45.0977 5932 C:\Windows\System32\clbcatq.dll - ok
10:06:45.0987 5932 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
10:06:45.0987 5932 C:\Windows\System32\Wldap32.dll - ok
10:06:45.0996 5932 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
10:06:45.0996 5932 C:\Windows\System32\lpk.dll - ok
10:06:46.0005 5932 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
10:06:46.0005 5932 C:\Windows\System32\ole32.dll - ok
10:06:46.0013 5932 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
10:06:46.0013 5932 C:\Windows\System32\shell32.dll - ok
10:06:46.0019 5932 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
10:06:46.0019 5932 C:\Windows\System32\msvcrt.dll - ok
10:06:46.0028 5932 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll
10:06:46.0028 5932 C:\Windows\System32\kernel32.dll - ok
10:06:46.0037 5932 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
10:06:46.0037 5932 C:\Windows\System32\iertutil.dll - ok
10:06:46.0045 5932 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
10:06:46.0045 5932 C:\Windows\System32\usp10.dll - ok
10:06:46.0055 5932 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
10:06:46.0055 5932 C:\Windows\System32\oleaut32.dll - ok
10:06:46.0063 5932 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
10:06:46.0063 5932 C:\Windows\System32\imm32.dll - ok
10:06:46.0073 5932 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
10:06:46.0073 5932 C:\Windows\System32\normaliz.dll - ok
10:06:46.0081 5932 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
10:06:46.0081 5932 C:\Windows\System32\user32.dll - ok
10:06:46.0090 5932 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
10:06:46.0091 5932 C:\Windows\System32\advapi32.dll - ok
10:06:46.0099 5932 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
10:06:46.0099 5932 C:\Windows\System32\gdi32.dll - ok
10:06:46.0108 5932 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
10:06:46.0108 5932 C:\Windows\System32\msctf.dll - ok
10:06:46.0118 5932 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll
10:06:46.0118 5932 C:\Windows\System32\KernelBase.dll - ok
10:06:46.0126 5932 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
10:06:46.0126 5932 C:\Windows\System32\comctl32.dll - ok
10:06:46.0136 5932 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
10:06:46.0136 5932 C:\Windows\System32\devobj.dll - ok
10:06:46.0144 5932 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
10:06:46.0144 5932 C:\Windows\System32\cfgmgr32.dll - ok
10:06:46.0153 5932 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
10:06:46.0153 5932 C:\Windows\System32\crypt32.dll - ok
10:06:46.0162 5932 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
10:06:46.0162 5932 C:\Windows\System32\wintrust.dll - ok
10:06:46.0170 5932 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
10:06:46.0171 5932 C:\Windows\System32\msasn1.dll - ok
10:06:46.0179 5932 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
10:06:46.0179 5932 C:\Windows\System32\drivers\CmBatt.sys - ok
10:06:46.0188 5932 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
10:06:46.0188 5932 C:\Windows\System32\drivers\mouclass.sys - ok
10:06:46.0197 5932 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
10:06:46.0197 5932 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:06:46.0206 5932 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
10:06:46.0206 5932 C:\Windows\System32\drivers\agilevpn.sys - ok
10:06:46.0215 5932 [ F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys
10:06:46.0215 5932 C:\Windows\System32\drivers\modem.sys - ok
10:06:46.0224 5932 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
10:06:46.0224 5932 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:06:46.0233 5932 [ 564297827D213F52C7A3A2FF749568CA ] C:\Windows\System32\drivers\rootmdm.sys
10:06:46.0233 5932 C:\Windows\System32\drivers\rootmdm.sys - ok
10:06:46.0242 5932 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
10:06:46.0243 5932 C:\Windows\System32\drivers\ndistapi.sys - ok
10:06:46.0257 5932 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
10:06:46.0257 5932 C:\Windows\System32\drivers\ndiswan.sys - ok
10:06:46.0272 5932 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
10:06:46.0272 5932 C:\Windows\System32\drivers\raspppoe.sys - ok
10:06:46.0282 5932 [ 69370F2E2827FFBA910D0BFA9E62E484 ] C:\Windows\System32\drivers\appliand.sys
10:06:46.0282 5932 C:\Windows\System32\drivers\appliand.sys - ok
10:06:46.0293 5932 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
10:06:46.0293 5932 C:\Windows\System32\drivers\raspptp.sys - ok
10:06:46.0302 5932 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
10:06:46.0302 5932 C:\Windows\System32\drivers\rassstp.sys - ok
10:06:46.0313 5932 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] C:\Windows\System32\drivers\RimSerial.sys
10:06:46.0313 5932 C:\Windows\System32\drivers\RimSerial.sys - ok
10:06:46.0323 5932 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
10:06:46.0323 5932 C:\Windows\System32\drivers\ks.sys - ok
10:06:46.0334 5932 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
10:06:46.0334 5932 C:\Windows\System32\drivers\swenum.sys - ok
10:06:46.0344 5932 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
10:06:46.0345 5932 C:\Windows\System32\drivers\umbus.sys - ok
10:06:46.0350 5932 [ 9E3CED91863E6EE98C24794D05E27A71 ] C:\Windows\System32\drivers\kbdhid.sys
10:06:46.0350 5932 C:\Windows\System32\drivers\kbdhid.sys - ok
10:06:46.0360 5932 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
10:06:46.0360 5932 C:\Windows\System32\drivers\usbhub.sys - ok
10:06:46.0368 5932 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
10:06:46.0368 5932 C:\Windows\System32\drivers\ndproxy.sys - ok
10:06:46.0376 5932 [ B6E7991E3D6146C04C85CD31AF22A381 ] C:\Windows\System32\drivers\CHDRT32.sys
10:06:46.0376 5932 C:\Windows\System32\drivers\CHDRT32.sys - ok
10:06:46.0386 5932 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
10:06:46.0386 5932 C:\Windows\System32\drivers\drmk.sys - ok
10:06:46.0394 5932 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
10:06:46.0395 5932 C:\Windows\System32\drivers\portcls.sys - ok
10:06:46.0404 5932 [ A44DDF3BA83E4664BF4DE9220097578C ] C:\Windows\System32\drivers\HSXHWAZL.sys
10:06:46.0404 5932 C:\Windows\System32\drivers\HSXHWAZL.sys - ok
10:06:46.0413 5932 [ 1882827F41DEE51C70E24C567C35BFB5 ] C:\Windows\System32\drivers\HSX_DPV.sys
10:06:46.0413 5932 C:\Windows\System32\drivers\HSX_DPV.sys - ok
10:06:46.0422 5932 [ E096FFB754F1E45AE1BDDAC1275AE2C5 ] C:\Windows\System32\drivers\HSX_CNXT.sys
10:06:46.0422 5932 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
10:06:46.0431 5932 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
10:06:46.0431 5932 C:\Windows\System32\drivers\hidusb.sys - ok
10:06:46.0440 5932 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
10:06:46.0440 5932 C:\Windows\System32\drivers\usbccgp.sys - ok
10:06:46.0449 5932 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
10:06:46.0449 5932 C:\Windows\System32\drivers\mouhid.sys - ok
10:06:46.0458 5932 [ 45B44FC9E5AC0DB02B19D515EE809DE5 ] C:\Windows\System32\drivers\stream.sys
10:06:46.0458 5932 C:\Windows\System32\drivers\stream.sys - ok
10:06:46.0467 5932 [ 866DDC29E885C0390493569FE4269170 ] C:\Windows\System32\drivers\sncduvc.sys
10:06:46.0467 5932 C:\Windows\System32\drivers\sncduvc.sys - ok
10:06:46.0476 5932 [ 59C9B920A1767CB857C5FB2E1E66E7E4 ] C:\Windows\System32\drivers\snp2uvc.sys
10:06:46.0476 5932 C:\Windows\System32\drivers\snp2uvc.sys - ok
10:06:46.0485 5932 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
10:06:46.0485 5932 C:\Windows\System32\drivers\dxapi.sys - ok
10:06:46.0494 5932 [ 46538741E0230731D3635D12DF85A7B5 ] C:\Windows\System32\win32k.sys
10:06:46.0494 5932 C:\Windows\System32\win32k.sys - ok
10:06:46.0502 5932 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
10:06:46.0502 5932 C:\Windows\System32\csrsrv.dll - ok
10:06:46.0512 5932 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
10:06:46.0512 5932 C:\Windows\System32\csrss.exe - ok
10:06:46.0516 5932 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
10:06:46.0517 5932 C:\Windows\System32\basesrv.dll - ok
10:06:46.0526 5932 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\System32\winsrv.dll
10:06:46.0526 5932 C:\Windows\System32\winsrv.dll - ok
10:06:46.0535 5932 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
10:06:46.0535 5932 C:\Windows\System32\drivers\monitor.sys - ok
10:06:46.0544 5932 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
10:06:46.0544 5932 C:\Windows\System32\sxssrv.dll - ok
10:06:46.0552 5932 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
10:06:46.0552 5932 C:\Windows\System32\tsddd.dll - ok
10:06:46.0561 5932 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
10:06:46.0562 5932 C:\Windows\System32\profapi.dll - ok
10:06:46.0570 5932 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
10:06:46.0570 5932 C:\Windows\System32\wininit.exe - ok
10:06:46.0579 5932 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
10:06:46.0580 5932 C:\Windows\System32\cdd.dll - ok
10:06:46.0588 5932 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
10:06:46.0588 5932 C:\Windows\System32\KBDUS.DLL - ok
10:06:46.0597 5932 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
10:06:46.0597 5932 C:\Windows\System32\RpcRtRemote.dll - ok
10:06:46.0607 5932 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
10:06:46.0608 5932 C:\Windows\System32\sxs.dll - ok
10:06:46.0617 5932 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
10:06:46.0617 5932 C:\Windows\System32\WlS0WndH.dll - ok
10:06:46.0628 5932 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
10:06:46.0628 5932 C:\Windows\System32\cryptbase.dll - ok
10:06:46.0636 5932 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
10:06:46.0636 5932 C:\Windows\System32\apphelp.dll - ok
10:06:46.0645 5932 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
10:06:46.0646 5932 C:\Windows\System32\services.exe - ok
10:06:46.0654 5932 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
10:06:46.0654 5932 C:\Windows\System32\lsasrv.dll - ok
10:06:46.0663 5932 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
10:06:46.0663 5932 C:\Windows\System32\lsass.exe - ok
10:06:46.0671 5932 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
10:06:46.0671 5932 C:\Windows\System32\lsm.exe - ok
10:06:46.0680 5932 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
10:06:46.0680 5932 C:\Windows\System32\sspicli.dll - ok
10:06:46.0689 5932 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
10:06:46.0689 5932 C:\Windows\System32\sspisrv.dll - ok
10:06:46.0698 5932 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
10:06:46.0698 5932 C:\Windows\System32\sysntfy.dll - ok
10:06:46.0706 5932 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
10:06:46.0706 5932 C:\Windows\System32\wmsgapi.dll - ok
10:06:46.0716 5932 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
10:06:46.0716 5932 C:\Windows\System32\scesrv.dll - ok
10:06:46.0724 5932 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
10:06:46.0724 5932 C:\Windows\System32\scext.dll - ok
10:06:46.0734 5932 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
10:06:46.0734 5932 C:\Windows\System32\secur32.dll - ok
10:06:46.0743 5932 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
10:06:46.0743 5932 C:\Windows\System32\winlogon.exe - ok
10:06:46.0754 5932 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
10:06:46.0755 5932 C:\Windows\System32\winsta.dll - ok
10:06:46.0766 5932 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
10:06:46.0766 5932 C:\Windows\System32\srvcli.dll - ok
10:06:46.0773 5932 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
10:06:46.0773 5932 C:\Windows\System32\samsrv.dll - ok
10:06:46.0781 5932 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
10:06:46.0781 5932 C:\Windows\System32\cryptdll.dll - ok
10:06:46.0791 5932 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
10:06:46.0791 5932 C:\Windows\System32\wevtapi.dll - ok
10:06:46.0799 5932 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
10:06:46.0799 5932 C:\Windows\System32\authz.dll - ok
10:06:46.0809 5932 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
10:06:46.0809 5932 C:\Windows\System32\cngaudit.dll - ok
10:06:46.0817 5932 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
10:06:46.0817 5932 C:\Windows\System32\bcrypt.dll - ok
10:06:46.0826 5932 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll
10:06:46.0826 5932 C:\Windows\System32\ncrypt.dll - ok
10:06:46.0835 5932 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
10:06:46.0835 5932 C:\Windows\System32\msprivs.dll - ok
10:06:46.0844 5932 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
10:06:46.0844 5932 C:\Windows\System32\netjoin.dll - ok
10:06:46.0853 5932 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
10:06:46.0853 5932 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
10:06:46.0862 5932 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
10:06:46.0862 5932 C:\Windows\System32\negoexts.dll - ok
10:06:46.0871 5932 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
10:06:46.0871 5932 C:\Windows\System32\kerberos.dll - ok
10:06:46.0881 5932 [ 5DAF8A6B7F127C4E70A5C1F707347859 ] C:\Windows\System32\atmfd.dll
10:06:46.0881 5932 C:\Windows\System32\atmfd.dll - ok
10:06:46.0889 5932 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
10:06:46.0889 5932 C:\Windows\System32\cryptsp.dll - ok
10:06:46.0897 5932 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
10:06:46.0897 5932 C:\Windows\System32\mswsock.dll - ok
10:06:46.0907 5932 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
10:06:46.0907 5932 C:\Windows\System32\msv1_0.dll - ok
10:06:46.0915 5932 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
10:06:46.0915 5932 C:\Windows\System32\netlogon.dll - ok
10:06:46.0925 5932 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
10:06:46.0925 5932 C:\Windows\System32\wship6.dll - ok
10:06:46.0933 5932 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
10:06:46.0933 5932 C:\Windows\System32\dnsapi.dll - ok
10:06:46.0943 5932 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
10:06:46.0943 5932 C:\Windows\System32\logoncli.dll - ok
10:06:46.0951 5932 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
10:06:46.0951 5932 C:\Windows\System32\schannel.dll - ok
10:06:46.0961 5932 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
10:06:46.0961 5932 C:\Windows\System32\wdigest.dll - ok
10:06:46.0969 5932 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
10:06:46.0969 5932 C:\Windows\System32\pku2u.dll - ok
10:06:46.0979 5932 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
10:06:46.0979 5932 C:\Windows\System32\rsaenh.dll - ok
10:06:46.0987 5932 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
10:06:46.0987 5932 C:\Windows\System32\TSpkg.dll - ok
10:06:46.0997 5932 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
10:06:46.0997 5932 C:\Windows\System32\bcryptprimitives.dll - ok
10:06:47.0005 5932 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
10:06:47.0005 5932 C:\Windows\System32\credssp.dll - ok
10:06:47.0015 5932 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
10:06:47.0015 5932 C:\Windows\System32\efslsaext.dll - ok
10:06:47.0020 5932 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
10:06:47.0020 5932 C:\Windows\System32\scecli.dll - ok
10:06:47.0030 5932 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
10:06:47.0030 5932 C:\Windows\System32\ubpm.dll - ok
10:06:47.0038 5932 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
10:06:47.0038 5932 C:\Windows\System32\SPInf.dll - ok
10:06:47.0047 5932 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
10:06:47.0047 5932 C:\Windows\System32\svchost.exe - ok
10:06:47.0055 5932 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
10:06:47.0055 5932 C:\Windows\System32\umpnpmgr.dll - ok
10:06:47.0065 5932 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
10:06:47.0065 5932 C:\Windows\System32\devrtl.dll - ok
10:06:47.0073 5932 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
10:06:47.0073 5932 C:\Windows\System32\userenv.dll - ok
10:06:47.0083 5932 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
10:06:47.0083 5932 C:\Windows\System32\gpapi.dll - ok
10:06:47.0091 5932 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
10:06:47.0091 5932 C:\Windows\System32\pcwum.dll - ok
10:06:47.0101 5932 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
10:06:47.0101 5932 C:\Windows\System32\umpo.dll - ok
10:06:47.0109 5932 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
10:06:47.0109 5932 C:\Windows\System32\powrprof.dll - ok
10:06:47.0119 5932 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
10:06:47.0119 5932 C:\Windows\System32\drivers\luafv.sys - ok
10:06:47.0129 5932 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
10:06:47.0129 5932 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:06:47.0137 5932 [ E937A615D4289E83E234C3EC26092431 ] C:\Windows\System32\nvvsvc.exe
10:06:47.0137 5932 C:\Windows\System32\nvvsvc.exe - ok
10:06:47.0145 5932 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
10:06:47.0145 5932 C:\Windows\System32\rpcss.dll - ok
10:06:47.0155 5932 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
10:06:47.0155 5932 C:\Windows\System32\RpcEpMap.dll - ok
10:06:47.0163 5932 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
10:06:47.0163 5932 C:\Windows\System32\wshqos.dll - ok
10:06:47.0173 5932 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
10:06:47.0173 5932 C:\Windows\System32\WSHTCPIP.DLL - ok
10:06:47.0181 5932 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:06:47.0181 5932 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:06:47.0191 5932 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:06:47.0191 5932 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:06:47.0200 5932 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
10:06:47.0200 5932 C:\Windows\System32\FirewallAPI.dll - ok
10:06:47.0209 5932 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
10:06:47.0209 5932 C:\Windows\System32\LogonUI.exe - ok
10:06:47.0217 5932 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
10:06:47.0217 5932 C:\Windows\System32\authui.dll - ok
10:06:47.0227 5932 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
10:06:47.0227 5932 C:\Windows\System32\version.dll - ok
10:06:47.0235 5932 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
10:06:47.0235 5932 C:\Windows\System32\wtsapi32.dll - ok
10:06:47.0245 5932 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:06:47.0245 5932 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:06:47.0255 5932 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
10:06:47.0255 5932 C:\Windows\System32\cryptui.dll - ok
10:06:47.0263 5932 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
10:06:47.0263 5932 C:\Windows\System32\ntmarta.dll - ok
10:06:47.0272 5932 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:06:47.0272 5932 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:06:47.0277 5932 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
10:06:47.0277 5932 C:\Windows\System32\shacct.dll - ok
10:06:47.0286 5932 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
10:06:47.0286 5932 C:\Windows\System32\propsys.dll - ok
10:06:47.0294 5932 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
10:06:47.0294 5932 C:\Windows\System32\samlib.dll - ok
10:06:47.0303 5932 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
10:06:47.0304 5932 C:\Windows\System32\uxtheme.dll - ok
10:06:47.0312 5932 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
10:06:47.0312 5932 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
10:06:47.0321 5932 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
10:06:47.0322 5932 C:\Windows\System32\dui70.dll - ok
10:06:47.0330 5932 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:06:47.0330 5932 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:06:47.0339 5932 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
10:06:47.0340 5932 C:\Windows\System32\wevtsvc.dll - ok
10:06:47.0348 5932 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
10:06:47.0348 5932 C:\Windows\System32\duser.dll - ok
10:06:47.0357 5932 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
10:06:47.0357 5932 C:\Windows\System32\SndVolSSO.dll - ok
10:06:47.0366 5932 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:06:47.0366 5932 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:06:47.0377 5932 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
10:06:47.0377 5932 C:\Windows\System32\dwmapi.dll - ok
10:06:47.0384 5932 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll
10:06:47.0384 5932 C:\Windows\System32\fltLib.dll - ok
10:06:47.0393 5932 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
10:06:47.0393 5932 C:\Windows\System32\hid.dll - ok
10:06:47.0402 5932 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
10:06:47.0402 5932 C:\Windows\System32\MMDevAPI.dll - ok
10:06:47.0411 5932 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
10:06:47.0411 5932 C:\Windows\System32\xmllite.dll - ok
10:06:47.0420 5932 [ 00A0231FCA55C815853B957767E34B02 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
10:06:47.0420 5932 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
10:06:47.0429 5932 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] C:\Windows\System32\drivers\MpFilter.sys
10:06:47.0429 5932 C:\Windows\System32\drivers\MpFilter.sys - ok
10:06:47.0438 5932 [ 2EF4E53ACB0DF0B34091335BB26C2BC2 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
10:06:47.0438 5932 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
10:06:47.0447 5932 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
10:06:47.0448 5932 C:\Windows\System32\WindowsCodecs.dll - ok
10:06:47.0456 5932 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
10:06:47.0456 5932 C:\Windows\System32\adtschema.dll - ok
10:06:47.0465 5932 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
10:06:47.0465 5932 C:\Windows\System32\audiosrv.dll - ok
10:06:47.0473 5932 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
10:06:47.0473 5932 C:\Windows\System32\avrt.dll - ok
10:06:47.0483 5932 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
10:06:47.0483 5932 C:\Windows\System32\mmcss.dll - ok
10:06:47.0493 5932 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
10:06:47.0493 5932 C:\Windows\System32\netprofm.dll - ok
10:06:47.0501 5932 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
10:06:47.0501 5932 C:\Windows\System32\wlansvc.dll - ok
10:06:47.0510 5932 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
10:06:47.0510 5932 C:\Windows\System32\drivers\fltMgr.sys - ok
10:06:47.0520 5932 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:06:47.0520 5932 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:06:47.0524 5932 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
10:06:47.0524 5932 C:\Windows\System32\PSHED.DLL - ok
10:06:47.0534 5932 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
10:06:47.0534 5932 C:\Windows\System32\MPSSVC.dll - ok
10:06:47.0542 5932 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDF3C7B-AF4F-49B4-BB9D-B6727A3D713A}\mpengine.dll
10:06:47.0542 5932 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDF3C7B-AF4F-49B4-BB9D-B6727A3D713A}\mpengine.dll - ok
10:06:47.0552 5932 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
10:06:47.0552 5932 C:\Windows\System32\winbrand.dll - ok
10:06:47.0560 5932 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
10:06:47.0560 5932 C:\Windows\System32\VaultCredProvider.dll - ok
10:06:47.0569 5932 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
10:06:47.0569 5932 C:\Windows\System32\audiodg.exe - ok
10:06:47.0578 5932 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:06:47.0578 5932 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:06:47.0587 5932 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
10:06:47.0587 5932 C:\Windows\System32\gpsvc.dll - ok
10:06:47.0595 5932 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
10:06:47.0595 5932 C:\Windows\System32\winmm.dll - ok
10:06:47.0605 5932 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:06:47.0605 5932 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:06:47.0615 5932 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
10:06:47.0615 5932 C:\Windows\System32\wdmaud.drv - ok
10:06:47.0623 5932 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
10:06:47.0623 5932 C:\Windows\System32\ksuser.dll - ok
10:06:47.0632 5932 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
10:06:47.0632 5932 C:\Windows\System32\BioCredProv.dll - ok
10:06:47.0641 5932 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll
10:06:47.0641 5932 C:\Windows\System32\nlaapi.dll - ok
10:06:47.0649 5932 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
10:06:47.0650 5932 C:\Windows\System32\themeservice.dll - ok
10:06:47.0659 5932 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
10:06:47.0659 5932 C:\Windows\System32\profsvc.dll - ok
10:06:47.0667 5932 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
10:06:47.0667 5932 C:\Windows\System32\credui.dll - ok
10:06:47.0677 5932 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
10:06:47.0677 5932 C:\Windows\System32\winbio.dll - ok
10:06:47.0685 5932 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
10:06:47.0685 5932 C:\Windows\System32\atl.dll - ok
10:06:47.0694 5932 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
10:06:47.0694 5932 C:\Windows\System32\dsrole.dll - ok
10:06:47.0703 5932 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
10:06:47.0703 5932 C:\Windows\System32\slc.dll - ok
10:06:47.0712 5932 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
10:06:47.0712 5932 C:\Windows\System32\es.dll - ok
10:06:47.0721 5932 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
10:06:47.0721 5932 C:\Windows\System32\netapi32.dll - ok
10:06:47.0729 5932 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
10:06:47.0730 5932 C:\Windows\System32\netutils.dll - ok
10:06:47.0739 5932 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
10:06:47.0739 5932 C:\Windows\System32\samcli.dll - ok
10:06:47.0747 5932 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
10:06:47.0747 5932 C:\Windows\System32\vaultcli.dll - ok
10:06:47.0756 5932 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
10:06:47.0756 5932 C:\Windows\System32\wkscli.dll - ok
10:06:47.0765 5932 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
10:06:47.0765 5932 C:\Windows\System32\certCredProvider.dll - ok
10:06:47.0775 5932 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
10:06:47.0775 5932 C:\Windows\System32\comres.dll - ok
10:06:47.0783 5932 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
10:06:47.0783 5932 C:\Windows\System32\Sens.dll - ok
10:06:47.0792 5932 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
10:06:47.0792 5932 C:\Windows\System32\uxsms.dll - ok
10:06:47.0801 5932 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
10:06:47.0801 5932 C:\Windows\System32\WUDFPlatform.dll - ok
10:06:47.0810 5932 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
10:06:47.0810 5932 C:\Windows\System32\WUDFSvc.dll - ok
10:06:47.0819 5932 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
10:06:47.0819 5932 C:\Windows\System32\drivers\lltdio.sys - ok
10:06:47.0828 5932 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
10:06:47.0828 5932 C:\Windows\System32\drivers\nwifi.sys - ok
10:06:47.0836 5932 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
10:06:47.0836 5932 C:\Windows\System32\drivers\ndisuio.sys - ok
10:06:47.0846 5932 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
10:06:47.0846 5932 C:\Windows\System32\drivers\rspndr.sys - ok
10:06:47.0854 5932 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
10:06:47.0855 5932 C:\Windows\System32\rasplap.dll - ok
10:06:47.0866 5932 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
10:06:47.0866 5932 C:\Windows\System32\rasapi32.dll - ok
10:06:47.0872 5932 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
10:06:47.0872 5932 C:\Windows\System32\rasman.dll - ok
10:06:47.0882 5932 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
10:06:47.0882 5932 C:\Windows\System32\rtutils.dll - ok
10:06:47.0890 5932 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
10:06:47.0890 5932 C:\Windows\System32\AudioSes.dll - ok
10:06:47.0900 5932 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
10:06:47.0900 5932 C:\Windows\System32\UXInit.dll - ok
10:06:47.0908 5932 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
10:06:47.0908 5932 C:\Windows\System32\oleacc.dll - ok
10:06:47.0918 5932 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
10:06:47.0918 5932 C:\Windows\System32\UIAutomationCore.dll - ok
10:06:47.0926 5932 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
10:06:47.0926 5932 C:\Windows\System32\IPHLPAPI.DLL - ok
10:06:47.0936 5932 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
10:06:47.0936 5932 C:\Windows\System32\lmhsvc.dll - ok
10:06:47.0944 5932 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
10:06:47.0944 5932 C:\Windows\System32\nsisvc.dll - ok
10:06:47.0954 5932 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
10:06:47.0954 5932 C:\Windows\System32\dhcpcore.dll - ok
10:06:47.0963 5932 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
10:06:47.0963 5932 C:\Windows\System32\nrpsrv.dll - ok
10:06:47.0971 5932 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
10:06:47.0971 5932 C:\Windows\System32\winnsi.dll - ok
10:06:47.0980 5932 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
10:06:47.0980 5932 C:\Windows\System32\dnsrslvr.dll - ok
10:06:47.0990 5932 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
10:06:47.0990 5932 C:\Windows\System32\eapsvc.dll - ok
10:06:47.0998 5932 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
10:06:47.0998 5932 C:\Windows\System32\keyiso.dll - ok
10:06:48.0007 5932 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
10:06:48.0007 5932 C:\Windows\System32\eapphost.dll - ok
10:06:48.0016 5932 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
10:06:48.0016 5932 C:\Windows\System32\FWPUCLNT.DLL - ok
10:06:48.0026 5932 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
10:06:48.0026 5932 C:\Windows\System32\midimap.dll - ok
10:06:48.0031 5932 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
10:06:48.0031 5932 C:\Windows\System32\msacm32.dll - ok
10:06:48.0039 5932 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
10:06:48.0039 5932 C:\Windows\System32\msacm32.drv - ok
10:06:48.0048 5932 [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\System32\dhcpcore6.dll
10:06:48.0048 5932 C:\Windows\System32\dhcpcore6.dll - ok
10:06:48.0057 5932 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
10:06:48.0057 5932 C:\Windows\System32\AudioEng.dll - ok
10:06:48.0066 5932 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
10:06:48.0066 5932 C:\Windows\System32\dnsext.dll - ok
10:06:48.0074 5932 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
10:06:48.0074 5932 C:\Windows\System32\dhcpcsvc.dll - ok
10:06:48.0084 5932 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\System32\dhcpcsvc6.dll
10:06:48.0084 5932 C:\Windows\System32\dhcpcsvc6.dll - ok
10:06:48.0092 5932 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
10:06:48.0092 5932 C:\Windows\System32\umb.dll - ok
10:06:48.0101 5932 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
10:06:48.0101 5932 C:\Windows\System32\wlanmsm.dll - ok
10:06:48.0110 5932 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
10:06:48.0110 5932 C:\Windows\System32\imageres.dll - ok
10:06:48.0121 5932 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
10:06:48.0121 5932 C:\Windows\System32\wlansec.dll - ok
10:06:48.0129 5932 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
10:06:48.0129 5932 C:\Windows\System32\AUDIOKSE.dll - ok
10:06:48.0138 5932 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
10:06:48.0138 5932 C:\Windows\System32\onex.dll - ok
10:06:48.0146 5932 [ B9B4AEFBDD1B105A39312914C6F7F0A5 ] C:\Windows\System32\CnxtAp32.dll
10:06:48.0146 5932 C:\Windows\System32\CnxtAp32.dll - ok
10:06:48.0156 5932 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
10:06:48.0156 5932 C:\Windows\System32\eappcfg.dll - ok
10:06:48.0164 5932 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
10:06:48.0164 5932 C:\Windows\System32\eappprxy.dll - ok
10:06:48.0174 5932 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
10:06:48.0174 5932 C:\Windows\System32\l2gpstore.dll - ok
10:06:48.0182 5932 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
10:06:48.0182 5932 C:\Windows\System32\wlgpclnt.dll - ok
10:06:48.0192 5932 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
10:06:48.0192 5932 C:\Windows\System32\WinSCard.dll - ok
10:06:48.0200 5932 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
10:06:48.0200 5932 C:\Windows\System32\wlanutil.dll - ok
10:06:48.0210 5932 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
10:06:48.0210 5932 C:\Windows\System32\msxml6.dll - ok
10:06:48.0218 5932 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
10:06:48.0218 5932 C:\Windows\System32\shsvcs.dll - ok
10:06:48.0228 5932 [ 6F44F5C0BC6B210FE5F5A1C8D899AD0A ] C:\Windows\System32\wlanext.exe
10:06:48.0228 5932 C:\Windows\System32\wlanext.exe - ok
10:06:48.0236 5932 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe
10:06:48.0236 5932 C:\Windows\System32\conhost.exe - ok
10:06:48.0246 5932 [ F9AD9703CF0F9B8BC0924C21D220777E ] C:\Windows\System32\bcmihvsrv.dll
10:06:48.0246 5932 C:\Windows\System32\bcmihvsrv.dll - ok
10:06:48.0254 5932 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
10:06:48.0254 5932 C:\Windows\System32\schedsvc.dll - ok
10:06:48.0264 5932 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
10:06:48.0264 5932 C:\Windows\System32\ktmw32.dll - ok
10:06:48.0272 5932 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
10:06:48.0272 5932 C:\Windows\System32\fveapi.dll - ok
10:06:48.0282 5932 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
10:06:48.0283 5932 C:\Windows\System32\fvecerts.dll - ok
10:06:48.0291 5932 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
10:06:48.0291 5932 C:\Windows\System32\tbs.dll - ok
10:06:48.0300 5932 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
10:06:48.0300 5932 C:\Windows\System32\taskcomp.dll - ok
10:06:48.0308 5932 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
10:06:48.0308 5932 C:\Windows\System32\wiarpc.dll - ok
10:06:48.0317 5932 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
10:06:48.0317 5932 C:\Windows\System32\drivers\http.sys - ok
10:06:48.0326 5932 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
10:06:48.0326 5932 C:\Windows\System32\spoolsv.exe - ok
10:06:48.0335 5932 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
10:06:48.0335 5932 C:\Windows\System32\BFE.DLL - ok
10:06:48.0343 5932 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
10:06:48.0343 5932 C:\Windows\System32\rundll32.exe - ok
10:06:48.0353 5932 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
10:06:48.0353 5932 C:\Windows\AppPatch\AcLayers.dll - ok
10:06:48.0362 5932 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
10:06:48.0362 5932 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:06:48.0371 5932 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
10:06:48.0371 5932 C:\Windows\System32\drivers\bowser.sys - ok
10:06:48.0379 5932 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
10:06:48.0379 5932 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:06:48.0389 5932 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
10:06:48.0389 5932 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:06:48.0397 5932 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
10:06:48.0397 5932 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:06:48.0407 5932 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
10:06:48.0407 5932 C:\Windows\System32\wfapigp.dll - ok
10:06:48.0415 5932 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
10:06:48.0415 5932 C:\Windows\System32\mscms.dll - ok
10:06:48.0424 5932 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
10:06:48.0425 5932 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:06:48.0433 5932 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
10:06:48.0433 5932 C:\Windows\System32\wkssvc.dll - ok
10:06:48.0443 5932 [ C0E25BB0E6A159D332048AFAA2ED24CE ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
10:06:48.0443 5932 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe - ok
10:06:48.0451 5932 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
10:06:48.0451 5932 C:\Windows\System32\drivers\parport.sys - ok
10:06:48.0460 5932 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
10:06:48.0461 5932 C:\Windows\System32\winspool.drv - ok
10:06:48.0471 5932 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
10:06:48.0471 5932 C:\Windows\System32\mpr.dll - ok
10:06:48.0479 5932 [ E1C7327C61B749248FBF1414F6515E4C ] C:\Windows\System32\nvsvc.dll
10:06:48.0479 5932 C:\Windows\System32\nvsvc.dll - ok
10:06:48.0487 5932 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
10:06:48.0487 5932 C:\Windows\System32\pcasvc.dll - ok
10:06:48.0496 5932 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\System32\msvcp71.dll
10:06:48.0497 5932 C:\Windows\System32\msvcp71.dll - ok
10:06:48.0505 5932 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
10:06:48.0505 5932 C:\Windows\System32\wsock32.dll - ok
10:06:48.0514 5932 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
10:06:48.0515 5932 C:\Windows\System32\snmptrap.exe - ok
10:06:48.0523 5932 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdcBase.exe
10:06:48.0523 5932 C:\Windows\WindowsMobile\wmdcBase.exe - ok
10:06:48.0533 5932 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll
10:06:48.0533 5932 C:\Windows\System32\msvcr71.dll - ok
10:06:48.0538 5932 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
10:06:48.0538 5932 C:\Windows\System32\msimg32.dll - ok
10:06:48.0546 5932 [ 35DDF72BA8CD43F65DFF85269774594F ] C:\Windows\System32\nvapi.dll
10:06:48.0546 5932 C:\Windows\System32\nvapi.dll - ok
10:06:48.0555 5932 [ B8CD57C8AAED177BFC12FBF03F5A1BE6 ] C:\Windows\System32\nvsvcr.dll
10:06:48.0555 5932 C:\Windows\System32\nvsvcr.dll - ok
10:06:48.0563 5932 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
10:06:48.0563 5932 C:\Windows\System32\wlanapi.dll - ok
10:06:48.0573 5932 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
10:06:48.0573 5932 C:\Windows\System32\mfplat.dll - ok
10:06:48.0581 5932 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
10:06:48.0581 5932 C:\Windows\System32\shfolder.dll - ok
10:06:48.0592 5932 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
10:06:48.0593 5932 C:\Windows\System32\cryptsvc.dll - ok
10:06:48.0599 5932 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
10:06:48.0599 5932 C:\Windows\System32\cryptnet.dll - ok
10:06:48.0609 5932 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
10:06:48.0609 5932 C:\Windows\System32\vssapi.dll - ok
10:06:48.0619 5932 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
10:06:48.0619 5932 C:\Windows\System32\netcfgx.dll - ok
10:06:48.0627 5932 [ 167725F44C8D2C1F9A86E16FFA60F311 ] C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
10:06:48.0628 5932 C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe - ok
10:06:48.0636 5932 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
10:06:48.0636 5932 C:\Windows\System32\dps.dll - ok
10:06:48.0645 5932 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
10:06:48.0645 5932 C:\Windows\System32\taskschd.dll - ok
10:06:48.0654 5932 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
10:06:48.0654 5932 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
10:06:48.0663 5932 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
10:06:48.0663 5932 C:\Windows\System32\vsstrace.dll - ok
10:06:48.0671 5932 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll
10:06:48.0671 5932 C:\Windows\System32\efssvc.dll - ok
10:06:48.0681 5932 [ 3F6D9269E7B3A754B1C2F8533DC7F318 ] C:\Windows\System32\efscore.dll
10:06:48.0681 5932 C:\Windows\System32\efscore.dll - ok
10:06:48.0689 5932 [ 359C3AC547AA1D24EED35BE3AB3759DC ] C:\Windows\System32\efsutil.dll
10:06:48.0689 5932 C:\Windows\System32\efsutil.dll - ok
10:06:48.0699 5932 [ A732F4F25B83B053D2DA98A8279DBDBE ] C:\Program Files\Easy-Hide-IP\rdr\EasyTechCertInstaller.dll
10:06:48.0699 5932 C:\Program Files\Easy-Hide-IP\rdr\EasyTechCertInstaller.dll - ok
10:06:48.0707 5932 [ 431DC7477AF22A00DF62DE20233EBAAA ] C:\Program Files\Easy-Hide-IP\rdr\libnspr4.dll
10:06:48.0707 5932 C:\Program Files\Easy-Hide-IP\rdr\libnspr4.dll - ok
10:06:48.0717 5932 [ 6A5120FF0556B4F278A602BF06A2C954 ] C:\Program Files\Easy-Hide-IP\rdr\nss3.dll
10:06:48.0717 5932 C:\Program Files\Easy-Hide-IP\rdr\nss3.dll - ok
10:06:48.0726 5932 [ 7ABC08559D72A067EDD6636948C7E5DB ] C:\Program Files\Easy-Hide-IP\rdr\libplc4.dll
10:06:48.0726 5932 C:\Program Files\Easy-Hide-IP\rdr\libplc4.dll - ok
10:06:48.0735 5932 [ 61C742F32FD1B1D3B47B5FAD2D712C84 ] C:\Program Files\Easy-Hide-IP\rdr\libplds4.dll
10:06:48.0736 5932 C:\Program Files\Easy-Hide-IP\rdr\libplds4.dll - ok
10:06:48.0744 5932 [ 5E70600F53DA5AFACC7C59D9F845D6F4 ] C:\Program Files\Easy-Hide-IP\rdr\nssutil3.dll
10:06:48.0744 5932 C:\Program Files\Easy-Hide-IP\rdr\nssutil3.dll - ok
10:06:48.0753 5932 [ 755F6E1287B9CFA1F88099BCE0BCC4CC ] C:\Program Files\Easy-Hide-IP\rdr\smime3.dll
10:06:48.0754 5932 C:\Program Files\Easy-Hide-IP\rdr\smime3.dll - ok
10:06:48.0762 5932 [ 4014AED993BA738FCAB08827C5B5A17F ] C:\Program Files\Easy-Hide-IP\rdr\softokn3.dll
10:06:48.0762 5932 C:\Program Files\Easy-Hide-IP\rdr\softokn3.dll - ok
10:06:48.0771 5932 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
10:06:48.0771 5932 C:\Windows\System32\FDResPub.dll - ok
10:06:48.0781 5932 [ C837D17DE0B349539AA527EE750EBE2A ] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
10:06:48.0781 5932 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe - ok
10:06:48.0787 5932 [ 94B0049B76B517E0ACCCD03ABCAA7B08 ] C:\Program Files\Easy-Hide-IP\rdr\sqlite3.dll
10:06:48.0788 5932 C:\Program Files\Easy-Hide-IP\rdr\sqlite3.dll - ok
10:06:48.0796 5932 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
10:06:48.0796 5932 C:\Windows\System32\IKEEXT.DLL - ok
10:06:48.0806 5932 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
10:06:48.0806 5932 C:\Windows\System32\WSDApi.dll - ok
10:06:48.0815 5932 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
10:06:48.0815 5932 C:\Windows\System32\webservices.dll - ok
10:06:48.0824 5932 [ EE621D24B5E22073124F13F8E9A59245 ] C:\Program Files\Zune\ZuneResources.dll
10:06:48.0824 5932 C:\Program Files\Zune\ZuneResources.dll - ok
10:06:48.0832 5932 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
10:06:48.0832 5932 C:\Windows\System32\fundisc.dll - ok
10:06:48.0842 5932 [ D17C6FB99411950C838155934B25C6A9 ] C:\Program Files\Easy-Hide-IP\rdr\nssdbm3.dll
10:06:48.0842 5932 C:\Program Files\Easy-Hide-IP\rdr\nssdbm3.dll - ok
10:06:48.0851 5932 [ 3B47B842E8A17C994A6B252D7A794F57 ] C:\Program Files\Easy-Hide-IP\rdr\freebl3.dll
10:06:48.0851 5932 C:\Program Files\Easy-Hide-IP\rdr\freebl3.dll - ok
10:06:48.0860 5932 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
10:06:48.0860 5932 C:\Windows\System32\drivers\mdmxsdk.sys - ok
10:06:48.0869 5932 [ 796C23FC03D1C84F6911820671B89A6E ] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
10:06:48.0869 5932 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll - ok
10:06:48.0879 5932 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
10:06:48.0879 5932 C:\Windows\System32\vpnikeapi.dll - ok
10:06:48.0888 5932 [ 32164A8EA988074AB646AD25EB6BD986 ] C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
10:06:48.0888 5932 C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe - ok
10:06:48.0897 5932 [ F368B9DD3C6F1F2DA8CE84DD47A34D19 ] C:\Program Files\Easy-Hide-IP\rdr\nssckbi.dll
10:06:48.0897 5932 C:\Program Files\Easy-Hide-IP\rdr\nssckbi.dll - ok
10:06:48.0905 5932 [ 8903AEBC4998758F86458B3C96920228 ] C:\Windows\System32\nvcpl.dll
10:06:48.0906 5932 C:\Windows\System32\nvcpl.dll - ok
10:06:48.0915 5932 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:06:48.0915 5932 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:06:48.0924 5932 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:06:48.0924 5932 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:06:48.0934 5932 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
10:06:48.0934 5932 C:\Windows\System32\dllhost.exe - ok
10:06:48.0943 5932 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:06:48.0943 5932 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:06:48.0952 5932 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
10:06:48.0952 5932 C:\Windows\System32\IDStore.dll - ok
10:06:48.0961 5932 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
10:06:48.0961 5932 C:\Windows\System32\AtBroker.exe - ok
10:06:48.0972 5932 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
10:06:48.0972 5932 C:\Windows\System32\rasadhlp.dll - ok
10:06:48.0979 5932 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
10:06:48.0979 5932 C:\Windows\System32\userinit.exe - ok
10:06:48.0988 5932 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
10:06:48.0988 5932 C:\Windows\System32\dwm.exe - ok
10:06:48.0996 5932 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
10:06:48.0996 5932 C:\Windows\System32\dwmredir.dll - ok
10:06:49.0006 5932 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
10:06:49.0006 5932 C:\Windows\System32\localspl.dll - ok
10:06:49.0014 5932 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
10:06:49.0014 5932 C:\Windows\System32\provsvc.dll - ok
10:06:49.0024 5932 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
10:06:49.0024 5932 C:\Windows\System32\sstpsvc.dll - ok
10:06:49.0033 5932 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
10:06:49.0033 5932 C:\Windows\System32\winhttp.dll - ok
10:06:49.0042 5932 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
10:06:49.0042 5932 C:\Windows\System32\webio.dll - ok
10:06:49.0047 5932 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
10:06:49.0047 5932 C:\Windows\System32\spoolss.dll - ok
10:06:49.0056 5932 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
10:06:49.0056 5932 C:\Windows\System32\taskeng.exe - ok
10:06:49.0065 5932 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
10:06:49.0065 5932 C:\Windows\System32\PrintIsolationProxy.dll - ok
10:06:49.0074 5932 [ DD4B9D9318C885B8E4417DF92385AAF0 ] C:\Windows\System32\dopdfmn6.dll
10:06:49.0074 5932 C:\Windows\System32\dopdfmn6.dll - ok
10:06:49.0083 5932 [ 85DB1F2930092384B063F0260F98CC20 ] C:\Windows\System32\EK6800LM.dll
10:06:49.0083 5932 C:\Windows\System32\EK6800LM.dll - ok
10:06:49.0091 5932 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
10:06:49.0092 5932 C:\Windows\System32\httpapi.dll - ok
10:06:49.0101 5932 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
10:06:49.0102 5932 C:\Windows\System32\FXSMON.dll - ok
10:06:49.0110 5932 [ BE3CD116130174657EAD2731AB3DAA5D ] C:\Windows\System32\hpz3l5ha.dll
10:06:49.0110 5932 C:\Windows\System32\hpz3l5ha.dll - ok
10:06:49.0119 5932 [ 57E1296348EC85D875984FE9C9F035EB ] C:\Windows\System32\HPZ3LLHN.DLL
10:06:49.0119 5932 C:\Windows\System32\HPZ3LLHN.DLL - ok
10:06:49.0128 5932 [ 67E8EAB350DF314A3F367F9BDB4CE508 ] C:\Windows\System32\hpzll4pi.dll
10:06:49.0128 5932 C:\Windows\System32\hpzll4pi.dll - ok
10:06:49.0137 5932 [ E09C3B0E740E099F1D6D072AAA2197B2 ] C:\Windows\System32\HPZLLLHN.DLL
10:06:49.0137 5932 C:\Windows\System32\HPZLLLHN.DLL - ok
10:06:49.0146 5932 [ 5C112CB49B85449C418814BDFD537379 ] C:\Windows\System32\Primomonnt.dll
10:06:49.0146 5932 C:\Windows\System32\Primomonnt.dll - ok
10:06:49.0155 5932 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
10:06:49.0155 5932 C:\Windows\System32\msonpmon.dll - ok
10:06:49.0164 5932 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:06:49.0164 5932 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:06:49.0173 5932 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
10:06:49.0173 5932 C:\Windows\System32\TSChannel.dll - ok
10:06:49.0182 5932 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
10:06:49.0182 5932 C:\Windows\System32\taskhost.exe - ok
10:06:49.0191 5932 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
10:06:49.0191 5932 C:\Windows\System32\PlaySndSrv.dll - ok
10:06:49.0200 5932 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
10:06:49.0200 5932 C:\Windows\System32\MsCtfMonitor.dll - ok
10:06:49.0209 5932 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
10:06:49.0209 5932 C:\Windows\System32\msutb.dll - ok
10:06:49.0219 5932 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
10:06:49.0219 5932 C:\Windows\System32\HotStartUserAgent.dll - ok
10:06:49.0227 5932 [ ED2DD63D5BAB83DDD03A66B7FE65B9FD ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe
10:06:49.0228 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe - ok
10:06:49.0236 5932 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
10:06:49.0236 5932 C:\Windows\System32\dwmcore.dll - ok
10:06:49.0245 5932 [ CA461A203EF40A98C1C23DE3CBEE68B2 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
10:06:49.0246 5932 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
10:06:49.0254 5932 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
10:06:49.0254 5932 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
10:06:49.0263 5932 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
10:06:49.0263 5932 C:\Windows\System32\cabinet.dll - ok
10:06:49.0272 5932 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
10:06:49.0272 5932 C:\Windows\System32\wscapi.dll - ok
10:06:49.0281 5932 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
10:06:49.0281 5932 C:\Windows\System32\p2pcollab.dll - ok
10:06:49.0290 5932 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
10:06:49.0290 5932 C:\Windows\System32\QAGENTRT.DLL - ok
10:06:49.0295 5932 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
10:06:49.0295 5932 C:\Windows\System32\fveui.dll - ok
10:06:49.0304 5932 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
10:06:49.0304 5932 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
10:06:49.0313 5932 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\System32\slwga.dll
10:06:49.0313 5932 C:\Windows\System32\slwga.dll - ok
10:06:49.0321 5932 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\System32\sppc.dll
10:06:49.0321 5932 C:\Windows\System32\sppc.dll - ok
10:06:49.0331 5932 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:06:49.0331 5932 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:06:49.0340 5932 [ 0A305582DE32DF1DC21FD753F134A30D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlos.dll
10:06:49.0340 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlos.dll - ok
10:06:49.0350 5932 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\System32\pdh.dll
10:06:49.0350 5932 C:\Windows\System32\pdh.dll - ok
10:06:49.0359 5932 [ C94E5F32FA838E1C47A9D4C7D3220757 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\opends60.dll
10:06:49.0359 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\opends60.dll - ok
10:06:49.0369 5932 [ 359B367DD3421B6A1BC0E3D3D6E04ED2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\batchparser.dll
10:06:49.0369 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\batchparser.dll - ok
10:06:49.0377 5932 [ CD1425FF218A4724166F08B9BB72E733 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
10:06:49.0377 5932 C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
10:06:49.0387 5932 [ 93887F5BA0FA8F12C2F3231869F6AE0C ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlboot.dll
10:06:49.0387 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlboot.dll - ok
10:06:49.0396 5932 [ E00696D78AF663C523D3483410C66F21 ] C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
10:06:49.0396 5932 C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe - ok
10:06:49.0405 5932 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
10:06:49.0405 5932 C:\Windows\System32\netman.dll - ok
10:06:49.0414 5932 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll
10:06:49.0414 5932 C:\Windows\System32\nlasvc.dll - ok
10:06:49.0423 5932 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll
10:06:49.0423 5932 C:\Windows\System32\ncsi.dll - ok
10:06:49.0431 5932 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
10:06:49.0431 5932 C:\Windows\System32\ssdpapi.dll - ok
10:06:49.0440 5932 [ 8D0E27C601B60F5B8CB8E519A32034EC ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\Resources\1033\sqlevn70.rll
10:06:49.0440 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
10:06:49.0449 5932 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
10:06:49.0449 5932 C:\Windows\System32\cscapi.dll - ok
10:06:49.0459 5932 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
10:06:49.0459 5932 C:\Windows\explorer.exe - ok
10:06:49.0467 5932 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
10:06:49.0467 5932 C:\Windows\System32\msi.dll - ok
10:06:49.0476 5932 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
10:06:49.0476 5932 C:\Windows\System32\browcli.dll - ok
10:06:49.0485 5932 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
10:06:49.0485 5932 C:\Windows\System32\mscoree.dll - ok
10:06:49.0495 5932 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:06:49.0495 5932 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:06:49.0503 5932 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
10:06:49.0503 5932 C:\Windows\System32\security.dll - ok
10:06:49.0513 5932 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
10:06:49.0513 5932 C:\Windows\System32\dssenh.dll - ok
10:06:49.0521 5932 [ 3F5A4EA1043701FFAFBE3EF8EF1D50AD ] C:\Windows\System32\nvd3dum.dll
10:06:49.0521 5932 C:\Windows\System32\nvd3dum.dll - ok
10:06:49.0531 5932 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
10:06:49.0531 5932 C:\Windows\System32\drivers\PEAuth.sys - ok
10:06:49.0539 5932 [ BA396D1C71934E22679D3F4DAC17E7AB ] C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe
10:06:49.0539 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
10:06:49.0549 5932 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\System32\regsvr32.exe
10:06:49.0549 5932 C:\Windows\System32\regsvr32.exe - ok
10:06:49.0554 5932 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
10:06:49.0554 5932 C:\Windows\AppPatch\AcGenral.dll - ok
10:06:49.0562 5932 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
10:06:49.0562 5932 C:\Windows\System32\d3d10_1.dll - ok
10:06:49.0571 5932 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
10:06:49.0571 5932 C:\Windows\System32\d3d10_1core.dll - ok
10:06:49.0580 5932 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
10:06:49.0580 5932 C:\Windows\System32\sfc.dll - ok
10:06:49.0591 5932 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
10:06:49.0591 5932 C:\Windows\System32\sfc_os.dll - ok
10:06:49.0598 5932 [ 1E9E0B25D4A22E3F9F4A391ECC5940B0 ] C:\Program Files\Hp\QuickPlay\REGX.dll
10:06:49.0598 5932 C:\Program Files\Hp\QuickPlay\REGX.dll - ok
10:06:49.0607 5932 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Hp\QuickPlay\msvcp71.dll
10:06:49.0607 5932 C:\Program Files\Hp\QuickPlay\msvcp71.dll - ok
10:06:49.0616 5932 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Hp\QuickPlay\msvcr71.dll
10:06:49.0616 5932 C:\Program Files\Hp\QuickPlay\msvcr71.dll - ok
10:06:49.0626 5932 [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\regedit.exe
10:06:49.0626 5932 C:\Windows\regedit.exe - ok
10:06:49.0635 5932 [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\System32\aclui.dll
10:06:49.0635 5932 C:\Windows\System32\aclui.dll - ok
10:06:49.0644 5932 [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\System32\clb.dll
10:06:49.0644 5932 C:\Windows\System32\clb.dll - ok
10:06:49.0652 5932 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
10:06:49.0652 5932 C:\Windows\System32\ntdsapi.dll - ok
10:06:49.0661 5932 [ F93C84B307573327779AE0DA41115957 ] C:\Windows\System32\ulib.dll
10:06:49.0661 5932 C:\Windows\System32\ulib.dll - ok
10:06:49.0670 5932 [ 039749D6F5ED86E9A567FD9812A55F0B ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlscriptupgrade.dll
10:06:49.0670 5932 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlscriptupgrade.dll - ok
10:06:49.0679 5932 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
10:06:49.0679 5932 C:\Windows\System32\dxgi.dll - ok
10:06:49.0687 5932 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
10:06:49.0687 5932 C:\Windows\System32\snmpapi.dll - ok
10:06:49.0697 5932 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
10:06:49.0697 5932 C:\Windows\System32\tcpmon.dll - ok
10:06:49.0707 5932 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
10:06:49.0707 5932 C:\Windows\System32\wsnmp32.dll - ok
10:06:49.0715 5932 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
10:06:49.0715 5932 C:\Windows\System32\usbmon.dll - ok
10:06:49.0723 5932 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
10:06:49.0723 5932 C:\Windows\System32\WSDMon.dll - ok
10:06:49.0733 5932 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
10:06:49.0733 5932 C:\Windows\System32\fdPnp.dll - ok
10:06:49.0741 5932 [ 9B8DDEEDB31EDD8042D3B337B47D0409 ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4pi.dll
10:06:49.0741 5932 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4pi.dll - ok
10:06:49.0751 5932 [ 75BF87E542C1368DBD6768AE6E6ED507 ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
10:06:49.0751 5932 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
10:06:49.0760 5932 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
10:06:49.0760 5932 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
10:06:49.0769 5932 [ 3680ABB532D049AC1A1E3A17A302E0C4 ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
10:06:49.0769 5932 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
10:06:49.0778 5932 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
10:06:49.0778 5932 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
10:06:49.0787 5932 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
10:06:49.0787 5932 C:\Windows\System32\win32spl.dll - ok
10:06:49.0795 5932 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
10:06:49.0796 5932 C:\Windows\System32\inetpp.dll - ok
10:06:49.0801 5932 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
10:06:49.0801 5932 C:\Windows\System32\NapiNSP.dll - ok
10:06:49.0810 5932 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
10:06:49.0810 5932 C:\Windows\System32\pnrpnsp.dll - ok
10:06:49.0819 5932 [ 32F4D839CA942236F933A78C3DC404F9 ] C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll
10:06:49.0819 5932 C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll - ok
10:06:49.0829 5932 [ BA54A966F873B043FDFCDA0B77937855 ] C:\Windows\System32\mgmtapi.dll
10:06:49.0830 5932 C:\Windows\System32\mgmtapi.dll - ok
10:06:49.0837 5932 [ 03F364F70669D6CCDFBB648C735A1CC1 ] C:\Windows\System32\tcpmib.dll
10:06:49.0837 5932 C:\Windows\System32\tcpmib.dll - ok
10:06:49.0846 5932 [ FC70115B86B7BC41467BE7A5696C44C5 ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL
10:06:49.0846 5932 C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL - ok
10:06:49.0855 5932 [ 04BAD53D4A66732CACF2890D36B5D47F ] C:\Windows\System32\spool\drivers\w32x86\3\hpzui5ha.dll
10:06:49.0855 5932 C:\Windows\System32\spool\drivers\w32x86\3\hpzui5ha.dll - ok
10:06:49.0864 5932 [ 89F5770AD1E9D9CEF93D00303135EC33 ] C:\Windows\System32\ntprint.dll
10:06:49.0864 5932 C:\Windows\System32\ntprint.dll - ok
10:06:49.0873 5932 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
10:06:49.0873 5932 C:\Windows\System32\drivers\secdrv.sys - ok
10:06:49.0881 5932 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
10:06:49.0881 5932 C:\Windows\System32\seclogon.dll - ok
10:06:49.0891 5932 [ 626494680788118CFBEBDEDCCB13596A ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll
10:06:49.0891 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
10:06:49.0900 5932 [ 7D67C07C63796775CC5492BCFEAFF125 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:06:49.0900 5932 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
10:06:49.0909 5932 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
10:06:49.0909 5932 C:\Windows\System32\mfc42.dll - ok
10:06:49.0918 5932 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:06:49.0918 5932 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
10:06:49.0927 5932 [ D2905C9384D16E814C38B8C50BAE0CBF ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
10:06:49.0927 5932 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
10:06:49.0936 5932 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
10:06:49.0936 5932 C:\Windows\System32\drivers\srvnet.sys - ok
10:06:49.0945 5932 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
10:06:49.0945 5932 C:\Windows\System32\ssdpsrv.dll - ok
10:06:49.0954 5932 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys
10:06:49.0954 5932 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:06:49.0963 5932 [ CDA0BC78672B50C43649FF34E1FD0FF8 ] C:\Windows\System32\drivers\XAudio.exe
10:06:49.0963 5932 C:\Windows\System32\drivers\XAudio.exe - ok
10:06:49.0972 5932 [ 19E7C173B6242AD7521E537AE54768BF ] C:\Windows\System32\drivers\XAudio.sys
10:06:49.0972 5932 C:\Windows\System32\drivers\XAudio.sys - ok
10:06:49.0981 5932 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
10:06:49.0981 5932 C:\Windows\System32\sysmain.dll - ok
10:06:49.0989 5932 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
10:06:49.0989 5932 C:\Windows\System32\tapisrv.dll - ok
10:06:49.0999 5932 [ 55187FD710E27D5095D10A472C8BAF1C ] C:\Windows\System32\w32time.dll
10:06:49.0999 5932 C:\Windows\System32\w32time.dll - ok
10:06:50.0007 5932 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
10:06:50.0007 5932 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:06:50.0017 5932 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
10:06:50.0017 5932 C:\Windows\System32\wiaservc.dll - ok
10:06:50.0025 5932 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
10:06:50.0025 5932 C:\Windows\System32\ExplorerFrame.dll - ok
10:06:50.0035 5932 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
10:06:50.0035 5932 C:\Windows\System32\odbc32.dll - ok
10:06:50.0043 5932 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
10:06:50.0043 5932 C:\Windows\System32\trkwks.dll - ok
10:06:50.0052 5932 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
10:06:50.0053 5932 C:\Windows\System32\wbemcomn.dll - ok
10:06:50.0057 5932 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
10:06:50.0057 5932 C:\Windows\System32\winrnr.dll - ok
10:06:50.0066 5932 [ 54AF46DC37E63E1E85EB619033953309 ] C:\Windows\System32\d3d10level9.dll
10:06:50.0066 5932 C:\Windows\System32\d3d10level9.dll - ok
10:06:50.0075 5932 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
10:06:50.0075 5932 C:\Windows\System32\wiatrace.dll - ok
10:06:50.0084 5932 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
10:06:50.0084 5932 C:\Windows\System32\drivers\srv2.sys - ok
10:06:50.0093 5932 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:06:50.0093 5932 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:06:50.0102 5932 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
10:06:50.0102 5932 C:\Windows\System32\drivers\srv.sys - ok
10:06:50.0111 5932 [ B02A99F527ACA02B3F2711FC29A95935 ] C:\Windows\System32\AcSignIcon.dll
10:06:50.0111 5932 C:\Windows\System32\AcSignIcon.dll - ok
10:06:50.0120 5932 [ 765A886E3E0557E5A66D95BCFBD0F3AC ] C:\Windows\System32\compstui.dll
10:06:50.0120 5932 C:\Windows\System32\compstui.dll - ok
10:06:50.0129 5932 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\System32\msvcp60.dll
10:06:50.0129 5932 C:\Windows\System32\msvcp60.dll - ok
10:06:50.0138 5932 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
10:06:50.0138 5932 C:\Windows\System32\rasmans.dll - ok
10:06:50.0147 5932 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
10:06:50.0147 5932 C:\Windows\System32\upnphost.dll - ok
10:06:50.0156 5932 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
10:06:50.0156 5932 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
10:06:50.0165 5932 [ 4D65A07B795D6674312F879D09AA7663 ] C:\Windows\System32\iphlpsvc.dll
10:06:50.0165 5932 C:\Windows\System32\iphlpsvc.dll - ok
10:06:50.0174 5932 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
10:06:50.0174 5932 C:\Windows\System32\odbcint.dll - ok
10:06:50.0185 5932 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
10:06:50.0185 5932 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
10:06:50.0192 5932 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
10:06:50.0192 5932 C:\Windows\System32\wbem\fastprox.dll - ok
10:06:50.0201 5932 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
10:06:50.0202 5932 C:\Windows\System32\wbem\wbemprox.dll - ok
10:06:50.0210 5932 [ 4743C11D13A01A096A78BD53E44AB739 ] C:\Program Files\Hp\QuickPlay\Kernel\TV\PCMRRec4.dll
10:06:50.0210 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
10:06:50.0220 5932 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
10:06:50.0220 5932 C:\Windows\System32\EhStorShell.dll - ok
10:06:50.0228 5932 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
10:06:50.0228 5932 C:\Windows\System32\sqmapi.dll - ok
10:06:50.0237 5932 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
10:06:50.0238 5932 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
10:06:50.0246 5932 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
10:06:50.0246 5932 C:\Windows\System32\wdscore.dll - ok
10:06:50.0255 5932 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
10:06:50.0255 5932 C:\Windows\System32\browser.dll - ok
10:06:50.0264 5932 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
10:06:50.0264 5932 C:\Windows\System32\netmsg.dll - ok
10:06:50.0273 5932 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
10:06:50.0273 5932 C:\Windows\System32\srvsvc.dll - ok
10:06:50.0281 5932 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:06:50.0282 5932 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:06:50.0291 5932 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
10:06:50.0291 5932 C:\Windows\System32\rastapi.dll - ok
10:06:50.0300 5932 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
10:06:50.0300 5932 C:\Windows\System32\tapi32.dll - ok
10:06:50.0305 5932 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
10:06:50.0306 5932 C:\Windows\System32\nci.dll - ok
10:06:50.0314 5932 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
10:06:50.0314 5932 C:\Windows\System32\clusapi.dll - ok
10:06:50.0323 5932 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
10:06:50.0323 5932 C:\Windows\System32\sscore.dll - ok
10:06:50.0332 5932 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
10:06:50.0332 5932 C:\Windows\System32\hnetcfg.dll - ok
10:06:50.0341 5932 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
10:06:50.0341 5932 C:\Windows\System32\resutils.dll - ok
10:06:50.0349 5932 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
10:06:50.0350 5932 C:\Windows\System32\unimdm.tsp - ok
10:06:50.0359 5932 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
10:06:50.0359 5932 C:\Windows\System32\wbem\wbemcore.dll - ok
10:06:50.0367 5932 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
10:06:50.0367 5932 C:\Windows\System32\uniplat.dll - ok
10:06:50.0377 5932 [ 4EAF682E27490A3D45C0EBB6537EE6A8 ] C:\Windows\System32\modemui.dll
10:06:50.0377 5932 C:\Windows\System32\modemui.dll - ok
10:06:50.0385 5932 [ 53CA6BF58658815FCB472205291DD953 ] C:\Windows\System32\unimdmat.dll
10:06:50.0385 5932 C:\Windows\System32\unimdmat.dll - ok
10:06:50.0395 5932 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
10:06:50.0395 5932 C:\Windows\System32\msdmo.dll - ok
10:06:50.0403 5932 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\System32\avicap32.dll
10:06:50.0403 5932 C:\Windows\System32\avicap32.dll - ok
10:06:50.0413 5932 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
10:06:50.0413 5932 C:\Windows\System32\devenum.dll - ok
10:06:50.0421 5932 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
10:06:50.0421 5932 C:\Windows\System32\msvfw32.dll - ok
10:06:50.0431 5932 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\System32\vfwwdm32.dll
10:06:50.0431 5932 C:\Windows\System32\vfwwdm32.dll - ok
10:06:50.0439 5932 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
10:06:50.0440 5932 C:\Windows\System32\hidphone.tsp - ok
10:06:50.0449 5932 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
10:06:50.0449 5932 C:\Windows\System32\kmddsp.tsp - ok
10:06:50.0457 5932 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
10:06:50.0457 5932 C:\Windows\System32\ndptsp.tsp - ok
10:06:50.0467 5932 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
10:06:50.0467 5932 C:\Windows\System32\wbem\esscli.dll - ok
10:06:50.0475 5932 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
10:06:50.0475 5932 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:06:50.0485 5932 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
10:06:50.0485 5932 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:06:50.0493 5932 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
10:06:50.0493 5932 C:\Windows\System32\wbem\wmiutils.dll - ok
10:06:50.0503 5932 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
10:06:50.0503 5932 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
10:06:50.0511 5932 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
10:06:50.0511 5932 C:\Windows\System32\rasppp.dll - ok
10:06:50.0521 5932 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
10:06:50.0521 5932 C:\Windows\System32\vpnike.dll - ok
10:06:50.0529 5932 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
10:06:50.0529 5932 C:\Windows\System32\raschap.dll - ok
10:06:50.0539 5932 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
10:06:50.0539 5932 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
10:06:50.0547 5932 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
10:06:50.0547 5932 C:\Windows\System32\ipnathlp.dll - ok
10:06:50.0557 5932 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
10:06:50.0557 5932 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
10:06:50.0563 5932 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
10:06:50.0563 5932 C:\Windows\System32\mprapi.dll - ok
10:06:50.0571 5932 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
10:06:50.0571 5932 C:\Windows\System32\ntshrui.dll - ok
10:06:50.0580 5932 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
10:06:50.0580 5932 C:\Windows\System32\netshell.dll - ok
10:06:50.0589 5932 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
10:06:50.0589 5932 C:\Windows\System32\IconCodecService.dll - ok
10:06:50.0598 5932 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:06:50.0598 5932 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:06:50.0606 5932 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
10:06:50.0606 5932 C:\Windows\System32\ncobjapi.dll - ok
10:06:50.0616 5932 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
10:06:50.0616 5932 C:\Windows\System32\wbem\wbemess.dll - ok
10:06:50.0625 5932 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:06:50.0625 5932 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:06:50.0634 5932 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
10:06:50.0635 5932 C:\Windows\System32\framedynos.dll - ok
10:06:50.0643 5932 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll
10:06:50.0643 5932 C:\Windows\System32\wbem\wmipcima.dll - ok
10:06:50.0652 5932 [ 4B455E8C41CAD3219CCF53024DCAD604 ] C:\Program Files\Hp\QuickPlay\Kernel\TV\QPSched.exe
10:06:50.0652 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPSched.exe - ok
10:06:50.0661 5932 [ 7C6993AC991C3AEF605E715612B3BDBD ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll
10:06:50.0661 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
10:06:50.0670 5932 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\System32\quartz.dll
10:06:50.0670 5932 C:\Windows\System32\quartz.dll - ok
10:06:50.0678 5932 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
10:06:50.0678 5932 C:\Windows\System32\appinfo.dll - ok
10:06:50.0689 5932 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
10:06:50.0689 5932 C:\Windows\System32\wdi.dll - ok
10:06:50.0696 5932 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
10:06:50.0696 5932 C:\Windows\System32\wpdbusenum.dll - ok
10:06:50.0705 5932 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
10:06:50.0705 5932 C:\Windows\System32\npmproxy.dll - ok
10:06:50.0714 5932 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
10:06:50.0714 5932 C:\Windows\System32\Apphlpdm.dll - ok
10:06:50.0723 5932 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
10:06:50.0723 5932 C:\Windows\System32\diagperf.dll - ok
10:06:50.0731 5932 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
10:06:50.0731 5932 C:\Windows\System32\perftrack.dll - ok
10:06:50.0741 5932 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\System32\qcap.dll
10:06:50.0741 5932 C:\Windows\System32\qcap.dll - ok
10:06:50.0749 5932 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
10:06:50.0749 5932 C:\Windows\System32\wer.dll - ok
10:06:50.0759 5932 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\System32\ksproxy.ax
10:06:50.0759 5932 C:\Windows\System32\ksproxy.ax - ok
10:06:50.0767 5932 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
10:06:50.0767 5932 C:\Windows\System32\d3d9.dll - ok
10:06:50.0776 5932 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
10:06:50.0776 5932 C:\Windows\System32\PortableDeviceApi.dll - ok
10:06:50.0785 5932 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
10:06:50.0785 5932 C:\Windows\System32\aepic.dll - ok
10:06:50.0796 5932 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
10:06:50.0796 5932 C:\Windows\System32\runonce.exe - ok
10:06:50.0804 5932 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
10:06:50.0804 5932 C:\Windows\System32\pnpts.dll - ok
10:06:50.0811 5932 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
10:06:50.0811 5932 C:\Windows\System32\radardt.dll - ok
10:06:50.0820 5932 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
10:06:50.0820 5932 C:\Windows\System32\wdiasqmmodule.dll - ok
10:06:50.0830 5932 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:06:50.0830 5932 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:06:50.0838 5932 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
10:06:50.0838 5932 C:\Windows\System32\rasdlg.dll - ok
10:06:50.0847 5932 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
10:06:50.0848 5932 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
10:06:50.0856 5932 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
10:06:50.0856 5932 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
10:06:50.0866 5932 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
10:06:50.0866 5932 C:\Windows\System32\dimsjob.dll - ok
10:06:50.0874 5932 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
10:06:50.0874 5932 C:\Windows\System32\msxml3.dll - ok
10:06:50.0883 5932 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
10:06:50.0884 5932 C:\Windows\System32\pautoenr.dll - ok
10:06:50.0892 5932 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
10:06:50.0892 5932 C:\Windows\System32\cmd.exe - ok
10:06:50.0901 5932 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
10:06:50.0901 5932 C:\Windows\System32\certcli.dll - ok
10:06:50.0910 5932 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
10:06:50.0910 5932 C:\Windows\System32\mprmsg.dll - ok
10:06:50.0919 5932 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
10:06:50.0919 5932 C:\Windows\System32\ndiscapCfg.dll - ok
10:06:50.0928 5932 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
10:06:50.0928 5932 C:\Windows\System32\rascfg.dll - ok
10:06:50.0937 5932 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
10:06:50.0937 5932 C:\Windows\System32\actxprxy.dll - ok
10:06:50.0946 5932 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
10:06:50.0946 5932 C:\Windows\System32\tcpipcfg.dll - ok
10:06:50.0956 5932 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
10:06:50.0956 5932 C:\Windows\System32\wshnetbs.dll - ok
10:06:50.0964 5932 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
10:06:50.0964 5932 C:\Windows\System32\CertEnroll.dll - ok
10:06:50.0974 5932 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
10:06:50.0974 5932 C:\Windows\System32\wlaninst.dll - ok
10:06:50.0982 5932 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
10:06:50.0982 5932 C:\Windows\System32\wwaninst.dll - ok
10:06:50.0992 5932 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
10:06:50.0992 5932 C:\Windows\System32\d3d8thk.dll - ok
10:06:51.0000 5932 [ 630A31F277349109299E590856A4B004 ] C:\Windows\System32\Kswdmcap.ax
10:06:51.0000 5932 C:\Windows\System32\Kswdmcap.ax - ok
10:06:51.0010 5932 [ F456E973590D663B1073E9C463B40932 ] C:\Windows\System32\drivers\mspqm.sys
10:06:51.0010 5932 C:\Windows\System32\drivers\mspqm.sys - ok
10:06:51.0019 5932 [ F1F6240464E5741B38D70EA44D42D94B ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll
10:06:51.0019 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
10:06:51.0028 5932 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
10:06:51.0028 5932 C:\Windows\System32\ieframe.dll - ok
10:06:51.0037 5932 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
10:06:51.0037 5932 C:\Windows\System32\shdocvw.dll - ok
10:06:51.0046 5932 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Adam\AppData\Local\Temp\2E49CC79-2332-4B7F-AD40-198C6AC6E057.exe
10:06:51.0046 5932 C:\Users\Adam\AppData\Local\Temp\2E49CC79-2332-4B7F-AD40-198C6AC6E057.exe - ok
10:06:51.0057 5932 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
10:06:51.0057 5932 C:\Windows\System32\SensApi.dll - ok
10:06:51.0064 5932 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
10:06:51.0064 5932 C:\Windows\System32\spfileq.dll - ok
10:06:51.0069 5932 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
10:06:51.0069 5932 C:\Windows\System32\ie4uinit.exe - ok
10:06:51.0078 5932 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
10:06:51.0078 5932 C:\Windows\System32\iedkcs32.dll - ok
10:06:51.0087 5932 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
10:06:51.0087 5932 C:\Windows\System32\timedate.cpl - ok
10:06:51.0095 5932 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
10:06:51.0095 5932 C:\Windows\System32\linkinfo.dll - ok
10:06:51.0104 5932 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
10:06:51.0104 5932 C:\Windows\System32\aeevts.dll - ok
10:06:51.0113 5932 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
10:06:51.0113 5932 C:\Windows\System32\gameux.dll - ok
10:06:51.0122 5932 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
10:06:51.0122 5932 C:\Windows\System32\msftedit.dll - ok
10:06:51.0130 5932 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
10:06:51.0130 5932 C:\Windows\System32\msls31.dll - ok
10:06:51.0140 5932 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
10:06:51.0140 5932 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
10:06:51.0149 5932 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
10:06:51.0149 5932 C:\Windows\System32\msiltcfg.dll - ok
10:06:51.0158 5932 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
10:06:51.0158 5932 C:\Windows\System32\DeviceCenter.dll - ok
10:06:51.0166 5932 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
10:06:51.0166 5932 C:\Windows\System32\thumbcache.dll - ok
10:06:51.0176 5932 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
10:06:51.0176 5932 C:\Windows\System32\networkexplorer.dll - ok
10:06:51.0186 5932 [ 62B3C9786081ECAAB272A118408D2817 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:06:51.0187 5932 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:06:51.0194 5932 [ 8B48EB2799E9D18F288B7F9C63ADACD9 ] C:\Windows\System32\SynCOM.dll
10:06:51.0195 5932 C:\Windows\System32\SynCOM.dll - ok
10:06:51.0203 5932 [ F08A76C5E56BDB6F98F41BD22A4692E1 ] C:\Program Files\Hp\QuickPlay\QPService.exe
10:06:51.0203 5932 C:\Program Files\Hp\QuickPlay\QPService.exe - ok
10:06:51.0212 5932 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\08799985.sys
10:06:51.0213 5932 C:\Windows\System32\drivers\08799985.sys - ok
10:06:51.0221 5932 [ 5682A3904D80A9F6EBD7D5A085A896E1 ] C:\Windows\System32\SynTPAPI.dll
10:06:51.0221 5932 C:\Windows\System32\SynTPAPI.dll - ok
10:06:51.0230 5932 [ 1F373C5DB440D92839DDDF63F5BA2E8A ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
10:06:51.0230 5932 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
10:06:51.0239 5932 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
10:06:51.0239 5932 C:\Windows\System32\consent.exe - ok
10:06:51.0249 5932 [ 79EF10D05AFA546A1185C855CF6491B0 ] C:\Program Files\Autodesk\Inventor Fusion 2012\AcSignCore16.dll
10:06:51.0249 5932 C:\Program Files\Autodesk\Inventor Fusion 2012\AcSignCore16.dll - ok
10:06:51.0257 5932 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
10:06:51.0257 5932 C:\Windows\System32\ddraw.dll - ok
10:06:51.0266 5932 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
10:06:51.0267 5932 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
10:06:51.0275 5932 [ 5F60D08D1B9C359A4EF4B602DEA20D50 ] C:\Windows\System32\nvmctray.dll
10:06:51.0275 5932 C:\Windows\System32\nvmctray.dll - ok
10:06:51.0284 5932 [ 8F89E6CB82E6DB45BC993D423CD0FDBD ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
10:06:51.0285 5932 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe - ok
10:06:51.0293 5932 [ 8EEEF4C038A3FF7E56D47D9C0B912EAC ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
10:06:51.0293 5932 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
10:06:51.0303 5932 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:06:51.0303 5932 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:06:51.0313 5932 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
10:06:51.0313 5932 C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:06:51.0318 5932 [ 5C0E0064D0FA3F540CF64A82AF9EB24A ] C:\Windows\System32\LogiLDA.DLL
10:06:51.0319 5932 C:\Windows\System32\LogiLDA.DLL - ok
10:06:51.0327 5932 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\Hp\QuickPlay\MFC71.dll
10:06:51.0327 5932 C:\Program Files\Hp\QuickPlay\MFC71.dll - ok
10:06:51.0337 5932 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
10:06:51.0337 5932 C:\Windows\System32\dciman32.dll - ok
10:06:51.0345 5932 [ A7DC47DBBE3C0384BA719DC4188AFA7E ] C:\Windows\ehome\ehtray.exe
10:06:51.0345 5932 C:\Windows\ehome\ehtray.exe - ok
10:06:51.0355 5932 [ 8284D4651EC9223354F84B84BDDE2EAF ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
10:06:51.0355 5932 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
10:06:51.0363 5932 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
10:06:51.0363 5932 C:\Windows\System32\oledlg.dll - ok
10:06:51.0373 5932 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\System32\wpdshext.dll
10:06:51.0373 5932 C:\Windows\System32\wpdshext.dll - ok
10:06:51.0381 5932 [ EA5F3BF2F1254EBF06731EE470EB29E8 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
10:06:51.0381 5932 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
10:06:51.0391 5932 [ FDC694C06891E14DD5BE5B668E4A69E0 ] C:\Program Files\Google\Google Talk\googletalk.exe
10:06:51.0391 5932 C:\Program Files\Google\Google Talk\googletalk.exe - ok
10:06:51.0400 5932 [ CE9191729CD550E871494CBA6ADCA112 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
10:06:51.0400 5932 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
10:06:51.0409 5932 [ 818DBC9026FDB4A519A4B74A30A7F485 ] C:\Windows\ehome\ehmsas.exe
10:06:51.0409 5932 C:\Windows\ehome\ehmsas.exe - ok
10:06:51.0418 5932 [ E7FC21E8A9724E7899E38364EE8848C6 ] C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll
10:06:51.0418 5932 C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll - ok
10:06:51.0430 5932 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
10:06:51.0430 5932 C:\Windows\System32\riched20.dll - ok
10:06:51.0437 5932 [ 4825D2A98FAB45D4938DA9196ADDFAD4 ] C:\Windows\ehome\ehProxy.dll
10:06:51.0437 5932 C:\Windows\ehome\ehProxy.dll - ok
10:06:51.0446 5932 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL
10:06:51.0446 5932 C:\Windows\System32\MFC71ENU.DLL - ok
10:06:51.0454 5932 [ 0768C0D8A9A7B9EE61D914C0130D28DB ] C:\Program Files\Hp\QuickPlay\Helper.dll
10:06:51.0454 5932 C:\Program Files\Hp\QuickPlay\Helper.dll - ok
10:06:51.0464 5932 [ FCA11932ED0E36A83D3D4DE4158E153B ] C:\Program Files\Hp\QuickPlay\Kernel\common\CLRCEngine3.dll
10:06:51.0464 5932 C:\Program Files\Hp\QuickPlay\Kernel\common\CLRCEngine3.dll - ok
10:06:51.0473 5932 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
10:06:51.0473 5932 C:\Windows\System32\wbem\cimwin32.dll - ok
10:06:51.0482 5932 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll
10:06:51.0482 5932 C:\Windows\System32\wmi.dll - ok
10:06:51.0490 5932 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll
10:06:51.0490 5932 C:\Windows\System32\schedcli.dll - ok
10:06:51.0500 5932 [ 7040C2BCA7D6EFEEB14A807EAD9449DB ] C:\Program Files\Hp\QuickPlay\powrprof.dll
10:06:51.0500 5932 C:\Program Files\Hp\QuickPlay\powrprof.dll - ok
10:06:51.0509 5932 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
10:06:51.0509 5932 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
10:06:51.0518 5932 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
10:06:51.0518 5932 C:\Windows\System32\mlang.dll - ok
10:06:51.0526 5932 [ D481773A309E38BF3A933E687BF0976F ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapX.dll
10:06:51.0526 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapX.dll - ok
10:06:51.0536 5932 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
10:06:51.0536 5932 C:\Windows\System32\dsound.dll - ok
10:06:51.0546 5932 [ BA2655001D1F017EDFD9132D5C07E941 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe
10:06:51.0546 5932 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe - ok
10:06:51.0554 5932 [ 15285F5C9A12F7D9EF0CC0BB157219FF ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLAuMixer.dll
10:06:51.0554 5932 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLAuMixer.dll - ok
10:06:51.0563 5932 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
10:06:51.0563 5932 C:\Windows\System32\stobject.dll - ok
10:06:51.0572 5932 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
10:06:51.0572 5932 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
10:06:51.0577 5932 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
10:06:51.0577 5932 C:\Windows\System32\batmeter.dll - ok
10:06:51.0586 5932 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
10:06:51.0586 5932 C:\Windows\System32\UIAnimation.dll - ok
10:06:51.0595 5932 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
10:06:51.0595 5932 C:\Windows\System32\SyncCenter.dll - ok
10:06:51.0603 5932 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
10:06:51.0603 5932 C:\Windows\System32\prnfldr.dll - ok
10:06:51.0612 5932 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
10:06:51.0612 5932 C:\Windows\System32\DXP.dll - ok
10:06:51.0627 5932 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
10:06:51.0627 5932 C:\Windows\System32\Syncreg.dll - ok
10:06:51.0635 5932 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
10:06:51.0635 5932 C:\Windows\ehome\ehSSO.dll - ok
10:06:51.0642 5932 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
10:06:51.0642 5932 C:\Windows\System32\AltTab.dll - ok
10:06:51.0652 5932 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
10:06:51.0652 5932 C:\Windows\System32\pnidui.dll - ok
10:06:51.0660 5932 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
10:06:51.0660 5932 C:\Windows\System32\WPDShServiceObj.dll - ok
10:06:51.0670 5932 [ FDF273A845F1FFCCEADF363AAF47582F ] C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
10:06:51.0670 5932 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
10:06:51.0679 5932 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
10:06:51.0679 5932 C:\Windows\System32\QUTIL.DLL - ok
10:06:51.0688 5932 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
10:06:51.0688 5932 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:06:51.0696 5932 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
10:06:51.0696 5932 C:\Windows\System32\srchadmin.dll - ok
10:06:51.0705 5932 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
10:06:51.0705 5932 C:\Windows\System32\SearchIndexer.exe - ok
10:06:51.0714 5932 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
10:06:51.0714 5932 C:\Windows\System32\wbem\wmiprov.dll - ok
10:06:51.0723 5932 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
10:06:51.0723 5932 C:\Windows\System32\dot3api.dll - ok
10:06:51.0731 5932 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
10:06:51.0731 5932 C:\Windows\System32\wlanhlp.dll - ok
10:06:51.0741 5932 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
10:06:51.0741 5932 C:\Windows\System32\tquery.dll - ok
10:06:51.0749 5932 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
10:06:51.0749 5932 C:\Windows\System32\WWanAPI.dll - ok
10:06:51.0758 5932 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
10:06:51.0759 5932 C:\Windows\System32\wwapi.dll - ok
10:06:51.0767 5932 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
10:06:51.0767 5932 C:\Windows\System32\ActionCenter.dll - ok
10:06:51.0777 5932 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
10:06:51.0777 5932 C:\Windows\System32\QAGENT.DLL - ok
10:06:51.0785 5932 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
10:06:51.0785 5932 C:\Windows\System32\bthprops.cpl - ok
10:06:51.0796 5932 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
10:06:51.0797 5932 C:\Windows\System32\mssrch.dll - ok
10:06:51.0803 5932 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
10:06:51.0803 5932 C:\Windows\System32\esent.dll - ok
10:06:51.0813 5932 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
10:06:51.0813 5932 C:\Windows\System32\FXSST.dll - ok
10:06:51.0821 5932 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
10:06:51.0821 5932 C:\Windows\System32\msidle.dll - ok
10:06:51.0827 5932 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
10:06:51.0827 5932 C:\Windows\System32\wbem\NCProv.dll - ok
10:06:51.0836 5932 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
10:06:51.0836 5932 C:\Windows\System32\mssprxy.dll - ok
10:06:51.0845 5932 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
10:06:51.0845 5932 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:06:51.0854 5932 [ 20DBD74F9F2AB4B97C6D2005C1BC9254 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
10:06:51.0854 5932 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
10:06:51.0863 5932 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:06:51.0863 5932 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
10:06:51.0872 5932 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
10:06:51.0872 5932 C:\Windows\System32\FXSAPI.dll - ok
10:06:51.0881 5932 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
10:06:51.0881 5932 C:\Windows\System32\FXSRESM.dll - ok
10:06:51.0890 5932 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
10:06:51.0890 5932 C:\Windows\System32\FXSSVC.exe - ok
10:06:51.0899 5932 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
10:06:51.0899 5932 C:\Windows\System32\webcheck.dll - ok
10:06:51.0907 5932 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
10:06:51.0907 5932 C:\Windows\System32\imapi2.dll - ok
10:06:51.0917 5932 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
10:06:51.0918 5932 C:\Windows\System32\hgcpl.dll - ok
10:06:51.0926 5932 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
10:06:51.0926 5932 C:\Windows\System32\SearchProtocolHost.exe - ok
10:06:51.0935 5932 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
10:06:51.0935 5932 C:\Windows\System32\msshooks.dll - ok
10:06:51.0944 5932 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
10:06:51.0944 5932 C:\Windows\System32\SearchFilterHost.exe - ok
10:06:51.0953 5932 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
10:06:51.0953 5932 C:\Windows\System32\mssph.dll - ok
10:06:51.0961 5932 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
10:06:51.0961 5932 C:\Windows\System32\mapi32.dll - ok
10:06:51.0971 5932 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\System32\Query.dll
10:06:51.0971 5932 C:\Windows\System32\Query.dll - ok
10:06:51.0979 5932 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:06:51.0980 5932 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:06:51.0989 5932 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
10:06:51.0989 5932 C:\Windows\System32\msvcr100_clr0400.dll - ok
10:06:51.0997 5932 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
10:06:51.0997 5932 C:\Windows\System32\FntCache.dll - ok
10:06:52.0007 5932 [ 8577CA80212A3EE1CF2FD1FC91E1CFF6 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:06:52.0007 5932 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
10:06:52.0016 5932 [ 9A6C8458714B2F723C2A35D0F7CDC4F6 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
10:06:52.0016 5932 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
10:06:52.0025 5932 [ BB5E9B58C972E2AC6DB7995B874782BC ] C:\Program Files\Common Files\LightScribe\LSLog.dll
10:06:52.0025 5932 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
10:06:52.0035 5932 [ 8F97D374AD1857E1EED85A79F29A1D3D ] C:\Windows\WindowsMobile\rapimgr.dll
10:06:52.0035 5932 C:\Windows\WindowsMobile\rapimgr.dll - ok
10:06:52.0045 5932 [ B0B4C590C0CAE7741DA17E3DC86CC828 ] C:\Windows\System32\ceutil.dll
10:06:52.0045 5932 C:\Windows\System32\ceutil.dll - ok
10:06:52.0053 5932 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
10:06:52.0054 5932 C:\Windows\System32\sppsvc.exe - ok
10:06:52.0063 5932 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
10:06:52.0064 5932 C:\Windows\System32\drivers\spsys.sys - ok
10:06:52.0072 5932 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:06:52.0072 5932 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:06:52.0083 5932 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
10:06:52.0083 5932 C:\Windows\System32\sppwinob.dll - ok
10:06:52.0091 5932 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
10:06:52.0091 5932 C:\Windows\System32\wmdrmdev.dll - ok
10:06:52.0100 5932 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
10:06:52.0100 5932 C:\Windows\System32\drmv2clt.dll - ok
10:06:52.0109 5932 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
10:06:52.0109 5932 C:\Windows\System32\wscsvc.dll - ok
10:06:52.0118 5932 [ 970C10CA3E95FC58E10FD12C7EA9D192 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
10:06:52.0118 5932 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok
10:06:52.0127 5932 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
10:06:52.0127 5932 C:\Windows\System32\dbghelp.dll - ok
10:06:52.0136 5932 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
10:06:52.0136 5932 C:\Windows\System32\wuaueng.dll - ok
10:06:52.0145 5932 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll
10:06:52.0145 5932 C:\Windows\System32\mspatcha.dll - ok
10:06:52.0154 5932 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
10:06:52.0154 5932 C:\Windows\System32\upnp.dll - ok
10:06:52.0162 5932 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
10:06:52.0162 5932 C:\Windows\System32\wuapi.dll - ok
10:06:52.0172 5932 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
10:06:52.0172 5932 C:\Windows\System32\wmp.dll - ok
10:06:52.0180 5932 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
10:06:52.0180 5932 C:\Windows\System32\wups.dll - ok
10:06:52.0189 5932 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
10:06:52.0190 5932 C:\Windows\System32\wmploc.DLL - ok
10:06:52.0198 5932 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll
10:06:52.0198 5932 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:06:52.0208 5932 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
10:06:52.0208 5932 C:\Windows\System32\wmpps.dll - ok
10:06:52.0216 5932 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
10:06:52.0216 5932 C:\Windows\System32\wmpmde.dll - ok
10:06:52.0225 5932 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
10:06:52.0225 5932 C:\Windows\System32\wups2.dll - ok
10:06:52.0234 5932 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll
10:06:52.0234 5932 C:\Windows\System32\sppobjs.dll - ok
10:06:52.0243 5932 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
10:06:52.0243 5932 C:\Windows\System32\WinSATAPI.dll - ok
10:06:52.0252 5932 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
10:06:52.0252 5932 C:\Windows\System32\MSMPEG2ENC.DLL - ok
10:06:52.0262 5932 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] C:\Windows\System32\drivers\asyncmac.sys
10:06:52.0262 5932 C:\Windows\System32\drivers\asyncmac.sys - ok
10:06:52.0270 5932 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
10:06:52.0270 5932 C:\Windows\System32\wscisvif.dll - ok
10:06:52.0279 5932 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
10:06:52.0280 5932 C:\Windows\System32\wscproxystub.dll - ok
10:06:52.0288 5932 [ 59E19BD13C3BDB857646B9E436BA27F7 ] C:\Windows\WindowsMobile\wcescomm.dll
10:06:52.0288 5932 C:\Windows\WindowsMobile\wcescomm.dll - ok
10:06:52.0298 5932 [ 843D21A20736016E5613E4B51EA60D46 ] C:\Windows\System32\winusb.dll
10:06:52.0298 5932 C:\Windows\System32\winusb.dll - ok
10:06:52.0307 5932 [ 8C8C82633A7E90A33E8D7D9617B2B46C ] C:\Windows\WindowsMobile\tcp2udp.dll
10:06:52.0307 5932 C:\Windows\WindowsMobile\tcp2udp.dll - ok
10:06:52.0316 5932 [ 3379989F06B31347792836DCF028A325 ] C:\Windows\System32\rapiproxystub.dll
10:06:52.0316 5932 C:\Windows\System32\rapiproxystub.dll - ok
10:06:52.0324 5932 [ 523DF3B590D8A353A49235B1B7C571AD ] C:\Windows\WindowsMobile\dtptdns.dll
10:06:52.0325 5932 C:\Windows\WindowsMobile\dtptdns.dll - ok
10:06:52.0334 5932 [ D5D7C7CBDD63C5938C83846B313FCF3B ] C:\Windows\WindowsMobile\BthASPlugin.dll
10:06:52.0334 5932 C:\Windows\WindowsMobile\BthASPlugin.dll - ok
10:06:52.0339 5932 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
10:06:52.0339 5932 C:\Windows\System32\udhisapi.dll - ok
10:06:52.0347 5932 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
10:06:52.0347 5932 C:\Windows\System32\drprov.dll - ok
10:06:52.0356 5932 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
10:06:52.0356 5932 C:\Windows\System32\ntlanman.dll - ok
10:06:52.0365 5932 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
10:06:52.0365 5932 C:\Windows\System32\davclnt.dll - ok
10:06:52.0374 5932 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
10:06:52.0374 5932 C:\Windows\System32\davhlpr.dll - ok
10:06:52.0383 5932 [ 897493762A427D94B66A30EE6AB35966 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
10:06:52.0383 5932 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
10:06:52.0392 5932 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL
10:06:52.0393 5932 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
10:06:52.0401 5932 [ C7D010BD8BCEF2EB3FCA8F7CD3C08D9F ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL
10:06:52.0401 5932 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL - ok
10:06:52.0413 5932 [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL
10:06:52.0413 5932 C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok
10:06:52.0420 5932 [ 8FECD12803558FA84F63B7DDD16D89F1 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll
10:06:52.0420 5932 C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok
10:06:52.0430 5932 [ D291FA0A37901E5E5A687813FA2AF2B5 ] C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
10:06:52.0430 5932 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll - ok
10:06:52.0440 5932 [ 2D34839A17EF7BDA968332AF195FCC9D ] C:\Program Files\Common Files\System\ado\msadox.dll
10:06:52.0440 5932 C:\Program Files\Common Files\System\ado\msadox.dll - ok
10:06:52.0450 5932 [ B7899C3E21B299D7A3C0DA96CAE340BD ] C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
10:06:52.0450 5932 C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
10:06:52.0459 5932 [ 145642B84939D50AFDA2D6163406CCED ] C:\Windows\System32\networkitemfactory.dll
10:06:52.0459 5932 C:\Windows\System32\networkitemfactory.dll - ok
10:06:52.0468 5932 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\System32\StructuredQuery.dll
10:06:52.0468 5932 C:\Windows\System32\StructuredQuery.dll - ok
10:06:52.0476 5932 [ 0795AAF84172C2E3B605CCB3A6E91D4A ] C:\Windows\System32\dtsh.dll
10:06:52.0476 5932 C:\Windows\System32\dtsh.dll - ok
10:06:52.0485 5932 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\System32\audiodev.dll
10:06:52.0485 5932 C:\Windows\System32\audiodev.dll - ok
10:06:52.0493 5932 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
10:06:52.0494 5932 C:\Windows\System32\WMVCORE.DLL - ok
10:06:52.0503 5932 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
10:06:52.0503 5932 C:\Windows\System32\WMASF.DLL - ok
10:06:52.0511 5932 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\System32\EhStorAPI.dll
10:06:52.0511 5932 C:\Windows\System32\EhStorAPI.dll - ok
10:06:52.0521 5932 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\System32\notepad.exe
10:06:52.0521 5932 C:\Windows\System32\notepad.exe - ok
10:06:52.0529 5932 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\System32\wscinterop.dll
10:06:52.0529 5932 C:\Windows\System32\wscinterop.dll - ok
10:06:52.0541 5932 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\System32\wscui.cpl
10:06:52.0541 5932 C:\Windows\System32\wscui.cpl - ok
10:06:52.0547 5932 [ 1869BD251211FB6275067372A45682D6 ] C:\Windows\System32\werconcpl.dll
10:06:52.0548 5932 C:\Windows\System32\werconcpl.dll - ok
10:06:52.0557 5932 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll
10:06:52.0557 5932 C:\Windows\System32\wercplsupport.dll - ok
10:06:52.0565 5932 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\System32\hcproviders.dll
10:06:52.0566 5932 C:\Windows\System32\hcproviders.dll - ok
10:06:52.0575 5932 [ 347AAE83C7C7B787CED89544532AA47D ] C:\Windows\System32\PhotoMetadataHandler.dll
10:06:52.0575 5932 C:\Windows\System32\PhotoMetadataHandler.dll - ok
10:06:52.0584 5932 [ B201AF83DF2E85323E29EB83E4046810 ] C:\Program Files\Internet Explorer\iexplore.exe
10:06:52.0584 5932 C:\Program Files\Internet Explorer\iexplore.exe - ok
10:06:52.0589 5932 [ F9D038A8C2BDC3AE2548150A7AED0F8A ] C:\Windows\System32\ieui.dll
10:06:52.0589 5932 C:\Windows\System32\ieui.dll - ok
10:06:52.0598 5932 [ 1D4127FE151165C5FB9C0EED8701A3D1 ] C:\Program Files\Internet Explorer\IEShims.dll
10:06:52.0598 5932 C:\Program Files\Internet Explorer\IEShims.dll - ok
10:06:52.0607 5932 [ 229D5E4F953DD979C7713572B93CE111 ] C:\Program Files\Internet Explorer\sqmapi.dll
10:06:52.0607 5932 C:\Program Files\Internet Explorer\sqmapi.dll - ok
10:06:52.0615 5932 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
10:06:52.0616 5932 C:\Windows\System32\mshtml.dll - ok
10:06:52.0626 5932 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll
10:06:52.0626 5932 C:\Windows\System32\d2d1.dll - ok
10:06:52.0634 5932 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
10:06:52.0634 5932 C:\Windows\System32\DWrite.dll - ok
10:06:52.0643 5932 [ 8E6C86726B67D3FAA3144849B9AAC06C ] C:\Program Files\Java\jre6\bin\ssv.dll
10:06:52.0644 5932 C:\Program Files\Java\jre6\bin\ssv.dll - ok
10:06:52.0652 5932 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
10:06:52.0652 5932 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
10:06:52.0663 5932 [ A9770771B622A871643EA2A4A3983E95 ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
10:06:52.0663 5932 C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
10:06:52.0671 5932 [ E2E37D570AAF48781BD00DD243456E7D ] C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll
10:06:52.0671 5932 C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll - ok
10:06:52.0680 5932 [ 23BB24B3CC03F7788A8EB6FE64947BBD ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll
10:06:52.0680 5932 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll - ok
10:06:52.0689 5932 [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\System32\ieapfltr.dll
10:06:52.0689 5932 C:\Windows\System32\ieapfltr.dll - ok
10:06:52.0698 5932 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll
10:06:52.0698 5932 C:\Windows\System32\jscript9.dll - ok
10:06:52.0707 5932 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
10:06:52.0707 5932 C:\Windows\System32\msimtf.dll - ok
10:06:52.0716 5932 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\System32\dxtrans.dll
10:06:52.0716 5932 C:\Windows\System32\dxtrans.dll - ok
10:06:52.0724 5932 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\System32\ddrawex.dll
10:06:52.0724 5932 C:\Windows\System32\ddrawex.dll - ok
10:06:52.0733 5932 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\System32\dxtmsft.dll
10:06:52.0733 5932 C:\Windows\System32\dxtmsft.dll - ok
10:06:52.0742 5932 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll
10:06:52.0742 5932 C:\Windows\System32\d3d10.dll - ok
10:06:52.0751 5932 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll
10:06:52.0751 5932 C:\Windows\System32\d3d10core.dll - ok
10:06:52.0759 5932 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll
10:06:52.0759 5932 C:\Windows\System32\NaturalLanguage6.dll - ok
10:06:52.0769 5932 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\System32\NlsData0009.dll
10:06:52.0769 5932 C:\Windows\System32\NlsData0009.dll - ok
10:06:52.0777 5932 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\System32\NlsLexicons0009.dll
10:06:52.0777 5932 C:\Windows\System32\NlsLexicons0009.dll - ok
10:06:52.0787 5932 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\System32\WindowsCodecsExt.dll
10:06:52.0787 5932 C:\Windows\System32\WindowsCodecsExt.dll - ok
10:06:52.0800 5932 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\System32\icm32.dll
10:06:52.0800 5932 C:\Windows\System32\icm32.dll - ok
10:06:52.0806 5932 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe
10:06:52.0806 5932 C:\Windows\System32\wuauclt.exe - ok
10:06:52.0815 5932 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
10:06:52.0815 5932 C:\Windows\System32\wucltux.dll - ok
10:06:52.0824 5932 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\System32\advpack.dll
10:06:52.0824 5932 C:\Windows\System32\advpack.dll - ok
10:06:52.0832 5932 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
10:06:52.0832 5932 C:\Windows\servicing\TrustedInstaller.exe - ok
10:06:52.0839 5932 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
10:06:52.0839 5932 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok
10:06:52.0848 5932 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll
10:06:52.0848 5932 C:\Windows\System32\dpx.dll - ok
10:06:52.0857 5932 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
10:06:52.0857 5932 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok
10:06:52.0867 5932 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
10:06:52.0867 5932 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok
10:06:52.0876 5932 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
10:06:52.0876 5932 C:\Windows\System32\srclient.dll - ok
10:06:52.0885 5932 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
10:06:52.0885 5932 C:\Windows\System32\spp.dll - ok
10:06:52.0894 5932 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
10:06:52.0894 5932 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok
10:06:52.0903 5932 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll
10:06:52.0903 5932 C:\Windows\System32\sxsstore.dll - ok
10:06:52.0914 5932 [ 665748B8F1770EFE09AC75D8EC020100 ] C:\Windows\servicing\CbsApi.dll
10:06:52.0914 5932 C:\Windows\servicing\CbsApi.dll - ok
10:06:52.0921 5932 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\System32\ELSCore.dll
10:06:52.0921 5932 C:\Windows\System32\ELSCore.dll - ok
10:06:52.0929 5932 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\System32\elsTrans.dll
10:06:52.0929 5932 C:\Windows\System32\elsTrans.dll - ok
10:06:52.0939 5932 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\System32\elslad.dll
10:06:52.0939 5932 C:\Windows\System32\elslad.dll - ok
10:06:52.0947 5932 [ 816FA57475CE5032E063BF69BFCD4C85 ] C:\Windows\System32\NlsData0021.dll
10:06:52.0947 5932 C:\Windows\System32\NlsData0021.dll - ok
10:06:52.0957 5932 [ 5003ADEC6FF342D5C0BBAB94B76FE5E0 ] C:\Windows\System32\NlsLexicons0021.dll
10:06:52.0957 5932 C:\Windows\System32\NlsLexicons0021.dll - ok
10:06:52.0965 5932 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\System32\NlsData000c.dll
10:06:52.0965 5932 C:\Windows\System32\NlsData000c.dll - ok
10:06:52.0975 5932 [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\System32\NlsLexicons000c.dll
10:06:52.0975 5932 C:\Windows\System32\NlsLexicons000c.dll - ok
10:06:52.0984 5932 [ 0BDF121EBD33DA510BD82051C795E199 ] C:\Windows\System32\NlsData0003.dll
10:06:52.0984 5932 C:\Windows\System32\NlsData0003.dll - ok
10:06:52.0993 5932 [ E08BD8A403E169971B499E59203B0FB8 ] C:\Windows\System32\NlsLexicons0003.dll
10:06:52.0993 5932 C:\Windows\System32\NlsLexicons0003.dll - ok
10:06:53.0001 5932 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\System32\Wpc.dll
10:06:53.0001 5932 C:\Windows\System32\Wpc.dll - ok
10:06:53.0011 5932 [ DE6652B4B4E9795B53142959FD02A4EB ] C:\Windows\System32\inetcpl.cpl
10:06:53.0011 5932 C:\Windows\System32\inetcpl.cpl - ok
10:06:53.0020 5932 [ ED6F6FBBCDEC95483B7351E23F4FCDF6 ] C:\Windows\System32\IEAdvpack.dll
10:06:53.0020 5932 C:\Windows\System32\IEAdvpack.dll - ok
10:06:53.0029 5932 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll
10:06:53.0030 5932 C:\Windows\System32\msfeeds.dll - ok
10:06:53.0038 5932 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\System32\wbem\WMIADAP.exe
10:06:53.0038 5932 C:\Windows\System32\wbem\WMIADAP.exe - ok
10:06:53.0048 5932 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll
10:06:53.0048 5932 C:\Windows\System32\loadperf.dll - ok
10:06:53.0052 5932 ============================================================
10:06:53.0053 5932 Scan finished
10:06:53.0053 5932 ============================================================
10:06:53.0068 5924 Detected object count: 6
10:06:53.0068 5924 Actual detected object count: 6
10:07:06.0504 5924 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0504 5924 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:06.0505 5924 Flash1 ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0505 5924 Flash1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:06.0508 5924 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0508 5924 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:06.0511 5924 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0511 5924 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:06.0514 5924 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0514 5924 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:07:06.0519 5924 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
10:07:06.0519 5924 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:10:10.0251 5752 ============================================================
10:10:10.0251 5752 Scan started
10:10:10.0251 5752 Mode: Manual; SigCheck; TDLFS;
10:10:10.0251 5752 ============================================================
10:10:10.0923 5752 ================ Scan system memory ========================
10:10:10.0923 5752 System memory - ok
10:10:10.0924 5752 ================ Scan services =============================
10:10:11.0139 5752 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:10:11.0167 5752 1394ohci - ok
10:10:11.0221 5752 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:10:11.0238 5752 ACPI - ok
10:10:11.0289 5752 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:10:11.0305 5752 AcpiPmi - ok
10:10:11.0412 5752 [ 5DDC0A8D2CD60BDA593DDAF45821CE08 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
10:10:11.0417 5752 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
10:10:11.0417 5752 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
10:10:11.0477 5752 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:10:11.0499 5752 adp94xx - ok
10:10:11.0541 5752 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:10:11.0559 5752 adpahci - ok
10:10:11.0586 5752 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:10:11.0601 5752 adpu320 - ok
10:10:11.0642 5752 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:10:11.0655 5752 AeLookupSvc - ok
10:10:11.0711 5752 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
10:10:11.0729 5752 AFD - ok
10:10:11.0768 5752 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
10:10:11.0782 5752 agp440 - ok
10:10:11.0828 5752 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
10:10:11.0841 5752 aic78xx - ok
10:10:11.0883 5752 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
10:10:11.0898 5752 ALG - ok
10:10:11.0952 5752 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
10:10:11.0964 5752 aliide - ok
10:10:11.0991 5752 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:10:12.0005 5752 amdagp - ok
10:10:12.0046 5752 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
10:10:12.0058 5752 amdide - ok
10:10:12.0119 5752 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:10:12.0133 5752 AmdK8 - ok
10:10:12.0177 5752 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:10:12.0191 5752 AmdPPM - ok
10:10:12.0240 5752 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:10:12.0254 5752 amdsata - ok
10:10:12.0312 5752 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:10:12.0327 5752 amdsbs - ok
10:10:12.0360 5752 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:10:12.0372 5752 amdxata - ok
10:10:12.0417 5752 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
10:10:12.0446 5752 AppID - ok
10:10:12.0492 5752 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:10:12.0520 5752 AppIDSvc - ok
10:10:12.0557 5752 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
10:10:12.0586 5752 Appinfo - ok
10:10:12.0628 5752 [ 69370F2E2827FFBA910D0BFA9E62E484 ] appliand C:\Windows\system32\DRIVERS\appliand.sys
10:10:12.0640 5752 appliand - ok
10:10:12.0646 5752 [ 69370F2E2827FFBA910D0BFA9E62E484 ] appliandMP C:\Windows\system32\DRIVERS\appliand.sys
10:10:12.0657 5752 appliandMP - ok
10:10:12.0704 5752 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:10:12.0717 5752 arc - ok
10:10:12.0748 5752 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:10:12.0762 5752 arcsas - ok
10:10:12.0867 5752 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:10:12.0879 5752 aspnet_state - ok
10:10:12.0907 5752 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:10:12.0938 5752 AsyncMac - ok
10:10:12.0979 5752 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
10:10:12.0991 5752 atapi - ok
10:10:13.0052 5752 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:10:13.0088 5752 AudioEndpointBuilder - ok
10:10:13.0130 5752 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:10:13.0165 5752 Audiosrv - ok
10:10:13.0246 5752 [ C0E25BB0E6A159D332048AFAA2ED24CE ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
10:10:13.0267 5752 Automatic LiveUpdate Scheduler - ok
10:10:13.0315 5752 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:10:13.0333 5752 AxInstSV - ok
10:10:13.0381 5752 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
10:10:13.0405 5752 b06bdrv - ok
10:10:13.0436 5752 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
10:10:13.0452 5752 b57nd60x - ok
10:10:13.0537 5752 [ 34A0A6386256080F52C74076C6157026 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
10:10:13.0573 5752 BCM43XX - ok
10:10:13.0617 5752 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
10:10:13.0632 5752 BDESVC - ok
10:10:13.0670 5752 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
10:10:13.0702 5752 Beep - ok
10:10:13.0757 5752 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
10:10:13.0793 5752 BFE - ok
10:10:13.0857 5752 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
10:10:13.0896 5752 BITS - ok
10:10:13.0984 5752 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:10:13.0999 5752 blbdrive - ok
10:10:14.0030 5752 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:10:14.0047 5752 bowser - ok
10:10:14.0122 5752 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:10:14.0139 5752 BrFiltLo - ok
10:10:14.0161 5752 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:10:14.0177 5752 BrFiltUp - ok
10:10:14.0205 5752 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:10:14.0239 5752 BridgeMP - ok
10:10:14.0277 5752 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
10:10:14.0292 5752 Browser - ok
10:10:14.0315 5752 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:10:14.0332 5752 Brserid - ok
10:10:14.0374 5752 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:10:14.0390 5752 BrSerWdm - ok
10:10:14.0411 5752 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:10:14.0426 5752 BrUsbMdm - ok
10:10:14.0444 5752 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:10:14.0457 5752 BrUsbSer - ok
10:10:14.0476 5752 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:10:14.0493 5752 BTHMODEM - ok
10:10:14.0541 5752 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
10:10:14.0573 5752 bthserv - ok
10:10:14.0709 5752 catchme - ok
10:10:14.0734 5752 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:10:14.0766 5752 cdfs - ok
10:10:14.0803 5752 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:10:14.0818 5752 cdrom - ok
10:10:14.0858 5752 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
10:10:14.0888 5752 CertPropSvc - ok
10:10:14.0928 5752 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:10:14.0943 5752 circlass - ok
10:10:14.0989 5752 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
10:10:15.0008 5752 CLFS - ok
10:10:15.0091 5752 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:10:15.0103 5752 clr_optimization_v2.0.50727_32 - ok
10:10:15.0130 5752 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:10:15.0143 5752 clr_optimization_v4.0.30319_32 - ok
10:10:15.0157 5752 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:10:15.0171 5752 CmBatt - ok
10:10:15.0209 5752 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:10:15.0222 5752 cmdide - ok
10:10:15.0279 5752 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
10:10:15.0308 5752 CNG - ok
10:10:15.0352 5752 [ B6E7991E3D6146C04C85CD31AF22A381 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
10:10:15.0366 5752 CnxtHdAudService - ok
10:10:15.0429 5752 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:10:15.0443 5752 Com4QLBEx - ok
10:10:15.0486 5752 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:10:15.0498 5752 Compbatt - ok
10:10:15.0537 5752 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:10:15.0554 5752 CompositeBus - ok
10:10:15.0560 5752 COMSysApp - ok
10:10:15.0585 5752 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:10:15.0598 5752 crcdisk - ok
10:10:15.0657 5752 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:10:15.0672 5752 CryptSvc - ok
10:10:15.0725 5752 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
10:10:15.0761 5752 DcomLaunch - ok
10:10:15.0808 5752 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
10:10:15.0843 5752 defragsvc - ok
10:10:15.0897 5752 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:10:15.0927 5752 DfsC - ok
10:10:15.0981 5752 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:10:16.0014 5752 Dhcp - ok
10:10:16.0072 5752 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
10:10:16.0105 5752 discache - ok
10:10:16.0120 5752 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:10:16.0134 5752 Disk - ok
10:10:16.0158 5752 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:10:16.0173 5752 Dnscache - ok
10:10:16.0226 5752 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
10:10:16.0258 5752 dot3svc - ok
10:10:16.0294 5752 [ B5E479EB83707DD698F66953E922042C ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:10:16.0313 5752 Dot4 - ok
10:10:16.0384 5752 [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
10:10:16.0400 5752 Dot4Print - ok
10:10:16.0421 5752 [ CF491FF38D62143203C065260567E2F7 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:10:16.0437 5752 dot4usb - ok
10:10:16.0477 5752 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
10:10:16.0508 5752 DPS - ok
10:10:16.0555 5752 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:10:16.0570 5752 drmkaud - ok
10:10:16.0597 5752 [ F35B5D0CC142B87E687FC504BAA69D82 ] dsiarhwprog C:\Windows\system32\Drivers\dsiarhwprog.sys
10:10:16.0607 5752 dsiarhwprog - ok
10:10:16.0674 5752 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:10:16.0700 5752 DXGKrnl - ok
10:10:16.0747 5752 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
10:10:16.0779 5752 EapHost - ok
10:10:16.0933 5752 [ 167725F44C8D2C1F9A86E16FFA60F311 ] EasyRedirect C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
10:10:17.0006 5752 EasyRedirect - ok
10:10:17.0146 5752 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
10:10:17.0200 5752 ebdrv - ok
10:10:17.0233 5752 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
10:10:17.0248 5752 EFS - ok
10:10:17.0340 5752 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:10:17.0362 5752 ehRecvr - ok
10:10:17.0399 5752 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
10:10:17.0414 5752 ehSched - ok
10:10:17.0468 5752 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:10:17.0489 5752 elxstor - ok
10:10:17.0504 5752 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:10:17.0517 5752 ErrDev - ok
10:10:17.0577 5752 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
10:10:17.0611 5752 EventSystem - ok
10:10:17.0638 5752 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
10:10:17.0670 5752 exfat - ok
10:10:17.0685 5752 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:10:17.0718 5752 fastfat - ok
10:10:17.0775 5752 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
10:10:17.0795 5752 Fax - ok
10:10:17.0839 5752 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:10:17.0853 5752 fdc - ok
10:10:17.0898 5752 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
10:10:17.0929 5752 fdPHost - ok
10:10:17.0945 5752 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
10:10:17.0976 5752 FDResPub - ok
10:10:17.0988 5752 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:10:18.0001 5752 FileInfo - ok
10:10:18.0016 5752 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:10:18.0049 5752 Filetrace - ok
10:10:18.0149 5752 [ C532970D4DC83C42C2AF56943F2998AE ] Flash1 C:\SwSetup\sp43666\winphlash\Flash1.sys
10:10:18.0153 5752 Flash1 ( UnsignedFile.Multi.Generic ) - warning
10:10:18.0153 5752 Flash1 - detected UnsignedFile.Multi.Generic (1)
10:10:18.0235 5752 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:10:18.0263 5752 FLEXnet Licensing Service - ok
10:10:18.0280 5752 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:10:18.0293 5752 flpydisk - ok
10:10:18.0342 5752 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:10:18.0358 5752 FltMgr - ok
10:10:18.0433 5752 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
10:10:18.0457 5752 FontCache - ok
10:10:18.0534 5752 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:10:18.0545 5752 FontCache3.0.0.0 - ok
10:10:18.0560 5752 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:10:18.0573 5752 FsDepends - ok
10:10:18.0619 5752 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:10:18.0631 5752 Fs_Rec - ok
10:10:18.0688 5752 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:10:18.0707 5752 fvevol - ok
10:10:18.0751 5752 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:10:18.0764 5752 gagp30kx - ok
10:10:18.0835 5752 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
10:10:18.0872 5752 gpsvc - ok
10:10:18.0896 5752 [ C172F0D0329E46513B09E1FC60A27B9D ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
10:10:18.0905 5752 HBtnKey - ok
10:10:18.0925 5752 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:10:18.0939 5752 hcw85cir - ok
10:10:18.0981 5752 [ DE4020F928A2F8A6327F5687F36D361B ] HdAudAddService C:\Windows\system32\drivers\CHDART.sys
10:10:18.0994 5752 HdAudAddService - ok
10:10:19.0035 5752 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:10:19.0051 5752 HDAudBus - ok
10:10:19.0065 5752 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:10:19.0078 5752 HidBatt - ok
10:10:19.0096 5752 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:10:19.0112 5752 HidBth - ok
10:10:19.0126 5752 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:10:19.0143 5752 HidIr - ok
10:10:19.0175 5752 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
10:10:19.0207 5752 hidserv - ok
10:10:19.0246 5752 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:10:19.0260 5752 HidUsb - ok
10:10:19.0299 5752 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:10:19.0329 5752 hkmsvc - ok
10:10:19.0379 5752 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:10:19.0395 5752 HomeGroupListener - ok
10:10:19.0444 5752 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:10:19.0460 5752 HomeGroupProvider - ok
10:10:19.0542 5752 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:10:19.0548 5752 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
10:10:19.0548 5752 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
10:10:19.0580 5752 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:10:19.0591 5752 HpqKbFiltr - ok
10:10:19.0647 5752 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:10:19.0661 5752 hpqwmiex - ok
10:10:19.0698 5752 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:10:19.0711 5752 HpSAMD - ok
10:10:19.0775 5752 [ 1882827F41DEE51C70E24C567C35BFB5 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
10:10:19.0800 5752 HSF_DPV - ok
10:10:19.0822 5752 [ A44DDF3BA83E4664BF4DE9220097578C ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
10:10:19.0836 5752 HSXHWAZL - ok
10:10:19.0891 5752 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:10:19.0926 5752 HTTP - ok
10:10:19.0972 5752 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:10:19.0984 5752 hwpolicy - ok
10:10:20.0038 5752 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:10:20.0052 5752 i8042prt - ok
10:10:20.0078 5752 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:10:20.0097 5752 iaStorV - ok
10:10:20.0174 5752 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:10:20.0179 5752 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:10:20.0179 5752 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:10:20.0260 5752 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:10:20.0286 5752 idsvc - ok
10:10:20.0322 5752 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:10:20.0335 5752 iirsp - ok
10:10:20.0395 5752 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
10:10:20.0433 5752 IKEEXT - ok
10:10:20.0452 5752 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
10:10:20.0464 5752 intelide - ok
10:10:20.0486 5752 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:10:20.0500 5752 intelppm - ok
10:10:20.0534 5752 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:10:20.0566 5752 IPBusEnum - ok
10:10:20.0586 5752 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:10:20.0616 5752 IpFilterDriver - ok
10:10:20.0669 5752 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:10:20.0706 5752 iphlpsvc - ok
10:10:20.0748 5752 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:10:20.0762 5752 IPMIDRV - ok
10:10:20.0777 5752 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:10:20.0809 5752 IPNAT - ok
10:10:20.0850 5752 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:10:20.0866 5752 IRENUM - ok
10:10:20.0911 5752 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:10:20.0924 5752 isapnp - ok
10:10:20.0974 5752 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:10:20.0991 5752 iScsiPrt - ok
10:10:21.0013 5752 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
10:10:21.0026 5752 kbdclass - ok
10:10:21.0040 5752 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:10:21.0054 5752 kbdhid - ok
10:10:21.0064 5752 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
10:10:21.0078 5752 KeyIso - ok
10:10:21.0096 5752 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:10:21.0109 5752 KSecDD - ok
10:10:21.0153 5752 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:10:21.0168 5752 KSecPkg - ok
10:10:21.0214 5752 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
10:10:21.0250 5752 KtmRm - ok
10:10:21.0277 5752 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
10:10:21.0310 5752 LanmanServer - ok
10:10:21.0363 5752 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:10:21.0395 5752 LanmanWorkstation - ok
10:10:21.0485 5752 [ 8577CA80212A3EE1CF2FD1FC91E1CFF6 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:10:21.0496 5752 LightScribeService - ok
10:10:21.0647 5752 [ F3CB12A5791761EBCA4C7BA5FC89F5C2 ] LiveUpdate C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
10:10:21.0709 5752 LiveUpdate - ok
10:10:21.0807 5752 [ C837D17DE0B349539AA527EE750EBE2A ] LiveUpdate Notice Service C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
10:10:21.0827 5752 LiveUpdate Notice Service - ok
10:10:21.0871 5752 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:10:21.0903 5752 lltdio - ok
10:10:21.0947 5752 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:10:21.0980 5752 lltdsvc - ok
10:10:21.0995 5752 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
10:10:22.0027 5752 lmhosts - ok
10:10:22.0046 5752 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:10:22.0059 5752 LSI_FC - ok
10:10:22.0074 5752 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:10:22.0088 5752 LSI_SAS - ok
10:10:22.0113 5752 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:10:22.0126 5752 LSI_SAS2 - ok
10:10:22.0164 5752 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:10:22.0177 5752 LSI_SCSI - ok
10:10:22.0195 5752 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
10:10:22.0226 5752 luafv - ok
10:10:22.0269 5752 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:10:22.0285 5752 Mcx2Svc - ok
10:10:22.0326 5752 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
10:10:22.0337 5752 mdmxsdk - ok
10:10:22.0356 5752 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:10:22.0368 5752 megasas - ok
10:10:22.0396 5752 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:10:22.0413 5752 MegaSR - ok
10:10:22.0529 5752 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
10:10:22.0540 5752 Microsoft Office Groove Audit Service - ok
10:10:22.0694 5752 [ 32164A8EA988074AB646AD25EB6BD986 ] mitsijm2012 C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
10:10:22.0716 5752 mitsijm2012 - ok
10:10:22.0765 5752 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
10:10:22.0797 5752 MMCSS - ok
10:10:22.0807 5752 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
10:10:22.0839 5752 Modem - ok
10:10:22.0878 5752 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:10:22.0894 5752 monitor - ok
10:10:22.0942 5752 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
10:10:22.0955 5752 mouclass - ok
10:10:22.0975 5752 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:10:22.0988 5752 mouhid - ok
10:10:23.0028 5752 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:10:23.0041 5752 mountmgr - ok
10:10:23.0071 5752 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:10:23.0092 5752 MpFilter - ok
10:10:23.0113 5752 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
10:10:23.0127 5752 mpio - ok
10:10:23.0172 5752 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:10:23.0200 5752 mpsdrv - ok
10:10:23.0261 5752 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:10:23.0297 5752 MpsSvc - ok
10:10:23.0347 5752 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:10:23.0366 5752 MRxDAV - ok
10:10:23.0397 5752 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:10:23.0410 5752 mrxsmb - ok
10:10:23.0426 5752 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:10:23.0441 5752 mrxsmb10 - ok
10:10:23.0462 5752 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:10:23.0475 5752 mrxsmb20 - ok
10:10:23.0516 5752 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
10:10:23.0529 5752 msahci - ok
10:10:23.0569 5752 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:10:23.0584 5752 msdsm - ok
10:10:23.0607 5752 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
10:10:23.0623 5752 MSDTC - ok
10:10:23.0674 5752 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:10:23.0704 5752 Msfs - ok
10:10:23.0718 5752 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:10:23.0748 5752 mshidkmdf - ok
10:10:23.0787 5752 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:10:23.0800 5752 msisadrv - ok
10:10:23.0838 5752 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:10:23.0869 5752 MSiSCSI - ok
10:10:23.0875 5752 msiserver - ok
10:10:23.0917 5752 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:10:23.0948 5752 MSKSSRV - ok
10:10:23.0983 5752 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:10:23.0998 5752 MsMpSvc - ok
10:10:24.0020 5752 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:10:24.0051 5752 MSPCLOCK - ok
10:10:24.0065 5752 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:10:24.0097 5752 MSPQM - ok
10:10:24.0117 5752 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:10:24.0132 5752 MsRPC - ok
10:10:24.0177 5752 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:10:24.0190 5752 mssmbios - ok
10:10:24.0235 5752 MSSQL$SHIPWORKS - ok
10:10:24.0292 5752 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
10:10:24.0303 5752 MSSQLServerADHelper100 - ok
10:10:24.0332 5752 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:10:24.0362 5752 MSTEE - ok
10:10:24.0376 5752 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:10:24.0389 5752 MTConfig - ok
10:10:24.0411 5752 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
10:10:24.0424 5752 Mup - ok
10:10:24.0468 5752 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
10:10:24.0502 5752 napagent - ok
10:10:24.0561 5752 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:10:24.0581 5752 NativeWifiP - ok
10:10:24.0638 5752 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:10:24.0663 5752 NDIS - ok
10:10:24.0687 5752 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:10:24.0718 5752 NdisCap - ok
10:10:24.0741 5752 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:10:24.0770 5752 NdisTapi - ok
10:10:24.0814 5752 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:10:24.0843 5752 Ndisuio - ok
10:10:24.0886 5752 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:10:24.0916 5752 NdisWan - ok
10:10:24.0967 5752 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:10:24.0996 5752 NDProxy - ok
10:10:25.0033 5752 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:10:25.0064 5752 NetBIOS - ok
10:10:25.0114 5752 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:10:25.0145 5752 NetBT - ok
10:10:25.0162 5752 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
10:10:25.0175 5752 Netlogon - ok
10:10:25.0229 5752 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
10:10:25.0265 5752 Netman - ok
10:10:25.0302 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:10:25.0314 5752 NetMsmqActivator - ok
10:10:25.0324 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:10:25.0337 5752 NetPipeActivator - ok
10:10:25.0361 5752 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
10:10:25.0398 5752 netprofm - ok
10:10:25.0413 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:10:25.0426 5752 NetTcpActivator - ok
10:10:25.0431 5752 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:10:25.0444 5752 NetTcpPortSharing - ok
10:10:25.0480 5752 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:10:25.0493 5752 nfrd960 - ok
10:10:25.0517 5752 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:10:25.0534 5752 NisDrv - ok
10:10:25.0566 5752 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:10:25.0587 5752 NisSrv - ok
10:10:25.0637 5752 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:10:25.0670 5752 NlaSvc - ok
10:10:25.0688 5752 [ B48DC6ABCD3AEFF8618350CCBDC6B09A ] NPF C:\Windows\system32\drivers\npf.sys
10:10:25.0699 5752 NPF - ok
10:10:25.0735 5752 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:10:25.0766 5752 Npfs - ok
10:10:25.0799 5752 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
10:10:25.0831 5752 nsi - ok
10:10:25.0866 5752 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:10:25.0897 5752 nsiproxy - ok
10:10:25.0972 5752 [ 81189C3D7763838E55C397759D49007A ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:10:26.0007 5752 Ntfs - ok
10:10:26.0047 5752 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
10:10:26.0077 5752 Null - ok
10:10:26.0129 5752 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
10:10:26.0147 5752 NVENETFD - ok
10:10:26.0278 5752 [ E00696D78AF663C523D3483410C66F21 ] NVIDIA Performance Driver Service C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
10:10:26.0340 5752 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - warning
10:10:26.0340 5752 NVIDIA Performance Driver Service - detected UnsignedFile.Multi.Generic (1)
10:10:26.0596 5752 [ 05B288B25C2EBD9A4E9E5114AE790876 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:10:26.0721 5752 nvlddmkm - ok
10:10:26.0765 5752 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:10:26.0780 5752 nvraid - ok
10:10:26.0824 5752 [ ADFDD343B1D3A9E061F17C730F1E83DC ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
10:10:26.0835 5752 nvsmu - ok
10:10:26.0851 5752 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:10:26.0866 5752 nvstor - ok
10:10:26.0896 5752 [ E937A615D4289E83E234C3EC26092431 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:10:26.0913 5752 nvsvc - ok
10:10:26.0957 5752 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:10:26.0972 5752 nv_agp - ok
10:10:27.0103 5752 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:10:27.0123 5752 odserv - ok
10:10:27.0147 5752 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:10:27.0161 5752 ohci1394 - ok
10:10:27.0201 5752 [ 99BF0B1BCADF83102CBBBEA4D0D22732 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:10:27.0214 5752 ose - ok
10:10:27.0256 5752 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:10:27.0275 5752 p2pimsvc - ok
10:10:27.0323 5752 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
10:10:27.0342 5752 p2psvc - ok
10:10:27.0383 5752 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:10:27.0398 5752 Parport - ok
10:10:27.0450 5752 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:10:27.0463 5752 partmgr - ok
10:10:27.0484 5752 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
10:10:27.0497 5752 Parvdm - ok
10:10:27.0517 5752 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:10:27.0538 5752 PcaSvc - ok
10:10:27.0586 5752 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
10:10:27.0601 5752 pci - ok
10:10:27.0652 5752 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
10:10:27.0664 5752 pciide - ok
10:10:27.0712 5752 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:10:27.0727 5752 pcmcia - ok
10:10:27.0756 5752 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
10:10:27.0769 5752 pcouffin - ok
10:10:27.0796 5752 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
10:10:27.0809 5752 pcw - ok
10:10:27.0839 5752 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:10:27.0880 5752 PEAUTH - ok
10:10:27.0985 5752 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
10:10:28.0038 5752 pla - ok
10:10:28.0078 5752 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:10:28.0097 5752 PlugPlay - ok
10:10:28.0138 5752 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:10:28.0153 5752 PNRPAutoReg - ok
10:10:28.0178 5752 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:10:28.0195 5752 PNRPsvc - ok
10:10:28.0256 5752 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:10:28.0290 5752 PolicyAgent - ok
10:10:28.0337 5752 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
10:10:28.0369 5752 Power - ok
10:10:28.0411 5752 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:10:28.0442 5752 PptpMiniport - ok
10:10:28.0462 5752 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:10:28.0477 5752 Processor - ok
10:10:28.0531 5752 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
10:10:28.0547 5752 ProfSvc - ok
10:10:28.0559 5752 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:10:28.0574 5752 ProtectedStorage - ok
10:10:28.0620 5752 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:10:28.0654 5752 Psched - ok
10:10:28.0700 5752 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
10:10:28.0712 5752 PxHelp20 - ok
10:10:28.0778 5752 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:10:28.0816 5752 ql2300 - ok
10:10:28.0857 5752 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:10:28.0871 5752 ql40xx - ok
10:10:29.0064 5752 [ BA396D1C71934E22679D3F4DAC17E7AB ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
10:10:29.0079 5752 QPCapSvc - ok
10:10:29.0097 5752 [ 4B455E8C41CAD3219CCF53024DCAD604 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
10:10:29.0108 5752 QPSched - ok
10:10:29.0155 5752 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
10:10:29.0176 5752 QWAVE - ok
10:10:29.0194 5752 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:10:29.0211 5752 QWAVEdrv - ok
10:10:29.0285 5752 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
10:10:29.0300 5752 RapiMgr - ok
10:10:29.0313 5752 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:10:29.0344 5752 RasAcd - ok
10:10:29.0395 5752 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:10:29.0424 5752 RasAgileVpn - ok
10:10:29.0464 5752 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
10:10:29.0497 5752 RasAuto - ok
10:10:29.0537 5752 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:10:29.0569 5752 Rasl2tp - ok
10:10:29.0629 5752 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
10:10:29.0663 5752 RasMan - ok
10:10:29.0683 5752 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:10:29.0715 5752 RasPppoe - ok
10:10:29.0733 5752 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:10:29.0763 5752 RasSstp - ok
10:10:29.0804 5752 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:10:29.0836 5752 rdbss - ok
10:10:29.0878 5752 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:10:29.0895 5752 rdpbus - ok
10:10:29.0942 5752 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:10:29.0970 5752 RDPCDD - ok
10:10:29.0986 5752 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:10:30.0015 5752 RDPENCDD - ok
10:10:30.0043 5752 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:10:30.0071 5752 RDPREFMP - ok
10:10:30.0119 5752 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:10:30.0135 5752 RDPWD - ok
10:10:30.0179 5752 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:10:30.0195 5752 rdyboost - ok
10:10:30.0248 5752 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
10:10:30.0278 5752 RemoteAccess - ok
10:10:30.0321 5752 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:10:30.0355 5752 RemoteRegistry - ok
10:10:30.0398 5752 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
10:10:30.0408 5752 rimmptsk - ok
10:10:30.0448 5752 [ DB8EB01C58C9FADA00C70B1775278AE0 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
10:10:30.0460 5752 rimsptsk - ok
10:10:30.0509 5752 [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
10:10:30.0522 5752 RimUsb - ok
10:10:30.0559 5752 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
10:10:30.0570 5752 RimVSerPort - ok
10:10:30.0587 5752 [ 6C1F93C0760C9F79A1869D07233DF39D ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
10:10:30.0599 5752 rismxdp - ok
10:10:30.0646 5752 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
10:10:30.0677 5752 ROOTMODEM - ok
10:10:30.0820 5752 [ 08FB7D968805001C7ADCBB14B0651FA2 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
10:10:30.0840 5752 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
10:10:30.0840 5752 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
10:10:30.0906 5752 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
10:10:30.0918 5752 rpcapd - ok
10:10:30.0967 5752 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:10:31.0000 5752 RpcEptMapper - ok
10:10:31.0040 5752 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
10:10:31.0055 5752 RpcLocator - ok
10:10:31.0103 5752 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
10:10:31.0139 5752 RpcSs - ok
10:10:31.0177 5752 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\Windows\system32\DRIVERS\RsFx0150.sys
10:10:31.0192 5752 RsFx0150 - ok
10:10:31.0205 5752 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:10:31.0237 5752 rspndr - ok
10:10:31.0246 5752 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
10:10:31.0261 5752 SamSs - ok
10:10:31.0312 5752 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:10:31.0325 5752 sbp2port - ok
10:10:31.0367 5752 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:10:31.0399 5752 SCardSvr - ok
10:10:31.0414 5752 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:10:31.0443 5752 scfilter - ok
10:10:31.0506 5752 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
10:10:31.0546 5752 Schedule - ok
10:10:31.0592 5752 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:10:31.0624 5752 SCPolicySvc - ok
10:10:31.0670 5752 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
10:10:31.0686 5752 sdbus - ok
10:10:31.0702 5752 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:10:31.0718 5752 SDRSVC - ok
10:10:31.0760 5752 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:10:31.0790 5752 secdrv - ok
10:10:31.0843 5752 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
10:10:31.0875 5752 seclogon - ok
10:10:31.0889 5752 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
10:10:31.0923 5752 SENS - ok
10:10:31.0970 5752 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:10:31.0985 5752 SensrSvc - ok
10:10:32.0023 5752 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:10:32.0037 5752 Serenum - ok
10:10:32.0067 5752 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:10:32.0082 5752 Serial - ok
10:10:32.0104 5752 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:10:32.0117 5752 sermouse - ok
10:10:32.0182 5752 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
10:10:32.0213 5752 SessionEnv - ok
10:10:32.0263 5752 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:10:32.0276 5752 sffdisk - ok
10:10:32.0288 5752 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:10:32.0301 5752 sffp_mmc - ok
10:10:32.0322 5752 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:10:32.0337 5752 sffp_sd - ok
10:10:32.0374 5752 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:10:32.0388 5752 sfloppy - ok
10:10:32.0437 5752 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:10:32.0472 5752 SharedAccess - ok
10:10:32.0507 5752 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:10:32.0541 5752 ShellHWDetection - ok
10:10:32.0549 5752 Shewsvrmod - ok
10:10:32.0580 5752 [ 392834ADB35DEB199B03AE6A6CAAB23A ] SilverLink C:\Windows\system32\Drivers\SilvrLnk.sys
10:10:32.0590 5752 SilverLink - ok
10:10:32.0608 5752 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:10:32.0621 5752 sisagp - ok
10:10:32.0664 5752 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:10:32.0677 5752 SiSRaid2 - ok
10:10:32.0692 5752 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:10:32.0706 5752 SiSRaid4 - ok
10:10:32.0714 5752 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:10:32.0747 5752 Smb - ok
10:10:32.0808 5752 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:10:32.0823 5752 SNMPTRAP - ok
10:10:32.0910 5752 [ 59C9B920A1767CB857C5FB2E1E66E7E4 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
10:10:32.0945 5752 SNP2UVC - ok
10:10:32.0993 5752 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
10:10:33.0005 5752 spldr - ok
10:10:33.0053 5752 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
10:10:33.0072 5752 Spooler - ok
10:10:33.0217 5752 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
10:10:33.0290 5752 sppsvc - ok
10:10:33.0330 5752 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:10:33.0360 5752 sppuinotify - ok
10:10:33.0429 5752 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\Windows\System32\Drivers\sptd.sys
10:10:33.0453 5752 sptd - ok
10:10:33.0502 5752 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$SHIPWORKS c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE
10:10:33.0519 5752 SQLAgent$SHIPWORKS - ok
10:10:33.0566 5752 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:10:33.0581 5752 SQLBrowser - ok
10:10:33.0607 5752 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:10:33.0619 5752 SQLWriter - ok
10:10:33.0665 5752 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:10:33.0682 5752 srv - ok
10:10:33.0695 5752 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:10:33.0712 5752 srv2 - ok
10:10:33.0731 5752 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:10:33.0746 5752 srvnet - ok
10:10:33.0778 5752 [ D5DFFEAA1E15D4EFFABB9D9A3068AC5B ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
10:10:33.0789 5752 sscdbus - ok
10:10:33.0807 5752 [ 8A1BE0C347814F482F493AEA619D57F6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
10:10:33.0817 5752 sscdmdfl - ok
10:10:33.0840 5752 [ 5AB0B1987F682A59B15B78F84C6AD7D0 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
10:10:33.0852 5752 sscdmdm - ok
10:10:33.0875 5752 [ 751E66EB32EFA80633B80F5D7FF0A1D8 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
10:10:33.0887 5752 sscdserd - ok
10:10:33.0931 5752 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:10:33.0966 5752 SSDPSRV - ok
10:10:33.0990 5752 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:10:34.0023 5752 SstpSvc - ok
10:10:34.0062 5752 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:10:34.0075 5752 stexstor - ok
10:10:34.0139 5752 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
10:10:34.0165 5752 StiSvc - ok
10:10:34.0220 5752 [ A9A23C8AF361F7A93FD632E91A8C346F ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:10:34.0231 5752 stllssvr - ok
10:10:34.0274 5752 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
10:10:34.0286 5752 swenum - ok
10:10:34.0333 5752 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
10:10:34.0370 5752 swprv - ok
10:10:34.0421 5752 [ F5D926807BD9BC0AF68F9376144DE425 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:10:34.0435 5752 SynTP - ok
10:10:34.0517 5752 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
10:10:34.0552 5752 SysMain - ok
10:10:34.0599 5752 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:10:34.0619 5752 TabletInputService - ok
10:10:34.0671 5752 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
10:10:34.0704 5752 TapiSrv - ok
10:10:34.0746 5752 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
10:10:34.0779 5752 TBS - ok
10:10:34.0855 5752 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:10:34.0891 5752 Tcpip - ok
10:10:34.0944 5752 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:10:34.0980 5752 TCPIP6 - ok
10:10:35.0032 5752 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:10:35.0061 5752 tcpipreg - ok
10:10:35.0107 5752 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:10:35.0120 5752 TDPIPE - ok
10:10:35.0143 5752 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:10:35.0157 5752 TDTCP - ok
10:10:35.0192 5752 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:10:35.0222 5752 tdx - ok
10:10:35.0237 5752 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:10:35.0250 5752 TermDD - ok
10:10:35.0303 5752 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
10:10:35.0341 5752 TermService - ok
10:10:35.0379 5752 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
10:10:35.0398 5752 Themes - ok
10:10:35.0412 5752 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
10:10:35.0445 5752 THREADORDER - ok
10:10:35.0482 5752 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
10:10:35.0516 5752 TrkWks - ok
10:10:35.0592 5752 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:10:35.0623 5752 TrustedInstaller - ok
10:10:35.0666 5752 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:10:35.0695 5752 tssecsrv - ok
10:10:35.0744 5752 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:10:35.0757 5752 TsUsbFlt - ok
10:10:35.0798 5752 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:10:35.0828 5752 tunnel - ok
10:10:35.0868 5752 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:10:35.0881 5752 uagp35 - ok
10:10:35.0926 5752 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:10:35.0958 5752 udfs - ok
10:10:36.0012 5752 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:10:36.0030 5752 UI0Detect - ok
10:10:36.0074 5752 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:10:36.0087 5752 uliagpkx - ok
10:10:36.0106 5752 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
10:10:36.0119 5752 umbus - ok
10:10:36.0162 5752 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:10:36.0176 5752 UmPass - ok
10:10:36.0228 5752 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
10:10:36.0264 5752 upnphost - ok
10:10:36.0318 5752 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:10:36.0332 5752 usbccgp - ok
10:10:36.0350 5752 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:10:36.0366 5752 usbcir - ok
10:10:36.0385 5752 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:10:36.0398 5752 usbehci - ok
10:10:36.0422 5752 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:10:36.0439 5752 usbhub - ok
10:10:36.0460 5752 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:10:36.0474 5752 usbohci - ok
10:10:36.0521 5752 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:10:36.0537 5752 usbprint - ok
10:10:36.0578 5752 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:10:36.0594 5752 usbscan - ok
10:10:36.0618 5752 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:10:36.0633 5752 USBSTOR - ok
10:10:36.0656 5752 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:10:36.0670 5752 usbuhci - ok
10:10:36.0718 5752 [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:10:36.0736 5752 usbvideo - ok
10:10:36.0769 5752 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:10:36.0782 5752 usb_rndisx - ok
10:10:36.0828 5752 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
10:10:36.0858 5752 UxSms - ok
10:10:36.0887 5752 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
10:10:36.0900 5752 VaultSvc - ok
10:10:36.0939 5752 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:10:36.0952 5752 vdrvroot - ok
10:10:37.0008 5752 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
10:10:37.0045 5752 vds - ok
10:10:37.0091 5752 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:10:37.0106 5752 vga - ok
10:10:37.0121 5752 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:10:37.0152 5752 VgaSave - ok
10:10:37.0193 5752 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:10:37.0209 5752 vhdmp - ok
10:10:37.0229 5752 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:10:37.0243 5752 viaagp - ok
10:10:37.0290 5752 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
10:10:37.0304 5752 ViaC7 - ok
10:10:37.0339 5752 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
10:10:37.0352 5752 viaide - ok
10:10:37.0371 5752 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:10:37.0384 5752 volmgr - ok
10:10:37.0409 5752 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:10:37.0427 5752 volmgrx - ok
10:10:37.0480 5752 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:10:37.0497 5752 volsnap - ok
10:10:37.0517 5752 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:10:37.0532 5752 vsmraid - ok
10:10:37.0607 5752 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
10:10:37.0652 5752 VSS - ok
10:10:37.0672 5752 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:10:37.0689 5752 vwifibus - ok
10:10:37.0756 5752 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
10:10:37.0792 5752 W32Time - ok
10:10:37.0839 5752 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:10:37.0853 5752 WacomPen - ok
10:10:37.0894 5752 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:10:37.0923 5752 WANARP - ok
10:10:37.0938 5752 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:10:37.0968 5752 Wanarpv6 - ok
10:10:38.0039 5752 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:10:38.0078 5752 WatAdminSvc - ok
10:10:38.0162 5752 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
10:10:38.0193 5752 wbengine - ok
10:10:38.0232 5752 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:10:38.0253 5752 WbioSrvc - ok
10:10:38.0292 5752 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
10:10:38.0310 5752 WcesComm - ok
10:10:38.0357 5752 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:10:38.0380 5752 wcncsvc - ok
10:10:38.0395 5752 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:10:38.0410 5752 WcsPlugInService - ok
10:10:38.0449 5752 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:10:38.0462 5752 Wd - ok
10:10:38.0526 5752 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:10:38.0550 5752 Wdf01000 - ok
10:10:38.0566 5752 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:10:38.0585 5752 WdiServiceHost - ok
10:10:38.0599 5752 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:10:38.0619 5752 WdiSystemHost - ok
10:10:38.0663 5752 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
10:10:38.0684 5752 WebClient - ok
10:10:38.0739 5752 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:10:38.0773 5752 Wecsvc - ok
10:10:38.0789 5752 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:10:38.0820 5752 wercplsupport - ok
10:10:38.0840 5752 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
10:10:38.0873 5752 WerSvc - ok
10:10:38.0915 5752 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:10:38.0946 5752 WfpLwf - ok
10:10:38.0963 5752 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:10:38.0976 5752 WIMMount - ok
10:10:39.0036 5752 [ E096FFB754F1E45AE1BDDAC1275AE2C5 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
10:10:39.0056 5752 winachsf - ok
10:10:39.0148 5752 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:10:39.0173 5752 WinDefend - ok
10:10:39.0187 5752 WinHttpAutoProxySvc - ok
10:10:39.0281 5752 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:10:39.0312 5752 Winmgmt - ok
10:10:39.0399 5752 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
10:10:39.0445 5752 WinRM - ok
10:10:39.0503 5752 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WINUSB C:\Windows\system32\drivers\WinUSB.SYS
10:10:39.0519 5752 WINUSB - ok
10:10:39.0582 5752 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:10:39.0612 5752 Wlansvc - ok
10:10:39.0661 5752 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:10:39.0674 5752 WmiAcpi - ok
10:10:39.0719 5752 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:10:39.0735 5752 wmiApSrv - ok
10:10:39.0835 5752 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:10:39.0863 5752 WMPNetworkSvc - ok
10:10:39.0920 5752 [ 017695393AFFFED8DE58ABD1B085BE6D ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
10:10:39.0938 5752 WMZuneComm - ok
10:10:39.0986 5752 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:10:40.0001 5752 WPCSvc - ok
10:10:40.0040 5752 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:10:40.0056 5752 WPDBusEnum - ok
10:10:40.0097 5752 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:10:40.0128 5752 ws2ifsl - ok
10:10:40.0174 5752 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
10:10:40.0194 5752 wscsvc - ok
10:10:40.0201 5752 WSearch - ok
10:10:40.0309 5752 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:10:40.0359 5752 wuauserv - ok
10:10:40.0405 5752 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:10:40.0419 5752 WudfPf - ok
10:10:40.0454 5752 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:10:40.0468 5752 WUDFRd - ok
10:10:40.0508 5752 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:10:40.0524 5752 wudfsvc - ok
10:10:40.0578 5752 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:10:40.0599 5752 WwanSvc - ok
10:10:40.0641 5752 [ 19E7C173B6242AD7521E537AE54768BF ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
10:10:40.0652 5752 XAudio - ok
10:10:40.0678 5752 [ CDA0BC78672B50C43649FF34E1FD0FF8 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
10:10:40.0695 5752 XAudioService - ok
10:10:40.0958 5752 [ 1076DF9ADE4E13EA3BF39D2165AEB903 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
10:10:41.0086 5752 ZuneNetworkSvc - ok
10:10:41.0190 5752 [ DE1CDB333A402B279F04D627122FA08E ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
10:10:41.0211 5752 ZuneWlanCfgSvc - ok
10:10:41.0225 5752 ================ Scan global ===============================
10:10:41.0267 5752 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
10:10:41.0323 5752 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
10:10:41.0334 5752 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
10:10:41.0375 5752 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
10:10:41.0401 5752 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
10:10:41.0405 5752 [Global] - ok
10:10:41.0406 5752 ================ Scan MBR ==================================
10:10:41.0418 5752 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:10:41.0627 5752 \Device\Harddisk0\DR0 - ok
10:10:41.0627 5752 ================ Scan VBR ==================================
10:10:41.0633 5752 [ E4C0AB6829413648945C4D0F203B01CB ] \Device\Harddisk0\DR0\Partition1
10:10:41.0635 5752 \Device\Harddisk0\DR0\Partition1 - ok
10:10:41.0653 5752 [ 73B56BA4C45DB55EF559E5A114FFD654 ] \Device\Harddisk0\DR0\Partition2
10:10:41.0655 5752 \Device\Harddisk0\DR0\Partition2 - ok
10:10:41.0655 5752 ================ Scan active images ========================
10:10:41.0660 5752 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
10:10:41.0660 5752 C:\Windows\System32\drivers\crashdmp.sys - ok
10:10:41.0669 5752 [ D0F0D7A97C90FE72A79732812E65F822 ] C:\Windows\System32\drivers\Diskdump.sys
10:10:41.0670 5752 C:\Windows\System32\drivers\Diskdump.sys - ok
10:10:41.0678 5752 [ 4380E59A170D88C4F1022EFF6719A8A4 ] C:\Windows\System32\drivers\nvstor.sys
10:10:41.0678 5752 C:\Windows\System32\drivers\nvstor.sys - ok
10:10:41.0687 5752 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
10:10:41.0687 5752 C:\Windows\System32\drivers\dumpfve.sys - ok
10:10:41.0696 5752 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
10:10:41.0696 5752 C:\Windows\System32\drivers\beep.sys - ok
10:10:41.0705 5752 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
10:10:41.0705 5752 C:\Windows\System32\drivers\cdrom.sys - ok
10:10:41.0714 5752 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
10:10:41.0714 5752 C:\Windows\System32\drivers\null.sys - ok
10:10:41.0722 5752 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
10:10:41.0722 5752 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:10:41.0731 5752 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
10:10:41.0732 5752 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:10:41.0737 5752 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
10:10:41.0737 5752 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:10:41.0746 5752 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
10:10:41.0746 5752 C:\Windows\System32\drivers\vga.sys - ok
10:10:41.0756 5752 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
10:10:41.0756 5752 C:\Windows\System32\drivers\videoprt.sys - ok
10:10:41.0765 5752 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
10:10:41.0765 5752 C:\Windows\System32\drivers\watchdog.sys - ok
10:10:41.0774 5752 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
10:10:41.0774 5752 C:\Windows\System32\drivers\msfs.sys - ok
10:10:41.0783 5752 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
10:10:41.0783 5752 C:\Windows\System32\drivers\npfs.sys - ok
10:10:41.0792 5752 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
10:10:41.0792 5752 C:\Windows\System32\drivers\tdi.sys - ok
10:10:41.0801 5752 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
10:10:41.0801 5752 C:\Windows\System32\drivers\tdx.sys - ok
10:10:41.0810 5752 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
10:10:41.0810 5752 C:\Windows\System32\drivers\netbt.sys - ok
10:10:41.0819 5752 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
10:10:41.0820 5752 C:\Windows\System32\drivers\afd.sys - ok
10:10:41.0828 5752 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
10:10:41.0829 5752 C:\Windows\System32\drivers\ws2ifsl.sys - ok
10:10:41.0839 5752 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
10:10:41.0839 5752 C:\Windows\System32\drivers\wfplwf.sys - ok
10:10:41.0848 5752 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
10:10:41.0848 5752 C:\Windows\System32\drivers\pacer.sys - ok
10:10:41.0857 5752 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
10:10:41.0857 5752 C:\Windows\System32\drivers\netbios.sys - ok
10:10:41.0865 5752 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
10:10:41.0865 5752 C:\Windows\System32\drivers\wanarp.sys - ok
10:10:41.0874 5752 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
10:10:41.0874 5752 C:\Windows\System32\drivers\termdd.sys - ok
10:10:41.0883 5752 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
10:10:41.0883 5752 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:10:41.0893 5752 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
10:10:41.0893 5752 C:\Windows\System32\drivers\rdbss.sys - ok
10:10:41.0902 5752 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
10:10:41.0902 5752 C:\Windows\System32\drivers\discache.sys - ok
10:10:41.0911 5752 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
10:10:41.0911 5752 C:\Windows\System32\drivers\mssmbios.sys - ok
10:10:41.0919 5752 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
10:10:41.0919 5752 C:\Windows\System32\drivers\dfsc.sys - ok
10:10:41.0928 5752 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
10:10:41.0928 5752 C:\Windows\System32\drivers\blbdrive.sys - ok
10:10:41.0937 5752 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
10:10:41.0937 5752 C:\Windows\System32\drivers\tunnel.sys - ok
10:10:41.0946 5752 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] C:\Windows\System32\drivers\amdk8.sys
10:10:41.0946 5752 C:\Windows\System32\drivers\amdk8.sys - ok
10:10:41.0954 5752 [ C172F0D0329E46513B09E1FC60A27B9D ] C:\Windows\System32\drivers\CPQBttn.sys
10:10:41.0954 5752 C:\Windows\System32\drivers\CPQBttn.sys - ok
10:10:41.0964 5752 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
10:10:41.0964 5752 C:\Windows\System32\drivers\hidclass.sys - ok
10:10:41.0972 5752 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
10:10:41.0972 5752 C:\Windows\System32\drivers\hidparse.sys - ok
10:10:41.0982 5752 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
10:10:41.0982 5752 C:\Windows\System32\drivers\wmiacpi.sys - ok
10:10:41.0987 5752 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
10:10:41.0987 5752 C:\Windows\System32\ntdll.dll - ok
10:10:41.0995 5752 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
10:10:41.0995 5752 C:\Windows\System32\smss.exe - ok
10:10:42.0005 5752 [ 34A0A6386256080F52C74076C6157026 ] C:\Windows\System32\drivers\BCMWL6.SYS
10:10:42.0005 5752 C:\Windows\System32\drivers\BCMWL6.SYS - ok
10:10:42.0013 5752 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
10:10:42.0013 5752 C:\Windows\System32\autochk.exe - ok
10:10:42.0024 5752 [ 05B288B25C2EBD9A4E9E5114AE790876 ] C:\Windows\System32\drivers\nvlddmkm.sys
10:10:42.0024 5752 C:\Windows\System32\drivers\nvlddmkm.sys - ok
10:10:42.0035 5752 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
10:10:42.0035 5752 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:10:42.0042 5752 [ D458D1C7F1D49869000668E3C3BB0D4D ] C:\Windows\System32\drivers\dxgmms1.sys
10:10:42.0042 5752 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:10:42.0053 5752 [ ADFDD343B1D3A9E061F17C730F1E83DC ] C:\Windows\System32\drivers\nvsmu.sys
10:10:42.0053 5752 C:\Windows\System32\drivers\nvsmu.sys - ok
10:10:42.0060 5752 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
10:10:42.0061 5752 C:\Windows\System32\drivers\usbehci.sys - ok
10:10:42.0070 5752 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] C:\Windows\System32\drivers\usbohci.sys
10:10:42.0071 5752 C:\Windows\System32\drivers\usbohci.sys - ok
10:10:42.0080 5752 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
10:10:42.0080 5752 C:\Windows\System32\drivers\usbport.sys - ok
10:10:42.0088 5752 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] C:\Windows\System32\drivers\1394ohci.sys
10:10:42.0088 5752 C:\Windows\System32\drivers\1394ohci.sys - ok
10:10:42.0098 5752 [ D85E3FA9F5B1F29BB4ED185C450D1470 ] C:\Windows\System32\drivers\rimmptsk.sys
10:10:42.0098 5752 C:\Windows\System32\drivers\rimmptsk.sys - ok
10:10:42.0106 5752 [ 0328BE1C7F1CBA23848179F8762E391C ] C:\Windows\System32\drivers\sdbus.sys
10:10:42.0106 5752 C:\Windows\System32\drivers\sdbus.sys - ok
10:10:42.0116 5752 [ DB8EB01C58C9FADA00C70B1775278AE0 ] C:\Windows\System32\drivers\rimsptsk.sys
10:10:42.0116 5752 C:\Windows\System32\drivers\rimsptsk.sys - ok
10:10:42.0124 5752 [ 6C1F93C0760C9F79A1869D07233DF39D ] C:\Windows\System32\drivers\rixdptsk.sys
10:10:42.0125 5752 C:\Windows\System32\drivers\rixdptsk.sys - ok
10:10:42.0134 5752 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
10:10:42.0135 5752 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:10:42.0144 5752 [ B5E37E31C053BC9950455A257526514B ] C:\Windows\System32\drivers\nvm62x32.sys
10:10:42.0145 5752 C:\Windows\System32\drivers\nvm62x32.sys - ok
10:10:42.0154 5752 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
10:10:42.0154 5752 C:\Windows\System32\drivers\i8042prt.sys - ok
10:10:42.0163 5752 [ 1210960FF8928950D2A786895B0C424A ] C:\Windows\System32\drivers\HpqKbFiltr.sys
10:10:42.0163 5752 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
10:10:42.0172 5752 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
10:10:42.0172 5752 C:\Windows\System32\drivers\kbdclass.sys - ok
10:10:42.0180 5752 [ F5D926807BD9BC0AF68F9376144DE425 ] C:\Windows\System32\drivers\SynTP.sys
10:10:42.0180 5752 C:\Windows\System32\drivers\SynTP.sys - ok
10:10:42.0189 5752 [ 5787196F32D043572EC6565C0EF1B8E0 ] C:\Windows\System32\drivers\usbd.sys
10:10:42.0189 5752 C:\Windows\System32\drivers\usbd.sys - ok
10:10:42.0197 5752 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
10:10:42.0198 5752 C:\Windows\System32\nsi.dll - ok
10:10:42.0207 5752 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
10:10:42.0207 5752 C:\Windows\System32\psapi.dll - ok
10:10:42.0215 5752 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
10:10:42.0215 5752 C:\Windows\System32\shlwapi.dll - ok
10:10:42.0225 5752 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
10:10:42.0225 5752 C:\Windows\System32\setupapi.dll - ok
10:10:42.0233 5752 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
10:10:42.0233 5752 C:\Windows\System32\comdlg32.dll - ok
10:10:42.0239 5752 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\System32\urlmon.dll
10:10:42.0239 5752 C:\Windows\System32\urlmon.dll - ok
10:10:42.0247 5752 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
10:10:42.0247 5752 C:\Windows\System32\rpcrt4.dll - ok
10:10:42.0257 5752 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
10:10:42.0257 5752 C:\Windows\System32\difxapi.dll - ok
10:10:42.0266 5752 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\System32\wininet.dll
10:10:42.0266 5752 C:\Windows\System32\wininet.dll - ok
10:10:42.0275 5752 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
10:10:42.0275 5752 C:\Windows\System32\ws2_32.dll - ok
10:10:42.0283 5752 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
10:10:42.0283 5752 C:\Windows\System32\imagehlp.dll - ok
10:10:42.0293 5752 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
10:10:42.0293 5752 C:\Windows\System32\sechost.dll - ok
10:10:42.0301 5752 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
10:10:42.0301 5752 C:\Windows\System32\clbcatq.dll - ok
10:10:42.0311 5752 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
10:10:42.0311 5752 C:\Windows\System32\Wldap32.dll - ok
10:10:42.0319 5752 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
10:10:42.0319 5752 C:\Windows\System32\lpk.dll - ok
10:10:42.0329 5752 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
10:10:42.0329 5752 C:\Windows\System32\ole32.dll - ok
10:10:42.0337 5752 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
10:10:42.0337 5752 C:\Windows\System32\shell32.dll - ok
10:10:42.0347 5752 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
10:10:42.0347 5752 C:\Windows\System32\msvcrt.dll - ok
10:10:42.0355 5752 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll
10:10:42.0355 5752 C:\Windows\System32\kernel32.dll - ok
10:10:42.0365 5752 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\System32\iertutil.dll
10:10:42.0365 5752 C:\Windows\System32\iertutil.dll - ok
10:10:42.0373 5752 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
10:10:42.0373 5752 C:\Windows\System32\usp10.dll - ok
10:10:42.0383 5752 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
10:10:42.0383 5752 C:\Windows\System32\oleaut32.dll - ok
10:10:42.0391 5752 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
10:10:42.0392 5752 C:\Windows\System32\imm32.dll - ok
10:10:42.0401 5752 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
10:10:42.0401 5752 C:\Windows\System32\normaliz.dll - ok
10:10:42.0410 5752 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
10:10:42.0410 5752 C:\Windows\System32\user32.dll - ok
10:10:42.0419 5752 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
10:10:42.0419 5752 C:\Windows\System32\advapi32.dll - ok
10:10:42.0427 5752 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
10:10:42.0427 5752 C:\Windows\System32\gdi32.dll - ok
10:10:42.0436 5752 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
10:10:42.0436 5752 C:\Windows\System32\msctf.dll - ok
10:10:42.0445 5752 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll
10:10:42.0445 5752 C:\Windows\System32\KernelBase.dll - ok
10:10:42.0453 5752 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
10:10:42.0453 5752 C:\Windows\System32\comctl32.dll - ok
10:10:42.0463 5752 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
10:10:42.0463 5752 C:\Windows\System32\devobj.dll - ok
10:10:42.0471 5752 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
10:10:42.0471 5752 C:\Windows\System32\cfgmgr32.dll - ok
10:10:42.0481 5752 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
10:10:42.0481 5752 C:\Windows\System32\crypt32.dll - ok
10:10:42.0485 5752 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
10:10:42.0485 5752 C:\Windows\System32\wintrust.dll - ok
10:10:42.0495 5752 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
10:10:42.0495 5752 C:\Windows\System32\msasn1.dll - ok
10:10:42.0504 5752 [ DEA805815E587DAD1DD2C502220B5616 ] C:\Windows\System32\drivers\CmBatt.sys
10:10:42.0504 5752 C:\Windows\System32\drivers\CmBatt.sys - ok
10:10:42.0513 5752 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
10:10:42.0513 5752 C:\Windows\System32\drivers\mouclass.sys - ok
10:10:42.0522 5752 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
10:10:42.0522 5752 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:10:42.0531 5752 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
10:10:42.0531 5752 C:\Windows\System32\drivers\agilevpn.sys - ok
10:10:42.0539 5752 [ F001861E5700EE84E2D4E52C712F4964 ] C:\Windows\System32\drivers\modem.sys
10:10:42.0539 5752 C:\Windows\System32\drivers\modem.sys - ok
10:10:42.0549 5752 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
10:10:42.0549 5752 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:10:42.0557 5752 [ 564297827D213F52C7A3A2FF749568CA ] C:\Windows\System32\drivers\rootmdm.sys
10:10:42.0557 5752 C:\Windows\System32\drivers\rootmdm.sys - ok
10:10:42.0567 5752 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
10:10:42.0567 5752 C:\Windows\System32\drivers\ndistapi.sys - ok
10:10:42.0575 5752 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
10:10:42.0575 5752 C:\Windows\System32\drivers\ndiswan.sys - ok
10:10:42.0585 5752 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
10:10:42.0585 5752 C:\Windows\System32\drivers\raspppoe.sys - ok
10:10:42.0593 5752 [ 69370F2E2827FFBA910D0BFA9E62E484 ] C:\Windows\System32\drivers\appliand.sys
10:10:42.0593 5752 C:\Windows\System32\drivers\appliand.sys - ok
10:10:42.0603 5752 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
10:10:42.0603 5752 C:\Windows\System32\drivers\raspptp.sys - ok
10:10:42.0611 5752 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
10:10:42.0611 5752 C:\Windows\System32\drivers\rassstp.sys - ok
10:10:42.0622 5752 [ 3A5633AD615E2B15291BD0B1B97CCD8A ] C:\Windows\System32\drivers\RimSerial.sys
10:10:42.0622 5752 C:\Windows\System32\drivers\RimSerial.sys - ok
10:10:42.0630 5752 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
10:10:42.0630 5752 C:\Windows\System32\drivers\ks.sys - ok
10:10:42.0640 5752 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
10:10:42.0640 5752 C:\Windows\System32\drivers\swenum.sys - ok
10:10:42.0648 5752 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
10:10:42.0648 5752 C:\Windows\System32\drivers\umbus.sys - ok
10:10:42.0657 5752 [ 9E3CED91863E6EE98C24794D05E27A71 ] C:\Windows\System32\drivers\kbdhid.sys
10:10:42.0657 5752 C:\Windows\System32\drivers\kbdhid.sys - ok
10:10:42.0666 5752 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
10:10:42.0666 5752 C:\Windows\System32\drivers\usbhub.sys - ok
10:10:42.0675 5752 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
10:10:42.0675 5752 C:\Windows\System32\drivers\ndproxy.sys - ok
10:10:42.0683 5752 [ B6E7991E3D6146C04C85CD31AF22A381 ] C:\Windows\System32\drivers\CHDRT32.sys
10:10:42.0683 5752 C:\Windows\System32\drivers\CHDRT32.sys - ok
10:10:42.0693 5752 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
10:10:42.0693 5752 C:\Windows\System32\drivers\drmk.sys - ok
10:10:42.0701 5752 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
10:10:42.0701 5752 C:\Windows\System32\drivers\portcls.sys - ok
10:10:42.0711 5752 [ A44DDF3BA83E4664BF4DE9220097578C ] C:\Windows\System32\drivers\HSXHWAZL.sys
10:10:42.0711 5752 C:\Windows\System32\drivers\HSXHWAZL.sys - ok
10:10:42.0720 5752 [ 1882827F41DEE51C70E24C567C35BFB5 ] C:\Windows\System32\drivers\HSX_DPV.sys
10:10:42.0720 5752 C:\Windows\System32\drivers\HSX_DPV.sys - ok
10:10:42.0729 5752 [ E096FFB754F1E45AE1BDDAC1275AE2C5 ] C:\Windows\System32\drivers\HSX_CNXT.sys
10:10:42.0729 5752 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
10:10:42.0738 5752 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
10:10:42.0738 5752 C:\Windows\System32\drivers\hidusb.sys - ok
10:10:42.0743 5752 [ BD9C55D7023C5DE374507ACC7A14E2AC ] C:\Windows\System32\drivers\usbccgp.sys
10:10:42.0743 5752 C:\Windows\System32\drivers\usbccgp.sys - ok
10:10:42.0753 5752 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
10:10:42.0753 5752 C:\Windows\System32\drivers\mouhid.sys - ok
10:10:42.0761 5752 [ 45B44FC9E5AC0DB02B19D515EE809DE5 ] C:\Windows\System32\drivers\stream.sys
10:10:42.0761 5752 C:\Windows\System32\drivers\stream.sys - ok
10:10:42.0771 5752 [ 866DDC29E885C0390493569FE4269170 ] C:\Windows\System32\drivers\sncduvc.sys
10:10:42.0771 5752 C:\Windows\System32\drivers\sncduvc.sys - ok
10:10:42.0781 5752 [ 59C9B920A1767CB857C5FB2E1E66E7E4 ] C:\Windows\System32\drivers\snp2uvc.sys
10:10:42.0782 5752 C:\Windows\System32\drivers\snp2uvc.sys - ok
10:10:42.0789 5752 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
10:10:42.0790 5752 C:\Windows\System32\drivers\dxapi.sys - ok
10:10:42.0799 5752 [ 46538741E0230731D3635D12DF85A7B5 ] C:\Windows\System32\win32k.sys
10:10:42.0800 5752 C:\Windows\System32\win32k.sys - ok
10:10:42.0807 5752 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
10:10:42.0807 5752 C:\Windows\System32\csrsrv.dll - ok
10:10:42.0820 5752 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
10:10:42.0820 5752 C:\Windows\System32\csrss.exe - ok
10:10:42.0837 5752 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
10:10:42.0838 5752 C:\Windows\System32\basesrv.dll - ok
10:10:42.0846 5752 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\System32\winsrv.dll
10:10:42.0846 5752 C:\Windows\System32\winsrv.dll - ok
10:10:42.0855 5752 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
10:10:42.0855 5752 C:\Windows\System32\drivers\monitor.sys - ok
10:10:42.0863 5752 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
10:10:42.0863 5752 C:\Windows\System32\sxssrv.dll - ok
10:10:42.0874 5752 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
10:10:42.0875 5752 C:\Windows\System32\tsddd.dll - ok
10:10:42.0881 5752 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
10:10:42.0881 5752 C:\Windows\System32\profapi.dll - ok
10:10:42.0891 5752 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
10:10:42.0891 5752 C:\Windows\System32\wininit.exe - ok
10:10:42.0900 5752 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
10:10:42.0900 5752 C:\Windows\System32\cdd.dll - ok
10:10:42.0909 5752 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
10:10:42.0909 5752 C:\Windows\System32\KBDUS.DLL - ok
10:10:42.0917 5752 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
10:10:42.0917 5752 C:\Windows\System32\RpcRtRemote.dll - ok
10:10:42.0927 5752 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
10:10:42.0927 5752 C:\Windows\System32\sxs.dll - ok
10:10:42.0935 5752 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
10:10:42.0935 5752 C:\Windows\System32\WlS0WndH.dll - ok
10:10:42.0944 5752 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
10:10:42.0945 5752 C:\Windows\System32\cryptbase.dll - ok
10:10:42.0953 5752 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
10:10:42.0953 5752 C:\Windows\System32\apphelp.dll - ok
10:10:42.0962 5752 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
10:10:42.0962 5752 C:\Windows\System32\services.exe - ok
10:10:42.0971 5752 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
10:10:42.0971 5752 C:\Windows\System32\lsasrv.dll - ok
10:10:42.0981 5752 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
10:10:42.0981 5752 C:\Windows\System32\lsass.exe - ok
10:10:42.0989 5752 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
10:10:42.0989 5752 C:\Windows\System32\lsm.exe - ok
10:10:42.0994 5752 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
10:10:42.0994 5752 C:\Windows\System32\sspicli.dll - ok
10:10:43.0006 5752 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
10:10:43.0006 5752 C:\Windows\System32\sspisrv.dll - ok
10:10:43.0012 5752 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
10:10:43.0012 5752 C:\Windows\System32\sysntfy.dll - ok
10:10:43.0021 5752 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
10:10:43.0022 5752 C:\Windows\System32\wmsgapi.dll - ok
10:10:43.0030 5752 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
10:10:43.0030 5752 C:\Windows\System32\scesrv.dll - ok
10:10:43.0039 5752 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
10:10:43.0039 5752 C:\Windows\System32\scext.dll - ok
10:10:43.0047 5752 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
10:10:43.0047 5752 C:\Windows\System32\secur32.dll - ok
10:10:43.0057 5752 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
10:10:43.0057 5752 C:\Windows\System32\winlogon.exe - ok
10:10:43.0065 5752 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
10:10:43.0065 5752 C:\Windows\System32\winsta.dll - ok
10:10:43.0075 5752 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
10:10:43.0075 5752 C:\Windows\System32\srvcli.dll - ok
10:10:43.0083 5752 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
10:10:43.0083 5752 C:\Windows\System32\samsrv.dll - ok
10:10:43.0093 5752 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
10:10:43.0093 5752 C:\Windows\System32\cryptdll.dll - ok
10:10:43.0101 5752 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
10:10:43.0101 5752 C:\Windows\System32\wevtapi.dll - ok
10:10:43.0111 5752 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
10:10:43.0111 5752 C:\Windows\System32\authz.dll - ok
10:10:43.0119 5752 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
10:10:43.0119 5752 C:\Windows\System32\cngaudit.dll - ok
10:10:43.0129 5752 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
10:10:43.0129 5752 C:\Windows\System32\bcrypt.dll - ok
10:10:43.0137 5752 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\System32\ncrypt.dll
10:10:43.0137 5752 C:\Windows\System32\ncrypt.dll - ok
10:10:43.0147 5752 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
10:10:43.0147 5752 C:\Windows\System32\msprivs.dll - ok
10:10:43.0155 5752 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
10:10:43.0155 5752 C:\Windows\System32\netjoin.dll - ok
10:10:43.0165 5752 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
10:10:43.0165 5752 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
10:10:43.0173 5752 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
10:10:43.0173 5752 C:\Windows\System32\negoexts.dll - ok
10:10:43.0183 5752 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
10:10:43.0183 5752 C:\Windows\System32\kerberos.dll - ok
10:10:43.0191 5752 [ 5DAF8A6B7F127C4E70A5C1F707347859 ] C:\Windows\System32\atmfd.dll
10:10:43.0191 5752 C:\Windows\System32\atmfd.dll - ok
10:10:43.0201 5752 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
10:10:43.0201 5752 C:\Windows\System32\cryptsp.dll - ok
10:10:43.0209 5752 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
10:10:43.0209 5752 C:\Windows\System32\mswsock.dll - ok
10:10:43.0219 5752 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
10:10:43.0219 5752 C:\Windows\System32\msv1_0.dll - ok
10:10:43.0227 5752 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
10:10:43.0227 5752 C:\Windows\System32\netlogon.dll - ok
10:10:43.0237 5752 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
10:10:43.0237 5752 C:\Windows\System32\wship6.dll - ok
10:10:43.0241 5752 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
10:10:43.0241 5752 C:\Windows\System32\dnsapi.dll - ok
10:10:43.0252 5752 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
10:10:43.0252 5752 C:\Windows\System32\logoncli.dll - ok
10:10:43.0260 5752 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
10:10:43.0260 5752 C:\Windows\System32\schannel.dll - ok
10:10:43.0269 5752 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
10:10:43.0269 5752 C:\Windows\System32\wdigest.dll - ok
10:10:43.0278 5752 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
10:10:43.0278 5752 C:\Windows\System32\pku2u.dll - ok
10:10:43.0287 5752 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
10:10:43.0287 5752 C:\Windows\System32\rsaenh.dll - ok
10:10:43.0295 5752 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
10:10:43.0295 5752 C:\Windows\System32\TSpkg.dll - ok
10:10:43.0305 5752 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
10:10:43.0305 5752 C:\Windows\System32\bcryptprimitives.dll - ok
10:10:43.0313 5752 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
10:10:43.0313 5752 C:\Windows\System32\credssp.dll - ok
10:10:43.0323 5752 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
10:10:43.0323 5752 C:\Windows\System32\efslsaext.dll - ok
10:10:43.0331 5752 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
10:10:43.0331 5752 C:\Windows\System32\scecli.dll - ok
10:10:43.0341 5752 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
10:10:43.0341 5752 C:\Windows\System32\ubpm.dll - ok
10:10:43.0349 5752 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
10:10:43.0349 5752 C:\Windows\System32\SPInf.dll - ok
10:10:43.0358 5752 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
10:10:43.0358 5752 C:\Windows\System32\svchost.exe - ok
10:10:43.0367 5752 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
10:10:43.0367 5752 C:\Windows\System32\umpnpmgr.dll - ok
10:10:43.0377 5752 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
10:10:43.0377 5752 C:\Windows\System32\devrtl.dll - ok
10:10:43.0386 5752 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
10:10:43.0386 5752 C:\Windows\System32\userenv.dll - ok
10:10:43.0395 5752 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
10:10:43.0395 5752 C:\Windows\System32\gpapi.dll - ok
10:10:43.0404 5752 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
10:10:43.0404 5752 C:\Windows\System32\pcwum.dll - ok
10:10:43.0413 5752 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
10:10:43.0413 5752 C:\Windows\System32\umpo.dll - ok
10:10:43.0422 5752 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
10:10:43.0422 5752 C:\Windows\System32\powrprof.dll - ok
10:10:43.0433 5752 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
10:10:43.0433 5752 C:\Windows\System32\drivers\luafv.sys - ok
10:10:43.0441 5752 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
10:10:43.0441 5752 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:10:43.0449 5752 [ E937A615D4289E83E234C3EC26092431 ] C:\Windows\System32\nvvsvc.exe
10:10:43.0449 5752 C:\Windows\System32\nvvsvc.exe - ok
10:10:43.0458 5752 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
10:10:43.0458 5752 C:\Windows\System32\rpcss.dll - ok
10:10:43.0466 5752 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
10:10:43.0467 5752 C:\Windows\System32\RpcEpMap.dll - ok
10:10:43.0475 5752 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
10:10:43.0475 5752 C:\Windows\System32\wshqos.dll - ok
10:10:43.0484 5752 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
10:10:43.0484 5752 C:\Windows\System32\WSHTCPIP.DLL - ok
10:10:43.0493 5752 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:10:43.0493 5752 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:10:43.0499 5752 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:10:43.0499 5752 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:10:43.0508 5752 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
10:10:43.0508 5752 C:\Windows\System32\FirewallAPI.dll - ok
10:10:43.0517 5752 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
10:10:43.0517 5752 C:\Windows\System32\LogonUI.exe - ok
10:10:43.0527 5752 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
10:10:43.0527 5752 C:\Windows\System32\authui.dll - ok
10:10:43.0535 5752 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
10:10:43.0535 5752 C:\Windows\System32\version.dll - ok
10:10:43.0545 5752 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
10:10:43.0545 5752 C:\Windows\System32\wtsapi32.dll - ok
10:10:43.0553 5752 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:10:43.0553 5752 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:10:43.0563 5752 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
10:10:43.0563 5752 C:\Windows\System32\cryptui.dll - ok
10:10:43.0571 5752 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
10:10:43.0571 5752 C:\Windows\System32\ntmarta.dll - ok
10:10:43.0581 5752 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:10:43.0581 5752 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:10:43.0590 5752 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
10:10:43.0590 5752 C:\Windows\System32\shacct.dll - ok
10:10:43.0599 5752 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
10:10:43.0599 5752 C:\Windows\System32\propsys.dll - ok
10:10:43.0607 5752 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
10:10:43.0608 5752 C:\Windows\System32\samlib.dll - ok
10:10:43.0617 5752 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
10:10:43.0617 5752 C:\Windows\System32\uxtheme.dll - ok
10:10:43.0626 5752 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
10:10:43.0626 5752 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
10:10:43.0640 5752 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
10:10:43.0640 5752 C:\Windows\System32\dui70.dll - ok
10:10:43.0645 5752 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:10:43.0646 5752 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:10:43.0655 5752 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
10:10:43.0655 5752 C:\Windows\System32\wevtsvc.dll - ok
10:10:43.0663 5752 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
10:10:43.0663 5752 C:\Windows\System32\duser.dll - ok
10:10:43.0672 5752 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
10:10:43.0672 5752 C:\Windows\System32\SndVolSSO.dll - ok
10:10:43.0680 5752 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:10:43.0681 5752 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:10:43.0690 5752 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
10:10:43.0690 5752 C:\Windows\System32\dwmapi.dll - ok
10:10:43.0698 5752 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\System32\fltLib.dll
10:10:43.0698 5752 C:\Windows\System32\fltLib.dll - ok
10:10:43.0707 5752 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
10:10:43.0708 5752 C:\Windows\System32\hid.dll - ok
10:10:43.0716 5752 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
10:10:43.0716 5752 C:\Windows\System32\MMDevAPI.dll - ok
10:10:43.0726 5752 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
10:10:43.0726 5752 C:\Windows\System32\xmllite.dll - ok
10:10:43.0735 5752 [ 00A0231FCA55C815853B957767E34B02 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
10:10:43.0735 5752 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
10:10:43.0744 5752 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] C:\Windows\System32\drivers\MpFilter.sys
10:10:43.0744 5752 C:\Windows\System32\drivers\MpFilter.sys - ok
10:10:43.0749 5752 [ 2EF4E53ACB0DF0B34091335BB26C2BC2 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
10:10:43.0749 5752 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
10:10:43.0758 5752 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
10:10:43.0758 5752 C:\Windows\System32\WindowsCodecs.dll - ok
10:10:43.0767 5752 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
10:10:43.0767 5752 C:\Windows\System32\adtschema.dll - ok
10:10:43.0776 5752 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
10:10:43.0776 5752 C:\Windows\System32\audiosrv.dll - ok
10:10:43.0785 5752 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
10:10:43.0785 5752 C:\Windows\System32\avrt.dll - ok
10:10:43.0793 5752 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
10:10:43.0793 5752 C:\Windows\System32\mmcss.dll - ok
10:10:43.0802 5752 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
10:10:43.0802 5752 C:\Windows\System32\netprofm.dll - ok
10:10:43.0811 5752 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
10:10:43.0811 5752 C:\Windows\System32\wlansvc.dll - ok
10:10:43.0820 5752 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
10:10:43.0820 5752 C:\Windows\System32\drivers\fltMgr.sys - ok
10:10:43.0829 5752 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:10:43.0829 5752 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:10:43.0838 5752 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
10:10:43.0838 5752 C:\Windows\System32\PSHED.DLL - ok
10:10:43.0846 5752 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
10:10:43.0846 5752 C:\Windows\System32\MPSSVC.dll - ok
10:10:43.0856 5752 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDF3C7B-AF4F-49B4-BB9D-B6727A3D713A}\mpengine.dll
10:10:43.0856 5752 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDF3C7B-AF4F-49B4-BB9D-B6727A3D713A}\mpengine.dll - ok
10:10:43.0865 5752 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
10:10:43.0865 5752 C:\Windows\System32\winbrand.dll - ok
10:10:43.0874 5752 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
10:10:43.0874 5752 C:\Windows\System32\VaultCredProvider.dll - ok
10:10:43.0883 5752 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
10:10:43.0883 5752 C:\Windows\System32\audiodg.exe - ok
10:10:43.0893 5752 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:10:43.0893 5752 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:10:43.0901 5752 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
10:10:43.0901 5752 C:\Windows\System32\gpsvc.dll - ok
10:10:43.0910 5752 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
10:10:43.0911 5752 C:\Windows\System32\winmm.dll - ok
10:10:43.0919 5752 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:10:43.0919 5752 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:10:43.0928 5752 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
10:10:43.0928 5752 C:\Windows\System32\wdmaud.drv - ok
10:10:43.0936 5752 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
10:10:43.0936 5752 C:\Windows\System32\ksuser.dll - ok
10:10:43.0946 5752 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
10:10:43.0946 5752 C:\Windows\System32\BioCredProv.dll - ok
10:10:43.0954 5752 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll
10:10:43.0954 5752 C:\Windows\System32\nlaapi.dll - ok
10:10:43.0964 5752 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
10:10:43.0964 5752 C:\Windows\System32\themeservice.dll - ok
10:10:43.0972 5752 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
10:10:43.0972 5752 C:\Windows\System32\profsvc.dll - ok
10:10:43.0981 5752 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
10:10:43.0981 5752 C:\Windows\System32\credui.dll - ok
10:10:43.0990 5752 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
10:10:43.0990 5752 C:\Windows\System32\winbio.dll - ok
10:10:43.0997 5752 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
10:10:43.0997 5752 C:\Windows\System32\atl.dll - ok
10:10:44.0005 5752 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
10:10:44.0005 5752 C:\Windows\System32\dsrole.dll - ok
10:10:44.0017 5752 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
10:10:44.0017 5752 C:\Windows\System32\slc.dll - ok
10:10:44.0025 5752 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
10:10:44.0025 5752 C:\Windows\System32\es.dll - ok
10:10:44.0034 5752 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
10:10:44.0036 5752 C:\Windows\System32\netapi32.dll - ok
10:10:44.0043 5752 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
10:10:44.0043 5752 C:\Windows\System32\netutils.dll - ok
10:10:44.0052 5752 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
10:10:44.0052 5752 C:\Windows\System32\samcli.dll - ok
10:10:44.0060 5752 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
10:10:44.0061 5752 C:\Windows\System32\vaultcli.dll - ok
10:10:44.0069 5752 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
10:10:44.0069 5752 C:\Windows\System32\wkscli.dll - ok
10:10:44.0078 5752 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
10:10:44.0078 5752 C:\Windows\System32\certCredProvider.dll - ok
10:10:44.0087 5752 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
10:10:44.0087 5752 C:\Windows\System32\comres.dll - ok
10:10:44.0096 5752 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
10:10:44.0096 5752 C:\Windows\System32\Sens.dll - ok
10:10:44.0104 5752 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
10:10:44.0104 5752 C:\Windows\System32\uxsms.dll - ok
10:10:44.0114 5752 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
10:10:44.0114 5752 C:\Windows\System32\WUDFPlatform.dll - ok
10:10:44.0122 5752 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
10:10:44.0122 5752 C:\Windows\System32\WUDFSvc.dll - ok
10:10:44.0132 5752 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
10:10:44.0132 5752 C:\Windows\System32\drivers\lltdio.sys - ok
10:10:44.0144 5752 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
10:10:44.0144 5752 C:\Windows\System32\drivers\nwifi.sys - ok
10:10:44.0151 5752 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
10:10:44.0151 5752 C:\Windows\System32\drivers\ndisuio.sys - ok
10:10:44.0159 5752 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
10:10:44.0159 5752 C:\Windows\System32\drivers\rspndr.sys - ok
10:10:44.0169 5752 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
10:10:44.0169 5752 C:\Windows\System32\rasplap.dll - ok
10:10:44.0177 5752 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
10:10:44.0177 5752 C:\Windows\System32\rasapi32.dll - ok
10:10:44.0187 5752 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
10:10:44.0187 5752 C:\Windows\System32\rasman.dll - ok
10:10:44.0195 5752 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
10:10:44.0195 5752 C:\Windows\System32\rtutils.dll - ok
10:10:44.0205 5752 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
10:10:44.0205 5752 C:\Windows\System32\AudioSes.dll - ok
10:10:44.0213 5752 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
10:10:44.0213 5752 C:\Windows\System32\UXInit.dll - ok
10:10:44.0223 5752 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
10:10:44.0223 5752 C:\Windows\System32\oleacc.dll - ok
10:10:44.0231 5752 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
10:10:44.0231 5752 C:\Windows\System32\UIAutomationCore.dll - ok
10:10:44.0241 5752 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
10:10:44.0241 5752 C:\Windows\System32\IPHLPAPI.DLL - ok
10:10:44.0246 5752 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
10:10:44.0246 5752 C:\Windows\System32\lmhsvc.dll - ok
10:10:44.0255 5752 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
10:10:44.0255 5752 C:\Windows\System32\nsisvc.dll - ok
10:10:44.0263 5752 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
10:10:44.0264 5752 C:\Windows\System32\dhcpcore.dll - ok
10:10:44.0274 5752 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
10:10:44.0274 5752 C:\Windows\System32\nrpsrv.dll - ok
10:10:44.0282 5752 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
10:10:44.0282 5752 C:\Windows\System32\winnsi.dll - ok
10:10:44.0291 5752 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
10:10:44.0291 5752 C:\Windows\System32\dnsrslvr.dll - ok
10:10:44.0299 5752 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
10:10:44.0299 5752 C:\Windows\System32\eapsvc.dll - ok
10:10:44.0309 5752 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
10:10:44.0309 5752 C:\Windows\System32\keyiso.dll - ok
10:10:44.0317 5752 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
10:10:44.0317 5752 C:\Windows\System32\eapphost.dll - ok
10:10:44.0327 5752 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
10:10:44.0327 5752 C:\Windows\System32\FWPUCLNT.DLL - ok
10:10:44.0335 5752 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
10:10:44.0335 5752 C:\Windows\System32\midimap.dll - ok
10:10:44.0345 5752 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
10:10:44.0345 5752 C:\Windows\System32\msacm32.dll - ok
10:10:44.0353 5752 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
10:10:44.0353 5752 C:\Windows\System32\msacm32.drv - ok
10:10:44.0363 5752 [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\System32\dhcpcore6.dll
10:10:44.0363 5752 C:\Windows\System32\dhcpcore6.dll - ok
10:10:44.0371 5752 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
10:10:44.0371 5752 C:\Windows\System32\AudioEng.dll - ok
10:10:44.0381 5752 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
10:10:44.0381 5752 C:\Windows\System32\dnsext.dll - ok
10:10:44.0393 5752 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
10:10:44.0393 5752 C:\Windows\System32\dhcpcsvc.dll - ok
10:10:44.0399 5752 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\System32\dhcpcsvc6.dll
10:10:44.0399 5752 C:\Windows\System32\dhcpcsvc6.dll - ok
10:10:44.0407 5752 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
10:10:44.0407 5752 C:\Windows\System32\umb.dll - ok
10:10:44.0417 5752 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
10:10:44.0417 5752 C:\Windows\System32\wlanmsm.dll - ok
10:10:44.0425 5752 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
10:10:44.0425 5752 C:\Windows\System32\imageres.dll - ok
10:10:44.0435 5752 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
10:10:44.0435 5752 C:\Windows\System32\wlansec.dll - ok
10:10:44.0443 5752 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
10:10:44.0443 5752 C:\Windows\System32\AUDIOKSE.dll - ok
10:10:44.0453 5752 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
10:10:44.0453 5752 C:\Windows\System32\onex.dll - ok
10:10:44.0461 5752 [ B9B4AEFBDD1B105A39312914C6F7F0A5 ] C:\Windows\System32\CnxtAp32.dll
10:10:44.0461 5752 C:\Windows\System32\CnxtAp32.dll - ok
10:10:44.0470 5752 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
10:10:44.0471 5752 C:\Windows\System32\eappcfg.dll - ok
10:10:44.0479 5752 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
10:10:44.0479 5752 C:\Windows\System32\eappprxy.dll - ok
10:10:44.0488 5752 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
10:10:44.0489 5752 C:\Windows\System32\l2gpstore.dll - ok
10:10:44.0497 5752 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
10:10:44.0497 5752 C:\Windows\System32\wlgpclnt.dll - ok
10:10:44.0502 5752 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
10:10:44.0502 5752 C:\Windows\System32\WinSCard.dll - ok
10:10:44.0511 5752 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
10:10:44.0512 5752 C:\Windows\System32\wlanutil.dll - ok
10:10:44.0520 5752 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\System32\msxml6.dll
10:10:44.0520 5752 C:\Windows\System32\msxml6.dll - ok
10:10:44.0530 5752 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
10:10:44.0530 5752 C:\Windows\System32\shsvcs.dll - ok
10:10:44.0538 5752 [ 6F44F5C0BC6B210FE5F5A1C8D899AD0A ] C:\Windows\System32\wlanext.exe
10:10:44.0538 5752 C:\Windows\System32\wlanext.exe - ok
10:10:44.0547 5752 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe
10:10:44.0547 5752 C:\Windows\System32\conhost.exe - ok
10:10:44.0556 5752 [ F9AD9703CF0F9B8BC0924C21D220777E ] C:\Windows\System32\bcmihvsrv.dll
10:10:44.0556 5752 C:\Windows\System32\bcmihvsrv.dll - ok
10:10:44.0565 5752 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
10:10:44.0565 5752 C:\Windows\System32\schedsvc.dll - ok
10:10:44.0574 5752 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
10:10:44.0574 5752 C:\Windows\System32\ktmw32.dll - ok
10:10:44.0583 5752 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
10:10:44.0583 5752 C:\Windows\System32\fveapi.dll - ok
10:10:44.0591 5752 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
10:10:44.0591 5752 C:\Windows\System32\fvecerts.dll - ok
10:10:44.0601 5752 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
10:10:44.0601 5752 C:\Windows\System32\tbs.dll - ok
10:10:44.0609 5752 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
10:10:44.0609 5752 C:\Windows\System32\taskcomp.dll - ok
10:10:44.0619 5752 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
10:10:44.0619 5752 C:\Windows\System32\wiarpc.dll - ok
10:10:44.0628 5752 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
10:10:44.0628 5752 C:\Windows\System32\drivers\http.sys - ok
10:10:44.0637 5752 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
10:10:44.0637 5752 C:\Windows\System32\spoolsv.exe - ok
10:10:44.0645 5752 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
10:10:44.0645 5752 C:\Windows\System32\BFE.DLL - ok
10:10:44.0655 5752 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
10:10:44.0655 5752 C:\Windows\System32\rundll32.exe - ok
10:10:44.0663 5752 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
10:10:44.0663 5752 C:\Windows\AppPatch\AcLayers.dll - ok
10:10:44.0673 5752 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF ] C:\Windows\System32\WMALFXGFXDSP.dll
10:10:44.0673 5752 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:10:44.0682 5752 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
10:10:44.0682 5752 C:\Windows\System32\drivers\bowser.sys - ok
10:10:44.0691 5752 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
10:10:44.0691 5752 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:10:44.0700 5752 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
10:10:44.0700 5752 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:10:44.0709 5752 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
10:10:44.0709 5752 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:10:44.0718 5752 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
10:10:44.0718 5752 C:\Windows\System32\wfapigp.dll - ok
10:10:44.0727 5752 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
10:10:44.0727 5752 C:\Windows\System32\mscms.dll - ok
10:10:44.0736 5752 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
10:10:44.0736 5752 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:10:44.0748 5752 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
10:10:44.0748 5752 C:\Windows\System32\wkssvc.dll - ok
10:10:44.0750 5752 [ C0E25BB0E6A159D332048AFAA2ED24CE ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
10:10:44.0750 5752 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe - ok
10:10:44.0760 5752 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
10:10:44.0760 5752 C:\Windows\System32\drivers\parport.sys - ok
10:10:44.0768 5752 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
10:10:44.0768 5752 C:\Windows\System32\winspool.drv - ok
10:10:44.0777 5752 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
10:10:44.0777 5752 C:\Windows\System32\mpr.dll - ok
10:10:44.0785 5752 [ E1C7327C61B749248FBF1414F6515E4C ] C:\Windows\System32\nvsvc.dll
10:10:44.0785 5752 C:\Windows\System32\nvsvc.dll - ok
10:10:44.0795 5752 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
10:10:44.0795 5752 C:\Windows\System32\pcasvc.dll - ok
10:10:44.0803 5752 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\System32\msvcp71.dll
10:10:44.0803 5752 C:\Windows\System32\msvcp71.dll - ok
10:10:44.0813 5752 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
10:10:44.0813 5752 C:\Windows\System32\wsock32.dll - ok
10:10:44.0821 5752 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
10:10:44.0821 5752 C:\Windows\System32\snmptrap.exe - ok
10:10:44.0831 5752 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdcBase.exe
10:10:44.0831 5752 C:\Windows\WindowsMobile\wmdcBase.exe - ok
10:10:44.0839 5752 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\System32\msvcr71.dll
10:10:44.0839 5752 C:\Windows\System32\msvcr71.dll - ok
10:10:44.0849 5752 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
10:10:44.0849 5752 C:\Windows\System32\msimg32.dll - ok
10:10:44.0857 5752 [ 35DDF72BA8CD43F65DFF85269774594F ] C:\Windows\System32\nvapi.dll
10:10:44.0857 5752 C:\Windows\System32\nvapi.dll - ok
10:10:44.0866 5752 [ B8CD57C8AAED177BFC12FBF03F5A1BE6 ] C:\Windows\System32\nvsvcr.dll
10:10:44.0866 5752 C:\Windows\System32\nvsvcr.dll - ok
10:10:44.0875 5752 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
10:10:44.0875 5752 C:\Windows\System32\wlanapi.dll - ok
10:10:44.0885 5752 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
10:10:44.0885 5752 C:\Windows\System32\mfplat.dll - ok
10:10:44.0893 5752 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
10:10:44.0893 5752 C:\Windows\System32\shfolder.dll - ok
10:10:44.0903 5752 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
10:10:44.0903 5752 C:\Windows\System32\cryptsvc.dll - ok
10:10:44.0911 5752 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
10:10:44.0911 5752 C:\Windows\System32\cryptnet.dll - ok
10:10:44.0921 5752 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
10:10:44.0921 5752 C:\Windows\System32\vssapi.dll - ok
10:10:44.0929 5752 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
10:10:44.0929 5752 C:\Windows\System32\netcfgx.dll - ok
10:10:44.0939 5752 [ 167725F44C8D2C1F9A86E16FFA60F311 ] C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
10:10:44.0939 5752 C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe - ok
10:10:44.0947 5752 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
10:10:44.0947 5752 C:\Windows\System32\dps.dll - ok
10:10:44.0957 5752 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
10:10:44.0957 5752 C:\Windows\System32\taskschd.dll - ok
10:10:44.0966 5752 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
10:10:44.0966 5752 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
10:10:44.0975 5752 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
10:10:44.0975 5752 C:\Windows\System32\vsstrace.dll - ok
10:10:44.0983 5752 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll
10:10:44.0983 5752 C:\Windows\System32\efssvc.dll - ok
10:10:44.0993 5752 [ 3F6D9269E7B3A754B1C2F8533DC7F318 ] C:\Windows\System32\efscore.dll
10:10:44.0993 5752 C:\Windows\System32\efscore.dll - ok
10:10:45.0001 5752 [ 359C3AC547AA1D24EED35BE3AB3759DC ] C:\Windows\System32\efsutil.dll
10:10:45.0001 5752 C:\Windows\System32\efsutil.dll - ok
10:10:45.0006 5752 [ A732F4F25B83B053D2DA98A8279DBDBE ] C:\Program Files\Easy-Hide-IP\rdr\EasyTechCertInstaller.dll
10:10:45.0007 5752 C:\Program Files\Easy-Hide-IP\rdr\EasyTechCertInstaller.dll - ok
10:10:45.0016 5752 [ 431DC7477AF22A00DF62DE20233EBAAA ] C:\Program Files\Easy-Hide-IP\rdr\libnspr4.dll
10:10:45.0016 5752 C:\Program Files\Easy-Hide-IP\rdr\libnspr4.dll - ok
10:10:45.0025 5752 [ 6A5120FF0556B4F278A602BF06A2C954 ] C:\Program Files\Easy-Hide-IP\rdr\nss3.dll
10:10:45.0025 5752 C:\Program Files\Easy-Hide-IP\rdr\nss3.dll - ok
10:10:45.0034 5752 [ 7ABC08559D72A067EDD6636948C7E5DB ] C:\Program Files\Easy-Hide-IP\rdr\libplc4.dll
10:10:45.0034 5752 C:\Program Files\Easy-Hide-IP\rdr\libplc4.dll - ok
10:10:45.0042 5752 [ 61C742F32FD1B1D3B47B5FAD2D712C84 ] C:\Program Files\Easy-Hide-IP\rdr\libplds4.dll
10:10:45.0042 5752 C:\Program Files\Easy-Hide-IP\rdr\libplds4.dll - ok
10:10:45.0052 5752 [ 5E70600F53DA5AFACC7C59D9F845D6F4 ] C:\Program Files\Easy-Hide-IP\rdr\nssutil3.dll
10:10:45.0052 5752 C:\Program Files\Easy-Hide-IP\rdr\nssutil3.dll - ok
10:10:45.0060 5752 [ 755F6E1287B9CFA1F88099BCE0BCC4CC ] C:\Program Files\Easy-Hide-IP\rdr\smime3.dll
10:10:45.0060 5752 C:\Program Files\Easy-Hide-IP\rdr\smime3.dll - ok
10:10:45.0069 5752 [ 4014AED993BA738FCAB08827C5B5A17F ] C:\Program Files\Easy-Hide-IP\rdr\softokn3.dll
10:10:45.0069 5752 C:\Program Files\Easy-Hide-IP\rdr\softokn3.dll - ok
10:10:45.0078 5752 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
10:10:45.0078 5752 C:\Windows\System32\FDResPub.dll - ok
10:10:45.0088 5752 [ C837D17DE0B349539AA527EE750EBE2A ] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
10:10:45.0088 5752 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe - ok
10:10:45.0096 5752 [ 94B0049B76B517E0ACCCD03ABCAA7B08 ] C:\Program Files\Easy-Hide-IP\rdr\sqlite3.dll
10:10:45.0096 5752 C:\Program Files\Easy-Hide-IP\rdr\sqlite3.dll - ok
10:10:45.0105 5752 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
10:10:45.0105 5752 C:\Windows\System32\IKEEXT.DLL - ok
10:10:45.0114 5752 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
10:10:45.0114 5752 C:\Windows\System32\WSDApi.dll - ok
10:10:45.0126 5752 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
10:10:45.0126 5752 C:\Windows\System32\webservices.dll - ok
10:10:45.0132 5752 [ EE621D24B5E22073124F13F8E9A59245 ] C:\Program Files\Zune\ZuneResources.dll
10:10:45.0132 5752 C:\Program Files\Zune\ZuneResources.dll - ok
10:10:45.0141 5752 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
10:10:45.0141 5752 C:\Windows\System32\fundisc.dll - ok
10:10:45.0150 5752 [ D17C6FB99411950C838155934B25C6A9 ] C:\Program Files\Easy-Hide-IP\rdr\nssdbm3.dll
10:10:45.0150 5752 C:\Program Files\Easy-Hide-IP\rdr\nssdbm3.dll - ok
10:10:45.0159 5752 [ 3B47B842E8A17C994A6B252D7A794F57 ] C:\Program Files\Easy-Hide-IP\rdr\freebl3.dll
10:10:45.0159 5752 C:\Program Files\Easy-Hide-IP\rdr\freebl3.dll - ok
10:10:45.0168 5752 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
10:10:45.0168 5752 C:\Windows\System32\drivers\mdmxsdk.sys - ok
10:10:45.0178 5752 [ 796C23FC03D1C84F6911820671B89A6E ] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll
10:10:45.0178 5752 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll - ok
10:10:45.0186 5752 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
10:10:45.0186 5752 C:\Windows\System32\vpnikeapi.dll - ok
10:10:45.0196 5752 [ 32164A8EA988074AB646AD25EB6BD986 ] C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe
10:10:45.0196 5752 C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe - ok
10:10:45.0205 5752 [ F368B9DD3C6F1F2DA8CE84DD47A34D19 ] C:\Program Files\Easy-Hide-IP\rdr\nssckbi.dll
10:10:45.0205 5752 C:\Program Files\Easy-Hide-IP\rdr\nssckbi.dll - ok
10:10:45.0213 5752 [ 8903AEBC4998758F86458B3C96920228 ] C:\Windows\System32\nvcpl.dll
10:10:45.0214 5752 C:\Windows\System32\nvcpl.dll - ok
10:10:45.0222 5752 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:10:45.0222 5752 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:10:45.0232 5752 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:10:45.0232 5752 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:10:45.0240 5752 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
10:10:45.0240 5752 C:\Windows\System32\dllhost.exe - ok
10:10:45.0250 5752 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
10:10:45.0250 5752 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
10:10:45.0255 5752 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
10:10:45.0255 5752 C:\Windows\System32\IDStore.dll - ok
10:10:45.0265 5752 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
10:10:45.0265 5752 C:\Windows\System32\AtBroker.exe - ok
10:10:45.0274 5752 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
10:10:45.0274 5752 C:\Windows\System32\rasadhlp.dll - ok
10:10:45.0283 5752 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
10:10:45.0283 5752 C:\Windows\System32\userinit.exe - ok
10:10:45.0292 5752 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
10:10:45.0292 5752 C:\Windows\System32\dwm.exe - ok
10:10:45.0301 5752 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
10:10:45.0301 5752 C:\Windows\System32\dwmredir.dll - ok
10:10:45.0310 5752 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
10:10:45.0310 5752 C:\Windows\System32\localspl.dll - ok
10:10:45.0319 5752 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
10:10:45.0319 5752 C:\Windows\System32\provsvc.dll - ok
10:10:45.0328 5752 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
10:10:45.0328 5752 C:\Windows\System32\sstpsvc.dll - ok
10:10:45.0338 5752 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
10:10:45.0338 5752 C:\Windows\System32\winhttp.dll - ok
10:10:45.0346 5752 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
10:10:45.0346 5752 C:\Windows\System32\webio.dll - ok
10:10:45.0355 5752 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
10:10:45.0355 5752 C:\Windows\System32\spoolss.dll - ok
10:10:45.0364 5752 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
10:10:45.0364 5752 C:\Windows\System32\taskeng.exe - ok
10:10:45.0374 5752 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
10:10:45.0374 5752 C:\Windows\System32\PrintIsolationProxy.dll - ok
10:10:45.0383 5752 [ DD4B9D9318C885B8E4417DF92385AAF0 ] C:\Windows\System32\dopdfmn6.dll
10:10:45.0383 5752 C:\Windows\System32\dopdfmn6.dll - ok
10:10:45.0392 5752 [ 85DB1F2930092384B063F0260F98CC20 ] C:\Windows\System32\EK6800LM.dll
10:10:45.0392 5752 C:\Windows\System32\EK6800LM.dll - ok
10:10:45.0400 5752 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
10:10:45.0400 5752 C:\Windows\System32\httpapi.dll - ok
10:10:45.0409 5752 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
10:10:45.0409 5752 C:\Windows\System32\FXSMON.dll - ok
10:10:45.0417 5752 [ BE3CD116130174657EAD2731AB3DAA5D ] C:\Windows\System32\hpz3l5ha.dll
10:10:45.0417 5752 C:\Windows\System32\hpz3l5ha.dll - ok
10:10:45.0427 5752 [ 57E1296348EC85D875984FE9C9F035EB ] C:\Windows\System32\HPZ3LLHN.DLL
10:10:45.0427 5752 C:\Windows\System32\HPZ3LLHN.DLL - ok
10:10:45.0435 5752 [ 67E8EAB350DF314A3F367F9BDB4CE508 ] C:\Windows\System32\hpzll4pi.dll
10:10:45.0435 5752 C:\Windows\System32\hpzll4pi.dll - ok
10:10:45.0445 5752 [ E09C3B0E740E099F1D6D072AAA2197B2 ] C:\Windows\System32\HPZLLLHN.DLL
10:10:45.0445 5752 C:\Windows\System32\HPZLLLHN.DLL - ok
10:10:45.0453 5752 [ 5C112CB49B85449C418814BDFD537379 ] C:\Windows\System32\Primomonnt.dll
10:10:45.0453 5752 C:\Windows\System32\Primomonnt.dll - ok
10:10:45.0463 5752 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
10:10:45.0463 5752 C:\Windows\System32\msonpmon.dll - ok
10:10:45.0472 5752 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:10:45.0472 5752 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:10:45.0481 5752 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
10:10:45.0481 5752 C:\Windows\System32\TSChannel.dll - ok
10:10:45.0489 5752 [ 7FA8BA5A780E4757964AC9D4238302B9 ] C:\Windows\System32\taskhost.exe
10:10:45.0490 5752 C:\Windows\System32\taskhost.exe - ok
10:10:45.0503 5752 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
10:10:45.0503 5752 C:\Windows\System32\PlaySndSrv.dll - ok
10:10:45.0508 5752 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
10:10:45.0508 5752 C:\Windows\System32\MsCtfMonitor.dll - ok
10:10:45.0513 5752 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
10:10:45.0513 5752 C:\Windows\System32\msutb.dll - ok
10:10:45.0523 5752 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
10:10:45.0523 5752 C:\Windows\System32\HotStartUserAgent.dll - ok
10:10:45.0534 5752 [ ED2DD63D5BAB83DDD03A66B7FE65B9FD ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe
10:10:45.0534 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe - ok
10:10:45.0541 5752 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
10:10:45.0541 5752 C:\Windows\System32\dwmcore.dll - ok
10:10:45.0552 5752 [ CA461A203EF40A98C1C23DE3CBEE68B2 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
10:10:45.0552 5752 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
10:10:45.0560 5752 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
10:10:45.0560 5752 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
10:10:45.0569 5752 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
10:10:45.0570 5752 C:\Windows\System32\cabinet.dll - ok
10:10:45.0578 5752 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
10:10:45.0578 5752 C:\Windows\System32\wscapi.dll - ok
10:10:45.0587 5752 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
10:10:45.0587 5752 C:\Windows\System32\p2pcollab.dll - ok
10:10:45.0596 5752 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
10:10:45.0596 5752 C:\Windows\System32\QAGENTRT.DLL - ok
10:10:45.0604 5752 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
10:10:45.0604 5752 C:\Windows\System32\fveui.dll - ok
10:10:45.0613 5752 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
10:10:45.0613 5752 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
10:10:45.0625 5752 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\System32\slwga.dll
10:10:45.0625 5752 C:\Windows\System32\slwga.dll - ok
10:10:45.0632 5752 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\System32\sppc.dll
10:10:45.0632 5752 C:\Windows\System32\sppc.dll - ok
10:10:45.0641 5752 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:10:45.0641 5752 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:10:45.0651 5752 [ 0A305582DE32DF1DC21FD753F134A30D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlos.dll
10:10:45.0651 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlos.dll - ok
10:10:45.0659 5752 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\System32\pdh.dll
10:10:45.0659 5752 C:\Windows\System32\pdh.dll - ok
10:10:45.0669 5752 [ C94E5F32FA838E1C47A9D4C7D3220757 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\opends60.dll
10:10:45.0669 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\opends60.dll - ok
10:10:45.0680 5752 [ 359B367DD3421B6A1BC0E3D3D6E04ED2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\batchparser.dll
10:10:45.0680 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\batchparser.dll - ok
10:10:45.0688 5752 [ CD1425FF218A4724166F08B9BB72E733 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
10:10:45.0688 5752 C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
10:10:45.0698 5752 [ 93887F5BA0FA8F12C2F3231869F6AE0C ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlboot.dll
10:10:45.0698 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlboot.dll - ok
10:10:45.0708 5752 [ E00696D78AF663C523D3483410C66F21 ] C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe
10:10:45.0708 5752 C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe - ok
10:10:45.0718 5752 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
10:10:45.0719 5752 C:\Windows\System32\netman.dll - ok
10:10:45.0726 5752 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll
10:10:45.0726 5752 C:\Windows\System32\nlasvc.dll - ok
10:10:45.0736 5752 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll
10:10:45.0736 5752 C:\Windows\System32\ncsi.dll - ok
10:10:45.0748 5752 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
10:10:45.0748 5752 C:\Windows\System32\ssdpapi.dll - ok
10:10:45.0755 5752 [ 8D0E27C601B60F5B8CB8E519A32034EC ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\Resources\1033\sqlevn70.rll
10:10:45.0755 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
10:10:45.0761 5752 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
10:10:45.0761 5752 C:\Windows\System32\cscapi.dll - ok
10:10:45.0770 5752 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
10:10:45.0770 5752 C:\Windows\explorer.exe - ok
10:10:45.0779 5752 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
10:10:45.0779 5752 C:\Windows\System32\msi.dll - ok
10:10:45.0787 5752 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
10:10:45.0787 5752 C:\Windows\System32\browcli.dll - ok
10:10:45.0796 5752 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
10:10:45.0796 5752 C:\Windows\System32\mscoree.dll - ok
10:10:45.0805 5752 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:10:45.0805 5752 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:10:45.0814 5752 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
10:10:45.0814 5752 C:\Windows\System32\security.dll - ok
10:10:45.0823 5752 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
10:10:45.0823 5752 C:\Windows\System32\dssenh.dll - ok
10:10:45.0832 5752 [ 3F5A4EA1043701FFAFBE3EF8EF1D50AD ] C:\Windows\System32\nvd3dum.dll
10:10:45.0832 5752 C:\Windows\System32\nvd3dum.dll - ok
10:10:45.0840 5752 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
10:10:45.0840 5752 C:\Windows\System32\drivers\PEAuth.sys - ok
10:10:45.0849 5752 [ BA396D1C71934E22679D3F4DAC17E7AB ] C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe
10:10:45.0849 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
10:10:45.0858 5752 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\System32\regsvr32.exe
10:10:45.0858 5752 C:\Windows\System32\regsvr32.exe - ok
10:10:45.0867 5752 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
10:10:45.0867 5752 C:\Windows\AppPatch\AcGenral.dll - ok
10:10:45.0876 5752 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\System32\d3d10_1.dll
10:10:45.0876 5752 C:\Windows\System32\d3d10_1.dll - ok
10:10:45.0885 5752 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
10:10:45.0886 5752 C:\Windows\System32\d3d10_1core.dll - ok
10:10:45.0894 5752 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
10:10:45.0894 5752 C:\Windows\System32\sfc.dll - ok
10:10:45.0903 5752 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
10:10:45.0903 5752 C:\Windows\System32\sfc_os.dll - ok
10:10:45.0911 5752 [ 1E9E0B25D4A22E3F9F4A391ECC5940B0 ] C:\Program Files\Hp\QuickPlay\REGX.dll
10:10:45.0911 5752 C:\Program Files\Hp\QuickPlay\REGX.dll - ok
10:10:45.0921 5752 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Hp\QuickPlay\msvcp71.dll
10:10:45.0921 5752 C:\Program Files\Hp\QuickPlay\msvcp71.dll - ok
10:10:45.0929 5752 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Hp\QuickPlay\msvcr71.dll
10:10:45.0929 5752 C:\Program Files\Hp\QuickPlay\msvcr71.dll - ok
10:10:45.0939 5752 [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\regedit.exe
10:10:45.0939 5752 C:\Windows\regedit.exe - ok
10:10:45.0947 5752 [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\System32\aclui.dll
10:10:45.0947 5752 C:\Windows\System32\aclui.dll - ok
10:10:45.0956 5752 [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\System32\clb.dll
10:10:45.0957 5752 C:\Windows\System32\clb.dll - ok
10:10:45.0965 5752 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
10:10:45.0965 5752 C:\Windows\System32\ntdsapi.dll - ok
10:10:45.0974 5752 [ F93C84B307573327779AE0DA41115957 ] C:\Windows\System32\ulib.dll
10:10:45.0976 5752 C:\Windows\System32\ulib.dll - ok
10:10:45.0984 5752 [ 039749D6F5ED86E9A567FD9812A55F0B ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlscriptupgrade.dll
10:10:45.0984 5752 C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlscriptupgrade.dll - ok
10:10:45.0992 5752 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
10:10:45.0993 5752 C:\Windows\System32\dxgi.dll - ok
10:10:46.0002 5752 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
10:10:46.0002 5752 C:\Windows\System32\snmpapi.dll - ok
10:10:46.0013 5752 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
10:10:46.0013 5752 C:\Windows\System32\tcpmon.dll - ok
10:10:46.0021 5752 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
10:10:46.0022 5752 C:\Windows\System32\wsnmp32.dll - ok
10:10:46.0031 5752 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
10:10:46.0033 5752 C:\Windows\System32\usbmon.dll - ok
10:10:46.0040 5752 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
10:10:46.0040 5752 C:\Windows\System32\WSDMon.dll - ok
10:10:46.0048 5752 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
10:10:46.0048 5752 C:\Windows\System32\fdPnp.dll - ok
10:10:46.0057 5752 [ 9B8DDEEDB31EDD8042D3B337B47D0409 ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4pi.dll
10:10:46.0057 5752 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4pi.dll - ok
10:10:46.0066 5752 [ 75BF87E542C1368DBD6768AE6E6ED507 ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
10:10:46.0066 5752 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
10:10:46.0076 5752 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
10:10:46.0076 5752 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
10:10:46.0084 5752 [ 3680ABB532D049AC1A1E3A17A302E0C4 ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
10:10:46.0084 5752 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
10:10:46.0094 5752 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
10:10:46.0094 5752 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
10:10:46.0102 5752 [ BE3953C7DAE4ECC89134CF64A903F8ED ] C:\Windows\System32\win32spl.dll
10:10:46.0102 5752 C:\Windows\System32\win32spl.dll - ok
10:10:46.0111 5752 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
10:10:46.0111 5752 C:\Windows\System32\inetpp.dll - ok
10:10:46.0119 5752 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
10:10:46.0119 5752 C:\Windows\System32\NapiNSP.dll - ok
10:10:46.0129 5752 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
10:10:46.0129 5752 C:\Windows\System32\pnrpnsp.dll - ok
10:10:46.0141 5752 [ 32F4D839CA942236F933A78C3DC404F9 ] C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll
10:10:46.0141 5752 C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll - ok
10:10:46.0148 5752 [ BA54A966F873B043FDFCDA0B77937855 ] C:\Windows\System32\mgmtapi.dll
10:10:46.0148 5752 C:\Windows\System32\mgmtapi.dll - ok
10:10:46.0156 5752 [ 03F364F70669D6CCDFBB648C735A1CC1 ] C:\Windows\System32\tcpmib.dll
10:10:46.0156 5752 C:\Windows\System32\tcpmib.dll - ok
10:10:46.0165 5752 [ FC70115B86B7BC41467BE7A5696C44C5 ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL
10:10:46.0166 5752 C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL - ok
10:10:46.0174 5752 [ 04BAD53D4A66732CACF2890D36B5D47F ] C:\Windows\System32\spool\drivers\w32x86\3\hpzui5ha.dll
10:10:46.0174 5752 C:\Windows\System32\spool\drivers\w32x86\3\hpzui5ha.dll - ok
10:10:46.0183 5752 [ 89F5770AD1E9D9CEF93D00303135EC33 ] C:\Windows\System32\ntprint.dll
10:10:46.0183 5752 C:\Windows\System32\ntprint.dll - ok
10:10:46.0192 5752 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
10:10:46.0192 5752 C:\Windows\System32\drivers\secdrv.sys - ok
10:10:46.0201 5752 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
10:10:46.0201 5752 C:\Windows\System32\seclogon.dll - ok
10:10:46.0210 5752 [ 626494680788118CFBEBDEDCCB13596A ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll
10:10:46.0210 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
10:10:46.0219 5752 [ 7D67C07C63796775CC5492BCFEAFF125 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:10:46.0219 5752 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
10:10:46.0228 5752 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
10:10:46.0228 5752 C:\Windows\System32\mfc42.dll - ok
10:10:46.0237 5752 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
10:10:46.0237 5752 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
10:10:46.0246 5752 [ D2905C9384D16E814C38B8C50BAE0CBF ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
10:10:46.0246 5752 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
10:10:46.0255 5752 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
10:10:46.0256 5752 C:\Windows\System32\drivers\srvnet.sys - ok
10:10:46.0264 5752 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
10:10:46.0265 5752 C:\Windows\System32\ssdpsrv.dll - ok
10:10:46.0270 5752 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys
10:10:46.0270 5752 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:10:46.0279 5752 [ CDA0BC78672B50C43649FF34E1FD0FF8 ] C:\Windows\System32\drivers\XAudio.exe
10:10:46.0279 5752 C:\Windows\System32\drivers\XAudio.exe - ok
10:10:46.0288 5752 [ 19E7C173B6242AD7521E537AE54768BF ] C:\Windows\System32\drivers\XAudio.sys
10:10:46.0288 5752 C:\Windows\System32\drivers\XAudio.sys - ok
10:10:46.0296 5752 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
10:10:46.0296 5752 C:\Windows\System32\sysmain.dll - ok
10:10:46.0305 5752 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
10:10:46.0305 5752 C:\Windows\System32\tapisrv.dll - ok
10:10:46.0314 5752 [ 55187FD710E27D5095D10A472C8BAF1C ] C:\Windows\System32\w32time.dll
10:10:46.0314 5752 C:\Windows\System32\w32time.dll - ok
10:10:46.0323 5752 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
10:10:46.0323 5752 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:10:46.0331 5752 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
10:10:46.0331 5752 C:\Windows\System32\wiaservc.dll - ok
10:10:46.0341 5752 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
10:10:46.0341 5752 C:\Windows\System32\ExplorerFrame.dll - ok
10:10:46.0349 5752 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
10:10:46.0349 5752 C:\Windows\System32\odbc32.dll - ok
10:10:46.0359 5752 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
10:10:46.0359 5752 C:\Windows\System32\trkwks.dll - ok
10:10:46.0367 5752 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
10:10:46.0367 5752 C:\Windows\System32\wbemcomn.dll - ok
10:10:46.0377 5752 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
10:10:46.0377 5752 C:\Windows\System32\winrnr.dll - ok
10:10:46.0388 5752 [ 54AF46DC37E63E1E85EB619033953309 ] C:\Windows\System32\d3d10level9.dll
10:10:46.0388 5752 C:\Windows\System32\d3d10level9.dll - ok
10:10:46.0395 5752 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
10:10:46.0395 5752 C:\Windows\System32\wiatrace.dll - ok
10:10:46.0403 5752 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
10:10:46.0403 5752 C:\Windows\System32\drivers\srv2.sys - ok
10:10:46.0413 5752 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:10:46.0413 5752 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:10:46.0421 5752 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
10:10:46.0421 5752 C:\Windows\System32\drivers\srv.sys - ok
10:10:46.0431 5752 [ B02A99F527ACA02B3F2711FC29A95935 ] C:\Windows\System32\AcSignIcon.dll
10:10:46.0431 5752 C:\Windows\System32\AcSignIcon.dll - ok
10:10:46.0439 5752 [ 765A886E3E0557E5A66D95BCFBD0F3AC ] C:\Windows\System32\compstui.dll
10:10:46.0439 5752 C:\Windows\System32\compstui.dll - ok
10:10:46.0450 5752 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\System32\msvcp60.dll
10:10:46.0450 5752 C:\Windows\System32\msvcp60.dll - ok
10:10:46.0457 5752 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
10:10:46.0457 5752 C:\Windows\System32\rasmans.dll - ok
10:10:46.0467 5752 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
10:10:46.0467 5752 C:\Windows\System32\upnphost.dll - ok
10:10:46.0475 5752 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
10:10:46.0475 5752 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
10:10:46.0485 5752 [ 4D65A07B795D6674312F879D09AA7663 ] C:\Windows\System32\iphlpsvc.dll
10:10:46.0485 5752 C:\Windows\System32\iphlpsvc.dll - ok
10:10:46.0493 5752 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
10:10:46.0493 5752 C:\Windows\System32\odbcint.dll - ok
10:10:46.0503 5752 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
10:10:46.0503 5752 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
10:10:46.0515 5752 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
10:10:46.0515 5752 C:\Windows\System32\wbem\fastprox.dll - ok
10:10:46.0521 5752 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
10:10:46.0521 5752 C:\Windows\System32\wbem\wbemprox.dll - ok
10:10:46.0527 5752 [ 4743C11D13A01A096A78BD53E44AB739 ] C:\Program Files\Hp\QuickPlay\Kernel\TV\PCMRRec4.dll
10:10:46.0527 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
10:10:46.0535 5752 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
10:10:46.0535 5752 C:\Windows\System32\EhStorShell.dll - ok
10:10:46.0544 5752 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
10:10:46.0544 5752 C:\Windows\System32\sqmapi.dll - ok
10:10:46.0553 5752 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
10:10:46.0553 5752 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
10:10:46.0563 5752 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
10:10:46.0563 5752 C:\Windows\System32\wdscore.dll - ok
10:10:46.0571 5752 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
10:10:46.0571 5752 C:\Windows\System32\browser.dll - ok
10:10:46.0580 5752 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
10:10:46.0580 5752 C:\Windows\System32\netmsg.dll - ok
10:10:46.0589 5752 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
10:10:46.0589 5752 C:\Windows\System32\srvsvc.dll - ok
10:10:46.0597 5752 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:10:46.0597 5752 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:10:46.0606 5752 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
10:10:46.0606 5752 C:\Windows\System32\rastapi.dll - ok
10:10:46.0615 5752 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
10:10:46.0615 5752 C:\Windows\System32\tapi32.dll - ok
10:10:46.0624 5752 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
10:10:46.0624 5752 C:\Windows\System32\nci.dll - ok
10:10:46.0636 5752 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
10:10:46.0637 5752 C:\Windows\System32\clusapi.dll - ok
10:10:46.0642 5752 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
10:10:46.0642 5752 C:\Windows\System32\sscore.dll - ok
10:10:46.0651 5752 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
10:10:46.0651 5752 C:\Windows\System32\hnetcfg.dll - ok
10:10:46.0660 5752 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
10:10:46.0660 5752 C:\Windows\System32\resutils.dll - ok
10:10:46.0669 5752 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
10:10:46.0669 5752 C:\Windows\System32\unimdm.tsp - ok
10:10:46.0677 5752 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
10:10:46.0677 5752 C:\Windows\System32\wbem\wbemcore.dll - ok
10:10:46.0687 5752 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
10:10:46.0687 5752 C:\Windows\System32\uniplat.dll - ok
10:10:46.0695 5752 [ 4EAF682E27490A3D45C0EBB6537EE6A8 ] C:\Windows\System32\modemui.dll
10:10:46.0696 5752 C:\Windows\System32\modemui.dll - ok
10:10:46.0705 5752 [ 53CA6BF58658815FCB472205291DD953 ] C:\Windows\System32\unimdmat.dll
10:10:46.0705 5752 C:\Windows\System32\unimdmat.dll - ok
10:10:46.0714 5752 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
10:10:46.0714 5752 C:\Windows\System32\msdmo.dll - ok
10:10:46.0723 5752 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\System32\avicap32.dll
10:10:46.0723 5752 C:\Windows\System32\avicap32.dll - ok
10:10:46.0732 5752 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
10:10:46.0732 5752 C:\Windows\System32\devenum.dll - ok
10:10:46.0745 5752 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
10:10:46.0745 5752 C:\Windows\System32\msvfw32.dll - ok
10:10:46.0750 5752 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\System32\vfwwdm32.dll
10:10:46.0750 5752 C:\Windows\System32\vfwwdm32.dll - ok
10:10:46.0759 5752 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
10:10:46.0759 5752 C:\Windows\System32\hidphone.tsp - ok
10:10:46.0768 5752 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
10:10:46.0768 5752 C:\Windows\System32\kmddsp.tsp - ok
10:10:46.0773 5752 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
10:10:46.0773 5752 C:\Windows\System32\ndptsp.tsp - ok
10:10:46.0782 5752 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
10:10:46.0782 5752 C:\Windows\System32\wbem\esscli.dll - ok
10:10:46.0791 5752 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
10:10:46.0791 5752 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:10:46.0799 5752 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
10:10:46.0799 5752 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:10:46.0809 5752 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
10:10:46.0809 5752 C:\Windows\System32\wbem\wmiutils.dll - ok
10:10:46.0817 5752 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
10:10:46.0818 5752 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
10:10:46.0827 5752 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
10:10:46.0827 5752 C:\Windows\System32\rasppp.dll - ok
10:10:46.0835 5752 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
10:10:46.0835 5752 C:\Windows\System32\vpnike.dll - ok
10:10:46.0845 5752 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
10:10:46.0845 5752 C:\Windows\System32\raschap.dll - ok
10:10:46.0853 5752 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
10:10:46.0853 5752 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
10:10:46.0863 5752 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
10:10:46.0863 5752 C:\Windows\System32\ipnathlp.dll - ok
10:10:46.0872 5752 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
10:10:46.0872 5752 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
10:10:46.0882 5752 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
10:10:46.0882 5752 C:\Windows\System32\mprapi.dll - ok
10:10:46.0890 5752 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
10:10:46.0890 5752 C:\Windows\System32\ntshrui.dll - ok
10:10:46.0899 5752 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
10:10:46.0899 5752 C:\Windows\System32\netshell.dll - ok
10:10:46.0907 5752 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
10:10:46.0907 5752 C:\Windows\System32\IconCodecService.dll - ok
10:10:46.0917 5752 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:10:46.0917 5752 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:10:46.0925 5752 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
10:10:46.0925 5752 C:\Windows\System32\ncobjapi.dll - ok
10:10:46.0935 5752 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
10:10:46.0935 5752 C:\Windows\System32\wbem\wbemess.dll - ok
10:10:46.0943 5752 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:10:46.0943 5752 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:10:46.0953 5752 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
10:10:46.0953 5752 C:\Windows\System32\framedynos.dll - ok
10:10:46.0961 5752 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll
10:10:46.0961 5752 C:\Windows\System32\wbem\wmipcima.dll - ok
10:10:46.0971 5752 [ 4B455E8C41CAD3219CCF53024DCAD604 ] C:\Program Files\Hp\QuickPlay\Kernel\TV\QPSched.exe
10:10:46.0971 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\QPSched.exe - ok
10:10:46.0980 5752 [ 7C6993AC991C3AEF605E715612B3BDBD ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll
10:10:46.0980 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
10:10:46.0989 5752 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\System32\quartz.dll
10:10:46.0989 5752 C:\Windows\System32\quartz.dll - ok
10:10:46.0997 5752 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
10:10:46.0997 5752 C:\Windows\System32\appinfo.dll - ok
10:10:47.0007 5752 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
10:10:47.0007 5752 C:\Windows\System32\wdi.dll - ok
10:10:47.0015 5752 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
10:10:47.0015 5752 C:\Windows\System32\wpdbusenum.dll - ok
10:10:47.0025 5752 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
10:10:47.0026 5752 C:\Windows\System32\npmproxy.dll - ok
10:10:47.0031 5752 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
10:10:47.0031 5752 C:\Windows\System32\Apphlpdm.dll - ok
10:10:47.0039 5752 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
10:10:47.0039 5752 C:\Windows\System32\diagperf.dll - ok
10:10:47.0048 5752 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
10:10:47.0048 5752 C:\Windows\System32\perftrack.dll - ok
10:10:47.0057 5752 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\System32\qcap.dll
10:10:47.0057 5752 C:\Windows\System32\qcap.dll - ok
10:10:47.0065 5752 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
10:10:47.0065 5752 C:\Windows\System32\wer.dll - ok
10:10:47.0074 5752 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\System32\ksproxy.ax
10:10:47.0074 5752 C:\Windows\System32\ksproxy.ax - ok
10:10:47.0083 5752 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
10:10:47.0083 5752 C:\Windows\System32\d3d9.dll - ok
10:10:47.0091 5752 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
10:10:47.0092 5752 C:\Windows\System32\PortableDeviceApi.dll - ok
10:10:47.0101 5752 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
10:10:47.0101 5752 C:\Windows\System32\aepic.dll - ok
10:10:47.0109 5752 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
10:10:47.0109 5752 C:\Windows\System32\runonce.exe - ok
10:10:47.0122 5752 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
10:10:47.0122 5752 C:\Windows\System32\pnpts.dll - ok
10:10:47.0128 5752 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
10:10:47.0128 5752 C:\Windows\System32\radardt.dll - ok
10:10:47.0137 5752 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
10:10:47.0137 5752 C:\Windows\System32\wdiasqmmodule.dll - ok
10:10:47.0146 5752 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:10:47.0146 5752 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:10:47.0155 5752 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
10:10:47.0155 5752 C:\Windows\System32\rasdlg.dll - ok
10:10:47.0164 5752 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
10:10:47.0164 5752 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
10:10:47.0173 5752 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
10:10:47.0173 5752 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
10:10:47.0182 5752 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
10:10:47.0182 5752 C:\Windows\System32\dimsjob.dll - ok
10:10:47.0191 5752 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
10:10:47.0191 5752 C:\Windows\System32\msxml3.dll - ok
10:10:47.0199 5752 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
10:10:47.0199 5752 C:\Windows\System32\pautoenr.dll - ok
10:10:47.0209 5752 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
10:10:47.0209 5752 C:\Windows\System32\cmd.exe - ok
10:10:47.0217 5752 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
10:10:47.0217 5752 C:\Windows\System32\certcli.dll - ok
10:10:47.0227 5752 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
10:10:47.0227 5752 C:\Windows\System32\mprmsg.dll - ok
10:10:47.0235 5752 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
10:10:47.0235 5752 C:\Windows\System32\ndiscapCfg.dll - ok
10:10:47.0247 5752 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
10:10:47.0247 5752 C:\Windows\System32\rascfg.dll - ok
10:10:47.0253 5752 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
10:10:47.0254 5752 C:\Windows\System32\actxprxy.dll - ok
10:10:47.0263 5752 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
10:10:47.0263 5752 C:\Windows\System32\tcpipcfg.dll - ok
10:10:47.0272 5752 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
10:10:47.0272 5752 C:\Windows\System32\wshnetbs.dll - ok
10:10:47.0277 5752 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
10:10:47.0277 5752 C:\Windows\System32\CertEnroll.dll - ok
10:10:47.0286 5752 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
10:10:47.0286 5752 C:\Windows\System32\wlaninst.dll - ok
10:10:47.0295 5752 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
10:10:47.0295 5752 C:\Windows\System32\wwaninst.dll - ok
10:10:47.0303 5752 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
10:10:47.0303 5752 C:\Windows\System32\d3d8thk.dll - ok
10:10:47.0313 5752 [ 630A31F277349109299E590856A4B004 ] C:\Windows\System32\Kswdmcap.ax
10:10:47.0313 5752 C:\Windows\System32\Kswdmcap.ax - ok
10:10:47.0321 5752 [ F456E973590D663B1073E9C463B40932 ] C:\Windows\System32\drivers\mspqm.sys
10:10:47.0321 5752 C:\Windows\System32\drivers\mspqm.sys - ok
10:10:47.0331 5752 [ F1F6240464E5741B38D70EA44D42D94B ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll
10:10:47.0331 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
10:10:47.0340 5752 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\System32\ieframe.dll
10:10:47.0340 5752 C:\Windows\System32\ieframe.dll - ok
10:10:47.0349 5752 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
10:10:47.0349 5752 C:\Windows\System32\shdocvw.dll - ok
10:10:47.0358 5752 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Adam\AppData\Local\Temp\2E49CC79-2332-4B7F-AD40-198C6AC6E057.exe
10:10:47.0358 5752 C:\Users\Adam\AppData\Local\Temp\2E49CC79-2332-4B7F-AD40-198C6AC6E057.exe - ok
10:10:47.0367 5752 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
10:10:47.0367 5752 C:\Windows\System32\SensApi.dll - ok
10:10:47.0376 5752 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
10:10:47.0376 5752 C:\Windows\System32\spfileq.dll - ok
10:10:47.0385 5752 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
10:10:47.0385 5752 C:\Windows\System32\ie4uinit.exe - ok
10:10:47.0393 5752 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
10:10:47.0394 5752 C:\Windows\System32\iedkcs32.dll - ok
10:10:47.0403 5752 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
10:10:47.0403 5752 C:\Windows\System32\timedate.cpl - ok
10:10:47.0411 5752 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
10:10:47.0411 5752 C:\Windows\System32\linkinfo.dll - ok
10:10:47.0421 5752 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
10:10:47.0421 5752 C:\Windows\System32\aeevts.dll - ok
10:10:47.0429 5752 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
10:10:47.0429 5752 C:\Windows\System32\gameux.dll - ok
10:10:47.0439 5752 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
10:10:47.0439 5752 C:\Windows\System32\msftedit.dll - ok
10:10:47.0447 5752 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
10:10:47.0447 5752 C:\Windows\System32\msls31.dll - ok
10:10:47.0457 5752 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
10:10:47.0457 5752 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
10:10:47.0465 5752 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
10:10:47.0466 5752 C:\Windows\System32\msiltcfg.dll - ok
10:10:47.0475 5752 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
10:10:47.0475 5752 C:\Windows\System32\DeviceCenter.dll - ok
10:10:47.0483 5752 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
10:10:47.0483 5752 C:\Windows\System32\thumbcache.dll - ok
10:10:47.0496 5752 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
10:10:47.0496 5752 C:\Windows\System32\networkexplorer.dll - ok
10:10:47.0502 5752 [ 62B3C9786081ECAAB272A118408D2817 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:10:47.0502 5752 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:10:47.0511 5752 [ 8B48EB2799E9D18F288B7F9C63ADACD9 ] C:\Windows\System32\SynCOM.dll
10:10:47.0511 5752 C:\Windows\System32\SynCOM.dll - ok
10:10:47.0519 5752 [ F08A76C5E56BDB6F98F41BD22A4692E1 ] C:\Program Files\Hp\QuickPlay\QPService.exe
10:10:47.0519 5752 C:\Program Files\Hp\QuickPlay\QPService.exe - ok
10:10:47.0529 5752 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\08799985.sys
10:10:47.0529 5752 C:\Windows\System32\drivers\08799985.sys - ok
10:10:47.0534 5752 [ 5682A3904D80A9F6EBD7D5A085A896E1 ] C:\Windows\System32\SynTPAPI.dll
10:10:47.0534 5752 C:\Windows\System32\SynTPAPI.dll - ok
10:10:47.0542 5752 [ 1F373C5DB440D92839DDDF63F5BA2E8A ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
10:10:47.0542 5752 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
10:10:47.0551 5752 [ 804D1B3F83682288619DF795543BF382 ] C:\Windows\System32\consent.exe
10:10:47.0551 5752 C:\Windows\System32\consent.exe - ok
10:10:47.0560 5752 [ 79EF10D05AFA546A1185C855CF6491B0 ] C:\Program Files\Autodesk\Inventor Fusion 2012\AcSignCore16.dll
10:10:47.0560 5752 C:\Program Files\Autodesk\Inventor Fusion 2012\AcSignCore16.dll - ok
10:10:47.0569 5752 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
10:10:47.0569 5752 C:\Windows\System32\ddraw.dll - ok
10:10:47.0578 5752 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
10:10:47.0578 5752 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
10:10:47.0587 5752 [ 5F60D08D1B9C359A4EF4B602DEA20D50 ] C:\Windows\System32\nvmctray.dll
10:10:47.0587 5752 C:\Windows\System32\nvmctray.dll - ok
10:10:47.0596 5752 [ 8F89E6CB82E6DB45BC993D423CD0FDBD ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
10:10:47.0596 5752 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe - ok
10:10:47.0606 5752 [ 8EEEF4C038A3FF7E56D47D9C0B912EAC ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
10:10:47.0606 5752 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
10:10:47.0614 5752 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:10:47.0614 5752 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
10:10:47.0625 5752 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
10:10:47.0625 5752 C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:10:47.0635 5752 [ 5C0E0064D0FA3F540CF64A82AF9EB24A ] C:\Windows\System32\LogiLDA.DLL
10:10:47.0636 5752 C:\Windows\System32\LogiLDA.DLL - ok
10:10:47.0644 5752 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\Hp\QuickPlay\MFC71.dll
10:10:47.0644 5752 C:\Program Files\Hp\QuickPlay\MFC71.dll - ok
10:10:47.0653 5752 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
10:10:47.0654 5752 C:\Windows\System32\dciman32.dll - ok
10:10:47.0661 5752 [ A7DC47DBBE3C0384BA719DC4188AFA7E ] C:\Windows\ehome\ehtray.exe
10:10:47.0661 5752 C:\Windows\ehome\ehtray.exe - ok
10:10:47.0672 5752 [ 8284D4651EC9223354F84B84BDDE2EAF ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
10:10:47.0672 5752 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
10:10:47.0680 5752 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
10:10:47.0680 5752 C:\Windows\System32\oledlg.dll - ok
10:10:47.0689 5752 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\System32\wpdshext.dll
10:10:47.0689 5752 C:\Windows\System32\wpdshext.dll - ok
10:10:47.0698 5752 [ EA5F3BF2F1254EBF06731EE470EB29E8 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
10:10:47.0698 5752 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
10:10:47.0706 5752 [ FDC694C06891E14DD5BE5B668E4A69E0 ] C:\Program Files\Google\Google Talk\googletalk.exe
10:10:47.0706 5752 C:\Program Files\Google\Google Talk\googletalk.exe - ok
10:10:47.0716 5752 [ CE9191729CD550E871494CBA6ADCA112 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
10:10:47.0716 5752 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
10:10:47.0725 5752 [ 818DBC9026FDB4A519A4B74A30A7F485 ] C:\Windows\ehome\ehmsas.exe
10:10:47.0725 5752 C:\Windows\ehome\ehmsas.exe - ok
10:10:47.0734 5752 [ E7FC21E8A9724E7899E38364EE8848C6 ] C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll
10:10:47.0734 5752 C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll - ok
10:10:47.0746 5752 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
10:10:47.0746 5752 C:\Windows\System32\riched20.dll - ok
10:10:47.0753 5752 [ 4825D2A98FAB45D4938DA9196ADDFAD4 ] C:\Windows\ehome\ehProxy.dll
10:10:47.0753 5752 C:\Windows\ehome\ehProxy.dll - ok
10:10:47.0761 5752 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL
10:10:47.0761 5752 C:\Windows\System32\MFC71ENU.DLL - ok
10:10:47.0771 5752 [ 0768C0D8A9A7B9EE61D914C0130D28DB ] C:\Program Files\Hp\QuickPlay\Helper.dll
10:10:47.0771 5752 C:\Program Files\Hp\QuickPlay\Helper.dll - ok
10:10:47.0779 5752 [ FCA11932ED0E36A83D3D4DE4158E153B ] C:\Program Files\Hp\QuickPlay\Kernel\common\CLRCEngine3.dll
10:10:47.0781 5752 C:\Program Files\Hp\QuickPlay\Kernel\common\CLRCEngine3.dll - ok
10:10:47.0790 5752 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
10:10:47.0790 5752 C:\Windows\System32\wbem\cimwin32.dll - ok
10:10:47.0799 5752 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll
10:10:47.0800 5752 C:\Windows\System32\wmi.dll - ok
10:10:47.0807 5752 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll
10:10:47.0807 5752 C:\Windows\System32\schedcli.dll - ok
10:10:47.0818 5752 [ 7040C2BCA7D6EFEEB14A807EAD9449DB ] C:\Program Files\Hp\QuickPlay\powrprof.dll
10:10:47.0818 5752 C:\Program Files\Hp\QuickPlay\powrprof.dll - ok
10:10:47.0826 5752 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
10:10:47.0826 5752 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
10:10:47.0835 5752 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
10:10:47.0836 5752 C:\Windows\System32\mlang.dll - ok
10:10:47.0845 5752 [ D481773A309E38BF3A933E687BF0976F ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapX.dll
10:10:47.0845 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLCapX.dll - ok
10:10:47.0853 5752 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
10:10:47.0853 5752 C:\Windows\System32\dsound.dll - ok
10:10:47.0862 5752 [ BA2655001D1F017EDFD9132D5C07E941 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe
10:10:47.0863 5752 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe - ok
10:10:47.0872 5752 [ 15285F5C9A12F7D9EF0CC0BB157219FF ] C:\Program Files\Hp\QuickPlay\Kernel\TV\CLAuMixer.dll
10:10:47.0872 5752 C:\Program Files\Hp\QuickPlay\Kernel\TV\CLAuMixer.dll - ok
10:10:47.0881 5752 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
10:10:47.0881 5752 C:\Windows\System32\stobject.dll - ok
10:10:47.0890 5752 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
10:10:47.0890 5752 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
10:10:47.0899 5752 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
10:10:47.0899 5752 C:\Windows\System32\batmeter.dll - ok
10:10:47.0907 5752 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
10:10:47.0907 5752 C:\Windows\System32\UIAnimation.dll - ok
10:10:47.0916 5752 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
10:10:47.0916 5752 C:\Windows\System32\SyncCenter.dll - ok
10:10:47.0925 5752 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
10:10:47.0925 5752 C:\Windows\System32\prnfldr.dll - ok
10:10:47.0934 5752 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
10:10:47.0934 5752 C:\Windows\System32\DXP.dll - ok
10:10:47.0942 5752 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
10:10:47.0942 5752 C:\Windows\System32\Syncreg.dll - ok
10:10:47.0952 5752 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
10:10:47.0952 5752 C:\Windows\ehome\ehSSO.dll - ok
10:10:47.0960 5752 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
10:10:47.0960 5752 C:\Windows\System32\AltTab.dll - ok
10:10:47.0970 5752 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
10:10:47.0970 5752 C:\Windows\System32\pnidui.dll - ok
10:10:47.0978 5752 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
10:10:47.0978 5752 C:\Windows\System32\WPDShServiceObj.dll - ok
10:10:47.0988 5752 [ FDF273A845F1FFCCEADF363AAF47582F ] C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
10:10:47.0988 5752 C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
10:10:47.0997 5752 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
10:10:47.0997 5752 C:\Windows\System32\QUTIL.DLL - ok
10:10:48.0006 5752 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
10:10:48.0006 5752 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:10:48.0015 5752 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
10:10:48.0015 5752 C:\Windows\System32\srchadmin.dll - ok
10:10:48.0026 5752 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
10:10:48.0026 5752 C:\Windows\System32\SearchIndexer.exe - ok
10:10:48.0034 5752 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
10:10:48.0034 5752 C:\Windows\System32\wbem\wmiprov.dll - ok
10:10:48.0040 5752 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
10:10:48.0040 5752 C:\Windows\System32\dot3api.dll - ok
10:10:48.0049 5752 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
10:10:48.0049 5752 C:\Windows\System32\wlanhlp.dll - ok
10:10:48.0058 5752 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
10:10:48.0058 5752 C:\Windows\System32\tquery.dll - ok
10:10:48.0066 5752 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
10:10:48.0066 5752 C:\Windows\System32\WWanAPI.dll - ok
10:10:48.0077 5752 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
10:10:48.0077 5752 C:\Windows\System32\wwapi.dll - ok
10:10:48.0085 5752 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
10:10:48.0085 5752 C:\Windows\System32\ActionCenter.dll - ok
10:10:48.0096 5752 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
10:10:48.0096 5752 C:\Windows\System32\QAGENT.DLL - ok
10:10:48.0104 5752 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
10:10:48.0104 5752 C:\Windows\System32\bthprops.cpl - ok
10:10:48.0113 5752 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
10:10:48.0113 5752 C:\Windows\System32\mssrch.dll - ok
10:10:48.0125 5752 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
10:10:48.0125 5752 C:\Windows\System32\esent.dll - ok
10:10:48.0131 5752 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
10:10:48.0131 5752 C:\Windows\System32\FXSST.dll - ok
10:10:48.0139 5752 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
10:10:48.0140 5752 C:\Windows\System32\msidle.dll - ok
10:10:48.0149 5752 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
10:10:48.0149 5752 C:\Windows\System32\wbem\NCProv.dll - ok
10:10:48.0157 5752 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
10:10:48.0157 5752 C:\Windows\System32\mssprxy.dll - ok
10:10:48.0167 5752 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
10:10:48.0167 5752 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:10:48.0176 5752 [ 20DBD74F9F2AB4B97C6D2005C1BC9254 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
10:10:48.0176 5752 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
10:10:48.0185 5752 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:10:48.0185 5752 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
10:10:48.0194 5752 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
10:10:48.0194 5752 C:\Windows\System32\FXSAPI.dll - ok
10:10:48.0203 5752 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
10:10:48.0203 5752 C:\Windows\System32\FXSRESM.dll - ok
10:10:48.0211 5752 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
10:10:48.0211 5752 C:\Windows\System32\FXSSVC.exe - ok
10:10:48.0221 5752 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
10:10:48.0221 5752 C:\Windows\System32\webcheck.dll - ok
10:10:48.0229 5752 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
10:10:48.0229 5752 C:\Windows\System32\imapi2.dll - ok
10:10:48.0238 5752 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
10:10:48.0238 5752 C:\Windows\System32\hgcpl.dll - ok
10:10:48.0248 5752 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
10:10:48.0248 5752 C:\Windows\System32\SearchProtocolHost.exe - ok
10:10:48.0257 5752 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
10:10:48.0257 5752 C:\Windows\System32\msshooks.dll - ok
10:10:48.0265 5752 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
10:10:48.0265 5752 C:\Windows\System32\SearchFilterHost.exe - ok
10:10:48.0275 5752 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\System32\mssph.dll
10:10:48.0275 5752 C:\Windows\System32\mssph.dll - ok
10:10:48.0283 5752 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
10:10:48.0283 5752 C:\Windows\System32\mapi32.dll - ok
10:10:48.0288 5752 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\System32\Query.dll
10:10:48.0288 5752 C:\Windows\System32\Query.dll - ok
10:10:48.0297 5752 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:10:48.0298 5752 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:10:48.0306 5752 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
10:10:48.0306 5752 C:\Windows\System32\msvcr100_clr0400.dll - ok
10:10:48.0315 5752 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] C:\Windows\System32\FntCache.dll
10:10:48.0315 5752 C:\Windows\System32\FntCache.dll - ok
10:10:48.0324 5752 [ 8577CA80212A3EE1CF2FD1FC91E1CFF6 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:10:48.0324 5752 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
10:10:48.0333 5752 [ 9A6C8458714B2F723C2A35D0F7CDC4F6 ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
10:10:48.0334 5752 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
10:10:48.0342 5752 [ BB5E9B58C972E2AC6DB7995B874782BC ] C:\Program Files\Common Files\LightScribe\LSLog.dll
10:10:48.0342 5752 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
10:10:48.0351 5752 [ 8F97D374AD1857E1EED85A79F29A1D3D ] C:\Windows\WindowsMobile\rapimgr.dll
10:10:48.0352 5752 C:\Windows\WindowsMobile\rapimgr.dll - ok
10:10:48.0360 5752 [ B0B4C590C0CAE7741DA17E3DC86CC828 ] C:\Windows\System32\ceutil.dll
10:10:48.0360 5752 C:\Windows\System32\ceutil.dll - ok
10:10:48.0369 5752 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
10:10:48.0369 5752 C:\Windows\System32\sppsvc.exe - ok
10:10:48.0378 5752 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
10:10:48.0378 5752 C:\Windows\System32\drivers\spsys.sys - ok
10:10:48.0387 5752 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:10:48.0387 5752 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:10:48.0396 5752 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
10:10:48.0396 5752 C:\Windows\System32\sppwinob.dll - ok
10:10:48.0405 5752 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
10:10:48.0405 5752 C:\Windows\System32\wmdrmdev.dll - ok
10:10:48.0414 5752 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
10:10:48.0414 5752 C:\Windows\System32\drmv2clt.dll - ok
10:10:48.0423 5752 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
10:10:48.0423 5752 C:\Windows\System32\wscsvc.dll - ok
10:10:48.0432 5752 [ 970C10CA3E95FC58E10FD12C7EA9D192 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
10:10:48.0432 5752 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok
10:10:48.0441 5752 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
10:10:48.0441 5752 C:\Windows\System32\dbghelp.dll - ok
10:10:48.0449 5752 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
10:10:48.0450 5752 C:\Windows\System32\wuaueng.dll - ok
10:10:48.0459 5752 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll
10:10:48.0459 5752 C:\Windows\System32\mspatcha.dll - ok
10:10:48.0468 5752 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
10:10:48.0468 5752 C:\Windows\System32\upnp.dll - ok
10:10:48.0477 5752 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
10:10:48.0477 5752 C:\Windows\System32\wuapi.dll - ok
10:10:48.0485 5752 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
10:10:48.0485 5752 C:\Windows\System32\wmp.dll - ok
10:10:48.0497 5752 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
10:10:48.0497 5752 C:\Windows\System32\wups.dll - ok
10:10:48.0503 5752 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
10:10:48.0504 5752 C:\Windows\System32\wmploc.DLL - ok
10:10:48.0513 5752 [ 62CBF36E3E10BAA74224BC7A6DD998B5 ] C:\Program Files\Internet Explorer\ieproxy.dll
10:10:48.0513 5752 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:10:48.0522 5752 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
10:10:48.0522 5752 C:\Windows\System32\wmpps.dll - ok
10:10:48.0531 5752 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
10:10:48.0531 5752 C:\Windows\System32\wmpmde.dll - ok
10:10:48.0539 5752 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
10:10:48.0539 5752 C:\Windows\System32\wups2.dll - ok
10:10:48.0545 5752 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll
10:10:48.0545 5752 C:\Windows\System32\sppobjs.dll - ok
10:10:48.0553 5752 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
10:10:48.0554 5752 C:\Windows\System32\WinSATAPI.dll - ok
10:10:48.0563 5752 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
10:10:48.0563 5752 C:\Windows\System32\MSMPEG2ENC.DLL - ok
10:10:48.0571 5752 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] C:\Windows\System32\drivers\asyncmac.sys
10:10:48.0571 5752 C:\Windows\System32\drivers\asyncmac.sys - ok
10:10:48.0581 5752 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
10:10:48.0581 5752 C:\Windows\System32\wscisvif.dll - ok
10:10:48.0590 5752 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
10:10:48.0590 5752 C:\Windows\System32\wscproxystub.dll - ok
10:10:48.0599 5752 [ 59E19BD13C3BDB857646B9E436BA27F7 ] C:\Windows\WindowsMobile\wcescomm.dll
10:10:48.0599 5752 C:\Windows\WindowsMobile\wcescomm.dll - ok
10:10:48.0607 5752 [ 843D21A20736016E5613E4B51EA60D46 ] C:\Windows\System32\winusb.dll
10:10:48.0607 5752 C:\Windows\System32\winusb.dll - ok
10:10:48.0621 5752 [ 8C8C82633A7E90A33E8D7D9617B2B46C ] C:\Windows\WindowsMobile\tcp2udp.dll
10:10:48.0621 5752 C:\Windows\WindowsMobile\tcp2udp.dll - ok
10:10:48.0626 5752 [ 3379989F06B31347792836DCF028A325 ] C:\Windows\System32\rapiproxystub.dll
10:10:48.0626 5752 C:\Windows\System32\rapiproxystub.dll - ok
10:10:48.0635 5752 [ 523DF3B590D8A353A49235B1B7C571AD ] C:\Windows\WindowsMobile\dtptdns.dll
10:10:48.0635 5752 C:\Windows\WindowsMobile\dtptdns.dll - ok
10:10:48.0644 5752 [ D5D7C7CBDD63C5938C83846B313FCF3B ] C:\Windows\WindowsMobile\BthASPlugin.dll
10:10:48.0644 5752 C:\Windows\WindowsMobile\BthASPlugin.dll - ok
10:10:48.0653 5752 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
10:10:48.0653 5752 C:\Windows\System32\udhisapi.dll - ok
10:10:48.0661 5752 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
10:10:48.0661 5752 C:\Windows\System32\drprov.dll - ok
10:10:48.0671 5752 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
10:10:48.0671 5752 C:\Windows\System32\ntlanman.dll - ok
10:10:48.0679 5752 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
10:10:48.0679 5752 C:\Windows\System32\davclnt.dll - ok
10:10:48.0689 5752 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
10:10:48.0689 5752 C:\Windows\System32\davhlpr.dll - ok
10:10:48.0698 5752 [ 897493762A427D94B66A30EE6AB35966 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
10:10:48.0698 5752 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
10:10:48.0708 5752 [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL
10:10:48.0708 5752 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
10:10:48.0716 5752 [ C7D010BD8BCEF2EB3FCA8F7CD3C08D9F ] C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL
10:10:48.0716 5752 C:\Program Files\Common Files\microsoft shared\OFFICE12\MSORES.DLL - ok
10:10:48.0726 5752 [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL
10:10:48.0726 5752 C:\Program Files\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok
10:10:48.0735 5752 [ 8FECD12803558FA84F63B7DDD16D89F1 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll
10:10:48.0735 5752 C:\Program Files\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok
10:10:48.0746 5752 [ D291FA0A37901E5E5A687813FA2AF2B5 ] C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll
10:10:48.0746 5752 C:\Program Files\Microsoft Office\Office12\1033\GrooveIntlResource.dll - ok
10:10:48.0755 5752 [ 2D34839A17EF7BDA968332AF195FCC9D ] C:\Program Files\Common Files\System\ado\msadox.dll
10:10:48.0755 5752 C:\Program Files\Common Files\System\ado\msadox.dll - ok
10:10:48.0765 5752 [ B7899C3E21B299D7A3C0DA96CAE340BD ] C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
10:10:48.0765 5752 C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
10:10:48.0774 5752 [ 145642B84939D50AFDA2D6163406CCED ] C:\Windows\System32\networkitemfactory.dll
10:10:48.0775 5752 C:\Windows\System32\networkitemfactory.dll - ok
10:10:48.0784 5752 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\System32\StructuredQuery.dll
10:10:48.0784 5752 C:\Windows\System32\StructuredQuery.dll - ok
10:10:48.0793 5752 [ 0795AAF84172C2E3B605CCB3A6E91D4A ] C:\Windows\System32\dtsh.dll
10:10:48.0793 5752 C:\Windows\System32\dtsh.dll - ok
10:10:48.0799 5752 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\System32\audiodev.dll
10:10:48.0799 5752 C:\Windows\System32\audiodev.dll - ok
10:10:48.0808 5752 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
10:10:48.0808 5752 C:\Windows\System32\WMVCORE.DLL - ok
10:10:48.0816 5752 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
10:10:48.0816 5752 C:\Windows\System32\WMASF.DLL - ok
10:10:48.0825 5752 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\System32\EhStorAPI.dll
10:10:48.0826 5752 C:\Windows\System32\EhStorAPI.dll - ok
10:10:48.0834 5752 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\System32\notepad.exe
10:10:48.0834 5752 C:\Windows\System32\notepad.exe - ok
10:10:48.0843 5752 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\System32\wscinterop.dll
10:10:48.0843 5752 C:\Windows\System32\wscinterop.dll - ok
10:10:48.0851 5752 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\System32\wscui.cpl
10:10:48.0852 5752 C:\Windows\System32\wscui.cpl - ok
10:10:48.0861 5752 [ 1869BD251211FB6275067372A45682D6 ] C:\Windows\System32\werconcpl.dll
10:10:48.0861 5752 C:\Windows\System32\werconcpl.dll - ok
10:10:48.0869 5752 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll
10:10:48.0869 5752 C:\Windows\System32\wercplsupport.dll - ok
10:10:48.0879 5752 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\System32\hcproviders.dll
10:10:48.0880 5752 C:\Windows\System32\hcproviders.dll - ok
10:10:48.0888 5752 [ 347AAE83C7C7B787CED89544532AA47D ] C:\Windows\System32\PhotoMetadataHandler.dll
10:10:48.0889 5752 C:\Windows\System32\PhotoMetadataHandler.dll - ok
10:10:48.0898 5752 [ B201AF83DF2E85323E29EB83E4046810 ] C:\Program Files\Internet Explorer\iexplore.exe
10:10:48.0898 5752 C:\Program Files\Internet Explorer\iexplore.exe - ok
10:10:48.0906 5752 [ F9D038A8C2BDC3AE2548150A7AED0F8A ] C:\Windows\System32\ieui.dll
10:10:48.0906 5752 C:\Windows\System32\ieui.dll - ok
10:10:48.0915 5752 [ 1D4127FE151165C5FB9C0EED8701A3D1 ] C:\Program Files\Internet Explorer\IEShims.dll
10:10:48.0916 5752 C:\Program Files\Internet Explorer\IEShims.dll - ok
10:10:48.0924 5752 [ 229D5E4F953DD979C7713572B93CE111 ] C:\Program Files\Internet Explorer\sqmapi.dll
10:10:48.0924 5752 C:\Program Files\Internet Explorer\sqmapi.dll - ok
10:10:48.0933 5752 [ 07F649CD36F266BBE33B814FA678AA43 ] C:\Windows\System32\mshtml.dll
10:10:48.0933 5752 C:\Windows\System32\mshtml.dll - ok
10:10:48.0941 5752 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\System32\d2d1.dll
10:10:48.0941 5752 C:\Windows\System32\d2d1.dll - ok
10:10:48.0951 5752 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
10:10:48.0951 5752 C:\Windows\System32\DWrite.dll - ok
10:10:48.0959 5752 [ 8E6C86726B67D3FAA3144849B9AAC06C ] C:\Program Files\Java\jre6\bin\ssv.dll
10:10:48.0959 5752 C:\Program Files\Java\jre6\bin\ssv.dll - ok
10:10:48.0969 5752 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
10:10:48.0969 5752 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
10:10:48.0978 5752 [ A9770771B622A871643EA2A4A3983E95 ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
10:10:48.0978 5752 C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
10:10:48.0987 5752 [ E2E37D570AAF48781BD00DD243456E7D ] C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll
10:10:48.0988 5752 C:\Program Files\Common Files\microsoft shared\Windows Live\msidcrl40.dll - ok
10:10:48.0997 5752 [ 23BB24B3CC03F7788A8EB6FE64947BBD ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll
10:10:48.0997 5752 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll - ok
10:10:49.0006 5752 [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\System32\ieapfltr.dll
10:10:49.0006 5752 C:\Windows\System32\ieapfltr.dll - ok
10:10:49.0014 5752 [ A3FA99A16F10D44EDB7A8C340FA2EE1B ] C:\Windows\System32\jscript9.dll
10:10:49.0014 5752 C:\Windows\System32\jscript9.dll - ok
10:10:49.0024 5752 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
10:10:49.0024 5752 C:\Windows\System32\msimtf.dll - ok
10:10:49.0032 5752 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\System32\dxtrans.dll
10:10:49.0032 5752 C:\Windows\System32\dxtrans.dll - ok
10:10:49.0041 5752 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\System32\ddrawex.dll
10:10:49.0041 5752 C:\Windows\System32\ddrawex.dll - ok
10:10:49.0046 5752 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\System32\dxtmsft.dll
10:10:49.0046 5752 C:\Windows\System32\dxtmsft.dll - ok
10:10:49.0055 5752 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\System32\d3d10.dll
10:10:49.0055 5752 C:\Windows\System32\d3d10.dll - ok
10:10:49.0063 5752 [ 547F78746F20901C770E8653B242217C ] C:\Windows\System32\d3d10core.dll
10:10:49.0063 5752 C:\Windows\System32\d3d10core.dll - ok
10:10:49.0073 5752 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\System32\NaturalLanguage6.dll
10:10:49.0073 5752 C:\Windows\System32\NaturalLanguage6.dll - ok
10:10:49.0081 5752 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\System32\NlsData0009.dll
10:10:49.0082 5752 C:\Windows\System32\NlsData0009.dll - ok
10:10:49.0091 5752 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\System32\NlsLexicons0009.dll
10:10:49.0091 5752 C:\Windows\System32\NlsLexicons0009.dll - ok
10:10:49.0099 5752 [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\System32\WindowsCodecsExt.dll
10:10:49.0099 5752 C:\Windows\System32\WindowsCodecsExt.dll - ok
10:10:49.0109 5752 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\System32\icm32.dll
10:10:49.0109 5752 C:\Windows\System32\icm32.dll - ok
10:10:49.0118 5752 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\Windows\System32\wuauclt.exe
10:10:49.0118 5752 C:\Windows\System32\wuauclt.exe - ok
10:10:49.0127 5752 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
10:10:49.0127 5752 C:\Windows\System32\wucltux.dll - ok
10:10:49.0135 5752 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\System32\advpack.dll
10:10:49.0136 5752 C:\Windows\System32\advpack.dll - ok
10:10:49.0145 5752 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
10:10:49.0145 5752 C:\Windows\servicing\TrustedInstaller.exe - ok
10:10:49.0154 5752 [ 5B3D1C528CD6674FF6BD1F6720F5A686 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
10:10:49.0154 5752 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll - ok
10:10:49.0163 5752 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\System32\dpx.dll
10:10:49.0163 5752 C:\Windows\System32\dpx.dll - ok
10:10:49.0172 5752 [ 8896EF6DEBA34C5507A488729A1D3AF2 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll
10:10:49.0172 5752 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wcp.dll - ok
10:10:49.0181 5752 [ 4CCF86AAD1B67168FB51A477307EC288 ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll
10:10:49.0181 5752 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\DrUpdate.dll - ok
10:10:49.0190 5752 [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\System32\srclient.dll
10:10:49.0190 5752 C:\Windows\System32\srclient.dll - ok
10:10:49.0199 5752 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\System32\spp.dll
10:10:49.0199 5752 C:\Windows\System32\spp.dll - ok
10:10:49.0208 5752 [ C9B89E87CB6D87FA4CC3F04EBC9F3D1C ] C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll
10:10:49.0208 5752 C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\wrpint.dll - ok
10:10:49.0217 5752 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\System32\sxsstore.dll
10:10:49.0217 5752 C:\Windows\System32\sxsstore.dll - ok
10:10:49.0226 5752 [ 665748B8F1770EFE09AC75D8EC020100 ] C:\Windows\servicing\CbsApi.dll
10:10:49.0226 5752 C:\Windows\servicing\CbsApi.dll - ok
10:10:49.0235 5752 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\System32\ELSCore.dll
10:10:49.0235 5752 C:\Windows\System32\ELSCore.dll - ok
10:10:49.0244 5752 [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\System32\elsTrans.dll
10:10:49.0244 5752 C:\Windows\System32\elsTrans.dll - ok
10:10:49.0253 5752 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\System32\elslad.dll
10:10:49.0253 5752 C:\Windows\System32\elslad.dll - ok
10:10:49.0261 5752 [ 816FA57475CE5032E063BF69BFCD4C85 ] C:\Windows\System32\NlsData0021.dll
10:10:49.0261 5752 C:\Windows\System32\NlsData0021.dll - ok
10:10:49.0271 5752 [ 5003ADEC6FF342D5C0BBAB94B76FE5E0 ] C:\Windows\System32\NlsLexicons0021.dll
10:10:49.0271 5752 C:\Windows\System32\NlsLexicons0021.dll - ok
10:10:49.0279 5752 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\System32\NlsData000c.dll
10:10:49.0279 5752 C:\Windows\System32\NlsData000c.dll - ok
10:10:49.0289 5752 [ AC7D0114246661B1E29A0939039157C5 ] C:\Windows\System32\NlsLexicons000c.dll
10:10:49.0289 5752 C:\Windows\System32\NlsLexicons000c.dll - ok
10:10:49.0297 5752 [ 0BDF121EBD33DA510BD82051C795E199 ] C:\Windows\System32\NlsData0003.dll
10:10:49.0297 5752 C:\Windows\System32\NlsData0003.dll - ok
10:10:49.0302 5752 [ E08BD8A403E169971B499E59203B0FB8 ] C:\Windows\System32\NlsLexicons0003.dll
10:10:49.0303 5752 C:\Windows\System32\NlsLexicons0003.dll - ok
10:10:49.0311 5752 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\System32\Wpc.dll
10:10:49.0311 5752 C:\Windows\System32\Wpc.dll - ok
10:10:49.0320 5752 [ DE6652B4B4E9795B53142959FD02A4EB ] C:\Windows\System32\inetcpl.cpl
10:10:49.0320 5752 C:\Windows\System32\inetcpl.cpl - ok
10:10:49.0329 5752 [ ED6F6FBBCDEC95483B7351E23F4FCDF6 ] C:\Windows\System32\IEAdvpack.dll
10:10:49.0329 5752 C:\Windows\System32\IEAdvpack.dll - ok
10:10:49.0338 5752 [ E290E3FDF645DF29D00D6368B9127E30 ] C:\Windows\System32\msfeeds.dll
10:10:49.0338 5752 C:\Windows\System32\msfeeds.dll - ok
10:10:49.0347 5752 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\System32\wbem\WMIADAP.exe
10:10:49.0347 5752 C:\Windows\System32\wbem\WMIADAP.exe - ok
10:10:49.0356 5752 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\System32\loadperf.dll
10:10:49.0356 5752 C:\Windows\System32\loadperf.dll - ok
10:10:49.0366 5752 [ B9ADA43CB3FFAF6669D34F432AA44A0F ] C:\Windows\System32\pstorec.dll
10:10:49.0366 5752 C:\Windows\System32\pstorec.dll - ok
10:10:49.0374 5752 [ 0A3CCB2C4F603D99F34D742FC9544B97 ] C:\Windows\System32\pstorsvc.dll
10:10:49.0374 5752 C:\Windows\System32\pstorsvc.dll - ok
10:10:49.0383 5752 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll
10:10:49.0384 5752 C:\Windows\System32\psbase.dll - ok
10:10:49.0392 5752 [ F3CB12A5791761EBCA4C7BA5FC89F5C2 ] C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE
10:10:49.0392 5752 C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE - ok
10:10:49.0401 5752 [ 8F5335AA512C405451DFAA88C0C0567E ] C:\Program Files\Symantec\LiveUpdate\UNRAR.DLL
10:10:49.0401 5752 C:\Program Files\Symantec\LiveUpdate\UNRAR.DLL - ok
10:10:49.0410 5752 [ 04F3A8660AAA55641DFDDB12605456EC ] C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_2.DLL
10:10:49.0410 5752 C:\Program Files\Symantec\LiveUpdate\ResLuComServer_3_2.DLL - ok
10:10:49.0419 5752 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\System32\netbios.dll
10:10:49.0419 5752 C:\Windows\System32\netbios.dll - ok
10:10:49.0428 5752 [ 4C2B02D3FD545AB4A80918BDE120DBC6 ] C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
10:10:49.0428 5752 C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE - ok
10:10:49.0437 5752 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\System32\mfc71.dll
10:10:49.0437 5752 C:\Windows\System32\mfc71.dll - ok
10:10:49.0445 5752 [ C86F54CF56C8CDFCBB29ECDF1C75214D ] C:\Program Files\Symantec\LiveUpdate\AUPDATERES.DLL
10:10:49.0446 5752 C:\Program Files\Symantec\LiveUpdate\AUPDATERES.DLL - ok
10:10:49.0455 5752 [ 714CAAFA513E987C5C4E1412933B218E ] C:\Program Files\Symantec\LiveUpdate\LuPreCon.DLL
10:10:49.0455 5752 C:\Program Files\Symantec\LiveUpdate\LuPreCon.DLL - ok
10:10:49.0464 5752 [ 5EFDBEAECD69E250E5BA4A2950203CD4 ] C:\Windows\System32\sdclt.exe
10:10:49.0464 5752 C:\Windows\System32\sdclt.exe - ok
10:10:49.0473 5752 [ 3CC04CB09FAFAD87942437FDDEE11EE3 ] C:\Windows\System32\ReAgent.dll
10:10:49.0473 5752 C:\Windows\System32\ReAgent.dll - ok
10:10:49.0482 5752 [ 3B28814B74E898750A139FA4CBDFDCF7 ] C:\Windows\System32\sdengin2.dll
10:10:49.0482 5752 C:\Windows\System32\sdengin2.dll - ok
10:10:49.0494 5752 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] C:\Windows\System32\sdrsvc.dll
10:10:49.0495 5752 C:\Windows\System32\sdrsvc.dll - ok
10:10:49.0500 5752 [ 9BF7BDBD1EC69D44EA8D9BE222FC93BB ] C:\Windows\System32\sxshared.dll
10:10:49.0500 5752 C:\Windows\System32\sxshared.dll - ok
10:10:49.0509 5752 [ DD7596A0BC60AFFCCEB07E64F876FB59 ] C:\Windows\System32\sxproxy.dll
10:10:49.0509 5752 C:\Windows\System32\sxproxy.dll - ok
10:10:49.0514 5752 ============================================================
10:10:49.0514 5752 Scan finished
10:10:49.0514 5752 ============================================================
10:10:49.0533 5736 Detected object count: 6
10:10:49.0533 5736 Actual detected object count: 6
10:11:09.0004 5736 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0004 5736 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:09.0010 5736 Flash1 ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0010 5736 Flash1 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:09.0013 5736 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0013 5736 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:09.0018 5736 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0019 5736 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:09.0019 5736 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0019 5736 NVIDIA Performance Driver Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:11:09.0023 5736 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
10:11:09.0023 5736 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

Advertisements

#17
coots
Posted 01 January 2013 - 12:27 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
here is the aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-01 10:24:43
-----------------------------
10:24:43.111 OS Version: Windows 6.1.7601 Service Pack 1
10:24:43.112 Number of processors: 2 586 0x6802
10:24:43.113 ComputerName: ADAM-PC UserName: Adam
10:25:08.627 Initialize success
11:18:31.486 AVAST engine defs: 13010100
12:05:54.114 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000072
12:05:54.118 Disk 0 Vendor: ST912082 3.BH Size: 114473MB BusType: 3
12:05:54.144 Disk 0 MBR read successfully
12:05:54.148 Disk 0 MBR scan
12:05:54.173 Disk 0 Windows 7 default MBR code
12:05:54.177 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 106085 MB offset 63
12:05:54.213 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8385 MB offset 217263060
12:05:54.244 Disk 0 scanning sectors +234436545
12:05:54.316 Disk 0 scanning C:\Windows\system32\drivers
12:06:08.562 Service scanning
12:06:54.772 Modules scanning
12:07:06.140 Disk 0 trace - called modules:
12:07:06.151 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor.sys
12:07:06.153 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8630d2e0]
12:07:06.154 3 CLASSPNP.SYS[8964d59e] -> nt!IofCallDriver -> [0x85d61a38]
12:07:06.154 5 ACPI.sys[88e423d4] -> nt!IofCallDriver -> \Device\00000072[0x85d61b60]
12:07:07.771 AVAST engine scan C:\Windows
12:07:12.336 AVAST engine scan C:\Windows\system32
12:11:54.615 AVAST engine scan C:\Windows\system32\drivers
12:12:11.912 AVAST engine scan C:\Users\Adam
12:20:27.307 AVAST engine scan C:\ProgramData
12:22:37.436 Scan finished successfully
12:25:25.921 Disk 0 MBR has been saved successfully to "C:\Users\Adam\Desktop\virus removal2\MBR.dat"
12:25:25.928 The log file has been saved successfully to "C:\Users\Adam\Desktop\virus removal2\aswMBR.txt"
  • 0

#18
gringo_pr
Posted 01 January 2013 - 01:49 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#19
coots
Posted 01 January 2013 - 04:06 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Combofix seemed to run fine. I did not have to restart.
MSE is still detecting the trojan every minute and quarantining it. The time updates every minute.
Also, "Exploit:Java/CVE-2012-1723" is now appearing.

As I said earlier, I believe this started in the form of a fake Adobe Flash update.
Also, I think it has something to do with Google Chrome, or posed as a fake Google chrome update.

Not sure if everything is ok. Still have MSE realtime scanning disabled. I have not reactivated anything unless told to do so.

here is the latest combofix log:

ComboFix 13-01-01.02 - Adam 01/01/2013 15:43:41.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1983.1107 [GMT -6:00]
Running from: c:\users\Adam\Desktop\virus removal\ComboFix.exe
Command switches used :: c:\users\Adam\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-12-01 to 2013-01-01 )))))))))))))))))))))))))))))))
.
.
2013-01-01 21:54 . 2013-01-01 21:54 -------- d-----w- c:\users\msmits2003\AppData\Local\temp
2013-01-01 21:54 . 2013-01-01 21:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-01 21:54 . 2013-01-01 21:54 -------- d-----w- c:\users\coots2003\AppData\Local\temp
2013-01-01 21:54 . 2013-01-01 21:54 -------- d-----w- c:\users\Cjohns2003\AppData\Local\temp
2012-12-31 18:28 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FEDF3C7B-AF4F-49B4-BB9D-B6727A3D713A}\mpengine.dll
2012-12-30 20:08 . 2012-12-30 20:23 -------- d-----w- c:\programdata\HitmanPro
2012-12-30 16:45 . 2012-12-30 16:48 -------- d-----w- c:\program files\AOL Toolbar
2012-12-30 16:20 . 2012-12-01 18:46 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E783EDC-20B0-4D18-8BA2-BBDCCB717998}\gapaengine.dll
2012-12-30 16:18 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-30 16:07 . 2012-12-30 16:08 -------- d-----w- c:\users\Creative Sol'ns LLC
2012-12-27 03:32 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-27 03:32 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-27 02:21 . 2012-10-04 16:43 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-27 02:20 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-27 02:20 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-27 02:17 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-12-26 22:29 . 2012-12-26 22:29 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-09 23:55 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-09 23:55 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-09 23:55 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-09 23:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-09 23:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-09 23:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-09 23:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-09 23:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-09 23:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-09 23:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-09 22:50 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-09 22:50 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-12-09 22:50 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-09 22:50 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-12-09 22:50 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-12-09 22:50 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-12-09 22:47 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-12-09 22:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-12-09 22:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-12-09 22:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-12-09 22:45 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 22:29 . 2011-10-27 16:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-01 18:46 . 2012-02-12 00:23 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-03-24 14:41 . 2012-02-08 04:09 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1246544]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Adam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-16 02:28 135664 ----atw- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2007-10-03 20:15 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2008-07-03 13:58 94208 ----a-w- c:\windows\PLFSetL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-09-01 22:47 90448 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-09-10 17:20 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 17:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
R2 McMPFSvc;McAfee Personal Firewall Service; [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 dsiarhwprog;dsiarhwprog;c:\windows\system32\Drivers\dsiarhwprog.sys [x]
R3 Flash1;Flash1;c:\swsetup\sp43666\winphlash\Flash1.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 Shewsvrmod;Shewsvrmod; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [x]
S2 EasyRedirect;EasyRedirect;c:\program files\Easy-Hide-IP\rdr\EasyRedirect.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [x]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 15201469
*NewlyCreated* - 23398250
*NewlyCreated* - ASWMBR
*Deregistered* - 15201469
*Deregistered* - 23398250
*Deregistered* - aswMBR
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfebopk
*Deregistered* - mferkdet
*Deregistered* - mfetdik
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000Core.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000UA.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-01 c:\windows\Tasks\User_Feed_Synchronization-{BC52B4B3-39F7-45B7-86D7-BD87826EAED7}.job
- c:\windows\system32\msfeedssync.exe [2012-12-09 23:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com
TCP: DhcpNameServer = 205.171.3.25 205.171.2.25
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\kz3d4tij.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-15201469.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5588)
c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
.
Completion time: 2013-01-01 15:59:04
ComboFix-quarantined-files.txt 2013-01-01 21:59
ComboFix2.txt 2012-12-31 22:54
ComboFix3.txt 2012-12-31 17:00
ComboFix4.txt 2012-12-27 05:10
.
Pre-Run: 26,204,807,168 bytes free
Post-Run: 26,215,239,680 bytes free
.
- - End Of File - - B68676003FC0DCE1CC7133A70059B913

Edited by coots, 01 January 2013 - 04:13 PM.

  • 0

#20
coots
Posted 01 January 2013 - 04:16 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Here is what MSE says:


Exploit:Java/CVE-2012-1723

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx


===============================

This appears 5 times in MSE:

Trojan:JS/Medfos.B

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
  • 0

#21
gringo_pr
Posted 01 January 2013 - 05:11 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0

#22
coots
Posted 01 January 2013 - 05:28 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Here is the contents of OTL.txt:

OTL logfile created on: 1/1/2013 5:16:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Adam\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 65.56% Memory free
3.87 Gb Paging File | 2.88 Gb Available in Paging File | 74.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 103.60 Gb Total Space | 24.48 Gb Free Space | 23.63% Space Free | Partition Type: NTFS
Drive D: | 8.19 Gb Total Space | 1.74 Gb Free Space | 21.29% Space Free | Partition Type: NTFS

Computer Name: ADAM-PC | User Name: Adam | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Adam\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe (EasyTech)
PRC - C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (Autodesk, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe ()
PRC - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\WinRAR\RarExt.dll ()
MOD - C:\Program Files\Hp\QuickPlay\Kernel\common\MCEMediaStatus.dll ()


========== Services (SafeList) ==========

SRV - (McMPFSvc) -- File not found
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (EasyRedirect) -- C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe (EasyTech)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software, Inc.)
SRV - (ZuneWlanCfgSvc) -- c:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- c:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- c:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (mitsijm2012) -- C:\Program Files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe (Autodesk, Inc.)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (NVIDIA Performance Driver Service) -- C:\Program Files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)


========== Driver Services (SafeList) ==========

DRV - (Shewsvrmod) -- File not found
DRV - (mbr) -- C:\ComboFix\mbr.sys File not found
DRV - (catchme) -- C:\Users\Adam\AppData\Local\Temp\catchme.sys File not found
DRV - (aswMBR) -- C:\Users\Adam\AppData\Local\Temp\aswMBR.sys File not found
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (appliandMP) -- C:\Windows\System32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (appliand) -- C:\Windows\System32\drivers\appliand.sys (Applian Technologies Inc.)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (RsFx0150) -- C:\Windows\System32\drivers\RsFx0150.sys (Microsoft Corporation)
DRV - (HBtnKey) -- C:\Windows\System32\drivers\CPQBttn.sys (Hewlett-Packard Company)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (CnxtHdAudService) -- C:\Windows\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (dsiarhwprog) -- C:\Windows\System32\drivers\dsiarhwprog.sys (Thesycon GmbH, Germany)
DRV - (HdAudAddService) -- C:\Windows\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (Flash1) -- C:\SwSetup\sp43666\winphlash\FLASH1.sys ()
DRV - (sscdserd) -- C:\Windows\System32\drivers\sscdserd.sys (MCCI)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
DRV - (SilverLink) -- C:\Windows\System32\drivers\SilvrLnk.sys (Texas Instruments Incorporated)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{08D340BE-AF4A-4235-B84D-88B32FEF0A15}: "URL" = http://search.yahoo....ing}&fr=hp-pvnb
IE - HKLM\..\SearchScopes\{72EC8BD2-502E-4C2B-B18C-3B2374AA9BFD}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{E66D2A14-9464-48D1-BA06-178988F194AA}: "URL" = http://search.live.c...#38;FORM=HVNUS7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes,DefaultScope = {54B149CE-E7C5-4D48-A63D-A2A6A0A2929B}
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{08D340BE-AF4A-4235-B84D-88B32FEF0A15}: "URL" = http://search.yahoo....ing}&fr=hp-pvnb
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{54B149CE-E7C5-4D48-A63D-A2A6A0A2929B}: "URL" = http://www.google.co...age={startPage}
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{72EC8BD2-502E-4C2B-B18C-3B2374AA9BFD}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{E66D2A14-9464-48D1-BA06-178988F194AA}: "URL" = http://search.live.c...#38;FORM=HVNUS7
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.1879: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.1939: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.872: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Adam\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/30 14:38:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/30 11:06:10 | 000,000,000 | ---D | M]

[2012/12/30 14:39:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Extensions
[2012/12/31 09:46:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\kz3d4tij.default\extensions
[2012/12/31 09:46:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\kz3d4tij.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/12/30 11:06:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/03/24 08:41:42 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2012/03/20 19:41:53 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/02/04 17:49:18 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: HP Product Detection Plugin for Mozilla (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npProductDetectPlugin.dll
CHR - plugin: HP Active Check Plugin (Enabled) = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npAclmPlugin.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Adam\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Adblock Plus = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Google Search = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: HP Product Detection Plugin = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\
CHR - Extension: Gmail = C:\Users\Adam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012/12/31 00:08:39 | 000,000,019 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..Trusted Domains: microsoft.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {06305358-99CE-4C47-B59C-939B76856C2B} http://download.micr...6B/pmupd806.exe (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.171.3.25 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2BE45BA-DD94-4C8C-B898-5C6FDD719A40}: DhcpNameServer = 205.171.3.25 205.171.2.25
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\Adam\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Adam\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/17 18:52:54 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 15:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 09:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/01 17:14:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Adam\Desktop\OTL.exe
[2013/01/01 15:56:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/01/01 15:41:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/12/31 12:23:54 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\virus removal2
[2012/12/31 09:32:55 | 000,000,000 | ---D | C] -- C:\Users\Adam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
[2012/12/31 09:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Talk
[2012/12/30 14:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/12/30 11:09:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2012/12/30 10:53:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/12/30 10:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\AOL Toolbar
[2012/12/26 22:48:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/12/26 22:48:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/12/26 22:47:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/26 22:46:28 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/26 21:32:30 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/26 21:32:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/26 21:29:55 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/12/26 21:29:52 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/12/26 21:29:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/12/26 21:29:51 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012/12/26 21:29:51 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/12/26 21:29:49 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/12/26 21:29:49 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/12/26 21:29:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/12/26 20:50:22 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\RK_Quarantine
[2012/12/26 20:45:46 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\virus removal
[2012/12/26 20:21:58 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012/12/26 20:21:58 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012/12/26 20:21:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012/12/26 20:21:49 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012/12/26 20:21:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012/12/26 20:21:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012/12/26 20:21:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012/12/26 20:21:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012/12/26 20:21:48 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012/12/26 20:21:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012/12/26 20:21:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012/12/26 20:21:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012/12/26 20:21:47 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012/12/26 20:21:47 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012/12/26 20:21:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/12/26 20:21:46 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012/12/26 20:21:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012/12/26 20:21:46 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012/12/26 20:21:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012/12/26 20:21:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012/12/26 20:21:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012/12/26 20:21:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012/12/26 20:21:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012/12/26 20:21:44 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012/12/26 20:21:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012/12/26 20:21:44 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012/12/26 20:21:43 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012/12/26 20:21:43 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012/12/26 20:21:43 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012/12/26 20:21:42 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012/12/26 20:20:22 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/12/26 20:20:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012/12/26 20:17:40 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012/12/26 16:29:30 | 000,697,272 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/22 10:21:41 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\eh
[2012/12/16 11:06:46 | 000,000,000 | ---D | C] -- C:\Users\Adam\Desktop\rj2
[2012/12/09 17:55:46 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012/12/09 17:55:45 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012/12/09 17:53:17 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012/12/09 17:53:14 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012/12/09 17:53:13 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012/12/09 17:52:39 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/12/09 17:52:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/12/09 17:52:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/12/09 17:52:37 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/12/09 17:52:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/12/09 17:52:37 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/12/09 17:52:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/12/09 17:52:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/12/09 17:52:37 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/12/09 17:52:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/12/09 17:52:36 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/12/09 17:52:36 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/12/09 17:52:36 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/12/09 17:52:35 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/12/09 17:52:35 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/12/09 17:52:35 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/12/09 17:52:35 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/12/09 17:52:35 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/12/09 17:52:35 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/12/09 17:52:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/12/09 17:52:35 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/12/09 17:52:35 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/12/09 17:52:34 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/12/09 17:52:34 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/12/09 17:52:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/12/09 17:52:34 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/12/09 17:52:34 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/12/09 17:52:33 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/12/09 17:52:33 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/12/09 16:50:23 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012/12/09 16:50:23 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012/12/09 16:45:43 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012/12/09 16:45:43 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/12/09 16:45:33 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\synceng.dll
[2010/07/07 17:17:00 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Adam\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2013/01/01 17:17:00 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{BC52B4B3-39F7-45B7-86D7-BD87826EAED7}.job
[2013/01/01 17:14:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Adam\Desktop\OTL.exe
[2013/01/01 17:11:01 | 000,000,000 | -H-- | M] () -- C:\Users\Adam\Documents\Default.rdp
[2013/01/01 16:39:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000UA.job
[2013/01/01 15:34:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/01 11:39:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000Core.job
[2013/01/01 10:09:05 | 000,010,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/01 10:09:05 | 000,010,048 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/01 10:02:22 | 000,000,245 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2013/01/01 10:00:48 | 1559,187,456 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/31 17:22:36 | 000,737,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/31 17:22:36 | 000,150,406 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/31 16:37:23 | 000,001,091 | ---- | M] () -- C:\Users\Adam\Desktop\ComboFix - Shortcut.lnk
[2012/12/31 12:25:34 | 000,000,020 | ---- | M] () -- C:\Users\Adam\defogger_reenable
[2012/12/31 00:08:39 | 000,000,019 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/12/26 21:35:25 | 000,612,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/12/26 21:29:39 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/12/26 21:03:22 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/26 20:43:47 | 002,952,348 | ---- | M] () -- C:\Users\Adam\Desktop\malwaretips.com_blogs_remove-medfos-trojan.pdf
[2012/12/26 20:28:32 | 000,460,349 | ---- | M] () -- C:\Users\Adam\Desktop\chrome bookmarks_12_26_12.html
[2012/12/26 16:29:30 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012/12/26 16:29:30 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012/12/16 08:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012/12/16 08:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012/12/09 20:11:24 | 000,001,407 | ---- | M] () -- C:\Users\Adam\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/12/09 17:52:39 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012/12/09 17:52:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012/12/09 17:52:37 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012/12/09 17:52:37 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012/12/09 17:52:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012/12/09 17:52:37 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012/12/09 17:52:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012/12/09 17:52:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012/12/09 17:52:37 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012/12/09 17:52:37 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012/12/09 17:52:36 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012/12/09 17:52:36 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012/12/09 17:52:36 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012/12/09 17:52:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012/12/09 17:52:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012/12/09 17:52:35 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012/12/09 17:52:35 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012/12/09 17:52:35 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012/12/09 17:52:35 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012/12/09 17:52:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012/12/09 17:52:35 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012/12/09 17:52:35 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012/12/09 17:52:35 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012/12/09 17:52:34 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012/12/09 17:52:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012/12/09 17:52:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012/12/09 17:52:34 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012/12/09 17:52:34 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012/12/09 17:52:33 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012/12/09 17:52:33 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012/12/06 18:13:09 | 000,009,199 | ---- | M] () -- C:\Users\Adam\Desktop\config.dat

========== Files Created - No Company Name ==========

[2013/01/01 17:11:01 | 000,000,000 | -H-- | C] () -- C:\Users\Adam\Documents\Default.rdp
[2012/12/31 16:37:23 | 000,001,091 | ---- | C] () -- C:\Users\Adam\Desktop\ComboFix - Shortcut.lnk
[2012/12/31 12:25:15 | 000,000,020 | ---- | C] () -- C:\Users\Adam\defogger_reenable
[2012/12/26 22:48:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/12/26 22:48:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/12/26 22:48:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/12/26 22:48:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/12/26 22:48:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/12/26 21:03:22 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/26 20:43:46 | 002,952,348 | ---- | C] () -- C:\Users\Adam\Desktop\malwaretips.com_blogs_remove-medfos-trojan.pdf
[2012/12/26 20:28:31 | 000,460,349 | ---- | C] () -- C:\Users\Adam\Desktop\chrome bookmarks_12_26_12.html
[2012/12/09 17:55:53 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/12/09 17:53:13 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/12/09 17:52:35 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012/12/06 18:13:09 | 000,009,199 | ---- | C] () -- C:\Users\Adam\Desktop\config.dat
[2012/03/04 13:00:48 | 000,003,400 | ---- | C] () -- C:\Windows\System32\EasyRedirect.ini
[2012/03/04 13:00:48 | 000,002,008 | ---- | C] () -- C:\Windows\System32\EasyRedirectOff.ini
[2010/07/07 17:17:00 | 000,087,608 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\inst.exe
[2010/07/07 17:17:00 | 000,007,887 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\pcouffin.cat
[2010/07/07 17:17:00 | 000,001,144 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\pcouffin.inf
[2010/02/07 16:54:40 | 000,007,607 | ---- | C] () -- C:\Users\Adam\AppData\Local\resmon.resmoncfg
[2010/01/31 21:25:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/18 21:57:53 | 000,025,884 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\Comma Separated Values (Windows).ADR
[2009/12/15 21:59:46 | 000,008,192 | ---- | C] () -- C:\Users\Adam\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/03 16:55:28 | 000,006,074 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\PrimoPDFSet.xml
[2008/12/08 00:12:14 | 000,000,210 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\wklnhst.dat
[2007/11/05 21:52:12 | 000,029,239 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\UserTile.png
[2007/08/02 15:48:08 | 000,190,444 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\nvModes.001
[2007/08/02 15:48:07 | 000,190,444 | ---- | C] () -- C:\Users\Adam\AppData\Roaming\nvModes.dat

========== ZeroAccess Check ==========

[2009/07/13 22:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 19:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0CB6E0BD

< End of report >
  • 0

#23
gringo_pr
Posted 02 January 2013 - 12:51 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O16 - DPF: {06305358-99CE-4C47-B59C-939B76856C2B} http://download.micr...6B/pmupd806.exe (Reg Error: Key error.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx...owserPlugin.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0CB6E0BD  
IE - HKLM\..\SearchScopes\{72EC8BD2-502E-4C2B-B18C-3B2374AA9BFD}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKU\S-1-5-21-1075108771-1316508452-297016115-1000\..\SearchScopes\{72EC8BD2-502E-4C2B-B18C-3B2374AA9BFD}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
:Files
ipconfig /flushdns /c
:Commands
[PURITY]
[emptyjava]
[EMPTYFLASH]
[reboot]
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
  • 0

#24
coots
Posted 02 January 2013 - 09:50 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
The computer rebooted, but I didn't see any notepad pop up with information in it.

Shall I run it again?

EDIT:

I tried running it again, but after I click ok to reboot, and sign in, no notepad information pops up.

Edited by coots, 02 January 2013 - 10:08 PM.

  • 0

#25
gringo_pr
Posted 02 January 2013 - 10:02 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

Advertisements

#26
coots
Posted 02 January 2013 - 10:33 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
MSE is still quarantinging the trojan and java exploit every minute.

Here is what combo fix log said:

ComboFix 13-01-02.02 - Adam 01/02/2013 22:12:09.5.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1983.918 [GMT -6:00]
Running from: c:\users\Adam\Desktop\virus removal\ComboFix.exe
Command switches used :: c:\users\Adam\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-12-03 to 2013-01-03 )))))))))))))))))))))))))))))))
.
.
2013-01-03 04:24 . 2013-01-03 04:24 -------- d-----w- c:\users\msmits2003\AppData\Local\temp
2013-01-03 04:24 . 2013-01-03 04:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-03 04:24 . 2013-01-03 04:24 -------- d-----w- c:\users\coots2003\AppData\Local\temp
2013-01-03 04:24 . 2013-01-03 04:24 -------- d-----w- c:\users\Cjohns2003\AppData\Local\temp
2013-01-03 03:49 . 2013-01-03 03:49 -------- d-----w- C:\_OTL
2013-01-03 03:41 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06571AE8-7C8D-4EDB-9877-E4C48778A1E1}\mpengine.dll
2012-12-31 18:28 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-30 20:08 . 2012-12-30 20:23 -------- d-----w- c:\programdata\HitmanPro
2012-12-30 16:45 . 2012-12-30 16:48 -------- d-----w- c:\program files\AOL Toolbar
2012-12-30 16:20 . 2012-12-01 18:46 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E783EDC-20B0-4D18-8BA2-BBDCCB717998}\gapaengine.dll
2012-12-30 16:07 . 2012-12-30 16:08 -------- d-----w- c:\users\Creative Sol'ns LLC
2012-12-27 03:32 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-27 03:32 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-27 02:21 . 2012-10-04 16:43 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-27 02:20 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-27 02:20 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-27 02:17 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-12-26 22:29 . 2012-12-26 22:29 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-09 23:55 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-09 23:55 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-09 23:55 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-09 23:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-09 23:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-09 23:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-09 23:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-09 23:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-09 23:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-09 23:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-09 22:50 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-09 22:50 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-12-09 22:50 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-09 22:50 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-12-09 22:50 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-12-09 22:50 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-12-09 22:47 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-12-09 22:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-12-09 22:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-12-09 22:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-12-09 22:45 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 22:29 . 2011-10-27 16:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-01 18:46 . 2012-02-12 00:23 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-03-24 14:41 . 2012-02-08 04:09 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1246544]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Adam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-16 02:28 135664 ----atw- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2007-10-03 20:15 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2008-07-03 13:58 94208 ----a-w- c:\windows\PLFSetL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-09-01 22:47 90448 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-09-10 17:20 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 17:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
R2 McMPFSvc;McAfee Personal Firewall Service; [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 dsiarhwprog;dsiarhwprog;c:\windows\system32\Drivers\dsiarhwprog.sys [x]
R3 Flash1;Flash1;c:\swsetup\sp43666\winphlash\Flash1.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 Shewsvrmod;Shewsvrmod; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [x]
S2 EasyRedirect;EasyRedirect;c:\program files\Easy-Hide-IP\rdr\EasyRedirect.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [x]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfebopk
*Deregistered* - mferkdet
*Deregistered* - mfetdik
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000Core.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000UA.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-03 c:\windows\Tasks\User_Feed_Synchronization-{BC52B4B3-39F7-45B7-86D7-BD87826EAED7}.job
- c:\windows\system32\msfeedssync.exe [2012-12-09 23:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com
TCP: DhcpNameServer = 205.171.3.25 205.171.2.25
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\kz3d4tij.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-02 22:28:34
ComboFix-quarantined-files.txt 2013-01-03 04:28
ComboFix2.txt 2013-01-01 21:59
ComboFix3.txt 2012-12-31 22:54
ComboFix4.txt 2012-12-31 17:00
ComboFix5.txt 2013-01-03 04:10
.
Pre-Run: 25,848,500,224 bytes free
Post-Run: 25,779,986,432 bytes free
.
- - End Of File - - 9007A7BDB1CA510BA76C5794FBEB1FED

Edited by coots, 02 January 2013 - 10:38 PM.

  • 0

#27
gringo_pr
Posted 02 January 2013 - 11:12 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
can you give me the location that MSE is saying the infection is
  • 0

#28
coots
Posted 03 January 2013 - 08:15 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Here is what MSE says. I believe the locations are shown below.


Exploit:Java/CVE-2012-1723

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx


===============================

This appears 5 times in MSE:

Trojan:JS/Medfos.B

Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
  • 0

#29
gringo_pr
Posted 03 January 2013 - 08:46 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache:: 

File::
C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#30
coots
Posted 03 January 2013 - 09:41 PM

coots

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
EDIT: I have tried clicking "remove" on MSE for the trojans and java exploit from the quarantined area. I am performing a scan now.

After running combofix, MSE picked it up again. Here is what MSE says now:

The Java Exploit:
Category: Exploit

Description: This program is dangerous and exploits the computer on which it is run.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\6e4f12af-6191c1fe


Trojan Medfos:
Category: Trojan

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:
file:C:\Users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx
file:C:\Users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx


=======================

Here is the combofix report:

ComboFix 13-01-03.05 - Adam 01/03/2013 20:57:41.6.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1983.1102 [GMT -6:00]
Running from: c:\users\Adam\Desktop\virus removal\ComboFix.exe
Command switches used :: c:\users\Adam\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Adam\AppData\Local\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.83\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\21.0.1180.89\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.79\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.92\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\22.0.1229.94\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.64\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.95\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
"c:\users\Adam\AppData\Local\Google\Chrome\Application\23.0.1271.97\Extensions\e1274e81-5e4f-4df1-bfd7-8d5a90693705.crx"
.
.
((((((((((((((((((((((((( Files Created from 2012-12-04 to 2013-01-04 )))))))))))))))))))))))))))))))
.
.
2013-01-04 03:08 . 2013-01-04 03:08 -------- d-----w- c:\users\msmits2003\AppData\Local\temp
2013-01-04 03:08 . 2013-01-04 03:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-04 03:08 . 2013-01-04 03:08 -------- d-----w- c:\users\coots2003\AppData\Local\temp
2013-01-04 03:08 . 2013-01-04 03:08 -------- d-----w- c:\users\Cjohns2003\AppData\Local\temp
2013-01-03 03:49 . 2013-01-03 03:49 -------- d-----w- C:\_OTL
2013-01-03 03:41 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06571AE8-7C8D-4EDB-9877-E4C48778A1E1}\mpengine.dll
2012-12-31 18:28 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-30 20:08 . 2012-12-30 20:23 -------- d-----w- c:\programdata\HitmanPro
2012-12-30 16:45 . 2012-12-30 16:48 -------- d-----w- c:\program files\AOL Toolbar
2012-12-30 16:20 . 2012-12-01 18:46 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4E783EDC-20B0-4D18-8BA2-BBDCCB717998}\gapaengine.dll
2012-12-30 16:07 . 2012-12-30 16:08 -------- d-----w- c:\users\Creative Sol'ns LLC
2012-12-27 03:32 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-27 03:32 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-27 02:21 . 2012-10-04 16:43 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-12-27 02:20 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-27 02:20 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-27 02:17 . 2012-11-02 05:11 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-12-26 22:29 . 2012-12-26 22:29 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-09 23:55 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-09 23:55 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-09 23:55 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-09 23:53 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-09 23:53 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-09 23:53 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-09 23:53 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-09 23:53 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-09 23:53 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-09 23:53 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-09 22:50 . 2012-06-02 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-12-09 22:50 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-12-09 22:50 . 2012-06-02 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-12-09 22:50 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-12-09 22:50 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-12-09 22:50 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-12-09 22:47 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-12-09 22:45 . 2012-08-22 17:16 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-12-09 22:45 . 2012-08-22 17:16 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-12-09 22:45 . 2012-08-22 17:16 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-12-09 22:45 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-26 22:29 . 2011-10-27 16:21 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-01 18:46 . 2012-02-12 00:23 740840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-03-24 14:41 . 2012-02-08 04:09 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-06 13605408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-06 92704]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1246544]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Adam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-01-16 02:28 135664 ----atw- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2007-10-03 20:15 480560 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL]
2008-07-03 13:58 94208 ----a-w- c:\windows\PLFSetL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RIMBBLaunchAgent.exe]
2011-09-01 22:47 90448 ----a-w- c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-09-10 17:20 180269 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 15:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 17:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
R2 McMPFSvc;McAfee Personal Firewall Service; [x]
R3 appliand;Applian Network Service;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 dsiarhwprog;dsiarhwprog;c:\windows\system32\Drivers\dsiarhwprog.sys [x]
R3 Flash1;Flash1;c:\swsetup\sp43666\winphlash\Flash1.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [x]
R3 Shewsvrmod;Shewsvrmod; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SHIPWORKS;SQL Server Agent (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\SQLAGENT.EXE [x]
S2 EasyRedirect;EasyRedirect;c:\program files\Easy-Hide-IP\rdr\EasyRedirect.exe [x]
S2 mitsijm2012;Autodesk Moldflow Inventor Tool Suite Integration 2012 Job Manager;c:\program files\Autodesk\Inventor 2012\Moldflow\bin\mitsijm.exe [x]
S2 MSSQL$SHIPWORKS;SQL Server (SHIPWORKS);c:\program files\Microsoft SQL Server\MSSQL10_50.SHIPWORKS\MSSQL\Binn\sqlservr.exe [x]
S2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [x]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeapfk
*Deregistered* - mfeavfk
*Deregistered* - mfebopk
*Deregistered* - mferkdet
*Deregistered* - mfetdik
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000Core.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1075108771-1316508452-297016115-1000UA.job
- c:\users\Adam\AppData\Local\Google\Update\GoogleUpdate.exe [2010-01-16 02:28]
.
2013-01-04 c:\windows\Tasks\User_Feed_Synchronization-{BC52B4B3-39F7-45B7-86D7-BD87826EAED7}.job
- c:\windows\system32\msfeedssync.exe [2012-12-09 23:52]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com
TCP: DhcpNameServer = 205.171.3.25 205.171.2.25
FF - ProfilePath - c:\users\Adam\AppData\Roaming\Mozilla\Firefox\Profiles\kz3d4tij.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-01-03 21:12:46
ComboFix-quarantined-files.txt 2013-01-04 03:12
ComboFix2.txt 2013-01-03 04:28
ComboFix3.txt 2013-01-01 21:59
ComboFix4.txt 2012-12-31 22:54
ComboFix5.txt 2013-01-04 02:56
.
Pre-Run: 25,624,350,720 bytes free
Post-Run: 25,551,872,000 bytes free
.
- - End Of File - - E061B1ED9B2655C8C010059EDFBE7A2A

Edited by coots, 03 January 2013 - 09:49 PM.

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP