Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need Malware removed from computer [Solved]


  • This topic is locked This topic is locked

#1
Beshoff

Beshoff

    Member

  • Member
  • PipPip
  • 31 posts
Could somebody kindly help with the removal of a virus i believe is using up my disc space. I have twice removed a number of MP3 files to free up 4gb then a further 6gb but it reduces back to zero after a couple of days. Each time i check the C:drive I have lost further space. I also had some for off browser redirect and had difficulty accessing https sites but I may have resolved them for the moment as those issues have gone for now.

Thanks
  • 0

Advertisements


#2
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello Beshoff and welcome to my office here at G2G! :)

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Go Here and download JDiskReport
Install and run it to scan the C: drive.
When the Pie chart comes up, Click on View in the top menu and choose Copy To Clipboard

Open a reply here and paste (Ctrl+V) the results.

Step 2


Download OTL to your Desktop

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    services.exe
    /md5stop
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them here for me.

Step 3

Download GMER from Here. Note the file\'s name and save it to your root folder, such as C:.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

Step 4

Please don't forget to include these items in your reply:

  • JDiskReport log
  • OTL log
  • OTL Extras log
  • GMER log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#3
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Please help - I have a number of ongoing issues with my laptop that I just cant seem to get rid of . Also since downloading the OTL link I have malware which keeps opening Internet Explorer and opening multiple redirect tabs such as goclicker. However my main browser is Mozilla Firefox and I recently reinstalled it and it seems to be fine. Malware also appears to prevent me from starting Windows Firewall. I have attached an OTL log - please could you take a look and guide me through the next steps. Your help would be greatly appreciated.

My main problem which I would like resolved is whatever appears to be eating up my hard drive space. My hard drive became completely full so I removed 6GB of MP3s. Within 5 days i was down to 1GB but I have not saved anything new. I have also cleaned out cookies and temporary internet files and this is not the cause.



OTL logfile created on: 07/01/2013 00:56:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Naz\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1.99 Gb Total Physical Memory | 0.61 Gb Available Physical Memory | 30.42% Memory free
4.21 Gb Paging File | 2.64 Gb Available in Paging File | 62.86% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.46 Gb Total Space | 1.45 Gb Free Space | 1.06% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.73 Gb Free Space | 57.26% Space Free | Partition Type: NTFS
Drive E: | 3.30 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 465.65 Gb Total Space | 264.39 Gb Free Space | 56.78% Space Free | Partition Type: FAT32

Computer Name: CHOCO | User Name: Naz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/07 00:56:22 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Naz\Downloads\OTL.exe
PRC - [2013/01/04 00:03:11 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe
PRC - [2012/11/29 08:27:34 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/05 15:57:26 | 000,271,808 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
PRC - [2009/11/12 21:10:27 | 000,323,392 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Naz\Program Files\DNA\btdna.exe
PRC - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007/12/08 04:35:02 | 000,471,040 | ---- | M] () -- C:\Program Files\MouseDriver\OfficeMouse.exe
PRC - [2007/11/12 11:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 11:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/11/01 15:39:28 | 000,189,736 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/09/07 16:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/07 06:50:02 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 06:49:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 06:49:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/07 06:49:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/08/28 05:51:42 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM02Mon.exe
PRC - [2007/08/24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/08/15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/08/03 22:33:14 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/07/25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/07/24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/07/13 14:14:56 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/01/15 12:23:48 | 000,344,064 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
PRC - [2006/11/05 11:22:16 | 000,221,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2006/11/05 10:55:48 | 000,010,752 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe


========== Modules (No Company Name) ==========

MOD - [2013/01/04 00:03:11 | 014,586,296 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_135.dll
MOD - [2012/11/29 08:27:37 | 002,397,152 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/10/14 12:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 12:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2007/12/15 03:54:06 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007/12/08 04:35:02 | 000,471,040 | ---- | M] () -- C:\Program Files\MouseDriver\OfficeMouse.exe
MOD - [2007/11/22 01:37:24 | 000,073,728 | ---- | M] () -- C:\Program Files\MouseDriver\dllset.dll
MOD - [2006/11/05 10:58:44 | 000,516,096 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
MOD - [2006/11/05 10:28:18 | 004,587,520 | R--- | M] () -- C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper.dll -- (getPlusHelper)
SRV - [2013/01/04 00:33:22 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/05 03:12:13 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/05 15:56:44 | 000,234,776 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe -- (McComponentHostService)
SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009/10/07 00:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/09/08 07:59:00 | 000,575,488 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/01/26 18:34:38 | 000,265,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/25 00:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/09 15:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007/11/12 11:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 11:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/08/24 04:00:40 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\msksrver.exe -- (MSK80Service)
SRV - [2007/08/15 12:36:04 | 000,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/07/25 03:16:16 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/07/25 01:41:52 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/07/24 12:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 15:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MpfSrv.exe -- (MpfService)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/03/06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\snp2sxp.sys -- (SNP2STD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jubusenum.sys -- (huawei_enumerator)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_jucdcacm.sys -- (huawei_cdcacm)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Naz\AppData\Local\Temp\catchmeuqmi.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 10:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 06:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mcvidrv.sys -- (ManyCam)
DRV - [2009/10/07 08:49:38 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 00:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/08/26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/06/06 09:24:44 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2008/05/07 07:38:36 | 000,008,064 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2008/05/07 07:38:20 | 000,020,864 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2008/05/07 07:38:20 | 000,017,536 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2007/12/15 03:54:26 | 000,111,104 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2007/11/12 11:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/10/10 17:03:00 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/09/26 08:12:00 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/09/07 06:49:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/06 16:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 16:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 16:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/08/28 05:51:44 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/07/24 12:02:36 | 000,033,800 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/07/24 07:40:36 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/07/21 09:08:24 | 000,201,288 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/07/21 09:08:24 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/07/21 09:08:24 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/07/13 09:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2006/11/02 09:15:23 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2006/11/02 08:55:05 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2006/11/02 07:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 07:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006/08/05 00:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=4080126
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=uk&ibd=4080126
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7DKUK_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Naz\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/22 23:21:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/03/24 17:36:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.20\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: C:\Program Files\DAP\DAPFireFox [2008/03/24 14:17:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Naz\Program Files\DNA [2013/01/07 00:51:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8590193E-106F-4FFF-9510-9D8E4C6A8BCF}: C:\Users\Naz\AppData\Local\{8590193E-106F-4FFF-9510-9D8E4C6A8BCF} [2010/10/10 21:06:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{461B109D-01C7-11E2-8271-B8AC6F996F26}: C:\Users\Naz\AppData\Local\{461B109D-01C7-11E2-8271-B8AC6F996F26}\ [2012/09/18 19:30:16 | 000,000,000 | ---D | M]

[2010/12/13 12:19:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naz\AppData\Roaming\Mozilla\Extensions
[2010/12/13 12:19:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Naz\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/12/22 23:21:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/11/29 08:27:51 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/11/29 08:27:12 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/29 08:27:12 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 (Enabled) = C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Ask Toolbar = C:\Users\Naz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodnbkkemkkaekocofmphoadofkdh\7.15.4.0_0\

O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\McApBHO.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [iWareV3] C:\Program Files\MouseDriver\OfficeMouse.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSConfig] C:\Windows\System32\msconfig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKCU..\Run: [AC3Filter] C:\Users\Naz\AppData\Local\AC3Filter\ijkedlbg.dll (Macrovision Corporation)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Naz\Program Files\DNA\btdna.exe (BitTorrent, Inc.)
O4 - Startup: C:\Users\Naz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: barclays.co.uk ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: barclaysstockbrokers.co.uk ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: facebook.com ([en-gb] https in Trusted sites)
O15 - HKCU\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: hmv.co.uk ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hmv.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: hmv.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: isvinternet.com ([fastpath] http in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.168.4.100 194.168.8.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{188A94CA-A483-4C5F-B246-DEB4B9BB4137}: NameServer = 149.254.230.7 149.254.192.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB3A0FEB-D7F8-4FF8-9BC4-53068FF3D69A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E57CB14D-F012-403B-9D0C-65FE823ADBEC}: DhcpNameServer = 194.168.4.100 194.168.8.100
O18 - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_01.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\inspiron_NB_1280x864_01.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/11/17 18:15:24 | 000,000,069 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{0c5b13fb-7c9d-11df-9f1c-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{0c5b13fb-7c9d-11df-9f1c-001d09369ad7}\Shell\AutoRun\command - "" = G:\DTVP_Launcher.exe
O33 - MountPoints2\{3b4da5ea-efac-11dc-a28c-001d09369ad7}\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O33 - MountPoints2\{50ba0e19-d2ef-11e0-add2-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{50ba0e19-d2ef-11e0-add2-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{50ba0e32-d2ef-11e0-add2-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{50ba0e32-d2ef-11e0-add2-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{50ba0e6b-d2ef-11e0-add2-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{50ba0e6b-d2ef-11e0-add2-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{50ba0efc-d2ef-11e0-add2-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{50ba0efc-d2ef-11e0-add2-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6193ebf3-dbbb-11e0-9b83-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{6193ebf3-dbbb-11e0-9b83-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{a2dcff7c-13bd-11e0-ba97-001d09369ad7}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{b8378a2d-e955-11e0-bc29-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{b8378a2d-e955-11e0-bc29-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cff9f877-e3c6-11e0-b88c-001d09369ad7}\Shell - "" = AutoRun
O33 - MountPoints2\{cff9f877-e3c6-11e0-b88c-001d09369ad7}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = wd_windows_tools\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/07 00:45:39 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013/01/04 00:04:18 | 000,000,000 | ---D | C] -- C:\Users\Naz\AppData\Local\Macromedia
[2013/01/04 00:03:21 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee Security Scan
[2013/01/04 00:03:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
[2013/01/04 00:03:15 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2013/01/02 01:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/01/02 01:37:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/01/02 01:37:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/01/02 01:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2013/01/01 23:22:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012/12/30 20:56:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012/12/30 11:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/12/30 11:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/12/29 00:43:05 | 000,000,000 | ---D | C] -- C:\Users\Naz\AppData\Roaming\JAM Software
[2012/12/28 23:38:08 | 000,000,000 | ---D | C] -- C:\Program Files\Yontoo
[2012/12/28 23:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012/12/28 22:19:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/28 22:18:55 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/12/28 22:18:40 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2012/12/27 18:16:43 | 000,000,000 | ---D | C] -- C:\Users\Naz\Desktop\Old Firefox Data
[2012/12/22 23:00:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Real
[2012/12/16 01:00:42 | 000,000,000 | ---D | C] -- C:\Windows\pss
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/07 00:51:09 | 000,034,043 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2013/01/07 00:50:45 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/07 00:50:38 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/01/07 00:50:37 | 000,003,856 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/01/07 00:50:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/01/07 00:33:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/07 00:27:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/06 18:14:50 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013/01/05 14:25:02 | 000,000,577 | ---- | M] () -- C:\Users\Naz\Desktop\Poker 2013 - Shortcut.lnk
[2013/01/05 14:24:43 | 000,000,577 | ---- | M] () -- C:\Users\Naz\Documents\Poker 2013 - Shortcut.lnk
[2013/01/04 00:33:14 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/01/04 00:33:14 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/01/04 00:03:18 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/01/04 00:03:18 | 000,001,949 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/01/02 01:39:46 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/30 15:50:34 | 000,631,506 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/12/30 15:50:34 | 000,111,820 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/12/30 11:07:17 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/30 11:06:13 | 000,000,127 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2012/12/30 11:03:40 | 000,006,530 | ---- | M] () -- C:\Users\Naz\AppData\Local\chromeupdate.crx
[2012/12/28 23:51:31 | 000,001,944 | ---- | M] () -- C:\Users\Naz\Desktop\HiJackThis.lnk
[2012/12/27 17:20:59 | 000,006,324 | ---- | M] () -- C:\Users\Naz\AppData\Local\d3d9caps.dat
[2012/12/22 23:21:29 | 000,000,832 | ---- | M] () -- C:\Users\Naz\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/12/22 23:21:29 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/12/18 22:25:49 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/12/18 18:56:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs
[2012/12/15 14:41:27 | 000,176,128 | -H-- | M] () -- C:\Users\Naz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/05 14:25:02 | 000,000,577 | ---- | C] () -- C:\Users\Naz\Desktop\Poker 2013 - Shortcut.lnk
[2013/01/05 14:24:43 | 000,000,577 | ---- | C] () -- C:\Users\Naz\Documents\Poker 2013 - Shortcut.lnk
[2013/01/04 00:03:18 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2013/01/04 00:03:18 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2013/01/04 00:03:12 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/01/02 01:39:46 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/12/30 11:07:17 | 000,001,878 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/12/28 23:51:31 | 000,001,944 | ---- | C] () -- C:\Users\Naz\Desktop\HiJackThis.lnk
[2012/12/28 23:47:26 | 000,006,530 | ---- | C] () -- C:\Users\Naz\AppData\Local\chromeupdate.crx
[2012/10/15 21:06:40 | 000,347,417 | ---- | C] () -- C:\Users\Naz\AppData\Local\census.cache
[2012/10/15 21:06:10 | 000,278,091 | ---- | C] () -- C:\Users\Naz\AppData\Local\ars.cache
[2012/10/15 20:45:36 | 000,000,036 | ---- | C] () -- C:\Users\Naz\AppData\Local\housecall.guid.cache
[2012/07/12 17:22:44 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2011/11/15 20:03:16 | 000,002,194 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011/08/26 11:50:34 | 000,000,000 | -H-- | C] () -- C:\Users\Naz\AppData\Local\{2AA2560F-14B8-4C68-8B39-9ADF37C26CEA}
[2011/06/23 13:53:29 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\Converter_sysquict.dat
[2011/06/23 13:52:47 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2011/03/29 21:24:12 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/10/07 22:59:50 | 000,000,008 | ---- | C] () -- C:\Users\Naz\AppData\Roaming\pnmfzy.dat
[2010/10/07 22:50:06 | 000,000,000 | -H-- | C] () -- C:\Users\Naz\AppData\Local\Usawipenoxoke.bin
[2010/10/07 22:50:05 | 000,000,120 | -H-- | C] () -- C:\Users\Naz\AppData\Local\Xgawapu.dat
[2010/08/20 15:39:31 | 000,000,154 | ---- | C] () -- C:\Users\Naz\AppData\Roaming\wklnhst.dat
[2010/03/04 17:26:42 | 000,103,784 | -H-- | C] () -- C:\Users\Naz\GoToAssistDownloadHelper.exe
[2008/02/17 19:50:55 | 000,006,324 | ---- | C] () -- C:\Users\Naz\AppData\Local\d3d9caps.dat
[2008/02/01 19:08:03 | 000,176,128 | -H-- | C] () -- C:\Users\Naz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2012/12/28 23:19:53 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\L
[2012/12/28 23:39:19 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U
[2012/12/28 22:23:56 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\L\[email protected]
[2012/12/28 22:23:57 | 000,096,256 | ---- | M] () -- C:\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected]
[2006/11/02 09:47:26 | 000,000,000 | ---D | M] -- C:\Users\Naz\AppData\Local\{1e52d328-0a59-e7e0-c310-445c04e55c20}\L
[2006/11/02 09:47:26 | 000,000,000 | ---D | M] -- C:\Users\Naz\AppData\Local\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U
[2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2008/11/06 12:57:06 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 04:16:12 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 09:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\My Documents:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\My Completed Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\My Chat Logs:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\Housing Forms:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Naz\Documents\Dell Webcam Center:Roxio EMC Stream
@Alternate Data Stream - 150 bytes -> C:\ProgramData\TEMP:CB0AACC9
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:0F8F5844
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:CD060F93

< End of report >
  • 0

#4
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Beshoff,

First of all...

You started two topics in Help forum and topic in Waiting room. After you start one topic you must wait for reply.

Now that we solve this let try to clean your system from this malware.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 2

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply

Step 3

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.

Step 4

Please don't forget to include these items in your reply:

  • TDSSKiller log
  • Combofix log
  • OTL scan log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#5
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Im confused now - last night when I checked back on this forum I had a response from another person whose location was Cornwall. They asked me to copy some text into OTL and do a custom fix then paste back that log.

Can we start again because there is now a different set of procedures listed above that I have been asked to follow.

Also I am new to the forum - my original post had no response so I posted in waiting room. Then I was asked to go through some standard procedures and if that did not help then post an OTL log as a new post in the Malware removal forum. This is where we are now and in essence any previous posts relate to the same problem.

Shall I start again going through the procedures from your latest post then?
  • 0

#6
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Beshoff,

You made some problems with opening two topics at the same time. We sort that out and I'm now responsible for you. Please follow my instruction from now on and post results only in this topic.
  • 0

#7
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
J Disk Report Log - Step 1 Results

Size details for C:\

Name File Size Files % of Parent % of Total
C:\ 115,394,777 236,395 100.0% 100.0%
Users 81,706,180 73,294 70.8% 70.8%
Windows 23,321,277 108,079 20.2% 20.2%
Program Files 7,329,362 47,225 6.4% 6.4%
ProgramData 1,389,716 3,937 1.2% 1.2%
Temp 809,557 497 0.7% 0.7%
SmartSound Software 382,534 26 0.3% 0.3%
Poker 203,011 1,847 0.2% 0.2%
DELL 101,427 116 0.1% 0.1%
Drivers 76,861 357 0.1% 0.1%
$Recycle.Bin 18,765 4 0.0% 0.0%
32788R22FWJFW 14,465 237 0.0% 0.0%
Boot 13,872 35 0.0% 0.0%
doctemp 13,624 687 0.0% 0.0%
sh4ldr 7,861 3 0.0% 0.0%
Documents and Settings 3,225 1 0.0% 0.0%
_OTL 1,790 14 0.0% 0.0%
Files in this directory 636 13 0.0% 0.0%
Qoobox 343 13 0.0% 0.0%
TDSSKiller_Quarantine 281 8 0.0% 0.0%
assembly 1 1 0.0% 0.0%
LogiShrd 1 1 0.0% 0.0%
Intel 0 0 0.0% 0.0%
output media 0 0 0.0% 0.0%

Thanks Maliprog - more to follow shortly
  • 0

#8
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
The OTL scan went on for 3 hours and then stopped responding at the point where it says - Manual File Scan - Getting Folder Structure....Is there something else we can do
  • 0

#9
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Can you please post logs from TDSSKiller and Combofix then. We will try OTL scan later again.
  • 0

#10
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
TDSS Log attached - Firefox Browser now not working - None of the treats showed the option to cure so left as skip -Will post a Combofix shortly



17:58:37.0563 3712 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:58:38.0780 3712 ============================================================
17:58:38.0780 3712 Current date / time: 2013/01/11 17:58:38.0780
17:58:38.0780 3712 SystemInfo:
17:58:38.0780 3712
17:58:38.0780 3712 OS Version: 6.0.6000 ServicePack: 0.0
17:58:38.0780 3712 Product type: Workstation
17:58:38.0780 3712 ComputerName: CHOCO
17:58:38.0780 3712 UserName: Naz
17:58:38.0780 3712 Windows directory: C:\Windows
17:58:38.0780 3712 System windows directory: C:\Windows
17:58:38.0780 3712 Processor architecture: Intel x86
17:58:38.0780 3712 Number of processors: 2
17:58:38.0780 3712 Page size: 0x1000
17:58:38.0780 3712 Boot type: Normal boot
17:58:38.0780 3712 ============================================================
17:58:39.0825 3712 BG loaded
17:58:41.0585 3712 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:58:41.0588 3712 ============================================================
17:58:41.0588 3712 \Device\Harddisk0\DR0:
17:58:41.0588 3712 MBR partitions:
17:58:41.0588 3712 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x1400000
17:58:41.0588 3712 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x142F800, BlocksNum 0x110E9800
17:58:42.0259 3712 ============================================================
17:58:42.0430 3712 C: <-> \Device\Harddisk0\DR0\Partition2
17:58:42.0757 3712 D: <-> \Device\Harddisk0\DR0\Partition1
17:58:42.0757 3712 ============================================================
17:58:42.0757 3712 Initialize success
17:58:42.0757 3712 ============================================================
17:59:48.0374 4804 ============================================================
17:59:48.0374 4804 Scan started
17:59:48.0374 4804 Mode: Manual; SigCheck; TDLFS;
17:59:48.0374 4804 ============================================================
17:59:49.0655 4804 ================ Scan system memory ========================
17:59:49.0655 4804 System memory - ok
17:59:49.0659 4804 ================ Scan services =============================
17:59:50.0002 4804 [ 84FC6DF81212D16BE5C4F441682FECCC ] ACPI C:\Windows\system32\drivers\acpi.sys
17:59:50.0131 4804 ACPI - ok
17:59:52.0333 4804 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:59:52.0662 4804 AdobeFlashPlayerUpdateSvc - ok
17:59:52.0811 4804 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:59:53.0074 4804 adp94xx - ok
17:59:53.0101 4804 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:59:53.0190 4804 adpahci - ok
17:59:53.0304 4804 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:59:53.0374 4804 adpu160m - ok
17:59:53.0486 4804 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:59:53.0574 4804 adpu320 - ok
17:59:53.0641 4804 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:59:53.0999 4804 AeLookupSvc - ok
17:59:54.0041 4804 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\system32\aestsrv.exe
17:59:54.0265 4804 AESTFilters - ok
17:59:54.0337 4804 [ 5D24CAF8EFD924A875698FF28384DB8B ] AFD C:\Windows\system32\drivers\afd.sys
17:59:54.0524 4804 AFD - ok
17:59:54.0635 4804 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:59:58.0982 4804 agp440 - ok
17:59:59.0057 4804 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:59:59.0128 4804 aic78xx - ok
17:59:59.0155 4804 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] ALG C:\Windows\System32\alg.exe
17:59:59.0500 4804 ALG - ok
17:59:59.0551 4804 [ DC67A153FDB8105B25D05334B5E1D8E2 ] aliide C:\Windows\system32\drivers\aliide.sys
17:59:59.0614 4804 aliide - ok
17:59:59.0660 4804 [ 848F27E5B27C1C253F6CEFDC1A5D8F21 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:59:59.0702 4804 amdagp - ok
17:59:59.0756 4804 [ 835C4C3355088298A5EBD818FA31430F ] amdide C:\Windows\system32\drivers\amdide.sys
17:59:59.0819 4804 amdide - ok
17:59:59.0847 4804 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:59:59.0925 4804 AmdK7 - ok
18:00:00.0037 4804 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:00:00.0238 4804 AmdK8 - ok
18:00:00.0283 4804 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:00:00.0396 4804 ApfiltrService - ok
18:00:00.0488 4804 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] Appinfo C:\Windows\System32\appinfo.dll
18:00:00.0609 4804 Appinfo - ok
18:00:00.0823 4804 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:00:00.0888 4804 Apple Mobile Device - ok
18:00:00.0986 4804 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
18:00:01.0097 4804 arc - ok
18:00:01.0214 4804 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:00:01.0326 4804 arcsas - ok
18:00:01.0398 4804 [ E86CF7CE67D5DE898F27EF884DC357D8 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:00:01.0574 4804 AsyncMac - ok
18:00:01.0644 4804 [ E03E8C99D15D0381E02743C36AFC7C6F ] atapi C:\Windows\system32\drivers\atapi.sys
18:00:01.0706 4804 atapi - ok
18:00:01.0751 4804 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:00:01.0845 4804 AudioEndpointBuilder - ok
18:00:01.0873 4804 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:00:01.0929 4804 Audiosrv - ok
18:00:02.0006 4804 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] Beep C:\Windows\system32\drivers\Beep.sys
18:00:02.0156 4804 Beep - ok
18:00:02.0286 4804 [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] BFE C:\Windows\System32\bfe.dll
18:00:02.0442 4804 BFE - ok
18:00:02.0531 4804 [ DA551697E34D2B9943C8B1C8EAFFE89A ] BITS C:\Windows\System32\qmgr.dll
18:00:02.0633 4804 BITS - ok
18:00:02.0640 4804 blbdrive - ok
18:00:02.0769 4804 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:00:02.0836 4804 Bonjour Service - ok
18:00:02.0948 4804 [ 913CD06FBE9105CE6077E90FD4418561 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:00:03.0087 4804 bowser - ok
18:00:03.0210 4804 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:00:03.0421 4804 BrFiltLo - ok
18:00:03.0450 4804 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:00:03.0626 4804 BrFiltUp - ok
18:00:03.0685 4804 [ BEB6470532B7461D7BB426E3FACB424F ] Browser C:\Windows\System32\browser.dll
18:00:03.0813 4804 Browser - ok
18:00:03.0854 4804 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:00:03.0962 4804 Brserid - ok
18:00:04.0008 4804 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:00:04.0129 4804 BrSerWdm - ok
18:00:04.0182 4804 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:00:04.0362 4804 BrUsbMdm - ok
18:00:04.0414 4804 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:00:04.0610 4804 BrUsbSer - ok
18:00:04.0655 4804 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:00:04.0825 4804 BTHMODEM - ok
18:00:04.0912 4804 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll
18:00:04.0990 4804 BthServ - ok
18:00:05.0104 4804 [ 1778EBA872274C1226D869CD9486847E ] Capture Device Service C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
18:00:05.0188 4804 Capture Device Service - ok
18:00:05.0358 4804 catchme - ok
18:00:05.0406 4804 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:00:05.0508 4804 cdfs - ok
18:00:05.0678 4804 [ 8D1866E61AF096AE8B582454F5E4D303 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:00:05.0856 4804 cdrom - ok
18:00:06.0074 4804 [ 0600E04315FE543802A379D5D23C8BE0 ] CertPropSvc C:\Windows\System32\certprop.dll
18:00:06.0251 4804 CertPropSvc - ok
18:00:06.0296 4804 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
18:00:06.0413 4804 circlass - ok
18:00:06.0656 4804 [ 1B84FD0937D3B99AF9BA38DDFF3DAF54 ] CLFS C:\Windows\system32\CLFS.sys
18:00:06.0701 4804 CLFS - ok
18:00:06.0872 4804 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:00:06.0953 4804 clr_optimization_v2.0.50727_32 - ok
18:00:07.0026 4804 [ ED97AD3DF1B9005989EAF149BF06C821 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:00:07.0151 4804 CmBatt - ok
18:00:07.0242 4804 [ E79CBB2195E965F6E3256E2C1B23FD1C ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:00:07.0552 4804 cmdide - ok
18:00:07.0575 4804 [ 722936AFB75A7F509662B69B5632F48A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:00:07.0614 4804 Compbatt - ok
18:00:07.0682 4804 COMSysApp - ok
18:00:07.0751 4804 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:00:07.0789 4804 crcdisk - ok
18:00:07.0904 4804 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:00:08.0203 4804 Crusoe - ok
18:00:08.0282 4804 [ 1C26FB097170A2A91066D1E3A24366E3 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:00:08.0335 4804 CryptSvc - ok
18:00:08.0398 4804 [ 7B981222A257D076885BFFB66F19B7CE ] DcomLaunch C:\Windows\system32\rpcss.dll
18:00:08.0482 4804 DcomLaunch - ok
18:00:08.0543 4804 [ A7179DE59AE269AB70345527894CCD7C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:00:08.0946 4804 DfsC - ok
18:00:09.0124 4804 [ E0D584AA76C7D845BA9F3A788260528F ] DFSR C:\Windows\system32\DFSR.exe
18:00:09.0428 4804 DFSR - ok
18:00:09.0476 4804 [ DC45739BC22D528D2B3E50D3F6761750 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:00:09.0587 4804 Dhcp - ok
18:00:09.0607 4804 [ 841AF4C4D41D3E3B2F244E976B0F7963 ] disk C:\Windows\system32\drivers\disk.sys
18:00:09.0673 4804 disk - ok
18:00:09.0722 4804 [ EECBA1DD142BF8693C476BE8F32FE253 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:00:09.0949 4804 Dnscache - ok
18:00:10.0002 4804 [ BE3D1E84378DE1F4C448FD59541581E9 ] dot3svc C:\Windows\System32\dot3svc.dll
18:00:10.0093 4804 dot3svc - ok
18:00:10.0204 4804 [ 57B2D433A08B95E4F1B53A919937F3E5 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:00:10.0312 4804 Dot4 - ok
18:00:10.0404 4804 [ D93FA484BB62FBE7E5EF335C5415D3CF ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:00:10.0524 4804 Dot4Print - ok
18:00:10.0594 4804 [ 599742C4260FB3E8EDB3BE148B8CE856 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:00:10.0735 4804 dot4usb - ok
18:00:10.0789 4804 [ 032C90AD677BF7B7A8013D6087C7A921 ] DPS C:\Windows\system32\dps.dll
18:00:10.0886 4804 DPS - ok
18:00:10.0947 4804 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:00:11.0087 4804 drmkaud - ok
18:00:11.0155 4804 [ B95202EFD0464D226E7542C1E319C028 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:00:11.0389 4804 DXGKrnl - ok
18:00:11.0442 4804 [ 7505290504C8E2D172FA378CC0497BCC ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
18:00:11.0601 4804 e1express - ok
18:00:11.0680 4804 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:00:11.0851 4804 E1G60 - ok
18:00:11.0880 4804 [ 90A0A875642E18618010645311B4E89E ] EapHost C:\Windows\System32\eapsvc.dll
18:00:11.0990 4804 EapHost - ok
18:00:12.0079 4804 [ 0EFC7531B936EE57FDB4E837664C509F ] Ecache C:\Windows\system32\drivers\ecache.sys
18:00:12.0148 4804 Ecache - ok
18:00:12.0273 4804 [ 8EA277BDA2730C9B34ADD67CDD593D64 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:00:12.0414 4804 ehRecvr - ok
18:00:12.0480 4804 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:00:12.0634 4804 ehSched - ok
18:00:12.0650 4804 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:00:12.0682 4804 ehstart - ok
18:00:12.0776 4804 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:00:12.0861 4804 elxstor - ok
18:00:12.0990 4804 [ 3226FDA08988526E819E364E8CCE4CEE ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:00:13.0102 4804 EMDMgmt - ok
18:00:13.0192 4804 [ 7B4971C3D43525175A4EA0D143E0412E ] EventSystem C:\Windows\system32\es.dll
18:00:13.0239 4804 EventSystem - ok
18:00:13.0248 4804 ew_hwusbdev - ok
18:00:13.0303 4804 [ 84A317CB0B3954D3768CDCD018DBF670 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:00:13.0385 4804 fastfat - ok
18:00:13.0427 4804 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:00:13.0526 4804 fdc - ok
18:00:13.0571 4804 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] fdPHost C:\Windows\system32\fdPHost.dll
18:00:13.0666 4804 fdPHost - ok
18:00:14.0075 4804 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:00:14.0190 4804 FDResPub - ok
18:00:14.0398 4804 [ 65773D6115C037FFD7EF8280AE85EB9D ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:00:14.0463 4804 FileInfo - ok
18:00:14.0532 4804 [ C226DD0DE060745F3E042F58DCF78402 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:00:14.0654 4804 Filetrace - ok
18:00:14.0696 4804 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:00:14.0776 4804 flpydisk - ok
18:00:14.0832 4804 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:00:14.0881 4804 FltMgr - ok
18:00:15.0082 4804 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:00:15.0135 4804 FontCache3.0.0.0 - ok
18:00:15.0202 4804 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:00:15.0268 4804 fssfltr - ok
18:00:15.0587 4804 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
18:00:15.0669 4804 fsssvc - ok
18:00:15.0725 4804 [ 66A078591208BAA210C7634B11EB392C ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:00:15.0835 4804 Fs_Rec - ok
18:00:15.0942 4804 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:00:15.0982 4804 gagp30kx - ok
18:00:16.0122 4804 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
18:00:16.0161 4804 GEARAspiWDM - ok
18:00:16.0166 4804 getPlusHelper - ok
18:00:16.0242 4804 [ BCF6589C42D8F6A20F33EF133FFE0524 ] gpsvc C:\Windows\System32\gpsvc.dll
18:00:16.0355 4804 gpsvc - ok
18:00:16.0571 4804 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1ca267440309cf0 C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:16.0615 4804 gupdate1ca267440309cf0 - ok
18:00:16.0637 4804 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:00:16.0646 4804 gupdatem - ok
18:00:16.0919 4804 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:00:16.0987 4804 gusvc - ok
18:00:17.0040 4804 [ 0DB613A7E427B5663563677796FD5258 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:00:17.0152 4804 HDAudBus - ok
18:00:17.0198 4804 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:00:17.0362 4804 HidBth - ok
18:00:17.0389 4804 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:00:17.0538 4804 HidIr - ok
18:00:17.0633 4804 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll
18:00:17.0738 4804 hidserv - ok
18:00:17.0791 4804 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:00:17.0963 4804 HidUsb - ok
18:00:18.0015 4804 [ D40AA05E29BF6ED29B139F044B461E9B ] hkmsvc C:\Windows\system32\kmsvc.dll
18:00:18.0143 4804 hkmsvc - ok
18:00:18.0208 4804 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:00:18.0282 4804 HpCISSs - ok
18:00:18.0481 4804 [ FCB563B0A23643E5F80B6FF1E60F610F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:00:18.0490 4804 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
18:00:18.0490 4804 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
18:00:18.0531 4804 [ 25E443E27165C652723A92D9BDFD4649 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:00:18.0541 4804 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
18:00:18.0541 4804 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
18:00:18.0635 4804 [ E9E589C9AB799F52E18F057635A2B362 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:00:18.0778 4804 HSF_DPV - ok
18:00:18.0875 4804 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:00:18.0982 4804 HSXHWAZL - ok
18:00:19.0108 4804 [ EA24FE637D974A8A31BC650F478E3533 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:00:19.0208 4804 HTTP - ok
18:00:19.0214 4804 huawei_cdcacm - ok
18:00:19.0224 4804 huawei_enumerator - ok
18:00:19.0244 4804 hwdatacard - ok
18:00:19.0358 4804 HWDeviceService.exe - ok
18:00:19.0372 4804 hwusbdev - ok
18:00:19.0505 4804 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:00:19.0592 4804 i2omp - ok
18:00:19.0668 4804 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:00:19.0851 4804 i8042prt - ok
18:00:19.0918 4804 [ AE38A12F79A4980DDB88F36514F8A1DA ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
18:00:20.0044 4804 IAANTMON - ok
18:00:20.0291 4804 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
18:00:20.0310 4804 iaStor - ok
18:00:20.0381 4804 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:00:20.0465 4804 iaStorV - ok
18:00:20.0605 4804 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:00:20.0648 4804 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:00:20.0648 4804 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:00:20.0816 4804 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:00:20.0975 4804 idsvc - ok
18:00:21.0140 4804 [ F7ECD4B9E7FAD4A01A0ED889D40E2494 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:00:21.0766 4804 igfx - ok
18:00:21.0850 4804 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:00:21.0924 4804 iirsp - ok
18:00:22.0048 4804 [ 4456E314E60177B03E5CBE64CD6A337E ] IKEEXT C:\Windows\System32\ikeext.dll
18:00:22.0135 4804 IKEEXT - ok
18:00:22.0206 4804 [ CACE3BE2499CF00827A641869297CEA6 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:00:22.0367 4804 IntcHdmiAddService - ok
18:00:22.0405 4804 [ 0084046C084D68E494F8CF36BCF08186 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:00:22.0475 4804 intelide - ok
18:00:22.0498 4804 [ CE44CC04262F28216DD4341E9E36A16F ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:00:22.0699 4804 intelppm - ok
18:00:22.0771 4804 [ 88CF5281ED9880D74DC9011CF8B5262D ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:00:22.0964 4804 IPBusEnum - ok
18:00:23.0064 4804 [ 880C6F86CC3F551B8FEA2C11141268C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:00:23.0279 4804 IpFilterDriver - ok
18:00:23.0291 4804 IpInIp - ok
18:00:23.0330 4804 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:00:23.0548 4804 IPMIDRV - ok
18:00:23.0582 4804 [ 10077C35845101548037DF04FD1A420B ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:00:23.0687 4804 IPNAT - ok
18:00:23.0812 4804 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:00:24.0072 4804 iPod Service - ok
18:00:24.0182 4804 [ A82F328F4792304184642D6D397BB1E3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:00:24.0321 4804 IRENUM - ok
18:00:24.0386 4804 [ 2F8ECE2699E7E2070545E9B0960A8ED2 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:00:24.0455 4804 isapnp - ok
18:00:24.0581 4804 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:00:24.0599 4804 iScsiPrt - ok
18:00:24.0619 4804 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:00:24.0701 4804 iteatapi - ok
18:00:24.0752 4804 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:00:24.0822 4804 iteraid - ok
18:00:24.0906 4804 [ B076B2AB806B3F696DAB21375389101C ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:00:24.0982 4804 kbdclass - ok
18:00:25.0017 4804 [ D2600CB17B7408B4A83F231DC9A11AC3 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:00:25.0102 4804 kbdhid - ok
18:00:25.0188 4804 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] KeyIso C:\Windows\system32\lsass.exe
18:00:25.0324 4804 KeyIso - ok
18:00:25.0452 4804 [ 0A829977B078DEA11641FC2AF87CEADE ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:00:25.0557 4804 KSecDD - ok
18:00:25.0604 4804 [ 45C537FE5DDE9A0146AEFF76E615737D ] KtmRm C:\Windows\system32\msdtckrm.dll
18:00:25.0776 4804 KtmRm - ok
18:00:26.0164 4804 [ 53D1482FC1AA36AC015A85E6CF2146BD ] LanmanServer C:\Windows\System32\srvsvc.dll
18:00:26.0363 4804 LanmanServer - ok
18:00:26.0481 4804 [ 435F0F6DC87A4B5DA78F1FA309884189 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:00:26.0739 4804 LanmanWorkstation - ok
18:00:26.0802 4804 [ FD015B4F95DAA2B712F0E372A116FBAD ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:00:26.0954 4804 lltdio - ok
18:00:27.0055 4804 [ 7450DBCF754391DD6363FFFD5EF0E789 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:00:27.0301 4804 lltdsvc - ok
18:00:27.0325 4804 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:00:27.0573 4804 lmhosts - ok
18:00:27.0612 4804 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:00:27.0685 4804 LSI_FC - ok
18:00:27.0785 4804 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:00:27.0890 4804 LSI_SAS - ok
18:00:27.0929 4804 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:00:28.0061 4804 LSI_SCSI - ok
18:00:28.0218 4804 [ 42885BB44B6E065B8575A8DD6C430C52 ] luafv C:\Windows\system32\drivers\luafv.sys
18:00:28.0396 4804 luafv - ok
18:00:28.0433 4804 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\Drivers\LVPr2Mon.sys
18:00:28.0500 4804 LVPr2Mon - ok
18:00:28.0761 4804 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
18:00:28.0777 4804 LVPrcSrv - ok
18:00:29.0092 4804 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
18:00:30.0312 4804 LVUVC - ok
18:00:30.0387 4804 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys
18:00:30.0531 4804 ManyCam - ok
18:00:30.0701 4804 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:00:30.0779 4804 MBAMProtector - ok
18:00:31.0024 4804 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:00:31.0086 4804 MBAMScheduler - ok
18:00:31.0181 4804 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:00:31.0265 4804 MBAMService - ok
18:00:31.0468 4804 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
18:00:31.0547 4804 MBAMSwissArmy - ok
18:00:31.0724 4804 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv.sys
18:00:32.0143 4804 mcaudrv_simple - ok
18:00:32.0473 4804 [ 034606B82FA5BD3E73AB427B6D55F915 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe
18:00:32.0580 4804 McComponentHostService - ok
18:00:32.0793 4804 [ CB3A8976DE2F65349322DA7627CEA223 ] mcmscsvc C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
18:00:32.0846 4804 mcmscsvc - ok
18:00:33.0316 4804 [ C69E71E00B30B60556D3E096699BD423 ] McNASvc c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
18:00:33.0444 4804 McNASvc - ok
18:00:33.0610 4804 [ 21456F3051CBEFD1F2D60D8B9AB9C6EE ] McODS C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
18:00:33.0694 4804 McODS - ok
18:00:33.0881 4804 [ 8CF3DA0BE6094C34D7C4A85493E60547 ] McProxy c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
18:00:33.0942 4804 McProxy - ok
18:00:34.0001 4804 [ 33734ABFA52EC8D096A1254D645E9B4F ] McShield C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
18:00:34.0069 4804 McShield - ok
18:00:34.0153 4804 [ 65FF2F0B0AAFCA4720186C4C2F4822CE ] McSysmon C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
18:00:34.0276 4804 McSysmon - ok
18:00:34.0414 4804 [ BF8426A8E3F3856389E26E94A8F1B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:00:34.0731 4804 Mcx2Svc - ok
18:00:34.0850 4804 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:00:34.0988 4804 mdmxsdk - ok
18:00:35.0148 4804 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
18:00:35.0241 4804 megasas - ok
18:00:35.0355 4804 [ 21DD45CAE791D0CDE10631B80F16F653 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:00:35.0400 4804 mfeavfk - ok
18:00:35.0438 4804 [ DECDE1C615C256FA2893B5962B0B91E5 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
18:00:35.0481 4804 mfebopk - ok
18:00:35.0583 4804 [ F85CD2B918202B7EE49757C361C7EAC2 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:00:35.0633 4804 mfehidk - ok
18:00:35.0696 4804 [ 5F33A57F904B64D1C6A548ECA47A8656 ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
18:00:35.0740 4804 mferkdk - ok
18:00:35.0870 4804 [ 299A86B780C9627AAA24E74292363ED2 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
18:00:35.0883 4804 mfesmfk - ok
18:00:35.0944 4804 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] MMCSS C:\Windows\system32\mmcss.dll
18:00:36.0069 4804 MMCSS - ok
18:00:36.0126 4804 [ 21755967298A46FB6ADFEC9DB6012211 ] Modem C:\Windows\system32\drivers\modem.sys
18:00:36.0289 4804 Modem - ok
18:00:36.0339 4804 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:00:36.0499 4804 monitor - ok
18:00:36.0639 4804 [ 5FBA13C1A1841B0885D316ED3589489D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:00:36.0721 4804 mouclass - ok
18:00:36.0805 4804 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:00:36.0893 4804 mouhid - ok
18:00:36.0992 4804 [ 01F1E5A3E4877C931CBB31613FEC16A6 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:00:37.0036 4804 MountMgr - ok
18:00:37.0211 4804 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:00:37.0285 4804 MozillaMaintenance - ok
18:00:37.0321 4804 [ 96CF5286BC370B558735A7B891232D92 ] MPFP C:\Windows\system32\Drivers\Mpfp.sys
18:00:37.0404 4804 MPFP - ok
18:00:37.0622 4804 [ 346F30F1FF73553AA466F4AE7948DA00 ] MpfService C:\Program Files\McAfee\MPF\MPFSrv.exe
18:00:37.0686 4804 MpfService - ok
18:00:37.0773 4804 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
18:00:37.0850 4804 mpio - ok
18:00:37.0905 4804 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:00:38.0091 4804 mpsdrv - ok
18:00:38.0146 4804 [ 563ED845885C6A7C09A7715D8BD0585C ] MpsSvc C:\Windows\system32\mpssvc.dll
18:00:38.0230 4804 MpsSvc - ok
18:00:38.0440 4804 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:00:38.0514 4804 Mraid35x - ok
18:00:38.0641 4804 [ 1D8828B98EE309D65E006F0829E280E5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:00:38.0890 4804 MRxDAV - ok
18:00:39.0006 4804 [ 8AF705CE1BB907932157FAB821170F27 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:00:39.0228 4804 mrxsmb - ok
18:00:39.0295 4804 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:00:39.0467 4804 mrxsmb10 - ok
18:00:39.0536 4804 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:00:39.0705 4804 mrxsmb20 - ok
18:00:39.0762 4804 [ D420BC42A637AC3CC4F411220549C0DC ] msahci C:\Windows\system32\drivers\msahci.sys
18:00:39.0911 4804 msahci - ok
18:00:39.0964 4804 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:00:40.0042 4804 msdsm - ok
18:00:40.0089 4804 [ BC64A92D821EFEA8BAB8E8CAF1B668BC ] MSDTC C:\Windows\System32\msdtc.exe
18:00:40.0143 4804 MSDTC - ok
18:00:40.0238 4804 [ 729EAFEFD4E7417165F353A18DBE947D ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:00:40.0437 4804 Msfs - ok
18:00:40.0562 4804 [ 207DF26DBB2537C20276DA0E15892274 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:00:40.0629 4804 msisadrv - ok
18:00:40.0781 4804 [ 8ACF956D9154E893E789881430C12632 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:00:41.0017 4804 MSiSCSI - ok
18:00:41.0030 4804 msiserver - ok
18:00:41.0096 4804 [ 3E7BE74C4088F18838A55A0F6AC2B6F1 ] MSK80Service C:\Program Files\McAfee\MSK\MskSrver.exe
18:00:41.0136 4804 MSK80Service - ok
18:00:41.0292 4804 [ 892CEDEFA7E0FFE7BE8DA651B651D047 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:00:41.0410 4804 MSKSSRV - ok
18:00:41.0445 4804 [ AE2CB1DA69B2676B4CEE2A501AF5871C ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:00:41.0527 4804 MSPCLOCK - ok
18:00:41.0636 4804 [ F910DA84FA90C44A3ADDB7CD874463FD ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:00:41.0808 4804 MSPQM - ok
18:00:41.0945 4804 [ 84571C0AE07647BA38D493F5F0015DF7 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:00:41.0995 4804 MsRPC - ok
18:00:42.0075 4804 [ 7DBAA028F625AA46B95DDA4FBE4B602B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:00:42.0090 4804 mssmbios - ok
18:00:42.0136 4804 [ C826DD1373F38AFD9CA46EC3C436A14E ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:00:42.0332 4804 MSTEE - ok
18:00:42.0394 4804 [ FA7AA70050CF5E2D15DE00941E5665E5 ] Mup C:\Windows\system32\Drivers\mup.sys
18:00:42.0438 4804 Mup - ok
18:00:42.0579 4804 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] napagent C:\Windows\system32\qagentRT.dll
18:00:42.0687 4804 napagent - ok
18:00:42.0908 4804 [ 1D162E52FB691EB555A476B04B4BFF3F ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:00:43.0100 4804 NativeWifiP - ok
18:00:43.0137 4804 [ 227C11E1E7CF6EF8AFB2A238D209760C ] NDIS C:\Windows\system32\drivers\ndis.sys
18:00:43.0164 4804 NDIS - ok
18:00:43.0219 4804 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:00:43.0380 4804 NdisTapi - ok
18:00:43.0445 4804 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:00:43.0643 4804 Ndisuio - ok
18:00:43.0759 4804 [ 397402ADCBB8946223A1950101F6CD94 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:00:43.0872 4804 NdisWan - ok
18:00:44.0011 4804 [ 1B24FA907AF283199A81B3BB37E5E526 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:00:44.0138 4804 NDProxy - ok
18:00:44.0191 4804 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:00:44.0230 4804 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:00:44.0230 4804 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:00:44.0280 4804 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:00:44.0468 4804 NetBIOS - ok
18:00:44.0602 4804 [ E3A168912E7EEFC3BD3B814720D68B41 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:00:44.0858 4804 netbt - ok
18:00:44.0990 4804 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] Netlogon C:\Windows\system32\lsass.exe
18:00:45.0012 4804 Netlogon - ok
18:00:45.0134 4804 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] Netman C:\Windows\System32\netman.dll
18:00:45.0271 4804 Netman - ok
18:00:45.0349 4804 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] netprofm C:\Windows\System32\netprofm.dll
18:00:45.0604 4804 netprofm - ok
18:00:45.0753 4804 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:00:45.0802 4804 NetTcpPortSharing - ok
18:00:45.0958 4804 [ 6522DD40A5F67CED020BD81B856613FB ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
18:00:46.0223 4804 NETw4v32 - ok
18:00:46.0285 4804 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:00:46.0359 4804 nfrd960 - ok
18:00:46.0412 4804 [ C424117A562F2DE37A42266894C79AEB ] NlaSvc C:\Windows\System32\nlasvc.dll
18:00:46.0546 4804 NlaSvc - ok
18:00:46.0632 4804 [ B4E87D4F40C57D036E821BD06DB1D1B7 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
18:00:46.0729 4804 nmwcd - ok
18:00:46.0791 4804 [ BEE0ADDF01D62725DDC2CC113D6B374C ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
18:00:46.0883 4804 nmwcdc - ok
18:00:47.0004 4804 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:00:47.0125 4804 Npfs - ok
18:00:47.0161 4804 [ 23B8201A363DE0E649FC75EE9874DEE2 ] nsi C:\Windows\system32\nsisvc.dll
18:00:47.0343 4804 nsi - ok
18:00:47.0399 4804 [ B488DFEC274DE1FC9D653870EF2587BE ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:00:47.0509 4804 nsiproxy - ok
18:00:47.0650 4804 [ 37430AA7A66D7A63407ADC2C0D05E9F6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:00:47.0840 4804 Ntfs - ok
18:00:47.0894 4804 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:00:48.0057 4804 ntrigdigi - ok
18:00:48.0174 4804 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
18:00:48.0215 4804 NuidFltr - ok
18:00:48.0253 4804 [ EC5EFB3C60F1B624648344A328BCE596 ] Null C:\Windows\system32\drivers\Null.sys
18:00:48.0368 4804 Null - ok
18:00:48.0409 4804 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:00:48.0499 4804 nvraid - ok
18:00:48.0604 4804 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:00:48.0704 4804 nvstor - ok
18:00:48.0754 4804 [ 055081FD5076401C1EE1BCAB08D81911 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:00:48.0804 4804 nv_agp - ok
18:00:48.0815 4804 NwlnkFlt - ok
18:00:48.0840 4804 NwlnkFwd - ok
18:00:48.0892 4804 [ 19CAC780B858822055F46C58A111723C ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
18:00:49.0001 4804 OEM02Dev - ok
18:00:49.0039 4804 [ 86326062A90494BDD79CE383511D7D69 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
18:00:49.0140 4804 OEM02Vfx - ok
18:00:49.0188 4804 [ 953C1BA621F4DA9DC7D268AE839A51FB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:00:49.0293 4804 ohci1394 - ok
18:00:49.0400 4804 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:00:49.0588 4804 p2pimsvc - ok
18:00:49.0656 4804 [ 016D01D3B8FB976A193C7434BED8DCCF ] p2psvc C:\Windows\system32\p2psvc.dll
18:00:50.0195 4804 p2psvc - ok
18:00:50.0273 4804 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:00:50.0762 4804 Parport - ok
18:00:50.0934 4804 [ 84BE786F33FDBD8765E05DF3B7F5B9E6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:00:51.0826 4804 partmgr - ok
18:00:51.0884 4804 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:00:52.0003 4804 Parvdm - ok
18:00:52.0062 4804 [ D8C5C215C932233A4F1D7F368F4E4E65 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:00:52.0102 4804 PcaSvc - ok
18:00:52.0201 4804 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
18:00:52.0314 4804 pccsmcfd - ok
18:00:52.0481 4804 [ BDD96F9CF34D58958AFF1BE6EF4C8020 ] pci C:\Windows\system32\drivers\pci.sys
18:00:52.0540 4804 pci - ok
18:00:52.0653 4804 [ B2FC76090EF1003463CCB07CABB35CFF ] pciide C:\Windows\system32\drivers\pciide.sys
18:00:52.0720 4804 pciide - ok
18:00:52.0794 4804 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:00:52.0845 4804 pcmcia - ok
18:00:52.0897 4804 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:00:53.0027 4804 PEAUTH - ok
18:00:53.0242 4804 [ CD05A38D166BEADE18030BAFC0C0A939 ] pla C:\Windows\system32\pla.dll
18:00:53.0376 4804 pla - ok
18:00:53.0438 4804 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:00:53.0511 4804 PlugPlay - ok
18:00:53.0589 4804 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:00:53.0685 4804 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:00:53.0685 4804 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:00:53.0764 4804 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:00:53.0819 4804 PNRPAutoReg - ok
18:00:53.0886 4804 [ 016D01D3B8FB976A193C7434BED8DCCF ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:00:53.0920 4804 PNRPsvc - ok
18:00:54.0012 4804 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:00:54.0153 4804 PolicyAgent - ok
18:00:54.0312 4804 [ C04DEC5ACE67C5247B150C4223970BB7 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:00:54.0567 4804 PptpMiniport - ok
18:00:54.0604 4804 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
18:00:54.0753 4804 Processor - ok
18:00:54.0829 4804 [ 213112E152E68F0E4705E36F052A2880 ] ProfSvc C:\Windows\system32\profsvc.dll
18:00:54.0926 4804 ProfSvc - ok
18:00:54.0974 4804 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:00:54.0995 4804 ProtectedStorage - ok
18:00:55.0096 4804 [ 2C8BAE55247C4E09352E870292E4D1AB ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:00:55.0237 4804 PSched - ok
18:00:55.0288 4804 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:00:55.0382 4804 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
18:00:55.0382 4804 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
18:00:55.0499 4804 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:00:55.0668 4804 ql2300 - ok
18:00:55.0747 4804 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:00:55.0838 4804 ql40xx - ok
18:00:55.0946 4804 [ CA61BDFD3713A7CE75F2812AFC431594 ] QWAVE C:\Windows\system32\qwave.dll
18:00:55.0990 4804 QWAVE - ok
18:00:56.0039 4804 [ D2B3E2B7426DC23E185FBC73C8936C12 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:00:56.0145 4804 QWAVEdrv - ok
18:00:56.0285 4804 [ E642B131FB74CAF4BB8A014F31113142 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
18:00:56.0663 4804 R300 - ok
18:00:56.0853 4804 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:00:56.0869 4804 RapiMgr - ok
18:00:56.0898 4804 [ BD7B30F55B3649506DD8B3D38F571D2A ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:00:57.0154 4804 RasAcd - ok
18:00:57.0310 4804 [ F14F4AAB9F54D099FE99192BDB100AC9 ] RasAuto C:\Windows\System32\rasauto.dll
18:00:57.0461 4804 RasAuto - ok
18:00:57.0551 4804 [ 68B0019FEE429EC49D29017AF937E482 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:00:57.0691 4804 Rasl2tp - ok
18:00:57.0792 4804 [ 11D65E29BC9D1E4114D18FE68194394C ] RasMan C:\Windows\System32\rasmans.dll
18:00:57.0871 4804 RasMan - ok
18:00:57.0923 4804 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:00:58.0110 4804 RasPppoe - ok
18:00:58.0210 4804 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:00:58.0408 4804 rdbss - ok
18:00:58.0474 4804 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:00:58.0568 4804 RDPCDD - ok
18:00:58.0649 4804 [ 0245418224CFA77BF4B41C2FE0622258 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:00:58.0724 4804 rdpdr - ok
18:00:58.0739 4804 [ 980B56E2E273E19D3A9D72D5C420F008 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:00:58.0898 4804 RDPENCDD - ok
18:00:58.0989 4804 [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:00:59.0158 4804 RDPWD - ok
18:00:59.0289 4804 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] RemoteAccess C:\Windows\System32\mprdim.dll
18:00:59.0368 4804 RemoteAccess - ok
18:00:59.0446 4804 [ 9A043808667C8C1893DA7275AF373F0E ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:00:59.0540 4804 RemoteRegistry - ok
18:00:59.0615 4804 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
18:00:59.0695 4804 rimmptsk - ok
18:00:59.0738 4804 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
18:00:59.0867 4804 rimsptsk - ok
18:00:59.0883 4804 [ D231B577024AA324AF13A42F3A807D10 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
18:01:00.0003 4804 rismxdp - ok
18:01:00.0145 4804 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:01:00.0577 4804 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
18:01:00.0577 4804 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
18:01:00.0680 4804 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:01:01.0256 4804 RoxWatch9 ( UnsignedFile.Multi.Generic ) - warning
18:01:01.0256 4804 RoxWatch9 - detected UnsignedFile.Multi.Generic (1)
18:01:01.0404 4804 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:01:01.0853 4804 RpcLocator - ok
18:01:01.0976 4804 [ 7B981222A257D076885BFFB66F19B7CE ] RpcSs C:\Windows\system32\rpcss.dll
18:01:02.0064 4804 RpcSs - ok
18:01:02.0116 4804 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:01:02.0226 4804 rspndr - ok
18:01:02.0271 4804 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] SamSs C:\Windows\system32\lsass.exe
18:01:02.0291 4804 SamSs - ok
18:01:02.0350 4804 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:01:02.0451 4804 sbp2port - ok
18:01:02.0570 4804 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:01:02.0676 4804 SCardSvr - ok
18:01:02.0833 4804 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] Schedule C:\Windows\system32\schedsvc.dll
18:01:02.0922 4804 Schedule - ok
18:01:02.0936 4804 [ 0600E04315FE543802A379D5D23C8BE0 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:01:02.0999 4804 SCPolicySvc - ok
18:01:03.0161 4804 [ 7B3973CC28B8AA3E9E2E5D53E720E2C9 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:01:03.0283 4804 sdbus - ok
18:01:03.0333 4804 [ F7B6BF02240D0A764ADF8C8966735552 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:01:03.0447 4804 SDRSVC - ok
18:01:03.0475 4804 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:01:03.0622 4804 secdrv - ok
18:01:03.0654 4804 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] seclogon C:\Windows\system32\seclogon.dll
18:01:03.0753 4804 seclogon - ok
18:01:03.0788 4804 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] SENS C:\Windows\System32\sens.dll
18:01:03.0847 4804 SENS - ok
18:01:03.0871 4804 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:01:03.0977 4804 Serenum - ok
18:01:04.0006 4804 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:01:04.0093 4804 Serial - ok
18:01:04.0279 4804 [ 450ACCD77EC5CEA720C1CDB9E26B953B ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:01:04.0338 4804 sermouse - ok
18:01:04.0560 4804 [ 3334DE016FDCDE5C98E30A405A72DD8D ] ServiceLayer C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
18:01:04.0714 4804 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
18:01:04.0714 4804 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
18:01:04.0833 4804 [ 78878235DA4DF0D116E86837A0A21DF8 ] SessionEnv C:\Windows\system32\sessenv.dll
18:01:04.0909 4804 SessionEnv - ok
18:01:04.0995 4804 [ 51CF56AA8BCC241F134B420B8F850406 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:01:05.0038 4804 sffdisk - ok
18:01:05.0079 4804 [ 96DED8B20C734AC41641CE275250E55D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:01:05.0122 4804 sffp_mmc - ok
18:01:05.0171 4804 [ 8B08CAB1267B2C377883FC9E56981F90 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:01:05.0231 4804 sffp_sd - ok
18:01:05.0343 4804 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:01:05.0479 4804 sfloppy - ok
18:01:05.0600 4804 [ B264DFA21677728613267FE63802B332 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:01:05.0626 4804 ShellHWDetection - ok
18:01:05.0656 4804 [ 08072B2FB92477FC813271A84B3A8698 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:01:05.0704 4804 sisagp - ok
18:01:05.0784 4804 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:01:05.0853 4804 SiSRaid2 - ok
18:01:05.0880 4804 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:01:05.0956 4804 SiSRaid4 - ok
18:01:06.0131 4804 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:01:07.0858 4804 SkypeUpdate - ok
18:01:08.0052 4804 [ A1DCD30534835CB67733AD00175125A6 ] slsvc C:\Windows\system32\SLsvc.exe
18:01:08.0242 4804 slsvc - ok
18:01:08.0270 4804 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:01:08.0365 4804 SLUINotify - ok
18:01:08.0434 4804 [ 46BAF398809A0F3B2D3300A1760E4B91 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:01:08.0606 4804 Smb - ok
18:01:08.0692 4804 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:01:08.0910 4804 SNMPTRAP - ok
18:01:08.0985 4804 SNP2STD - ok
18:01:09.0037 4804 [ 426F9B029AA9162CECCF65369457D046 ] spldr C:\Windows\system32\drivers\spldr.sys
18:01:09.0080 4804 spldr - ok
18:01:09.0117 4804 [ DA612EF2556776DF2630B68BF2D48935 ] Spooler C:\Windows\System32\spoolsv.exe
18:01:09.0154 4804 Spooler - ok
18:01:09.0198 4804 [ 038579C35F7CAD4A4BBF735DBF83277D ] srv C:\Windows\system32\DRIVERS\srv.sys
18:01:09.0304 4804 srv - ok
18:01:09.0343 4804 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:01:09.0499 4804 srv2 - ok
18:01:09.0570 4804 [ 9E1A4603B874EEBCE0298113951ABEFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:01:09.0643 4804 srvnet - ok
18:01:09.0711 4804 [ 8D3E4BAFF8B3997138C38EB1B600519A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:01:09.0791 4804 SSDPSRV - ok
18:01:09.0824 4804 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] STacSV C:\Windows\system32\STacSV.exe
18:01:09.0901 4804 STacSV - ok
18:01:10.0012 4804 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] STHDA C:\Windows\system32\drivers\stwrt.sys
18:01:10.0150 4804 STHDA - ok
18:01:10.0205 4804 [ 7A95B5DEB594616F1693486B8161411E ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:01:10.0329 4804 StillCam - ok
18:01:10.0402 4804 [ A941E099EF46E3CC12F898CBE1C39910 ] stisvc C:\Windows\System32\wiaservc.dll
18:01:10.0455 4804 stisvc - ok
18:01:10.0556 4804 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:01:10.0597 4804 stllssvr ( UnsignedFile.Multi.Generic ) - warning
18:01:10.0597 4804 stllssvr - detected UnsignedFile.Multi.Generic (1)
18:01:10.0846 4804 [ 3B80B4383C9BCE13279C8482734B32B2 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:01:10.0890 4804 swenum - ok
18:01:11.0003 4804 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] swprv C:\Windows\System32\swprv.dll
18:01:11.0084 4804 swprv - ok
18:01:11.0177 4804 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:01:11.0247 4804 Symc8xx - ok
18:01:11.0291 4804 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:01:11.0360 4804 Sym_hi - ok
18:01:11.0396 4804 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:01:11.0467 4804 Sym_u3 - ok
18:01:11.0567 4804 [ 6D73375116FAE5360B16F0A2D9B773CE ] SysMain C:\Windows\system32\sysmain.dll
18:01:11.0695 4804 SysMain - ok
18:01:11.0789 4804 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:01:11.0934 4804 TabletInputService - ok
18:01:11.0969 4804 [ EF3DD33C740FC2F82E7E4622F1C49289 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:01:12.0030 4804 TapiSrv - ok
18:01:12.0069 4804 [ 68FA52794AE9ACC61BDE16FE0956B414 ] TBS C:\Windows\System32\tbssvc.dll
18:01:12.0165 4804 TBS - ok
18:01:12.0491 4804 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:01:12.0611 4804 Tcpip - ok
18:01:12.0668 4804 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:01:12.0743 4804 Tcpip6 - ok
18:01:12.0890 4804 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:01:13.0042 4804 tcpipreg - ok
18:01:13.0108 4804 [ 964248AEF49C31FA6A93201A73FFAF50 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:01:13.0214 4804 TDPIPE - ok
18:01:13.0249 4804 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:01:13.0308 4804 TDTCP - ok
18:01:13.0401 4804 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:01:13.0511 4804 tdx - ok
18:01:13.0571 4804 [ 849ED71967D45F15C3E0ABFC633FDF2A ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:01:13.0618 4804 TermDD - ok
18:01:13.0685 4804 [ FAD71C1E8E4047B154E899AE31EB8CAA ] TermService C:\Windows\System32\termsrv.dll
18:01:13.0754 4804 TermService - ok
18:01:13.0796 4804 [ B264DFA21677728613267FE63802B332 ] Themes C:\Windows\system32\shsvcs.dll
18:01:13.0822 4804 Themes - ok
18:01:13.0848 4804 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] THREADORDER C:\Windows\system32\mmcss.dll
18:01:13.0907 4804 THREADORDER - ok
18:01:13.0976 4804 [ 6BBA0582C0025D43729A1112D3B57897 ] TrkWks C:\Windows\System32\trkwks.dll
18:01:14.0061 4804 TrkWks - ok
18:01:14.0128 4804 [ 34E388A395FEDBA1D0511ED39BBF4074 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:01:14.0172 4804 TrustedInstaller - ok
18:01:14.0370 4804 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:01:14.0426 4804 tssecsrv - ok
18:01:14.0478 4804 [ 65E953BC0084D44498B51F59784D2A82 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:01:14.0547 4804 tunmp - ok
18:01:14.0578 4804 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:01:14.0662 4804 tunnel - ok
18:01:14.0716 4804 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:01:14.0760 4804 uagp35 - ok
18:01:14.0799 4804 [ 6348DA98707CEDA8A0DFB05820E17732 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:01:14.0912 4804 udfs - ok
18:01:14.0996 4804 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:01:15.0064 4804 UI0Detect - ok
18:01:15.0111 4804 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:01:15.0161 4804 uliagpkx - ok
18:01:15.0200 4804 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:01:15.0281 4804 uliahci - ok
18:01:15.0328 4804 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:01:15.0411 4804 UlSata - ok
18:01:15.0479 4804 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:01:15.0552 4804 ulsata2 - ok
18:01:15.0606 4804 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:01:15.0730 4804 umbus - ok
18:01:15.0768 4804 [ 08EA9C0247F391AF4D4A16885A1C159D ] UMPass C:\Windows\system32\DRIVERS\umpass.sys
18:01:15.0852 4804 UMPass - ok
18:01:15.0894 4804 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] upnphost C:\Windows\System32\upnphost.dll
18:01:16.0033 4804 upnphost - ok
18:01:16.0102 4804 [ F5D2AA9D56A3A01A190D01CD961BA0E7 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
18:01:16.0156 4804 upperdev - ok
18:01:16.0249 4804 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
18:01:16.0343 4804 USBAAPL - ok
18:01:16.0414 4804 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:01:16.0485 4804 usbccgp - ok
18:01:16.0588 4804 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:01:16.0693 4804 usbcir - ok
18:01:16.0739 4804 [ C9FCD05B0A80EA08C2768E5A279B14DE ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:01:16.0806 4804 usbehci - ok
18:01:17.0047 4804 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:01:17.0122 4804 usbhub - ok
18:01:17.0151 4804 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:01:17.0282 4804 usbohci - ok
18:01:17.0336 4804 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:01:17.0512 4804 usbprint - ok
18:01:17.0553 4804 [ B1F95285C08DDFE00C0B955462637EC7 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:01:17.0662 4804 usbscan - ok
18:01:17.0728 4804 [ C0488CC01A1C686B08A3D360C7F50324 ] usbser C:\Windows\system32\drivers\usbser.sys
18:01:17.0830 4804 usbser - ok
18:01:17.0871 4804 [ EB2D3830646E393776E1EF98AC76A43D ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
18:01:17.0924 4804 UsbserFilt - ok
18:01:18.0000 4804 [ 7887CE56934E7F104E98C975F47353C5 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:01:18.0117 4804 USBSTOR - ok
18:01:18.0248 4804 [ D864735B0BFCB65440960A0B7CC1A38D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:01:18.0345 4804 usbuhci - ok
18:01:18.0412 4804 [ 0A6B81F01BC86399482E27E6FDA7B33B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:01:18.0532 4804 usbvideo - ok
18:01:18.0572 4804 [ F79D0D7C9004474CB42746D9B2C30A2B ] UxSms C:\Windows\System32\uxsms.dll
18:01:18.0710 4804 UxSms - ok
18:01:18.0758 4804 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] vds C:\Windows\System32\vds.exe
18:01:18.0838 4804 vds - ok
18:01:18.0899 4804 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:01:19.0051 4804 vga - ok
18:01:19.0085 4804 [ 17A8F877314E4067F8C8172CC6D9101C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:01:19.0196 4804 VgaSave - ok
18:01:19.0301 4804 [ D5929A28BDFF4367A12CAF06AF901971 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:01:19.0347 4804 viaagp - ok
18:01:19.0387 4804 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:01:19.0614 4804 ViaC7 - ok
18:01:19.0669 4804 [ F3B4762EB85A2AFF4999401F14C3262B ] viaide C:\Windows\system32\drivers\viaide.sys
18:01:19.0741 4804 viaide - ok
18:01:19.0776 4804 [ FD16FAC15F9F165AC19A618E7B391F5C ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:01:19.0822 4804 volmgr - ok
18:01:19.0871 4804 [ 420C48E593B9520C2DEE45D671F923E1 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:01:19.0960 4804 volmgrx - ok
18:01:20.0043 4804 [ 80DC0C9BCB579ED9815001A4D37CBFD5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:01:20.0098 4804 volsnap - ok
18:01:20.0137 4804 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:01:20.0213 4804 vsmraid - ok
18:01:20.0322 4804 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] VSS C:\Windows\system32\vssvc.exe
18:01:20.0416 4804 VSS - ok
18:01:20.0457 4804 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] W32Time C:\Windows\system32\w32time.dll
18:01:20.0542 4804 W32Time - ok
18:01:20.0655 4804 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:01:20.0766 4804 WacomPen - ok
18:01:20.0809 4804 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:01:20.0879 4804 Wanarp - ok
18:01:20.0892 4804 [ 6798C1209A53B5A0DED8D437C45145FF ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:01:20.0915 4804 Wanarpv6 - ok
18:01:20.0951 4804 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:01:20.0973 4804 WcesComm - ok
18:01:21.0069 4804 [ C1B19162E0509CEAB4CDF664E139D956 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:01:21.0134 4804 wcncsvc - ok
18:01:21.0245 4804 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:01:21.0344 4804 WcsPlugInService - ok
18:01:21.0396 4804 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
18:01:21.0465 4804 Wd - ok
18:01:21.0585 4804 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:01:21.0683 4804 Wdf01000 - ok
18:01:21.0750 4804 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:01:21.0804 4804 WdiServiceHost - ok
18:01:21.0817 4804 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:01:21.0844 4804 WdiSystemHost - ok
18:01:21.0907 4804 [ 01E41C264EEDCB827820A1909162579F ] WebClient C:\Windows\System32\webclnt.dll
18:01:21.0947 4804 WebClient - ok
18:01:21.0993 4804 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] Wecsvc C:\Windows\system32\wecsvc.dll
18:01:22.0098 4804 Wecsvc - ok
18:01:22.0156 4804 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:01:22.0234 4804 wercplsupport - ok
18:01:22.0452 4804 [ 36BA0707680EF4236FD752BEE982CC25 ] WerSvc C:\Windows\System32\WerSvc.dll
18:01:22.0545 4804 WerSvc - ok
18:01:22.0600 4804 [ 4DACA8F07537D4D7E3534BB99294AA26 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:01:22.0699 4804 winachsf - ok
18:01:22.0760 4804 [ 0D5AD0E71FF5DDAC5DD2F443B499ABD0 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:01:22.0806 4804 WinDefend - ok
18:01:22.0834 4804 WinHttpAutoProxySvc - ok
18:01:23.0022 4804 [ 38A7B89DE4E3417C122317949667FDD8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:01:23.0098 4804 Winmgmt - ok
18:01:23.0157 4804 [ 3F6823040030C3E4DA1CF11CD40B7534 ] WinRM C:\Windows\system32\WsmSvc.dll
18:01:23.0277 4804 WinRM - ok
18:01:23.0369 4804 [ 086D2E78EECD6195667282ADC6CA109F ] WINUSB C:\Windows\system32\DRIVERS\WinUSB.SYS
18:01:23.0452 4804 WINUSB - ok
18:01:23.0521 4804 [ B410476A00961BF3FC368A346D8EA6A7 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:01:23.0609 4804 Wlansvc - ok
18:01:23.0657 4804 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:01:23.0737 4804 WmiAcpi - ok
18:01:23.0794 4804 [ A279323BEE5FFFAFDA222910BCE92132 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:01:23.0925 4804 wmiApSrv - ok
18:01:24.0018 4804 [ ACB2E63D50157E3EA7140F29D9E76A48 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:01:24.0144 4804 WMPNetworkSvc - ok
18:01:24.0226 4804 [ 3D3B3B80C12ABE506F56930C46422C28 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:01:24.0336 4804 WPCSvc - ok
18:01:24.0390 4804 [ C24844A1D0D9528B19D5BC266B8CD572 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:01:24.0470 4804 WPDBusEnum - ok
18:01:24.0662 4804 [ 2D27171B16A577EF14C1273668753485 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
18:01:24.0769 4804 WpdUsb - ok
18:01:24.0801 4804 [ 84620AECDCFD2A7A14E6263927D8C0ED ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:01:24.0943 4804 ws2ifsl - ok
18:01:24.0997 4804 [ F97CBB919AF6D0A6643D1A59C15014D1 ] wscsvc C:\Windows\system32\wscsvc.dll
18:01:25.0097 4804 wscsvc - ok
18:01:25.0177 4804 [ F01F25B4227AD8D717C21F25F62B43C8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:01:25.0331 4804 WSDPrintDevice - ok
18:01:25.0350 4804 WSearch - ok
18:01:25.0756 4804 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
18:01:25.0905 4804 wuauserv - ok
18:01:25.0975 4804 [ A2AAFCC8A204736296D937C7C545B53F ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:01:26.0085 4804 WUDFRd - ok
18:01:26.0136 4804 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:01:26.0239 4804 wudfsvc - ok
18:01:26.0282 4804 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
18:01:26.0337 4804 XAudio - ok
18:01:26.0434 4804 [ 28DC5D626E036A75A572556F0A6EB1F6 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
18:01:26.0512 4804 XAudioService - ok
18:01:26.0583 4804 [ 04E268ADFC81964C49DC0C082D520F7E ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
18:01:26.0739 4804 yukonwlh - ok
18:01:26.0778 4804 ================ Scan global ===============================
18:01:26.0895 4804 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\system32\basesrv.dll
18:01:26.0982 4804 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
18:01:27.0093 4804 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\system32\winsrv.dll
18:01:27.0175 4804 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\system32\services.exe
18:01:27.0182 4804 [Global] - ok
18:01:27.0184 4804 ================ Scan MBR ==================================
18:01:27.0201 4804 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:01:27.0896 4804 \Device\Harddisk0\DR0 - ok
18:01:27.0896 4804 ================ Scan VBR ==================================
18:01:27.0956 4804 [ B059AA3C00D369891D97AA1ACD91D4A6 ] \Device\Harddisk0\DR0\Partition1
18:01:27.0958 4804 \Device\Harddisk0\DR0\Partition1 - ok
18:01:27.0979 4804 [ E56533B4CF890F1E5748C58FA0E2385B ] \Device\Harddisk0\DR0\Partition2
18:01:27.0981 4804 \Device\Harddisk0\DR0\Partition2 - ok
18:01:27.0982 4804 ================ Scan active images ========================
18:01:27.0987 4804 [ 3596CB9EA8A12E6E858107912973EBFB ] C:\Windows\System32\drivers\crashdmp.sys
18:01:27.0987 4804 C:\Windows\System32\drivers\crashdmp.sys - ok
18:01:28.0000 4804 [ 4A39BDA5E0FD30BDF4884F9D33AE6105 ] C:\Windows\System32\drivers\tunnel.sys
18:01:28.0000 4804 C:\Windows\System32\drivers\tunnel.sys - ok
18:01:28.0007 4804 [ CE44CC04262F28216DD4341E9E36A16F ] C:\Windows\System32\drivers\intelppm.sys
18:01:28.0007 4804 C:\Windows\System32\drivers\intelppm.sys - ok
18:01:28.0018 4804 [ 65E953BC0084D44498B51F59784D2A82 ] C:\Windows\System32\drivers\TUNMP.SYS
18:01:28.0018 4804 C:\Windows\System32\drivers\TUNMP.SYS - ok
18:01:28.0027 4804 [ F7ECD4B9E7FAD4A01A0ED889D40E2494 ] C:\Windows\System32\drivers\igdkmd32.sys
18:01:28.0028 4804 C:\Windows\System32\drivers\igdkmd32.sys - ok
18:01:28.0038 4804 [ B95202EFD0464D226E7542C1E319C028 ] C:\Windows\System32\drivers\dxgkrnl.sys
18:01:28.0038 4804 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:01:28.0049 4804 [ 3A1F38A6FB749FC7A57A2826F6F8FB01 ] C:\Windows\System32\drivers\watchdog.sys
18:01:28.0049 4804 C:\Windows\System32\drivers\watchdog.sys - ok
18:01:28.0055 4804 [ 0DB613A7E427B5663563677796FD5258 ] C:\Windows\System32\drivers\hdaudbus.sys
18:01:28.0056 4804 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:01:28.0062 4804 [ C9FCD05B0A80EA08C2768E5A279B14DE ] C:\Windows\System32\drivers\usbehci.sys
18:01:28.0062 4804 C:\Windows\System32\drivers\usbehci.sys - ok
18:01:28.0070 4804 [ 97706E9E0EB6E454DB1B1FF5C3A4F00D ] C:\Windows\System32\drivers\usbport.sys
18:01:28.0070 4804 C:\Windows\System32\drivers\usbport.sys - ok
18:01:28.0077 4804 [ D864735B0BFCB65440960A0B7CC1A38D ] C:\Windows\System32\drivers\usbuhci.sys
18:01:28.0077 4804 C:\Windows\System32\drivers\usbuhci.sys - ok
18:01:28.0084 4804 [ 04E268ADFC81964C49DC0C082D520F7E ] C:\Windows\System32\drivers\yk60x86.sys
18:01:28.0084 4804 C:\Windows\System32\drivers\yk60x86.sys - ok
18:01:28.0091 4804 [ 6522DD40A5F67CED020BD81B856613FB ] C:\Windows\System32\drivers\NETw4v32.sys
18:01:28.0091 4804 C:\Windows\System32\drivers\NETw4v32.sys - ok
18:01:28.0098 4804 [ 0541FBD1D4701BA252D80A39F2BF56C9 ] C:\Windows\System32\drivers\1394bus.sys
18:01:28.0098 4804 C:\Windows\System32\drivers\1394bus.sys - ok
18:01:28.0106 4804 [ 953C1BA621F4DA9DC7D268AE839A51FB ] C:\Windows\System32\drivers\ohci1394.sys
18:01:28.0106 4804 C:\Windows\System32\drivers\ohci1394.sys - ok
18:01:28.0113 4804 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] C:\Windows\System32\drivers\rimmptsk.sys
18:01:28.0113 4804 C:\Windows\System32\drivers\rimmptsk.sys - ok
18:01:28.0120 4804 [ A4216C71DD4F60B26418CCFD99CD0815 ] C:\Windows\System32\drivers\rimsptsk.sys
18:01:28.0120 4804 C:\Windows\System32\drivers\rimsptsk.sys - ok
18:01:28.0128 4804 [ 7B3973CC28B8AA3E9E2E5D53E720E2C9 ] C:\Windows\System32\drivers\sdbus.sys
18:01:28.0128 4804 C:\Windows\System32\drivers\sdbus.sys - ok
18:01:28.0136 4804 [ 350F19EB5FE4EC37A2414DF56CDE1AA8 ] C:\Windows\System32\drivers\Apfiltr.sys
18:01:28.0136 4804 C:\Windows\System32\drivers\Apfiltr.sys - ok
18:01:28.0143 4804 [ 1C9EE072BAA3ABB460B91D7EE9152660 ] C:\Windows\System32\drivers\i8042prt.sys
18:01:28.0143 4804 C:\Windows\System32\drivers\i8042prt.sys - ok
18:01:28.0150 4804 [ D231B577024AA324AF13A42F3A807D10 ] C:\Windows\System32\drivers\rixdptsk.sys
18:01:28.0151 4804 C:\Windows\System32\drivers\rixdptsk.sys - ok
18:01:28.0157 4804 [ 8D1866E61AF096AE8B582454F5E4D303 ] C:\Windows\System32\drivers\cdrom.sys
18:01:28.0158 4804 C:\Windows\System32\drivers\cdrom.sys - ok
18:01:28.0167 4804 [ B076B2AB806B3F696DAB21375389101C ] C:\Windows\System32\drivers\kbdclass.sys
18:01:28.0167 4804 C:\Windows\System32\drivers\kbdclass.sys - ok
18:01:28.0174 4804 [ 5FBA13C1A1841B0885D316ED3589489D ] C:\Windows\System32\drivers\mouclass.sys
18:01:28.0174 4804 C:\Windows\System32\drivers\mouclass.sys - ok
18:01:28.0185 4804 [ ED97AD3DF1B9005989EAF149BF06C821 ] C:\Windows\System32\drivers\CmBatt.sys
18:01:28.0185 4804 C:\Windows\System32\drivers\CmBatt.sys - ok
18:01:28.0192 4804 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:01:28.0192 4804 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:01:28.0200 4804 [ 17EAC0D023A65FA9B02114CC2BAACAD5 ] C:\Windows\System32\drivers\wmiacpi.sys
18:01:28.0200 4804 C:\Windows\System32\drivers\wmiacpi.sys - ok
18:01:28.0206 4804 [ 4DCA456D4D5723F8FA9C6760D240B0DF ] C:\Windows\System32\drivers\msiscsi.sys
18:01:28.0207 4804 C:\Windows\System32\drivers\msiscsi.sys - ok
18:01:28.0215 4804 [ 68B0019FEE429EC49D29017AF937E482 ] C:\Windows\System32\drivers\rasl2tp.sys
18:01:28.0215 4804 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:01:28.0222 4804 [ ED386E31D263448B2ED36D4839F2CA04 ] C:\Windows\System32\drivers\Storport.sys
18:01:28.0222 4804 C:\Windows\System32\drivers\Storport.sys - ok
18:01:28.0229 4804 [ BBE07D2766FB165BDF1F49107DABCE85 ] C:\Windows\System32\drivers\tdi.sys
18:01:28.0229 4804 C:\Windows\System32\drivers\tdi.sys - ok
18:01:28.0237 4804 [ 81659CDCBD0F9A9E07E6878AD8C78D3F ] C:\Windows\System32\drivers\ndistapi.sys
18:01:28.0237 4804 C:\Windows\System32\drivers\ndistapi.sys - ok
18:01:28.0244 4804 [ 397402ADCBB8946223A1950101F6CD94 ] C:\Windows\System32\drivers\ndiswan.sys
18:01:28.0244 4804 C:\Windows\System32\drivers\ndiswan.sys - ok
18:01:28.0251 4804 [ CCF4E9C6CBBAC81437F88CB2AE0B6C96 ] C:\Windows\System32\drivers\raspppoe.sys
18:01:28.0251 4804 C:\Windows\System32\drivers\raspppoe.sys - ok
18:01:28.0258 4804 [ C04DEC5ACE67C5247B150C4223970BB7 ] C:\Windows\System32\drivers\raspptp.sys
18:01:28.0258 4804 C:\Windows\System32\drivers\raspptp.sys - ok
18:01:28.0267 4804 [ 849ED71967D45F15C3E0ABFC633FDF2A ] C:\Windows\System32\drivers\termdd.sys
18:01:28.0267 4804 C:\Windows\System32\drivers\termdd.sys - ok
18:01:28.0273 4804 [ 05932874C6349F4E49E4F8968874C65C ] C:\Windows\System32\drivers\ks.sys
18:01:28.0273 4804 C:\Windows\System32\drivers\ks.sys - ok
18:01:28.0280 4804 [ 7A95B5DEB594616F1693486B8161411E ] C:\Windows\System32\drivers\serscan.sys
18:01:28.0280 4804 C:\Windows\System32\drivers\serscan.sys - ok
18:01:28.0287 4804 [ 3B80B4383C9BCE13279C8482734B32B2 ] C:\Windows\System32\drivers\swenum.sys
18:01:28.0288 4804 C:\Windows\System32\drivers\swenum.sys - ok
18:01:28.0294 4804 [ 7DBAA028F625AA46B95DDA4FBE4B602B ] C:\Windows\System32\drivers\mssmbios.sys
18:01:28.0295 4804 C:\Windows\System32\drivers\mssmbios.sys - ok
18:01:28.0298 4804 [ 3FB78F1D1DD86D87BECECD9DFFA24DD9 ] C:\Windows\System32\drivers\umbus.sys
18:01:28.0299 4804 C:\Windows\System32\drivers\umbus.sys - ok
18:01:28.0307 4804 [ 5E44F7D957F7560DA06BFE6B84B58A35 ] C:\Windows\System32\drivers\usbhub.sys
18:01:28.0307 4804 C:\Windows\System32\drivers\usbhub.sys - ok
18:01:28.0314 4804 [ 1B24FA907AF283199A81B3BB37E5E526 ] C:\Windows\System32\drivers\ndproxy.sys
18:01:28.0314 4804 C:\Windows\System32\drivers\ndproxy.sys - ok
18:01:28.0322 4804 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E ] C:\Windows\System32\drivers\HSXHWAZL.sys
18:01:28.0322 4804 C:\Windows\System32\drivers\HSXHWAZL.sys - ok
18:01:28.0329 4804 [ E9E589C9AB799F52E18F057635A2B362 ] C:\Windows\System32\drivers\HSX_DPV.sys
18:01:28.0329 4804 C:\Windows\System32\drivers\HSX_DPV.sys - ok
18:01:28.0337 4804 [ 4DACA8F07537D4D7E3534BB99294AA26 ] C:\Windows\System32\drivers\HSX_CNXT.sys
18:01:28.0337 4804 C:\Windows\System32\drivers\HSX_CNXT.sys - ok
18:01:28.0343 4804 [ 21755967298A46FB6ADFEC9DB6012211 ] C:\Windows\System32\drivers\modem.sys
18:01:28.0344 4804 C:\Windows\System32\drivers\modem.sys - ok
18:01:28.0351 4804 [ 1660613337E5EBE07B4DD78C1A55C5C0 ] C:\Windows\System32\drivers\drmk.sys
18:01:28.0351 4804 C:\Windows\System32\drivers\drmk.sys - ok
18:01:28.0358 4804 [ CACE3BE2499CF00827A641869297CEA6 ] C:\Windows\System32\drivers\IntcHdmi.sys
18:01:28.0358 4804 C:\Windows\System32\drivers\IntcHdmi.sys - ok
18:01:28.0365 4804 [ 9A23E21ECA1246950E440E158DE50750 ] C:\Windows\System32\drivers\portcls.sys
18:01:28.0365 4804 C:\Windows\System32\drivers\portcls.sys - ok
18:01:28.0373 4804 [ 6A2A5E809C2C0178326D92B19EE4AAD3 ] C:\Windows\System32\drivers\stwrt.sys
18:01:28.0373 4804 C:\Windows\System32\drivers\stwrt.sys - ok
18:01:28.0380 4804 [ 4C54F915BF3542BE3DECDB1A933C4C45 ] C:\Windows\System32\drivers\usbd.sys
18:01:28.0380 4804 C:\Windows\System32\drivers\usbd.sys - ok
18:01:28.0388 4804 [ B0BA9CAFFE9B0555EC0317F30CB79CD2 ] C:\Windows\System32\drivers\usbccgp.sys
18:01:28.0388 4804 C:\Windows\System32\drivers\usbccgp.sys - ok
18:01:28.0395 4804 [ 19CAC780B858822055F46C58A111723C ] C:\Windows\System32\drivers\OEM02Dev.sys
18:01:28.0395 4804 C:\Windows\System32\drivers\OEM02Dev.sys - ok
18:01:28.0403 4804 [ 86326062A90494BDD79CE383511D7D69 ] C:\Windows\System32\drivers\OEM02Vfx.sys
18:01:28.0403 4804 C:\Windows\System32\drivers\OEM02Vfx.sys - ok
18:01:28.0410 4804 [ 081655939FA6C09EEC56DA090F461ECC ] C:\Windows\System32\drivers\hidclass.sys
18:01:28.0410 4804 C:\Windows\System32\drivers\hidclass.sys - ok
18:01:28.0418 4804 [ 451A4D76448CEE21407FB0A9A362C057 ] C:\Windows\System32\drivers\hidparse.sys
18:01:28.0418 4804 C:\Windows\System32\drivers\hidparse.sys - ok
18:01:28.0425 4804 [ 3C64042B95E583B366BA4E5D2450235E ] C:\Windows\System32\drivers\hidusb.sys
18:01:28.0425 4804 C:\Windows\System32\drivers\hidusb.sys - ok
18:01:28.0432 4804 [ AC3DD1708B22761EBD7CBE14DCC3B5D7 ] C:\Windows\System32\drivers\beep.sys
18:01:28.0432 4804 C:\Windows\System32\drivers\beep.sys - ok
18:01:28.0440 4804 [ 66A078591208BAA210C7634B11EB392C ] C:\Windows\System32\drivers\fs_rec.sys
18:01:28.0440 4804 C:\Windows\System32\drivers\fs_rec.sys - ok
18:01:28.0447 4804 [ B569B5C5D3BDE545DF3A6AF512CCCDBA ] C:\Windows\System32\drivers\mouhid.sys
18:01:28.0447 4804 C:\Windows\System32\drivers\mouhid.sys - ok
18:01:28.0454 4804 [ EC5EFB3C60F1B624648344A328BCE596 ] C:\Windows\System32\drivers\null.sys
18:01:28.0455 4804 C:\Windows\System32\drivers\null.sys - ok
18:01:28.0461 4804 [ 17A8F877314E4067F8C8172CC6D9101C ] C:\Windows\System32\drivers\vga.sys
18:01:28.0462 4804 C:\Windows\System32\drivers\vga.sys - ok
18:01:28.0469 4804 [ D1FA901E4878B7011FE8A8C2890E90C7 ] C:\Windows\System32\drivers\videoprt.sys
18:01:28.0469 4804 C:\Windows\System32\drivers\videoprt.sys - ok
18:01:28.0476 4804 [ 794585276B5D7FCA9F3FC15543F9F0B9 ] C:\Windows\System32\drivers\RDPCDD.sys
18:01:28.0476 4804 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:01:28.0485 4804 [ 980B56E2E273E19D3A9D72D5C420F008 ] C:\Windows\System32\drivers\RDPENCDD.sys
18:01:28.0485 4804 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:01:28.0491 4804 [ 729EAFEFD4E7417165F353A18DBE947D ] C:\Windows\System32\drivers\msfs.sys
18:01:28.0491 4804 C:\Windows\System32\drivers\msfs.sys - ok
18:01:28.0498 4804 [ 4F9832BEB9FAFD8CEB0E541F1323B26E ] C:\Windows\System32\drivers\npfs.sys
18:01:28.0498 4804 C:\Windows\System32\drivers\npfs.sys - ok
18:01:28.0507 4804 [ BD7B30F55B3649506DD8B3D38F571D2A ] C:\Windows\System32\drivers\rasacd.sys
18:01:28.0507 4804 C:\Windows\System32\drivers\rasacd.sys - ok
18:01:28.0514 4804 [ D9E87D35FFBC91AD6ADA64918485F8FF ] C:\Windows\System32\drivers\FWPKCLNT.SYS
18:01:28.0514 4804 C:\Windows\System32\drivers\FWPKCLNT.SYS - ok
18:01:28.0522 4804 [ 2C1F7005AA3B62721BFDB307BD5F5010 ] C:\Windows\System32\drivers\tcpip.sys
18:01:28.0522 4804 C:\Windows\System32\drivers\tcpip.sys - ok
18:01:28.0529 4804 [ 96CF5286BC370B558735A7B891232D92 ] C:\Windows\System32\drivers\Mpfp.sys
18:01:28.0529 4804 C:\Windows\System32\drivers\Mpfp.sys - ok
18:01:28.0536 4804 [ 46BAF398809A0F3B2D3300A1760E4B91 ] C:\Windows\System32\drivers\smb.sys
18:01:28.0536 4804 C:\Windows\System32\drivers\smb.sys - ok
18:01:28.0543 4804 [ AB4FDE8AF4A0270A46A001C08CBCE1C2 ] C:\Windows\System32\drivers\tdx.sys
18:01:28.0543 4804 C:\Windows\System32\drivers\tdx.sys - ok
18:01:28.0552 4804 [ 880C6F86CC3F551B8FEA2C11141268C0 ] C:\Windows\System32\drivers\ipfltdrv.sys
18:01:28.0552 4804 C:\Windows\System32\drivers\ipfltdrv.sys - ok
18:01:28.0558 4804 [ 5D24CAF8EFD924A875698FF28384DB8B ] C:\Windows\System32\drivers\afd.sys
18:01:28.0558 4804 C:\Windows\System32\drivers\afd.sys - ok
18:01:28.0565 4804 [ E3A168912E7EEFC3BD3B814720D68B41 ] C:\Windows\System32\drivers\netbt.sys
18:01:28.0565 4804 C:\Windows\System32\drivers\netbt.sys - ok
18:01:28.0573 4804 [ 356DBB9F98E8DC1028DD3092FCEEB877 ] C:\Windows\System32\drivers\netbios.sys
18:01:28.0573 4804 C:\Windows\System32\drivers\netbios.sys - ok
18:01:28.0580 4804 [ 2C8BAE55247C4E09352E870292E4D1AB ] C:\Windows\System32\drivers\pacer.sys
18:01:28.0581 4804 C:\Windows\System32\drivers\pacer.sys - ok
18:01:28.0588 4804 [ 84620AECDCFD2A7A14E6263927D8C0ED ] C:\Windows\System32\drivers\ws2ifsl.sys
18:01:28.0588 4804 C:\Windows\System32\drivers\ws2ifsl.sys - ok
18:01:28.0595 4804 [ B488DFEC274DE1FC9D653870EF2587BE ] C:\Windows\System32\drivers\nsiproxy.sys
18:01:28.0596 4804 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:01:28.0603 4804 [ 54129C5D9581BBEC8BD1EBD3BA813F47 ] C:\Windows\System32\drivers\rdbss.sys
18:01:28.0603 4804 C:\Windows\System32\drivers\rdbss.sys - ok
18:01:28.0610 4804 [ 6798C1209A53B5A0DED8D437C45145FF ] C:\Windows\System32\drivers\wanarp.sys
18:01:28.0610 4804 C:\Windows\System32\drivers\wanarp.sys - ok
18:01:28.0619 4804 [ A7179DE59AE269AB70345527894CCD7C ] C:\Windows\System32\drivers\dfsc.sys
18:01:28.0619 4804 C:\Windows\System32\drivers\dfsc.sys - ok
18:01:28.0625 4804 [ F85CD2B918202B7EE49757C361C7EAC2 ] C:\Windows\System32\drivers\mfehidk.sys
18:01:28.0625 4804 C:\Windows\System32\drivers\mfehidk.sys - ok
18:01:28.0631 4804 [ CAA75757BB3695478C23CB0624342A61 ] C:\Windows\System32\smss.exe
18:01:28.0632 4804 C:\Windows\System32\smss.exe - ok
18:01:28.0639 4804 [ 04E4C2069D7254E3FBB90D5B519AB53C ] C:\Windows\System32\ntdll.dll
18:01:28.0639 4804 C:\Windows\System32\ntdll.dll - ok
18:01:28.0646 4804 [ C08D1FE284C3330934E45D6E5F5B768B ] C:\Windows\System32\autochk.exe
18:01:28.0646 4804 C:\Windows\System32\autochk.exe - ok
18:01:28.0654 4804 [ 6C3A437FC873C6F6A4FC620B6888CB86 ] C:\Windows\System32\drivers\cdfs.sys
18:01:28.0654 4804 C:\Windows\System32\drivers\cdfs.sys - ok
18:01:28.0661 4804 [ 63B4F59D7C89B1BF5277F1FFEFD491CD ] C:\Windows\System32\user32.dll
18:01:28.0661 4804 C:\Windows\System32\user32.dll - ok
18:01:28.0670 4804 [ F352E76E220EB21A0C29734B66048DDE ] C:\Windows\System32\msctf.dll
18:01:28.0670 4804 C:\Windows\System32\msctf.dll - ok
18:01:28.0675 4804 [ 71A0DC633D1D76744441EFD4B7FB230F ] C:\Windows\System32\gdi32.dll
18:01:28.0675 4804 C:\Windows\System32\gdi32.dll - ok
18:01:28.0682 4804 [ 456FB859236C9074ACF6C3B6243D8B46 ] C:\Windows\System32\usp10.dll
18:01:28.0682 4804 C:\Windows\System32\usp10.dll - ok
18:01:28.0689 4804 [ 75287677BB8BC9A16C32CE8A72F485A0 ] C:\Windows\System32\msvcrt.dll
18:01:28.0690 4804 C:\Windows\System32\msvcrt.dll - ok
18:01:28.0696 4804 [ 7924BCCE665AC92FC04CD45A46FE3E3D ] C:\Windows\System32\oleaut32.dll
18:01:28.0696 4804 C:\Windows\System32\oleaut32.dll - ok
18:01:28.0704 4804 [ E12CE9057795C0FD8545DB5D60D0CD42 ] C:\Windows\System32\iertutil.dll
18:01:28.0704 4804 C:\Windows\System32\iertutil.dll - ok
18:01:28.0710 4804 [ D99A071C1018BB3D4ABAAD4B62048AC2 ] C:\Windows\System32\ws2_32.dll
18:01:28.0710 4804 C:\Windows\System32\ws2_32.dll - ok
18:01:28.0717 4804 [ DF43158D5E043553CAC6BFE28F90E545 ] C:\Windows\System32\clbcatq.dll
18:01:28.0717 4804 C:\Windows\System32\clbcatq.dll - ok
18:01:28.0724 4804 [ 7FB07AFC51D18CF2619F1FFD464495A9 ] C:\Windows\System32\urlmon.dll
18:01:28.0724 4804 C:\Windows\System32\urlmon.dll - ok
18:01:28.0732 4804 [ 3D7FE2E7923EEA92E68062BBA3377067 ] C:\Windows\System32\setupapi.dll
18:01:28.0732 4804 C:\Windows\System32\setupapi.dll - ok
18:01:28.0739 4804 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
18:01:28.0739 4804 C:\Windows\System32\normaliz.dll - ok
18:01:28.0746 4804 [ 0F340B61FA7221DDF8B8375BC0217B71 ] C:\Windows\System32\wininet.dll
18:01:28.0746 4804 C:\Windows\System32\wininet.dll - ok
18:01:28.0754 4804 [ CCE6FB960F8985BF500CE9CB0B2EF4CF ] C:\Windows\System32\ole32.dll
18:01:28.0754 4804 C:\Windows\System32\ole32.dll - ok
18:01:28.0760 4804 [ 9F5D9DBBC7613712A8778385B6FB12CA ] C:\Windows\System32\rpcrt4.dll
18:01:28.0760 4804 C:\Windows\System32\rpcrt4.dll - ok
18:01:28.0767 4804 [ 5D53724E96F6B907355E616FFE08EB83 ] C:\Windows\System32\imagehlp.dll
18:01:28.0767 4804 C:\Windows\System32\imagehlp.dll - ok
18:01:28.0775 4804 [ 7F3415D246E2AE6E8CFD6A561016A91F ] C:\Windows\System32\comdlg32.dll
18:01:28.0775 4804 C:\Windows\System32\comdlg32.dll - ok
18:01:28.0782 4804 [ EE12864398F1C3BF5BEE91F6AF9842E1 ] C:\Windows\System32\imm32.dll
18:01:28.0782 4804 C:\Windows\System32\imm32.dll - ok
18:01:28.0789 4804 [ 7BE32E67440BB5B2205C5402A2FBDE25 ] C:\Windows\System32\lpk.dll
18:01:28.0789 4804 C:\Windows\System32\lpk.dll - ok
18:01:28.0796 4804 [ 5CD3F8485A88CF0F035CFF5576D66029 ] C:\Windows\System32\nsi.dll
18:01:28.0796 4804 C:\Windows\System32\nsi.dll - ok
18:01:28.0804 4804 [ 4306242128019B290E1FA7EB998952D7 ] C:\Windows\System32\Wldap32.dll
18:01:28.0804 4804 C:\Windows\System32\Wldap32.dll - ok
18:01:28.0811 4804 [ CF1D75E7B4A7CC6D2A21FE64C9E50A12 ] C:\Windows\System32\shell32.dll
18:01:28.0811 4804 C:\Windows\System32\shell32.dll - ok
18:01:28.0818 4804 [ BB792054BD990EC05D9E260D50FEAD39 ] C:\Windows\System32\kernel32.dll
18:01:28.0818 4804 C:\Windows\System32\kernel32.dll - ok
18:01:28.0825 4804 [ 438AE83490959C0F5A6BE97DAFEA68D2 ] C:\Windows\System32\shlwapi.dll
18:01:28.0825 4804 C:\Windows\System32\shlwapi.dll - ok
18:01:28.0832 4804 [ 9178B1C1C55DAD01BD65A162A39AE6C3 ] C:\Windows\System32\advapi32.dll
18:01:28.0832 4804 C:\Windows\System32\advapi32.dll - ok
18:01:28.0839 4804 [ BB61FB941A382A197AC2989337BF6364 ] C:\Windows\System32\comctl32.dll
18:01:28.0839 4804 C:\Windows\System32\comctl32.dll - ok
18:01:28.0847 4804 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
18:01:28.0847 4804 C:\Windows\System32\psapi.dll - ok
18:01:28.0854 4804 [ A253AA14CA560A4B8BA6E9D1F78EF10E ] C:\Windows\System32\drivers\dxapi.sys
18:01:28.0855 4804 C:\Windows\System32\drivers\dxapi.sys - ok
18:01:28.0861 4804 [ 9352E049F234BFA756C840CD8BDF4FFE ] C:\Windows\System32\win32k.sys
18:01:28.0861 4804 C:\Windows\System32\win32k.sys - ok
18:01:28.0868 4804 [ 8CD98A8EC9CADAF4E051CDCAC15C96C4 ] C:\Windows\System32\basesrv.dll
18:01:28.0868 4804 C:\Windows\System32\basesrv.dll - ok
18:01:28.0876 4804 [ 2F8A776FF2087357DDEB9992E06EECAA ] C:\Windows\System32\csrsrv.dll
18:01:28.0876 4804 C:\Windows\System32\csrsrv.dll - ok
18:01:28.0882 4804 [ 117B7C8A8B026A5DCE5E3180ED05E823 ] C:\Windows\System32\csrss.exe
18:01:28.0882 4804 C:\Windows\System32\csrss.exe - ok
18:01:28.0890 4804 [ E3F137ADC0A9D7F3A2E4F557272FE6B3 ] C:\Windows\System32\winsrv.dll
18:01:28.0890 4804 C:\Windows\System32\winsrv.dll - ok
18:01:28.0897 4804 [ 7446E104A5FE5987CA9E4983FBAC4F97 ] C:\Windows\System32\drivers\monitor.sys
18:01:28.0897 4804 C:\Windows\System32\drivers\monitor.sys - ok
18:01:28.0904 4804 [ D77B3F6785289CEC0F32D5A7B5B1268E ] C:\Windows\System32\tsddd.dll
18:01:28.0905 4804 C:\Windows\System32\tsddd.dll - ok
18:01:28.0911 4804 [ D4385B03E8CCCEE6F0EE249F827C1F3E ] C:\Windows\System32\wininit.exe
18:01:28.0911 4804 C:\Windows\System32\wininit.exe - ok
18:01:28.0918 4804 [ 68410CF6FB13CED160EF0149EABFC35C ] C:\Windows\System32\secur32.dll
18:01:28.0918 4804 C:\Windows\System32\secur32.dll - ok
18:01:28.0926 4804 [ CD5F587157B0150FB6955D939BDAB825 ] C:\Windows\System32\userenv.dll
18:01:28.0926 4804 C:\Windows\System32\userenv.dll - ok
18:01:28.0933 4804 [ C2383A7FA2608D384ACAE1CDDE19A9F2 ] C:\Windows\System32\KBDUK.DLL
18:01:28.0933 4804 C:\Windows\System32\KBDUK.DLL - ok
18:01:28.0941 4804 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
18:01:28.0941 4804 C:\Windows\System32\WlS0WndH.dll - ok
18:01:28.0948 4804 [ 75EDBAACA7D5F2B3B165B8DAB3E1542E ] C:\Windows\System32\apphelp.dll
18:01:28.0949 4804 C:\Windows\System32\apphelp.dll - ok
18:01:28.0956 4804 [ 329CF3C97CE4C19375C8ABCABAE258B0 ] C:\Windows\System32\services.exe
18:01:28.0956 4804 C:\Windows\System32\services.exe - ok
18:01:28.0963 4804 [ C19BA7DAD3AB3AFE6322248047560122 ] C:\Windows\System32\sxs.dll
18:01:28.0963 4804 C:\Windows\System32\sxs.dll - ok
18:01:28.0971 4804 [ 67FEFD286869A5EC50257AC62DCBA2B7 ] C:\Windows\System32\lsasrv.dll
18:01:28.0972 4804 C:\Windows\System32\lsasrv.dll - ok
18:01:28.0978 4804 [ C731B1FE449D4E9CEA358C9D55B69BE9 ] C:\Windows\System32\lsass.exe
18:01:28.0978 4804 C:\Windows\System32\lsass.exe - ok
18:01:28.0984 4804 [ 77F52395637906269B91264FFE576B51 ] C:\Windows\System32\lsm.exe
18:01:28.0984 4804 C:\Windows\System32\lsm.exe - ok
18:01:28.0992 4804 [ D39DB142B8A0C56616136DD0A1028FC1 ] C:\Windows\System32\scesrv.dll
18:01:28.0992 4804 C:\Windows\System32\scesrv.dll - ok
18:01:28.0998 4804 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
18:01:28.0998 4804 C:\Windows\System32\sysntfy.dll - ok
18:01:29.0006 4804 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
18:01:29.0006 4804 C:\Windows\System32\wmsgapi.dll - ok
18:01:29.0012 4804 [ 22054E4E3CF6174CFCE6AB2776DA22A0 ] C:\Windows\System32\samsrv.dll
18:01:29.0012 4804 C:\Windows\System32\samsrv.dll - ok
18:01:29.0019 4804 [ F3AA50FABE35385A7A1613E75B95565D ] C:\Windows\System32\authz.dll
18:01:29.0019 4804 C:\Windows\System32\authz.dll - ok
18:01:29.0027 4804 [ E3AFCA30714898BAAE6F12B52627761C ] C:\Windows\System32\netapi32.dll
18:01:29.0027 4804 C:\Windows\System32\netapi32.dll - ok
18:01:29.0034 4804 [ 1E4B805A21583C9BAEC3758AA6BCA1CD ] C:\Windows\System32\ncobjapi.dll
18:01:29.0034 4804 C:\Windows\System32\ncobjapi.dll - ok
18:01:29.0042 4804 [ 2079C0B313846B4564380DBEDAD00E5E ] C:\Windows\System32\cryptdll.dll
18:01:29.0042 4804 C:\Windows\System32\cryptdll.dll - ok
18:01:29.0049 4804 [ 1CF533790D3D883A7AB671040FB18A93 ] C:\Windows\System32\dnsapi.dll
18:01:29.0049 4804 C:\Windows\System32\dnsapi.dll - ok
18:01:29.0056 4804 [ 039E4E0488F4E1A985139A24D0359AC3 ] C:\Windows\System32\samlib.dll
18:01:29.0056 4804 C:\Windows\System32\samlib.dll - ok
18:01:29.0060 4804 [ 3233F31FF7046A5C54A312B6687C5376 ] C:\Windows\System32\crypt32.dll
18:01:29.0060 4804 C:\Windows\System32\crypt32.dll - ok
18:01:29.0067 4804 [ 47D3305C6986EC21A25B023779881015 ] C:\Windows\System32\feclient.dll
18:01:29.0067 4804 C:\Windows\System32\feclient.dll - ok
18:01:29.0075 4804 [ 75AEB9BA69D36AFF80011B74F27912AF ] C:\Windows\System32\mpr.dll
18:01:29.0075 4804 C:\Windows\System32\mpr.dll - ok
18:01:29.0082 4804 [ 24D50EA947B40A8C816B9206FBBB8BEE ] C:\Windows\System32\msasn1.dll
18:01:29.0082 4804 C:\Windows\System32\msasn1.dll - ok
18:01:29.0090 4804 [ 83942D329D01B8AA9721FEF668E1E1A6 ] C:\Windows\System32\ntdsapi.dll
18:01:29.0090 4804 C:\Windows\System32\ntdsapi.dll - ok
18:01:29.0097 4804 [ 49A8B815899437CB405EFF80B8E14E23 ] C:\Windows\System32\cdd.dll
18:01:29.0097 4804 C:\Windows\System32\cdd.dll - ok
18:01:29.0104 4804 [ AE43F1EEA8CB7BD6D372F5A08B00849D ] C:\Windows\System32\SLC.dll
18:01:29.0105 4804 C:\Windows\System32\SLC.dll - ok
18:01:29.0112 4804 [ BCE6F538105E7713C4A5A0CA683D6795 ] C:\Windows\System32\wevtapi.dll
18:01:29.0112 4804 C:\Windows\System32\wevtapi.dll - ok
18:01:29.0121 4804 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
18:01:29.0122 4804 C:\Windows\System32\aelupsvc.dll - ok
18:01:29.0127 4804 [ E69FB0E3112C40FDC0EF7D21A52DC951 ] C:\Windows\System32\alg.exe
18:01:29.0127 4804 C:\Windows\System32\alg.exe - ok
18:01:29.0134 4804 [ DC45739BC22D528D2B3E50D3F6761750 ] C:\Windows\System32\dhcpcsvc.dll
18:01:29.0134 4804 C:\Windows\System32\dhcpcsvc.dll - ok
18:01:29.0142 4804 [ 3B7336FC377803D3BDA3139DF1343B2D ] C:\Windows\System32\IPHLPAPI.DLL
18:01:29.0142 4804 C:\Windows\System32\IPHLPAPI.DLL - ok
18:01:29.0148 4804 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
18:01:29.0149 4804 C:\Windows\System32\cngaudit.dll - ok
18:01:29.0156 4804 [ B1143BE81DD6AE13943B806261CE91A0 ] C:\Windows\System32\dhcpcsvc6.dll
18:01:29.0156 4804 C:\Windows\System32\dhcpcsvc6.dll - ok
18:01:29.0163 4804 [ 121AFD967914292D5CBF7BEE9572BE71 ] C:\Windows\System32\ncrypt.dll
18:01:29.0163 4804 C:\Windows\System32\ncrypt.dll - ok
18:01:29.0172 4804 [ 86FBD7D3E975464E94F0A270E5E79CEC ] C:\Windows\System32\winnsi.dll
18:01:29.0172 4804 C:\Windows\System32\winnsi.dll - ok
18:01:29.0177 4804 [ 1C90E67A15D7B35909AF8A808A1ECCFF ] C:\Windows\System32\bcrypt.dll
18:01:29.0177 4804 C:\Windows\System32\bcrypt.dll - ok
18:01:29.0184 4804 [ CFA455816879F06F1C4E5BBF9E8AEF7D ] C:\Windows\System32\appinfo.dll
18:01:29.0184 4804 C:\Windows\System32\appinfo.dll - ok
18:01:29.0192 4804 [ 8C312DE50B90F7C22349E6DB1D9538E3 ] C:\Windows\System32\credssp.dll
18:01:29.0193 4804 C:\Windows\System32\credssp.dll - ok
18:01:29.0201 4804 [ E760FC1BD68F7F6F1B17EB4E8D9480B0 ] C:\Windows\System32\audiosrv.dll
18:01:29.0201 4804 C:\Windows\System32\audiosrv.dll - ok
18:01:29.0209 4804 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
18:01:29.0209 4804 C:\Windows\System32\msprivs.dll - ok
18:01:29.0216 4804 [ F4AFBEB2BD4972F57C53CB8D54561C4E ] C:\Windows\System32\kerberos.dll
18:01:29.0216 4804 C:\Windows\System32\kerberos.dll - ok
18:01:29.0224 4804 [ CE0D320700CCF7C78AEF9ED84332CC53 ] C:\Windows\System32\WSHTCPIP.DLL
18:01:29.0224 4804 C:\Windows\System32\WSHTCPIP.DLL - ok
18:01:29.0231 4804 [ 96B73CC64BD905EA6CC4E44384ABD8C9 ] C:\Windows\System32\BFE.DLL
18:01:29.0231 4804 C:\Windows\System32\BFE.DLL - ok
18:01:29.0239 4804 [ 9F6487E56876511E764DD097AB0CE9A0 ] C:\Windows\System32\wship6.dll
18:01:29.0239 4804 C:\Windows\System32\wship6.dll - ok
18:01:29.0245 4804 [ FB036947195D5FEFBC8083D5DEB024DE ] C:\Windows\System32\wshqos.dll
18:01:29.0245 4804 C:\Windows\System32\wshqos.dll - ok
18:01:29.0252 4804 [ 5E72DCFF9FB2374642043899A1C2E446 ] C:\Windows\System32\NapiNSP.dll
18:01:29.0252 4804 C:\Windows\System32\NapiNSP.dll - ok
18:01:29.0259 4804 [ C424117A562F2DE37A42266894C79AEB ] C:\Windows\System32\nlasvc.dll
18:01:29.0259 4804 C:\Windows\System32\nlasvc.dll - ok
18:01:29.0266 4804 [ 9F75392B9128A91ABAFB044EA350BAAD ] C:\Windows\System32\winlogon.exe
18:01:29.0266 4804 C:\Windows\System32\winlogon.exe - ok
18:01:29.0274 4804 [ C5213AC0CD7D4A6BE4BBABA0B18B9BE5 ] C:\Windows\System32\msv1_0.dll
18:01:29.0274 4804 C:\Windows\System32\msv1_0.dll - ok
18:01:29.0281 4804 [ 54E9576169A248AD62A1EB9773225826 ] C:\Windows\System32\mswsock.dll
18:01:29.0281 4804 C:\Windows\System32\mswsock.dll - ok
18:01:29.0289 4804 [ C0DC476E89558242848572F9ADE1D685 ] C:\Windows\System32\pnrpnsp.dll
18:01:29.0289 4804 C:\Windows\System32\pnrpnsp.dll - ok
18:01:29.0296 4804 [ 9CA8B435FB0B8F7BD25268AE75639107 ] C:\Windows\System32\winsta.dll
18:01:29.0296 4804 C:\Windows\System32\winsta.dll - ok
18:01:29.0303 4804 [ 889A2C9F2AACCD8F64EF50AC0B3D553B ] C:\Windows\System32\netlogon.dll
18:01:29.0303 4804 C:\Windows\System32\netlogon.dll - ok
18:01:29.0308 4804 [ DA551697E34D2B9943C8B1C8EAFFE89A ] C:\Windows\System32\qmgr.dll
18:01:29.0308 4804 C:\Windows\System32\qmgr.dll - ok
18:01:29.0315 4804 [ BEB6470532B7461D7BB426E3FACB424F ] C:\Windows\System32\browser.dll
18:01:29.0315 4804 C:\Windows\System32\browser.dll - ok
18:01:29.0323 4804 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] C:\Windows\System32\bthserv.dll
18:01:29.0323 4804 C:\Windows\System32\bthserv.dll - ok
18:01:29.0330 4804 [ 0600E04315FE543802A379D5D23C8BE0 ] C:\Windows\System32\certprop.dll
18:01:29.0330 4804 C:\Windows\System32\certprop.dll - ok
18:01:29.0339 4804 [ 4843A1784BA6434DFF80F841DDC592C6 ] C:\Windows\System32\comres.dll
18:01:29.0339 4804 C:\Windows\System32\comres.dll - ok
18:01:29.0347 4804 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
18:01:29.0347 4804 C:\Windows\System32\winbrand.dll - ok
18:01:29.0356 4804 [ 1C26FB097170A2A91066D1E3A24366E3 ] C:\Windows\System32\cryptsvc.dll
18:01:29.0356 4804 C:\Windows\System32\cryptsvc.dll - ok
18:01:29.0363 4804 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
18:01:29.0363 4804 C:\Windows\System32\dfsrres.dll - ok
18:01:29.0370 4804 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
18:01:29.0370 4804 C:\Windows\System32\oleres.dll - ok
18:01:29.0378 4804 [ BE3D1E84378DE1F4C448FD59541581E9 ] C:\Windows\System32\dot3svc.dll
18:01:29.0378 4804 C:\Windows\System32\dot3svc.dll - ok
18:01:29.0385 4804 [ 8EA277BDA2730C9B34ADD67CDD593D64 ] C:\Windows\ehome\ehrecvr.exe
18:01:29.0385 4804 C:\Windows\ehome\ehrecvr.exe - ok
18:01:29.0392 4804 [ 032C90AD677BF7B7A8013D6087C7A921 ] C:\Windows\System32\dps.dll
18:01:29.0392 4804 C:\Windows\System32\dps.dll - ok
18:01:29.0399 4804 [ 90A0A875642E18618010645311B4E89E ] C:\Windows\System32\eapsvc.dll
18:01:29.0399 4804 C:\Windows\System32\eapsvc.dll - ok
18:01:29.0406 4804 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
18:01:29.0407 4804 C:\Windows\ehome\ehsched.exe - ok
18:01:29.0413 4804 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll
18:01:29.0413 4804 C:\Windows\ehome\ehstart.dll - ok
18:01:29.0420 4804 [ 3226FDA08988526E819E364E8CCE4CEE ] C:\Windows\System32\emdmgmt.dll
18:01:29.0420 4804 C:\Windows\System32\emdmgmt.dll - ok
18:01:29.0428 4804 [ 37ADD2A134AE436FFF0976D69449F45C ] C:\Windows\System32\wevtsvc.dll
18:01:29.0428 4804 C:\Windows\System32\wevtsvc.dll - ok
18:01:29.0435 4804 [ 4F34903E7989C6EDDAAABDEE6E01D381 ] C:\Windows\System32\schannel.dll
18:01:29.0435 4804 C:\Windows\System32\schannel.dll - ok
18:01:29.0442 4804 [ 8B8DF4AE8B98BB671E1DAB65C72411B4 ] C:\Windows\System32\wdigest.dll
18:01:29.0443 4804 C:\Windows\System32\wdigest.dll - ok
18:01:29.0449 4804 [ A90247CD20C2DB51C264EACC00A3039F ] C:\Windows\System32\rsaenh.dll
18:01:29.0449 4804 C:\Windows\System32\rsaenh.dll - ok
18:01:29.0458 4804 [ 07A6B9B0227E2FAAD4DF420B7230E790 ] C:\Windows\System32\TSpkg.dll
18:01:29.0459 4804 C:\Windows\System32\TSpkg.dll - ok
18:01:29.0465 4804 [ E43BCE1A77D6FD4ED5F8E0482B9E7DF1 ] C:\Windows\System32\fdPHost.dll
18:01:29.0465 4804 C:\Windows\System32\fdPHost.dll - ok
18:01:29.0474 4804 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
18:01:29.0474 4804 C:\Windows\System32\FDResPub.dll - ok
18:01:29.0479 4804 [ 0DFC9EA99681BF966F794AF7C39495F2 ] C:\Windows\System32\gpapi.dll
18:01:29.0479 4804 C:\Windows\System32\gpapi.dll - ok
18:01:29.0486 4804 [ 8DFB65834D4EE6DEB463858F591EA8D8 ] C:\Windows\System32\PresentationHost.exe
18:01:29.0486 4804 C:\Windows\System32\PresentationHost.exe - ok
18:01:29.0494 4804 [ 8FA640195279ACE21BEA91396A0054FC ] C:\Windows\System32\hidserv.dll
18:01:29.0494 4804 C:\Windows\System32\hidserv.dll - ok
18:01:29.0501 4804 [ D40AA05E29BF6ED29B139F044B461E9B ] C:\Windows\System32\KMSVC.DLL
18:01:29.0501 4804 C:\Windows\System32\KMSVC.DLL - ok
18:01:29.0508 4804 [ 58236642134BC28334F3209F0130F7A0 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
18:01:29.0509 4804 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
18:01:29.0516 4804 [ 4456E314E60177B03E5CBE64CD6A337E ] C:\Windows\System32\IKEEXT.DLL
18:01:29.0516 4804 C:\Windows\System32\IKEEXT.DLL - ok
18:01:29.0524 4804 [ 88CF5281ED9880D74DC9011CF8B5262D ] C:\Windows\System32\IPBusEnum.dll
18:01:29.0524 4804 C:\Windows\System32\IPBusEnum.dll - ok
18:01:29.0530 4804 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
18:01:29.0530 4804 C:\Windows\System32\keyiso.dll - ok
18:01:29.0537 4804 [ 53D1482FC1AA36AC015A85E6CF2146BD ] C:\Windows\System32\srvsvc.dll
18:01:29.0537 4804 C:\Windows\System32\srvsvc.dll - ok
18:01:29.0544 4804 [ 435F0F6DC87A4B5DA78F1FA309884189 ] C:\Windows\System32\wkssvc.dll
18:01:29.0544 4804 C:\Windows\System32\wkssvc.dll - ok
18:01:29.0550 4804 [ 3E7BBCC5422583AC30332C562F5DC45F ] C:\Windows\ehome\ehres.dll
18:01:29.0551 4804 C:\Windows\ehome\ehres.dll - ok
18:01:29.0558 4804 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
18:01:29.0558 4804 C:\Windows\System32\lltdres.dll - ok
18:01:29.0562 4804 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
18:01:29.0562 4804 C:\Windows\System32\lmhsvc.dll - ok
18:01:29.0569 4804 [ 5ED6BB7CB8726BB1E5EE479FB9E61A18 ] C:\Windows\System32\FirewallAPI.dll
18:01:29.0569 4804 C:\Windows\System32\FirewallAPI.dll - ok
18:01:29.0577 4804 [ 9DFA3A459AF0954AA85B4F7622AD87BB ] C:\Windows\System32\mmcss.dll
18:01:29.0577 4804 C:\Windows\System32\mmcss.dll - ok
18:01:29.0584 4804 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
18:01:29.0584 4804 C:\Windows\System32\iscsidsc.dll - ok
18:01:29.0593 4804 [ 200C81D5EB703CEF14C5A11D12E22396 ] C:\Windows\System32\msimsg.dll
18:01:29.0593 4804 C:\Windows\System32\msimsg.dll - ok
18:01:29.0600 4804 [ 1CDBB5D002FE2BC5300AA20550D8A52E ] C:\Windows\System32\QAGENTRT.DLL
18:01:29.0600 4804 C:\Windows\System32\QAGENTRT.DLL - ok
18:01:29.0608 4804 [ 90A4DAE28B94497F83BEA0F2A3B77092 ] C:\Windows\System32\netman.dll
18:01:29.0608 4804 C:\Windows\System32\netman.dll - ok
18:01:29.0614 4804 [ 3A500F3E98436E852C25E6206161B0D4 ] C:\Windows\System32\netprof.dll
18:01:29.0615 4804 C:\Windows\System32\netprof.dll - ok
18:01:29.0621 4804 [ 23B8201A363DE0E649FC75EE9874DEE2 ] C:\Windows\System32\nsisvc.dll
18:01:29.0621 4804 C:\Windows\System32\nsisvc.dll - ok
18:01:29.0629 4804 [ 016D01D3B8FB976A193C7434BED8DCCF ] C:\Windows\System32\p2psvc.dll
18:01:29.0629 4804 C:\Windows\System32\p2psvc.dll - ok
18:01:29.0635 4804 [ D8C5C215C932233A4F1D7F368F4E4E65 ] C:\Windows\System32\pcasvc.dll
18:01:29.0636 4804 C:\Windows\System32\pcasvc.dll - ok
18:01:29.0643 4804 [ CD05A38D166BEADE18030BAFC0C0A939 ] C:\Windows\System32\pla.dll
18:01:29.0643 4804 C:\Windows\System32\pla.dll - ok
18:01:29.0650 4804 [ 747BB4C31F3B6E8D1B5ED0AD61518CB5 ] C:\Windows\System32\umpnpmgr.dll
18:01:29.0650 4804 C:\Windows\System32\umpnpmgr.dll - ok
18:01:29.0658 4804 [ 6B23DBA3732D20A59348B766E1CFBD20 ] C:\Windows\System32\polstore.dll
18:01:29.0658 4804 C:\Windows\System32\polstore.dll - ok
18:01:29.0665 4804 [ 213112E152E68F0E4705E36F052A2880 ] C:\Windows\System32\profsvc.dll
18:01:29.0665 4804 C:\Windows\System32\profsvc.dll - ok
18:01:29.0672 4804 [ 740FCD1371B5E2E34072397DBA4BCFB2 ] C:\Windows\System32\psbase.dll
18:01:29.0672 4804 C:\Windows\System32\psbase.dll - ok
18:01:29.0680 4804 [ D2B3E2B7426DC23E185FBC73C8936C12 ] C:\Windows\System32\drivers\qwavedrv.sys
18:01:29.0680 4804 C:\Windows\System32\drivers\qwavedrv.sys - ok
18:01:29.0687 4804 [ CA61BDFD3713A7CE75F2812AFC431594 ] C:\Windows\System32\qwave.dll
18:01:29.0687 4804 C:\Windows\System32\qwave.dll - ok
18:01:29.0695 4804 [ 8F97D374AD1857E1EED85A79F29A1D3D ] C:\Windows\WindowsMobile\rapimgr.dll
18:01:29.0695 4804 C:\Windows\WindowsMobile\rapimgr.dll - ok
18:01:29.0701 4804 [ F14F4AAB9F54D099FE99192BDB100AC9 ] C:\Windows\System32\rasauto.dll
18:01:29.0702 4804 C:\Windows\System32\rasauto.dll - ok
18:01:29.0709 4804 [ 11D65E29BC9D1E4114D18FE68194394C ] C:\Windows\System32\rasmans.dll
18:01:29.0709 4804 C:\Windows\System32\rasmans.dll - ok
18:01:29.0716 4804 [ 6C1A43C589EE8011A1EBFD51C01B77CE ] C:\Windows\System32\mprdim.dll
18:01:29.0716 4804 C:\Windows\System32\mprdim.dll - ok
18:01:29.0722 4804 [ 9A043808667C8C1893DA7275AF373F0E ] C:\Windows\System32\regsvc.dll
18:01:29.0725 4804 C:\Windows\System32\regsvc.dll - ok
18:01:29.0730 4804 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
18:01:29.0730 4804 C:\Windows\System32\Locator.exe - ok
18:01:29.0737 4804 [ 565B4B9E5AD2F2F18A4F8AAFA6C06BBB ] C:\Windows\System32\SCardSvr.dll
18:01:29.0737 4804 C:\Windows\System32\SCardSvr.dll - ok
18:01:29.0744 4804 [ 886CEC884B5BE29AB9828B8AB46B11F7 ] C:\Windows\System32\schedsvc.dll
18:01:29.0745 4804 C:\Windows\System32\schedsvc.dll - ok
18:01:29.0751 4804 [ F7B6BF02240D0A764ADF8C8966735552 ] C:\Windows\System32\sdrsvc.dll
18:01:29.0751 4804 C:\Windows\System32\sdrsvc.dll - ok
18:01:29.0759 4804 [ 8388C4133DDBE62AD7BC3EC9F14271ED ] C:\Windows\System32\seclogon.dll
18:01:29.0759 4804 C:\Windows\System32\seclogon.dll - ok
18:01:29.0766 4804 [ 34350AE2C1D33D21C7305F861BD8DAD8 ] C:\Windows\System32\Sens.dll
18:01:29.0766 4804 C:\Windows\System32\Sens.dll - ok
18:01:29.0773 4804 [ 78878235DA4DF0D116E86837A0A21DF8 ] C:\Windows\System32\SessEnv.dll
18:01:29.0773 4804 C:\Windows\System32\SessEnv.dll - ok
18:01:29.0781 4804 [ B264DFA21677728613267FE63802B332 ] C:\Windows\System32\shsvcs.dll
18:01:29.0781 4804 C:\Windows\System32\shsvcs.dll - ok
18:01:29.0788 4804 [ A1DCD30534835CB67733AD00175125A6 ] C:\Windows\System32\SLsvc.exe
18:01:29.0788 4804 C:\Windows\System32\SLsvc.exe - ok
18:01:29.0795 4804 [ 56DA296E7B376A727E7BDC5AC7FBEE02 ] C:\Windows\System32\SLUINotify.dll
18:01:29.0795 4804 C:\Windows\System32\SLUINotify.dll - ok
18:01:29.0802 4804 [ 631BA44A54A75D8DCE1CBE2354019780 ] C:\Windows\System32\tcpipcfg.dll
18:01:29.0802 4804 C:\Windows\System32\tcpipcfg.dll - ok
18:01:29.0810 4804 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
18:01:29.0810 4804 C:\Windows\System32\snmptrap.exe - ok
18:01:29.0814 4804 [ DA612EF2556776DF2630B68BF2D48935 ] C:\Windows\System32\spoolsv.exe
18:01:29.0814 4804 C:\Windows\System32\spoolsv.exe - ok
18:01:29.0821 4804 [ A941E099EF46E3CC12F898CBE1C39910 ] C:\Windows\System32\wiaservc.dll
18:01:29.0821 4804 C:\Windows\System32\wiaservc.dll - ok
18:01:29.0830 4804 [ 749ADA8D6C18A08ADFEDE69CBF5DB2E0 ] C:\Windows\System32\swprv.dll
18:01:29.0830 4804 C:\Windows\System32\swprv.dll - ok
18:01:29.0837 4804 [ 6D73375116FAE5360B16F0A2D9B773CE ] C:\Windows\System32\sysmain.dll
18:01:29.0837 4804 C:\Windows\System32\sysmain.dll - ok
18:01:29.0844 4804 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
18:01:29.0844 4804 C:\Windows\System32\TabSvc.dll - ok
18:01:29.0851 4804 [ EF3DD33C740FC2F82E7E4622F1C49289 ] C:\Windows\System32\tapisrv.dll
18:01:29.0852 4804 C:\Windows\System32\tapisrv.dll - ok
18:01:29.0860 4804 [ 68FA52794AE9ACC61BDE16FE0956B414 ] C:\Windows\System32\tbssvc.dll
18:01:29.0860 4804 C:\Windows\System32\tbssvc.dll - ok
18:01:29.0866 4804 [ FAD71C1E8E4047B154E899AE31EB8CAA ] C:\Windows\System32\termsrv.dll
18:01:29.0866 4804 C:\Windows\System32\termsrv.dll - ok
18:01:29.0873 4804 [ 34E388A395FEDBA1D0511ED39BBF4074 ] C:\Windows\servicing\TrustedInstaller.exe
18:01:29.0873 4804 C:\Windows\servicing\TrustedInstaller.exe - ok
18:01:29.0882 4804 [ 6BBA0582C0025D43729A1112D3B57897 ] C:\Windows\System32\trkwks.dll
18:01:29.0882 4804 C:\Windows\System32\trkwks.dll - ok
18:01:29.0889 4804 [ 24A333F4F14DCFB6FF6D5A1B9E5D79DD ] C:\Windows\System32\UI0Detect.exe
18:01:29.0889 4804 C:\Windows\System32\UI0Detect.exe - ok
18:01:29.0896 4804 [ 8EB871A3DEB6B3D5A85EB6DDFC390B59 ] C:\Windows\System32\upnphost.dll
18:01:29.0897 4804 C:\Windows\System32\upnphost.dll - ok
18:01:29.0903 4804 [ E87B968F3D49117445893EB0503FE34F ] C:\Windows\System32\dwm.exe
18:01:29.0903 4804 C:\Windows\System32\dwm.exe - ok
18:01:29.0910 4804 [ C9D0BAFEE0D0A2681F048CA61BC0DA96 ] C:\Windows\System32\vds.exe
18:01:29.0911 4804 C:\Windows\System32\vds.exe - ok
18:01:29.0917 4804 [ E0E29D9EF2524ABD11749C7C2FD7F607 ] C:\Windows\System32\VSSVC.exe
18:01:29.0917 4804 C:\Windows\System32\VSSVC.exe - ok
18:01:29.0924 4804 [ 62B0D0F6F5580D9D0DFA5E0B466FF2ED ] C:\Windows\System32\w32time.dll
18:01:29.0924 4804 C:\Windows\System32\w32time.dll - ok
18:01:29.0932 4804 [ 59E19BD13C3BDB857646B9E436BA27F7 ] C:\Windows\WindowsMobile\wcescomm.dll
18:01:29.0932 4804 C:\Windows\WindowsMobile\wcescomm.dll - ok
18:01:29.0939 4804 [ C1B19162E0509CEAB4CDF664E139D956 ] C:\Windows\System32\wcncsvc.dll
18:01:29.0939 4804 C:\Windows\System32\wcncsvc.dll - ok
18:01:29.0947 4804 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
18:01:29.0948 4804 C:\Windows\System32\WcsPlugInService.dll - ok
18:01:29.0954 4804 [ 2A424B89B14EF17A3D06BCB5A8F79601 ] C:\Windows\System32\wdi.dll
18:01:29.0954 4804 C:\Windows\System32\wdi.dll - ok
18:01:29.0962 4804 [ 01E41C264EEDCB827820A1909162579F ] C:\Windows\System32\WebClnt.dll
18:01:29.0962 4804 C:\Windows\System32\WebClnt.dll - ok
18:01:29.0969 4804 [ 9CF67FF7F8D34CBF115D0C278B9F74AA ] C:\Windows\System32\wecsvc.dll
18:01:29.0969 4804 C:\Windows\System32\wecsvc.dll - ok
18:01:29.0977 4804 [ B68CAB45DB1DAB59D92ACADFAD6364A8 ] C:\Windows\System32\wercplsupport.dll
18:01:29.0977 4804 C:\Windows\System32\wercplsupport.dll - ok
18:01:29.0983 4804 [ 36BA0707680EF4236FD752BEE982CC25 ] C:\Windows\System32\wersvc.dll
18:01:29.0984 4804 C:\Windows\System32\wersvc.dll - ok
18:01:29.0990 4804 [ E762562A8D43BDE3EE11428EB681FF9C ] C:\Windows\System32\winhttp.dll
18:01:29.0990 4804 C:\Windows\System32\winhttp.dll - ok
18:01:29.0998 4804 [ 38A7B89DE4E3417C122317949667FDD8 ] C:\Windows\System32\wbem\WMIsvc.dll
18:01:29.0998 4804 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:01:30.0004 4804 [ 3F6823040030C3E4DA1CF11CD40B7534 ] C:\Windows\System32\WsmSvc.dll
18:01:30.0005 4804 C:\Windows\System32\WsmSvc.dll - ok
18:01:30.0013 4804 [ B410476A00961BF3FC368A346D8EA6A7 ] C:\Windows\System32\wlansvc.dll
18:01:30.0013 4804 C:\Windows\System32\wlansvc.dll - ok
18:01:30.0019 4804 [ A279323BEE5FFFAFDA222910BCE92132 ] C:\Windows\System32\wbem\WmiApSrv.exe
18:01:30.0020 4804 C:\Windows\System32\wbem\WmiApSrv.exe - ok
18:01:30.0027 4804 [ ACB2E63D50157E3EA7140F29D9E76A48 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:01:30.0027 4804 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:01:30.0035 4804 [ 3D3B3B80C12ABE506F56930C46422C28 ] C:\Windows\System32\wpcsvc.dll
18:01:30.0035 4804 C:\Windows\System32\wpcsvc.dll - ok
18:01:30.0045 4804 [ C24844A1D0D9528B19D5BC266B8CD572 ] C:\Windows\System32\wpdbusenum.dll
18:01:30.0045 4804 C:\Windows\System32\wpdbusenum.dll - ok
18:01:30.0052 4804 [ F97CBB919AF6D0A6643D1A59C15014D1 ] C:\Windows\System32\wscsvc.dll
18:01:30.0053 4804 C:\Windows\System32\wscsvc.dll - ok
18:01:30.0062 4804 [ CBA6D7DCE8D7F10C541BED38DD6A7EAB ] C:\Windows\System32\SearchIndexer.exe
18:01:30.0062 4804 C:\Windows\System32\SearchIndexer.exe - ok
18:01:30.0067 4804 [ 6298277B73C77FA99106B271A7525163 ] C:\Windows\System32\wuaueng.dll
18:01:30.0067 4804 C:\Windows\System32\wuaueng.dll - ok
18:01:30.0074 4804 [ DB5BF5AAB72B1B99B5331231D09EBB26 ] C:\Windows\System32\WUDFSvc.dll
18:01:30.0075 4804 C:\Windows\System32\WUDFSvc.dll - ok
18:01:30.0085 4804 [ 80E2839D05CA5970A86D7BE2A08BFF61 ] C:\Windows\System32\scecli.dll
18:01:30.0085 4804 C:\Windows\System32\scecli.dll - ok
18:01:30.0094 4804 [ BBDE9DB609D0657BE77AF63CC392F6B0 ] C:\Windows\System32\ntmarta.dll
18:01:30.0094 4804 C:\Windows\System32\ntmarta.dll - ok
18:01:30.0101 4804 [ 10DA15933D582D2FEDCF705EFE394B09 ] C:\Windows\System32\svchost.exe
18:01:30.0102 4804 C:\Windows\System32\svchost.exe - ok
18:01:30.0111 4804 [ 3CDEC51291F735C5C276B957239017A3 ] C:\Windows\System32\powrprof.dll
18:01:30.0111 4804 C:\Windows\System32\powrprof.dll - ok
18:01:30.0119 4804 [ 42885BB44B6E065B8575A8DD6C430C52 ] C:\Windows\System32\drivers\luafv.sys
18:01:30.0119 4804 C:\Windows\System32\drivers\luafv.sys - ok
18:01:30.0128 4804 [ 629CABB0421668C9D3D402A3C3D77E14 ] C:\Windows\System32\drivers\mbam.sys
18:01:30.0128 4804 C:\Windows\System32\drivers\mbam.sys - ok
18:01:30.0136 4804 [ 7B981222A257D076885BFFB66F19B7CE ] C:\Windows\System32\rpcss.dll
18:01:30.0136 4804 C:\Windows\System32\rpcss.dll - ok
18:01:30.0145 4804 [ D8C819157EBA10401FD25FB48184EF24 ] C:\Windows\System32\version.dll
18:01:30.0145 4804 C:\Windows\System32\version.dll - ok
18:01:30.0153 4804 [ EAB1144395AACB4CBB85AE5F6334CB3F ] C:\Windows\System32\LogonUI.exe
18:01:30.0153 4804 C:\Windows\System32\LogonUI.exe - ok
18:01:30.0162 4804 [ B55A6BEA7EA9087DC72485D5E028EBCB ] C:\Windows\System32\MMDevAPI.dll
18:01:30.0162 4804 C:\Windows\System32\MMDevAPI.dll - ok
18:01:30.0170 4804 [ 501956FA7FF3E5277BEB396E4F5C6F23 ] C:\Windows\System32\authui.dll
18:01:30.0170 4804 C:\Windows\System32\authui.dll - ok
18:01:30.0180 4804 [ A6A8DA7AE4D53394AB22AC3AB6D3F5D3 ] C:\Windows\System32\drivers\fltMgr.sys
18:01:30.0180 4804 C:\Windows\System32\drivers\fltMgr.sys - ok
18:01:30.0188 4804 [ 4D14689094BFE7C16CDECF659D8A80F6 ] C:\Windows\System32\wtsapi32.dll
18:01:30.0188 4804 C:\Windows\System32\wtsapi32.dll - ok
18:01:30.0199 4804 [ B28A9B2300A250B703D44C1759AF2605 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
18:01:30.0199 4804 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll - ok
18:01:30.0207 4804 [ B3FF96D8591FF8608BB53214FF0A8B49 ] C:\Windows\System32\avrt.dll
18:01:30.0207 4804 C:\Windows\System32\avrt.dll - ok
18:01:30.0222 4804 [ 54BF0DCEC92854F8FAEC362AB2BC8600 ] C:\Windows\System32\cabinet.dll
18:01:30.0222 4804 C:\Windows\System32\cabinet.dll - ok
18:01:30.0233 4804 [ C6E246BE0C525762C474F7EC758A70A9 ] C:\Windows\System32\wintrust.dll
18:01:30.0233 4804 C:\Windows\System32\wintrust.dll - ok
18:01:30.0240 4804 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
18:01:30.0240 4804 C:\Windows\System32\msimg32.dll - ok
18:01:30.0250 4804 [ E340D47578B8CB8A86D3578EA50A3B83 ] C:\Windows\System32\uxtheme.dll
18:01:30.0251 4804 C:\Windows\System32\uxtheme.dll - ok
18:01:30.0262 4804 [ AD5B9D71CCCFB5FA200271537F185544 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll
18:01:30.0262 4804 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16782_none_9ea1072ec96e0be7\GdiPlus.dll - ok
18:01:30.0270 4804 [ 8356A02DD1B2783987134FDF8B71633F ] C:\Windows\System32\ci.dll
18:01:30.0270 4804 C:\Windows\System32\ci.dll - ok
18:01:30.0281 4804 [ 3CC7841F318C99819BE3A9736C9A7BA1 ] C:\Windows\System32\duser.dll
18:01:30.0281 4804 C:\Windows\System32\duser.dll - ok
18:01:30.0288 4804 [ 71A2DCA8F626FCEF8BFF7E2C17C67A7F ] C:\Windows\System32\xmllite.dll
18:01:30.0288 4804 C:\Windows\System32\xmllite.dll - ok
18:01:30.0297 4804 [ EE472CD2C01F6F8E8AA1FA06FFEF61B6 ] C:\Windows\System32\drivers\drmkaud.sys
18:01:30.0297 4804 C:\Windows\System32\drivers\drmkaud.sys - ok
18:01:30.0304 4804 [ 9694942A39AB2A7DF58A1D95EA37AC3D ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:01:30.0304 4804 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:01:30.0312 4804 [ B1B7BF8A406A19CC4AD6E45555EA77E5 ] C:\Windows\System32\audiodg.exe
18:01:30.0312 4804 C:\Windows\System32\audiodg.exe - ok
18:01:30.0316 4804 [ 2CD4F35B30A5781D0628BEF5BC07CA70 ] C:\Windows\System32\rasplap.dll
18:01:30.0317 4804 C:\Windows\System32\rasplap.dll - ok
18:01:30.0323 4804 [ 35A9D03D0B77E4A35104D851B1095A59 ] C:\Windows\System32\WinSCard.dll
18:01:30.0323 4804 C:\Windows\System32\WinSCard.dll - ok
18:01:30.0331 4804 [ 4E579F380701D9BF0669ED61E8EC5951 ] C:\Windows\System32\rasapi32.dll
18:01:30.0331 4804 C:\Windows\System32\rasapi32.dll - ok
18:01:30.0338 4804 [ 9BCBDCA7312A0806CE7D8976C314A988 ] C:\Windows\System32\rasman.dll
18:01:30.0338 4804 C:\Windows\System32\rasman.dll - ok
18:01:30.0345 4804 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
18:01:30.0346 4804 C:\Windows\System32\tapi32.dll - ok
18:01:30.0352 4804 [ BF832D4C49AAEA869E7D9248D0E73A83 ] C:\Windows\System32\rtutils.dll
18:01:30.0352 4804 C:\Windows\System32\rtutils.dll - ok
18:01:30.0359 4804 [ 3B5E50A380AE03249C9F60E5BB28EFCB ] C:\Windows\System32\winmm.dll
18:01:30.0359 4804 C:\Windows\System32\winmm.dll - ok
18:01:30.0366 4804 [ 40AC3601ACA74A015C4E0DB0727929CA ] C:\Windows\System32\oleacc.dll
18:01:30.0366 4804 C:\Windows\System32\oleacc.dll - ok
18:01:30.0373 4804 [ 8758474CE387F7F18F2672C89D8AF6E8 ] C:\Windows\System32\shgina.dll
18:01:30.0373 4804 C:\Windows\System32\shgina.dll - ok
18:01:30.0381 4804 [ BCF6589C42D8F6A20F33EF133FFE0524 ] C:\Windows\System32\gpsvc.dll
18:01:30.0381 4804 C:\Windows\System32\gpsvc.dll - ok
18:01:30.0387 4804 [ 96BC076D1BA9FEE72709FC72DC025270 ] C:\Windows\System32\propsys.dll
18:01:30.0388 4804 C:\Windows\System32\propsys.dll - ok
18:01:30.0397 4804 [ 0227EDA48B7A2E8751557006D4ABD832 ] C:\Windows\System32\shacct.dll
18:01:30.0397 4804 C:\Windows\System32\shacct.dll - ok
18:01:30.0403 4804 [ 0F0DA05C44E911301028D9CEC6294EBB ] C:\Windows\System32\nlaapi.dll
18:01:30.0403 4804 C:\Windows\System32\nlaapi.dll - ok
18:01:30.0410 4804 [ 36C5C3CAB3B467BA68AE345C9B9DADC3 ] C:\Windows\System32\atl.dll
18:01:30.0410 4804 C:\Windows\System32\atl.dll - ok
18:01:30.0417 4804 [ 297ED36343DE583013757975AF58DA84 ] C:\Windows\System32\drivers\spsys.sys
18:01:30.0417 4804 C:\Windows\System32\drivers\spsys.sys - ok
18:01:30.0424 4804 [ C3A87CA43956F2B8D0C3F567F129ABF3 ] C:\Windows\System32\wdmaud.drv
18:01:30.0424 4804 C:\Windows\System32\wdmaud.drv - ok
18:01:30.0431 4804 [ 7C0D4B898C24000DBEDFF0BDAFEC2EC4 ] C:\Windows\System32\adtschema.dll
18:01:30.0432 4804 C:\Windows\System32\adtschema.dll - ok
18:01:30.0438 4804 [ 7B4971C3D43525175A4EA0D143E0412E ] C:\Windows\System32\es.dll
18:01:30.0438 4804 C:\Windows\System32\es.dll - ok
18:01:30.0446 4804 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
18:01:30.0446 4804 C:\Windows\System32\ksuser.dll - ok
18:01:30.0452 4804 [ 663C2340C3061A99D1C58F8094F66CEC ] C:\Windows\System32\AudioSes.dll
18:01:30.0453 4804 C:\Windows\System32\AudioSes.dll - ok
18:01:30.0459 4804 [ 03F14F32FA71F9DA9FA60CC0000EACD4 ] C:\Windows\System32\AudioEng.dll
18:01:30.0459 4804 C:\Windows\System32\AudioEng.dll - ok
18:01:30.0467 4804 [ 869CE6723EF0A65ED91B93978370FA5B ] C:\Windows\System32\WindowsCodecs.dll
18:01:30.0467 4804 C:\Windows\System32\WindowsCodecs.dll - ok
18:01:30.0474 4804 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
18:01:30.0474 4804 C:\Windows\System32\hid.dll - ok
18:01:30.0481 4804 [ F79D0D7C9004474CB42746D9B2C30A2B ] C:\Windows\System32\uxsms.dll
18:01:30.0481 4804 C:\Windows\System32\uxsms.dll - ok
18:01:30.0488 4804 [ 972A0C4A4CBF7575D5E2CA20229820B9 ] C:\Windows\System32\PSHED.DLL
18:01:30.0488 4804 C:\Windows\System32\PSHED.DLL - ok
18:01:30.0496 4804 [ 02BA9C898969CA850C84DDF867378C27 ] C:\Windows\System32\msacm32.dll
18:01:30.0496 4804 C:\Windows\System32\msacm32.dll - ok
18:01:30.0504 4804 [ 49F6BF22FA9DAD48E5E6964B1775EEBF ] C:\Windows\System32\msacm32.drv
18:01:30.0504 4804 C:\Windows\System32\msacm32.drv - ok
18:01:30.0511 4804 [ 848E745A842F903FD521DB585AB00D97 ] C:\Windows\System32\midimap.dll
18:01:30.0511 4804 C:\Windows\System32\midimap.dll - ok
18:01:30.0519 4804 [ 6D78A92F2CDB58DA04207AA57C58E87C ] C:\Windows\System32\WUDFPlatform.dll
18:01:30.0519 4804 C:\Windows\System32\WUDFPlatform.dll - ok
18:01:30.0525 4804 [ FD015B4F95DAA2B712F0E372A116FBAD ] C:\Windows\System32\drivers\lltdio.sys
18:01:30.0525 4804 C:\Windows\System32\drivers\lltdio.sys - ok
18:01:30.0533 4804 [ 1D162E52FB691EB555A476B04B4BFF3F ] C:\Windows\System32\drivers\nwifi.sys
18:01:30.0533 4804 C:\Windows\System32\drivers\nwifi.sys - ok
18:01:30.0540 4804 [ 5DE5EE546BF40838EBE0E01CB629DF64 ] C:\Windows\System32\drivers\ndisuio.sys
18:01:30.0540 4804 C:\Windows\System32\drivers\ndisuio.sys - ok
18:01:30.0548 4804 [ 97E939D2128FEC5D5A3E6E79B290A2F4 ] C:\Windows\System32\drivers\rspndr.sys
18:01:30.0548 4804 C:\Windows\System32\drivers\rspndr.sys - ok
18:01:30.0555 4804 [ EECBA1DD142BF8693C476BE8F32FE253 ] C:\Windows\System32\dnsrslvr.dll
18:01:30.0555 4804 C:\Windows\System32\dnsrslvr.dll - ok
18:01:30.0563 4804 [ B2D633D018D722879B6AAAECE9CBFEE1 ] C:\Windows\System32\AUDIOKSE.dll
18:01:30.0564 4804 C:\Windows\System32\AUDIOKSE.dll - ok
18:01:30.0566 4804 [ F99AD9DC3B8CA26C211D92C030787A5C ] C:\Windows\System32\eapphost.dll
18:01:30.0566 4804 C:\Windows\System32\eapphost.dll - ok
18:01:30.0573 4804 [ ED1CE465D0D897889FABEAE3ED9215CF ] C:\Windows\System32\rastls.dll
18:01:30.0573 4804 C:\Windows\System32\rastls.dll - ok
18:01:30.0581 4804 [ 8F23A0C652C9205A919476D1E62D3C65 ] C:\Windows\System32\raschap.dll
18:01:30.0581 4804 C:\Windows\System32\raschap.dll - ok
18:01:30.0588 4804 [ F3F940C6F1EDC2EF2B96BC05F1F8CE8E ] C:\Windows\System32\stapo.dll
18:01:30.0588 4804 C:\Windows\System32\stapo.dll - ok
18:01:30.0595 4804 [ 5EF35DBD3B14B1E595712C92949C349E ] C:\Windows\System32\ctapo32.dll
18:01:30.0595 4804 C:\Windows\System32\ctapo32.dll - ok
18:01:30.0603 4804 [ 2F79ECA048F1EF286D0C13A4D36E6F03 ] C:\Windows\System32\wlanmsm.dll
18:01:30.0603 4804 C:\Windows\System32\wlanmsm.dll - ok
18:01:30.0610 4804 [ CCC726CB37B87869CF0F4D4CE70F7CAE ] C:\Windows\System32\onex.dll
18:01:30.0610 4804 C:\Windows\System32\onex.dll - ok
18:01:30.0617 4804 [ 4E2434B9461F1543946AADA251EFDB12 ] C:\Windows\System32\wlansec.dll
18:01:30.0617 4804 C:\Windows\System32\wlansec.dll - ok
18:01:30.0624 4804 [ D6185339319ADE924A5531196AE4040F ] C:\Windows\System32\WMALFXGFXDSP.dll
18:01:30.0624 4804 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:01:30.0632 4804 [ FC34CA580010DABFEC1EA854BA94AA01 ] C:\Windows\System32\eappcfg.dll
18:01:30.0632 4804 C:\Windows\System32\eappcfg.dll - ok
18:01:30.0638 4804 [ F9FECFEEDCC32E55093FC9F3F5A09739 ] C:\Windows\System32\eappprxy.dll
18:01:30.0638 4804 C:\Windows\System32\eappprxy.dll - ok
18:01:30.0647 4804 [ 979B8FD012A35D567A9088A100DC4D78 ] C:\Windows\System32\wlgpclnt.dll
18:01:30.0647 4804 C:\Windows\System32\wlgpclnt.dll - ok
18:01:30.0653 4804 [ 2FA7EF1006DC44CB3C86E727D432D827 ] C:\Windows\System32\l2gpstore.dll
18:01:30.0653 4804 C:\Windows\System32\l2gpstore.dll - ok
18:01:30.0660 4804 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
18:01:30.0660 4804 C:\Windows\System32\wlanutil.dll - ok
18:01:30.0667 4804 [ 3283DE6F4B572CE2E1710F336489AA28 ] C:\Windows\System32\mfplat.dll
18:01:30.0668 4804 C:\Windows\System32\mfplat.dll - ok
18:01:30.0674 4804 [ 473DF61261C234A4A4C577F3631B9327 ] C:\Windows\System32\msxml6.dll
18:01:30.0674 4804 C:\Windows\System32\msxml6.dll - ok
18:01:30.0682 4804 [ AB4BC1F10FF8273D4B54DAC4DE4B7AA4 ] C:\Windows\System32\aestaren.dll
18:01:30.0682 4804 C:\Windows\System32\aestaren.dll - ok
18:01:30.0689 4804 [ 38D84E4D1F7514B883D2858C54E81441 ] C:\Windows\System32\ktmw32.dll
18:01:30.0689 4804 C:\Windows\System32\ktmw32.dll - ok
18:01:30.0698 4804 [ 4A05089F43041903A3C523A3C16E3350 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
18:01:30.0698 4804 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll - ok
18:01:30.0704 4804 [ 096B4ACC6E513D400B79BBE986A12AC3 ] C:\Windows\System32\taskcomp.dll
18:01:30.0704 4804 C:\Windows\System32\taskcomp.dll - ok
18:01:30.0711 4804 [ EA24FE637D974A8A31BC650F478E3533 ] C:\Windows\System32\drivers\http.sys
18:01:30.0711 4804 C:\Windows\System32\drivers\http.sys - ok
18:01:30.0718 4804 [ FDE35AE1E3A1F21AE1E31674295F31E9 ] C:\Windows\System32\netcfgx.dll
18:01:30.0718 4804 C:\Windows\System32\netcfgx.dll - ok
18:01:30.0725 4804 [ 976B09666D0A076ECC3F330891DA0DAD ] C:\Windows\System32\spoolss.dll
18:01:30.0725 4804 C:\Windows\System32\spoolss.dll - ok
18:01:30.0733 4804 [ 9E1A4603B874EEBCE0298113951ABEFB ] C:\Windows\System32\drivers\srvnet.sys
18:01:30.0733 4804 C:\Windows\System32\drivers\srvnet.sys - ok
18:01:30.0739 4804 [ 151A9EB1398736668D9E78DECFD013D2 ] C:\Windows\System32\wiarpc.dll
18:01:30.0740 4804 C:\Windows\System32\wiarpc.dll - ok
18:01:30.0748 4804 [ 8B6CE5B87BA3A6A61CFB927428D2C498 ] C:\Windows\System32\FWPUCLNT.DLL
18:01:30.0748 4804 C:\Windows\System32\FWPUCLNT.DLL - ok
18:01:30.0754 4804 [ 913CD06FBE9105CE6077E90FD4418561 ] C:\Windows\System32\drivers\bowser.sys
18:01:30.0754 4804 C:\Windows\System32\drivers\bowser.sys - ok
18:01:30.0761 4804 [ 6E7A7F0C1193EE5648443FE2D4B789EC ] C:\Windows\System32\drivers\mpsdrv.sys
18:01:30.0761 4804 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:01:30.0768 4804 [ 1D8828B98EE309D65E006F0829E280E5 ] C:\Windows\System32\drivers\mrxdav.sys
18:01:30.0769 4804 C:\Windows\System32\drivers\mrxdav.sys - ok
18:01:30.0775 4804 [ 563ED845885C6A7C09A7715D8BD0585C ] C:\Windows\System32\MPSSVC.dll
18:01:30.0775 4804 C:\Windows\System32\MPSSVC.dll - ok
18:01:30.0783 4804 [ 8AF705CE1BB907932157FAB821170F27 ] C:\Windows\System32\drivers\mrxsmb.sys
18:01:30.0783 4804 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:01:30.0790 4804 [ 47E13AB23371BE3279EEF22BBFA2C1BE ] C:\Windows\System32\drivers\mrxsmb10.sys
18:01:30.0790 4804 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:01:30.0798 4804 [ 90B3FC7BD6B3D7EE7635DEBBA2187F66 ] C:\Windows\System32\drivers\mrxsmb20.sys
18:01:30.0798 4804 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:01:30.0805 4804 [ 6971A757AF8CB5E2CBCBB76CC530DB6C ] C:\Windows\System32\drivers\srv2.sys
18:01:30.0805 4804 C:\Windows\System32\drivers\srv2.sys - ok
18:01:30.0812 4804 [ 038579C35F7CAD4A4BBF735DBF83277D ] C:\Windows\System32\drivers\srv.sys
18:01:30.0812 4804 C:\Windows\System32\drivers\srv.sys - ok
18:01:30.0817 4804 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
18:01:30.0817 4804 C:\Windows\System32\dllhost.exe - ok
18:01:30.0824 4804 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
18:01:30.0824 4804 C:\Windows\System32\shimeng.dll - ok
18:01:30.0832 4804 [ 89AE93A81985A65BFA55071DAA8C7CD0 ] C:\Windows\System32\AtBroker.exe
18:01:30.0833 4804 C:\Windows\System32\AtBroker.exe - ok
18:01:30.0839 4804 [ 22027835939F86C3E47AD8E3FBDE3D11 ] C:\Windows\System32\userinit.exe
18:01:30.0839 4804 C:\Windows\System32\userinit.exe - ok
18:01:30.0848 4804 [ 5C8D22F3E0B49216C9D2E71BDF202218 ] C:\Windows\System32\dwmapi.dll
18:01:30.0849 4804 C:\Windows\System32\dwmapi.dll - ok
18:01:30.0854 4804 [ 8AB84CD4DF5591D7E59667BF90943372 ] C:\Windows\System32\dwmredir.dll
18:01:30.0854 4804 C:\Windows\System32\dwmredir.dll - ok
18:01:30.0861 4804 [ B39F1844AD6C656F64ACD32CAEE72CAA ] C:\Windows\System32\slwga.dll
18:01:30.0861 4804 C:\Windows\System32\slwga.dll - ok
18:01:30.0868 4804 [ FF78B8E67EDCE9FEED651D7858D77A04 ] C:\Windows\System32\winrnr.dll
18:01:30.0869 4804 C:\Windows\System32\winrnr.dll - ok
18:01:30.0876 4804 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:01:30.0876 4804 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:01:30.0884 4804 [ 77958E07E2A98C7DB5F98C04DE3440B6 ] C:\Windows\System32\milcore.dll
18:01:30.0884 4804 C:\Windows\System32\milcore.dll - ok
18:01:30.0890 4804 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
18:01:30.0890 4804 C:\Windows\System32\rasadhlp.dll - ok
18:01:30.0897 4804 [ B886D818B9265518A1A6D4AEE43C8159 ] C:\Windows\System32\umb.dll
18:01:30.0897 4804 C:\Windows\System32\umb.dll - ok
18:01:30.0905 4804 [ E37137CB0031440061EB3BF14EC6AC74 ] C:\Windows\System32\localspl.dll
18:01:30.0905 4804 C:\Windows\System32\localspl.dll - ok
18:01:30.0912 4804 [ E72A22DCF0733AC06695ACD2268F6EB3 ] C:\Windows\System32\d3d9.dll
18:01:30.0912 4804 C:\Windows\System32\d3d9.dll - ok
18:01:30.0919 4804 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
18:01:30.0919 4804 C:\Windows\System32\sfc.dll - ok
18:01:30.0926 4804 [ E42320B5A0B23BCB2F324286D0572D68 ] C:\Windows\System32\winspool.drv
18:01:30.0926 4804 C:\Windows\System32\winspool.drv - ok
18:01:30.0933 4804 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
18:01:30.0934 4804 C:\Windows\System32\d3d8thk.dll - ok
18:01:30.0940 4804 [ 25DD4401EA4028D504EFCCF815F53479 ] C:\Windows\System32\igdumd32.dll
18:01:30.0940 4804 C:\Windows\System32\igdumd32.dll - ok
18:01:30.0949 4804 [ 37440D09DEAE0B672A04DCCF7ABF06BE ] C:\Windows\explorer.exe
18:01:30.0949 4804 C:\Windows\explorer.exe - ok
18:01:30.0956 4804 [ AC4F725120BA5A696A460BAD4569714A ] C:\Windows\System32\hpinksts9311LM.dll
18:01:30.0956 4804 C:\Windows\System32\hpinksts9311LM.dll - ok
18:01:30.0963 4804 [ 3D16FB7105A4600349E5C6407CBF76CE ] C:\Windows\System32\uDWM.dll
18:01:30.0963 4804 C:\Windows\System32\uDWM.dll - ok
18:01:30.0971 4804 [ EB53460CE1AAA176E573B2A65027290F ] C:\Windows\System32\HPDiscoPM9311.dll
18:01:30.0971 4804 C:\Windows\System32\HPDiscoPM9311.dll - ok
18:01:30.0978 4804 [ A4B7D7F3675B7C4490C066A4829CB26D ] C:\Windows\System32\shdocvw.dll
18:01:30.0978 4804 C:\Windows\System32\shdocvw.dll - ok
18:01:30.0986 4804 [ F891E412E27C3375257E3D5BD6E17431 ] C:\Windows\System32\wsnmp32.dll
18:01:30.0986 4804 C:\Windows\System32\wsnmp32.dll - ok
18:01:30.0992 4804 [ 4DE222895B78880F4FF4C7B6EDB40EF4 ] C:\Windows\System32\HPZLLLHN.DLL
18:01:30.0993 4804 C:\Windows\System32\HPZLLLHN.DLL - ok
18:01:31.0000 4804 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
18:01:31.0000 4804 C:\Windows\System32\snmpapi.dll - ok
18:01:31.0007 4804 [ 079FDC65148018E64DFCCEA671E8308C ] C:\Windows\System32\tcpmon.dll
18:01:31.0007 4804 C:\Windows\System32\tcpmon.dll - ok
18:01:31.0016 4804 [ EC4A360BA892320DA05BA504EA7390BC ] C:\Windows\System32\browseui.dll
18:01:31.0016 4804 C:\Windows\System32\browseui.dll - ok
18:01:31.0022 4804 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
18:01:31.0022 4804 C:\Windows\System32\mgmtapi.dll - ok
18:01:31.0028 4804 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
18:01:31.0029 4804 C:\Windows\System32\tcpmib.dll - ok
18:01:31.0036 4804 [ 2E3166B370D65D61C05B2E3A662F6EEF ] C:\Windows\System32\usbmon.dll
18:01:31.0036 4804 C:\Windows\System32\usbmon.dll - ok
18:01:31.0043 4804 [ AC5C0C85F248DD2D4BA9805FE2635AEA ] C:\Windows\System32\WSDMon.dll
18:01:31.0043 4804 C:\Windows\System32\WSDMon.dll - ok
18:01:31.0050 4804 [ 0E99592E68DD44610B473B7A024FA32D ] C:\Windows\System32\fundisc.dll
18:01:31.0050 4804 C:\Windows\System32\fundisc.dll - ok
18:01:31.0057 4804 [ 261612679999991EECAEEF98ACE2856C ] C:\Windows\System32\httpapi.dll
18:01:31.0057 4804 C:\Windows\System32\httpapi.dll - ok
18:01:31.0064 4804 [ B25DBC371CDE14C9CBCCB6329C46E7E8 ] C:\Windows\System32\WSDApi.dll
18:01:31.0064 4804 C:\Windows\System32\WSDApi.dll - ok
18:01:31.0069 4804 [ C72DC4848F94A84BDBAE3B1080086316 ] C:\Windows\System32\msxml3.dll
18:01:31.0069 4804 C:\Windows\System32\msxml3.dll - ok
18:01:31.0075 4804 [ CCAF246004F719F858E841A2BA12C308 ] C:\Windows\System32\wsdchngr.dll
18:01:31.0076 4804 C:\Windows\System32\wsdchngr.dll - ok
18:01:31.0083 4804 [ BA44973F0A0A794D7940E9F9084EC100 ] C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL
18:01:31.0083 4804 C:\Windows\System32\spool\prtprocs\w32x86\HPZPPLHN.DLL - ok
18:01:31.0090 4804 [ 9AD8D54807B34897E41F68C6FF27F3CC ] C:\Windows\System32\win32spl.dll
18:01:31.0090 4804 C:\Windows\System32\win32spl.dll - ok
18:01:31.0097 4804 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
18:01:31.0097 4804 C:\Windows\System32\imageres.dll - ok
18:01:31.0105 4804 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
18:01:31.0106 4804 C:\Windows\System32\IconCodecService.dll - ok
18:01:31.0112 4804 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
18:01:31.0113 4804 C:\Windows\System32\netrap.dll - ok
18:01:31.0120 4804 [ D37ED6C2721764E3D08C975DD977A5EE ] C:\Windows\System32\printcom.dll
18:01:31.0120 4804 C:\Windows\System32\printcom.dll - ok
18:01:31.0127 4804 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
18:01:31.0127 4804 C:\Windows\System32\SensApi.dll - ok
18:01:31.0134 4804 [ 0F0C15A3D8F98A9CAE53235CDFA9A695 ] C:\Windows\System32\inetpp.dll
18:01:31.0134 4804 C:\Windows\System32\inetpp.dll - ok
18:01:31.0141 4804 [ 9FB0C935D2FC55EC1DC648D6A085E66C ] C:\Windows\System32\clusapi.dll
18:01:31.0141 4804 C:\Windows\System32\clusapi.dll - ok
18:01:31.0148 4804 [ A9CB04FABBB885C98EC3620E0540ED47 ] C:\Windows\System32\activeds.dll
18:01:31.0148 4804 C:\Windows\System32\activeds.dll - ok
18:01:31.0156 4804 [ B86BE8E7D6709018C73E4B5E1C070F65 ] C:\Windows\System32\adsldpc.dll
18:01:31.0156 4804 C:\Windows\System32\adsldpc.dll - ok
18:01:31.0163 4804 [ 6A6E9935532F74A074BDD7C3D84A4376 ] C:\Windows\System32\credui.dll
18:01:31.0163 4804 C:\Windows\System32\credui.dll - ok
18:01:31.0170 4804 [ BA767B42633E32719018F0D02AC01C59 ] C:\Windows\System32\resutils.dll
18:01:31.0170 4804 C:\Windows\System32\resutils.dll - ok
18:01:31.0177 4804 [ 482FC043A1A46E779AE8ADCF6AA75FE5 ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL
18:01:31.0177 4804 C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL - ok
18:01:31.0185 4804 [ 1BD6AA569D84F9549D8A11FB8F8E6C96 ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRVUI.DLL
18:01:31.0185 4804 C:\Windows\System32\spool\drivers\w32x86\3\UNIDRVUI.DLL - ok
18:01:31.0192 4804 [ C81C5A079C6F2989494A9B35B0C09A5B ] C:\Windows\System32\spool\drivers\w32x86\3\hpvplui04.dll
18:01:31.0193 4804 C:\Windows\System32\spool\drivers\w32x86\3\hpvplui04.dll - ok
18:01:31.0201 4804 [ 1226E9FAE5B8508801EC974E3C9D9C14 ] C:\Windows\System32\taskeng.exe
18:01:31.0201 4804 C:\Windows\System32\taskeng.exe - ok
18:01:31.0207 4804 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
18:01:31.0207 4804 C:\Windows\System32\TSChannel.dll - ok
18:01:31.0214 4804 [ 50F69B362FA8C08E7D447842DBEDAD99 ] C:\Windows\System32\HotStartUserAgent.dll
18:01:31.0214 4804 C:\Windows\System32\HotStartUserAgent.dll - ok
18:01:31.0223 4804 [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe
18:01:31.0223 4804 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
18:01:31.0231 4804 [ 5ED1BC5287C8F8A3DA10403152E7BD8B ] C:\Windows\System32\PlaySndSrv.dll
18:01:31.0231 4804 C:\Windows\System32\PlaySndSrv.dll - ok
18:01:31.0238 4804 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files\Google\Update\1.3.21.123\goopdate.dll
18:01:31.0238 4804 C:\Program Files\Google\Update\1.3.21.123\goopdate.dll - ok
18:01:31.0245 4804 [ A68164A7BD62ADEE8ABDB3B88561E2C9 ] C:\Windows\System32\msi.dll
18:01:31.0245 4804 C:\Windows\System32\msi.dll - ok
18:01:31.0253 4804 [ D7787D202FB15B2AE6B08A1AF57F91DD ] C:\Windows\System32\cscapi.dll
18:01:31.0253 4804 C:\Windows\System32\cscapi.dll - ok
18:01:31.0260 4804 [ AAA5518DEE99D976A6FE6BE691F64BD0 ] C:\Windows\System32\dbghelp.dll
18:01:31.0260 4804 C:\Windows\System32\dbghelp.dll - ok
18:01:31.0268 4804 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
18:01:31.0268 4804 C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
18:01:31.0275 4804 [ 8574672C47A3B034983E29316F8FF2B6 ] C:\Windows\System32\mstask.dll
18:01:31.0275 4804 C:\Windows\System32\mstask.dll - ok
18:01:31.0282 4804 [ 7AAC8CBAD3FE103F380076E7F679CE88 ] C:\Program Files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
18:01:31.0282 4804 C:\Program Files\Google\Update\1.3.21.123\goopdateres_en-GB.dll - ok
18:01:31.0290 4804 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
18:01:31.0290 4804 C:\Windows\System32\netmsg.dll - ok
18:01:31.0297 4804 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
18:01:31.0297 4804 C:\Windows\System32\sscore.dll - ok
18:01:31.0305 4804 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
18:01:31.0305 4804 C:\Windows\System32\drivers\parport.sys - ok
18:01:31.0312 4804 [ EF1142512BEC12F1C2C87735DA1755BE ] C:\Windows\System32\AEstSrv.exe
18:01:31.0312 4804 C:\Windows\System32\AEstSrv.exe - ok
18:01:31.0320 4804 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:01:31.0320 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:01:31.0324 4804 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:01:31.0324 4804 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:01:31.0332 4804 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:01:31.0332 4804 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:01:31.0340 4804 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:01:31.0340 4804 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:01:31.0347 4804 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:01:31.0347 4804 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:01:31.0355 4804 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:01:31.0356 4804 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:01:31.0363 4804 [ C9680F06E51DB8B9A0772C20F3E10DB6 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:01:31.0363 4804 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:01:31.0371 4804 [ 7870FB37A74418E55B0A7DE4776D9E75 ] C:\Windows\System32\wsock32.dll
18:01:31.0371 4804 C:\Windows\System32\wsock32.dll - ok
18:01:31.0378 4804 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
18:01:31.0378 4804 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
18:01:31.0386 4804 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
18:01:31.0387 4804 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:01:31.0394 4804 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
18:01:31.0394 4804 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:01:31.0402 4804 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
18:01:31.0402 4804 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:01:31.0409 4804 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
18:01:31.0410 4804 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:01:31.0418 4804 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
18:01:31.0419 4804 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:01:31.0425 4804 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:01:31.0425 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:01:31.0432 4804 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
18:01:31.0433 4804 C:\Windows\System32\dnssd.dll - ok
18:01:31.0440 4804 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
18:01:31.0440 4804 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:01:31.0447 4804 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:01:31.0447 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:01:31.0456 4804 [ 1778EBA872274C1226D869CD9486847E ] C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
18:01:31.0456 4804 C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe - ok
18:01:31.0463 4804 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
18:01:31.0463 4804 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:01:31.0471 4804 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
18:01:31.0471 4804 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
18:01:31.0479 4804 [ 38CCE934026691EA652C9955BB8AA04A ] C:\Windows\System32\vssapi.dll
18:01:31.0479 4804 C:\Windows\System32\vssapi.dll - ok
18:01:31.0486 4804 [ 28B257AE1B63699A3415CBC80E26F7E1 ] C:\Windows\System32\vsstrace.dll
18:01:31.0486 4804 C:\Windows\System32\vsstrace.dll - ok
18:01:31.0493 4804 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:01:31.0493 4804 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:01:31.0503 4804 [ ED627F91528C9829AA1C248ACCD1AC7A ] C:\Windows\System32\wdscore.dll
18:01:31.0503 4804 C:\Windows\System32\wdscore.dll - ok
18:01:31.0510 4804 [ AF5EE37A862936A727A766466A1D4586 ] C:\Windows\System32\taskschd.dll
18:01:31.0510 4804 C:\Windows\System32\taskschd.dll - ok
18:01:31.0517 4804 [ 25E443E27165C652723A92D9BDFD4649 ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
18:01:31.0517 4804 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
18:01:31.0526 4804 [ AE38A12F79A4980DDB88F36514F8A1DA ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
18:01:31.0526 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
18:01:31.0533 4804 [ A800036D0E071CBE08C144E110A71A35 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
18:01:31.0533 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
18:01:31.0540 4804 [ 3A20B96BFE41B3234C26A84E6A9452A9 ] C:\Windows\System32\devenum.dll
18:01:31.0540 4804 C:\Windows\System32\devenum.dll - ok
18:01:31.0547 4804 [ 6D6AAF77A9B55FF09936859FD9ECE5ED ] C:\Windows\System32\msdmo.dll
18:01:31.0547 4804 C:\Windows\System32\msdmo.dll - ok
18:01:31.0554 4804 [ 818E33AC9B6CCB0CC3BBA6CCF155E243 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
18:01:31.0555 4804 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
18:01:31.0562 4804 [ 006FFC34356A02E0B3D784EF3E3A8329 ] C:\Windows\System32\ksproxy.ax
18:01:31.0562 4804 C:\Windows\System32\ksproxy.ax - ok
18:01:31.0569 4804 [ 140A9D67F1BAFE14B798C71139DE5601 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
18:01:31.0569 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
18:01:31.0574 4804 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\System32\vidcap.ax
18:01:31.0574 4804 C:\Windows\System32\vidcap.ax - ok
18:01:31.0581 4804 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
18:01:31.0581 4804 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe - ok
18:01:31.0588 4804 [ D2EF003C2BE9A06ABA7BEA2D36A8BA3B ] C:\Windows\System32\Kswdmcap.ax
18:01:31.0589 4804 C:\Windows\System32\Kswdmcap.ax - ok
18:01:31.0596 4804 [ 71CA985766AA5A4B258283F470FFCDA7 ] C:\Windows\System32\mfc42.dll
18:01:31.0596 4804 C:\Windows\System32\mfc42.dll - ok
18:01:31.0604 4804 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:01:31.0604 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
18:01:31.0611 4804 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
18:01:31.0611 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
18:01:31.0620 4804 [ D024930AE4DFFCFCE97481A77D485FBB ] C:\Windows\System32\wbem\wbemcomn.dll
18:01:31.0620 4804 C:\Windows\System32\wbem\wbemcomn.dll - ok
18:01:31.0626 4804 [ B8A559FDF98DD186AB84898E7DD191DC ] C:\Windows\System32\wbem\wbemprox.dll
18:01:31.0626 4804 C:\Windows\System32\wbem\wbemprox.dll - ok
18:01:31.0633 4804 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
18:01:31.0633 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
18:01:31.0641 4804 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:01:31.0641 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
18:01:31.0648 4804 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
18:01:31.0648 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
18:01:31.0655 4804 [ 3D9A5347126A306084B858C0C61090F5 ] C:\Windows\System32\odbc32.dll
18:01:31.0655 4804 C:\Windows\System32\odbc32.dll - ok
18:01:31.0662 4804 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
18:01:31.0662 4804 C:\Windows\System32\odbcint.dll - ok
18:01:31.0670 4804 [ F9EF5C8AED6469F3ADDCD63458ECB942 ] C:\Windows\System32\qcap.dll
18:01:31.0670 4804 C:\Windows\System32\qcap.dll - ok
18:01:31.0677 4804 [ 6C421FC03219A0E6834C780774CAF527 ] C:\Windows\System32\msvfw32.dll
18:01:31.0677 4804 C:\Windows\System32\msvfw32.dll - ok
18:01:31.0683 4804 [ 73E6AA0AF2D7239CA0B4053442FF32C5 ] C:\Windows\System32\qdvd.dll
18:01:31.0683 4804 C:\Windows\System32\qdvd.dll - ok
18:01:31.0691 4804 [ 127EE5A4320BEDABCA55E580736FC419 ] C:\Windows\System32\dxva2.dll
18:01:31.0691 4804 C:\Windows\System32\dxva2.dll - ok
18:01:31.0697 4804 [ 76EEA74D432DA7F366B55B98A40C2E68 ] C:\Windows\System32\quartz.dll
18:01:31.0697 4804 C:\Windows\System32\quartz.dll - ok
18:01:31.0705 4804 [ 8CF3DA0BE6094C34D7C4A85493E60547 ] C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
18:01:31.0705 4804 C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe - ok
18:01:31.0712 4804 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
18:01:31.0712 4804 C:\Windows\System32\shfolder.dll - ok
18:01:31.0720 4804 [ 33734ABFA52EC8D096A1254D645E9B4F ] C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
18:01:31.0720 4804 C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe - ok
18:01:31.0727 4804 [ D9635F2FE09F9FA9EDB668E70CBE2BCB ] C:\Windows\System32\lz32.dll
18:01:31.0727 4804 C:\Windows\System32\lz32.dll - ok
18:01:31.0733 4804 [ 0906307AB33EA67610C5F8EC588FD34F ] C:\PROGRA~1\McAfee\VIRUSS~1\lockdown.dll
18:01:31.0733 4804 C:\PROGRA~1\McAfee\VIRUSS~1\lockdown.dll - ok
18:01:31.0741 4804 [ E4E16F8BF35413211DFF5E955C220874 ] C:\PROGRA~1\McAfee\VIRUSS~1\EscnPlug.dll
18:01:31.0741 4804 C:\PROGRA~1\McAfee\VIRUSS~1\EscnPlug.dll - ok
18:01:31.0748 4804 [ 77739EAB2C2595DC4F4D5EFEDFA47945 ] C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3.dll
18:01:31.0748 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3.dll - ok
18:01:31.0755 4804 [ A03ECC2416C792241B66B93725B5EB15 ] C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_worker.dll
18:01:31.0755 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_worker.dll - ok
18:01:31.0762 4804 [ 546DF14A1661D8C80354C992767A26A8 ] C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_server.dll
18:01:31.0763 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mytilus3_server.dll - ok
18:01:31.0770 4804 [ CCF0D793988E55D306B38A9EFE0B11DF ] C:\PROGRA~1\McAfee\VIRUSS~1\ftl.dll
18:01:31.0771 4804 C:\PROGRA~1\McAfee\VIRUSS~1\ftl.dll - ok
18:01:31.0777 4804 [ 1E648639BD89045A9DF767276AC9731B ] C:\PROGRA~1\McAfee\VIRUSS~1\Res00\McShield.dll
18:01:31.0777 4804 C:\PROGRA~1\McAfee\VIRUSS~1\Res00\McShield.dll - ok
18:01:31.0784 4804 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] C:\Windows\System32\drivers\mdmxsdk.sys
18:01:31.0784 4804 C:\Windows\System32\drivers\mdmxsdk.sys - ok
18:01:31.0792 4804 [ B13E341E5BC49059BF0B45020CEC5E02 ] C:\PROGRA~1\McAfee\VIRUSS~1\esplgres.dll
18:01:31.0792 4804 C:\PROGRA~1\McAfee\VIRUSS~1\esplgres.dll - ok
18:01:31.0798 4804 [ 92A7081C5AE5471FE3337AA9083A6D78 ] C:\Program Files\McAfee\VirusScan\mvscfg.dll
18:01:31.0799 4804 C:\Program Files\McAfee\VirusScan\mvscfg.dll - ok
18:01:31.0806 4804 [ C3BA8935AC5D0A4C85F82C6B206080A8 ] C:\PROGRA~1\McAfee\MPS\mps.dll
18:01:31.0806 4804 C:\PROGRA~1\McAfee\MPS\mps.dll - ok
18:01:31.0813 4804 [ F2A55E7D63FD494614AB4F3B6FBC3FF3 ] C:\PROGRA~1\McAfee\MPS\mpscfg.dll
18:01:31.0813 4804 C:\PROGRA~1\McAfee\MPS\mpscfg.dll - ok
18:01:31.0821 4804 [ C9341781DA570C366661E2206ADAD012 ] C:\Program Files\McAfee\MSK\mskpxplg.dll
18:01:31.0821 4804 C:\Program Files\McAfee\MSK\mskpxplg.dll - ok
18:01:31.0825 4804 [ 84A317CB0B3954D3768CDCD018DBF670 ] C:\Windows\System32\drivers\fastfat.sys
18:01:31.0825 4804 C:\Windows\System32\drivers\fastfat.sys - ok
18:01:31.0832 4804 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
18:01:31.0833 4804 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:01:31.0841 4804 [ 011285619951BC4C92FE322E08ABF050 ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
18:01:31.0841 4804 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:01:31.0848 4804 [ 346F30F1FF73553AA466F4AE7948DA00 ] C:\Program Files\McAfee\MPF\MpfSrv.exe
18:01:31.0848 4804 C:\Program Files\McAfee\MPF\MpfSrv.exe - ok
18:01:31.0856 4804 [ 19E0FBD24CB1A016E035BC1A526AA1ED ] C:\Program Files\Common Files\McAfee\Core\mccoreps.dll
18:01:31.0856 4804 C:\Program Files\Common Files\McAfee\Core\mccoreps.dll - ok
18:01:31.0863 4804 [ B84BD0E69DCACF4FC772B2E6AF1E0204 ] C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll
18:01:31.0863 4804 C:\PROGRA~1\McAfee\VIRUSS~1\naiann.dll - ok
18:01:31.0871 4804 [ 82202254AD1D2F65C8B58F112ACCBE0D ] C:\Program Files\McAfee\VirusScan\mcvsps.dll
18:01:31.0871 4804 C:\Program Files\McAfee\VirusScan\mcvsps.dll - ok
18:01:31.0878 4804 [ 3E7BE74C4088F18838A55A0F6AC2B6F1 ] C:\Program Files\McAfee\MSK\msksrver.exe
18:01:31.0878 4804 C:\Program Files\McAfee\MSK\msksrver.exe - ok
18:01:31.0885 4804 [ 91B7EC5F0FE04566782075171BF94A86 ] C:\Windows\System32\p2pcollab.dll
18:01:31.0885 4804 C:\Windows\System32\p2pcollab.dll - ok
18:01:31.0892 4804 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
18:01:31.0892 4804 C:\Windows\System32\drivers\PEAuth.sys - ok
18:01:31.0899 4804 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] C:\Windows\System32\HPZinw12.dll
18:01:31.0899 4804 C:\Windows\System32\HPZinw12.dll - ok
18:01:31.0907 4804 [ 85508A59E3B0D12D4737184A11C5F8E2 ] C:\Windows\System32\ncsi.dll
18:01:31.0907 4804 C:\Windows\System32\ncsi.dll - ok
18:01:31.0913 4804 [ 98E7AACA86CC8BE7D89D6A25E56BE6E9 ] C:\Program Files\McAfee\MSK\mskengn.dll
18:01:31.0914 4804 C:\Program Files\McAfee\MSK\mskengn.dll - ok
18:01:31.0921 4804 [ 0255E9CEA240A664F403DA759FD50954 ] C:\Program Files\McAfee\VirusScan\naiannps.dll
18:01:31.0922 4804 C:\Program Files\McAfee\VirusScan\naiannps.dll - ok
18:01:31.0928 4804 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] C:\Windows\System32\HPZipm12.dll
18:01:31.0928 4804 C:\Windows\System32\HPZipm12.dll - ok
18:01:31.0935 4804 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
18:01:31.0936 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok
18:01:31.0944 4804 [ 6A968743068A71AB5352FCEBBBB56E35 ] C:\Program Files\McAfee\MSK\mskwm.dll
18:01:31.0944 4804 C:\Program Files\McAfee\MSK\mskwm.dll - ok
18:01:31.0951 4804 [ 5EBDEC613BD377CE9A85382BE5C6B83B ] C:\Windows\System32\IPSECSVC.DLL
18:01:31.0951 4804 C:\Windows\System32\IPSECSVC.DLL - ok
18:01:31.0959 4804 [ D07F2BA1451AE4F97985A2870F682A8E ] C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll
18:01:31.0959 4804 C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.dll - ok
18:01:31.0966 4804 [ 28223D573C66522CF9F9DCE551747E06 ] C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll
18:01:31.0966 4804 C:\PROGRA~1\COMMON~1\McAfee\Core\McEvtBrk.dll - ok
18:01:31.0974 4804 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\Windows\System32\msvcp71.dll
18:01:31.0974 4804 C:\Windows\System32\msvcp71.dll - ok
18:01:31.0981 4804 [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\Windows\System32\msvcr71.dll
18:01:31.0981 4804 C:\Windows\System32\msvcr71.dll - ok
18:01:31.0989 4804 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
18:01:31.0989 4804 C:\Windows\System32\ssdpapi.dll - ok
18:01:31.0996 4804 [ F6C66188DEF298E2C3827AF6FB2C0637 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
18:01:31.0996 4804 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
18:01:32.0004 4804 [ 3C03DB6F66C9792C9B6E30473E847CA2 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
18:01:32.0004 4804 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
18:01:32.0011 4804 [ 2B0003DC984AE98AEA6C9F601D29A9A5 ] C:\Program Files\McAfee\MSK\mskxaif.dll
18:01:32.0012 4804 C:\Program Files\McAfee\MSK\mskxaif.dll - ok
18:01:32.0018 4804 [ 312BA286EB3BE9EAE82DA427ED2C0284 ] C:\Windows\System32\hnetcfg.dll
18:01:32.0019 4804 C:\Windows\System32\hnetcfg.dll - ok
18:01:32.0026 4804 [ C293127E169B0F2F02BB2CBED1057471 ] C:\Windows\System32\dunzip32.dll
18:01:32.0026 4804 C:\Windows\System32\dunzip32.dll - ok
18:01:32.0033 4804 [ A5D1DE63B11448213BF34E14FEA6F117 ] C:\Windows\System32\FwRemoteSvr.dll
18:01:32.0033 4804 C:\Windows\System32\FwRemoteSvr.dll - ok
18:01:32.0041 4804 [ 71987B191F2FD94CECDF29C3C599D3CB ] C:\Program Files\McAfee\MSC\mcmispps.dll
18:01:32.0041 4804 C:\Program Files\McAfee\MSC\mcmispps.dll - ok
18:01:32.0048 4804 [ C53CA84BF1C9E20AA1B0A8D7D5E28426 ] C:\Windows\System32\mlang.dll
18:01:32.0048 4804 C:\Windows\System32\mlang.dll - ok
18:01:32.0056 4804 [ 5FCE5B36991DBAA99DA9E9C62D8E60AC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
18:01:32.0056 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
18:01:32.0064 4804 [ 835E11BD5DF2E91F1E241D0EEB5C6E89 ] C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll
18:01:32.0064 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mvslog.dll - ok
18:01:32.0073 4804 [ 9FE289A569CF55B067BAEF69518A8E4B ] C:\PROGRA~1\McAfee\MPS\mpsevh.dll
18:01:32.0073 4804 C:\PROGRA~1\McAfee\MPS\mpsevh.dll - ok
18:01:32.0075 4804 [ F6D5D329353D3A0B4EFB2ED6268E1D0D ] C:\Program Files\McAfee\MPS\MPSMisp.dll
18:01:32.0075 4804 C:\Program Files\McAfee\MPS\MPSMisp.dll - ok
18:01:32.0083 4804 [ 52B6E1BA4DCC3F22842C0AEE499F4A22 ] C:\PROGRA~1\McAfee\MSC\mcsubmgr\8_1_13~1\mcsubmgr.dll
18:01:32.0083 4804 C:\PROGRA~1\McAfee\MSC\mcsubmgr\8_1_13~1\mcsubmgr.dll - ok
18:01:32.0090 4804 [ 4DB158BC772FD434036487DCB7825625 ] C:\Windows\System32\sfc_os.dll
18:01:32.0091 4804 C:\Windows\System32\sfc_os.dll - ok
18:01:32.0098 4804 [ 7D89C620128AC1B1D2BEADAE59C5EDF2 ] C:\Program Files\McAfee\VirusScan\Engine\5200.2160\mcscan32.dll
18:01:32.0098 4804 C:\Program Files\McAfee\VirusScan\Engine\5200.2160\mcscan32.dll - ok
18:01:32.0106 4804 [ CA0732D2F2D582E669C9A408C4E2DCF9 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\8_1_11~1\mcutil.dll
18:01:32.0106 4804 C:\PROGRA~1\COMMON~1\McAfee\MSC\mcutil\8_1_11~1\mcutil.dll - ok
18:01:32.0113 4804 [ 1BAC818025403333C11817DAFBCEE283 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
18:01:32.0113 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok
18:01:32.0120 4804 [ 973411647A7FE64A78A463640969EA9D ] C:\PROGRA~1\McAfee\MPF\MC\MpfMISP.dll
18:01:32.0120 4804 C:\PROGRA~1\McAfee\MPF\MC\MpfMISP.dll - ok
18:01:32.0128 4804 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\System32\msxml4.dll
18:01:32.0128 4804 C:\Windows\System32\msxml4.dll - ok
18:01:32.0135 4804 [ C7C30B24C8C57078654BA9574CE70E3D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll
18:01:32.0135 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok
18:01:32.0143 4804 [ 41857DA3EA7A2568E1AAE8FEDC8D8939 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll
18:01:32.0144 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok
18:01:32.0151 4804 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
18:01:32.0151 4804 C:\Windows\System32\drivers\secdrv.sys - ok
18:01:32.0158 4804 [ A37740568718F245E818D0C5575B9AA9 ] C:\Program Files\Skype\Updater\Updater.exe
18:01:32.0158 4804 C:\Program Files\Skype\Updater\Updater.exe - ok
18:01:32.0166 4804 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files\Mozilla Firefox\firefox.exe
18:01:32.0166 4804 C:\Program Files\Mozilla Firefox\firefox.exe - ok
18:01:32.0173 4804 [ 8D3E4BAFF8B3997138C38EB1B600519A ] C:\Windows\System32\ssdpsrv.dll
18:01:32.0174 4804 C:\Windows\System32\ssdpsrv.dll - ok
18:01:32.0180 4804 [ 7E6DD4B34ACD36AF6C711D2BDE91B040 ] C:\Windows\System32\stacsv.exe
18:01:32.0181 4804 C:\Windows\System32\stacsv.exe - ok
18:01:32.0187 4804 [ 68AC082734363E6BA813E7EAA353DB13 ] C:\Windows\System32\dsound.dll
18:01:32.0187 4804 C:\Windows\System32\dsound.dll - ok
18:01:32.0195 4804 [ 5CE0C4A7B12D0067DAD527D72B68C726 ] C:\Windows\System32\drivers\tcpipreg.sys
18:01:32.0195 4804 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:01:32.0202 4804 [ 9225F181166C0FD8A4763611045D3C30 ] C:\Windows\System32\stapi32.dll
18:01:32.0202 4804 C:\Windows\System32\stapi32.dll - ok
18:01:32.0209 4804 [ 04A677AE406EF88E4AFE0FC0EE3F2908 ] C:\Windows\System32\icaapi.dll
18:01:32.0209 4804 C:\Windows\System32\icaapi.dll - ok
18:01:32.0216 4804 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
18:01:32.0216 4804 C:\Windows\System32\wiatrace.dll - ok
18:01:32.0224 4804 [ A2403F76129C7D192EA9752F28DF5F72 ] C:\Windows\System32\tquery.dll
18:01:32.0224 4804 C:\Windows\System32\tquery.dll - ok
18:01:32.0231 4804 [ C5BFC12E10AFA0C80C8912BA6BBFE44C ] C:\Windows\System32\PortableDeviceApi.dll
18:01:32.0231 4804 C:\Windows\System32\PortableDeviceApi.dll - ok
18:01:32.0241 4804 [ 373BB8D77133CBB854B039F23D474C46 ] C:\Windows\System32\Query.dll
18:01:32.0241 4804 C:\Windows\System32\Query.dll - ok
18:01:32.0248 4804 [ 860FF6AAAED22428A6E86FC5244CB038 ] C:\Windows\System32\msstrc.dll
18:01:32.0248 4804 C:\Windows\System32\msstrc.dll - ok
18:01:32.0255 4804 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8 ] C:\Windows\System32\drivers\XAudio.sys
18:01:32.0255 4804 C:\Windows\System32\drivers\XAudio.sys - ok
18:01:32.0262 4804 [ 28DC5D626E036A75A572556F0A6EB1F6 ] C:\Windows\System32\drivers\XAudio.exe
18:01:32.0263 4804 C:\Windows\System32\drivers\XAudio.exe - ok
18:01:32.0269 4804 [ 930349946FF183F06FC78351E11B7A9A ] C:\Windows\System32\cfgmgr32.dll
18:01:32.0269 4804 C:\Windows\System32\cfgmgr32.dll - ok
18:01:32.0277 4804 [ CCC4B565545F909C036BDB00854917C8 ] C:\Windows\System32\HPScanMiniDrv_DJ3050_J610.dll
18:01:32.0277 4804 C:\Windows\System32\HPScanMiniDrv_DJ3050_J610.dll - ok
18:01:32.0284 4804 [ 9DEBF50FBE47C24E19C78BD5EBC7D970 ] C:\Windows\System32\mssrch.dll
18:01:32.0285 4804 C:\Windows\System32\mssrch.dll - ok
18:01:32.0292 4804 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
18:01:32.0292 4804 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:01:32.0299 4804 [ 7C5C3D9CEEE838856B828AB6F98A2857 ] C:\Windows\System32\netprofm.dll
18:01:32.0299 4804 C:\Windows\System32\netprofm.dll - ok
18:01:32.0306 4804 [ A5AAD78A599FDD93D87745439FF37DA9 ] C:\Windows\System32\msidle.dll
18:01:32.0306 4804 C:\Windows\System32\msidle.dll - ok
18:01:32.0314 4804 [ 8DBEC5FA50EBEDEC23D7C1574131ADA5 ] C:\Windows\System32\propdefs.dll
18:01:32.0314 4804 C:\Windows\System32\propdefs.dll - ok
18:01:32.0320 4804 [ EB6F35234AD9D628184B6AFAD129B23A ] C:\Windows\System32\en-US\tquery.dll.mui
18:01:32.0321 4804 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:01:32.0325 4804 [ 1692212E48CFA7E3B4647ECCE6308B46 ] C:\Windows\System32\esent.dll
18:01:32.0325 4804 C:\Windows\System32\esent.dll - ok
18:01:32.0332 4804 [ 9B4A8B14BFE0588AC73D238F3DAEB13E ] C:\Windows\System32\msscb.dll
18:01:32.0332 4804 C:\Windows\System32\msscb.dll - ok
18:01:32.0341 4804 [ 67F341B6E477ACF579D3FA06BE68FD75 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll
18:01:32.0341 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mfebopa.dll - ok
18:01:32.0347 4804 [ E3D005ADF03A20BC887496E4C568F7C8 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll
18:01:32.0347 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mfehida.dll - ok
18:01:32.0354 4804 [ 739F897CFE3BF8D96B93D24FB481DAB7 ] C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll
18:01:32.0354 4804 C:\PROGRA~1\McAfee\VIRUSS~1\mfeavfa.dll - ok
18:01:32.0361 4804 [ DECDE1C615C256FA2893B5962B0B91E5 ] C:\Windows\System32\drivers\mfebopk.sys
18:01:32.0362 4804 C:\Windows\System32\drivers\mfebopk.sys - ok
18:01:32.0369 4804 [ 21DD45CAE791D0CDE10631B80F16F653 ] C:\Windows\System32\drivers\mfeavfk.sys
18:01:32.0369 4804 C:\Windows\System32\drivers\mfeavfk.sys - ok
18:01:32.0376 4804 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] C:\Windows\System32\drivers\LVPr2Mon.sys
18:01:32.0376 4804 C:\Windows\System32\drivers\LVPr2Mon.sys - ok
18:01:32.0383 4804 [ DF0A32CC2F2AF3C88A5C7FC426FF8FBC ] C:\Windows\System32\lsmproxy.dll
18:01:32.0383 4804 C:\Windows\System32\lsmproxy.dll - ok
18:01:32.0391 4804 [ FCB563B0A23643E5F80B6FF1E60F610F ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
18:01:32.0391 4804 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
18:01:32.0398 4804 [ 47D89DC720723845900D483C7D80B00F ] C:\Windows\System32\wbem\wbemcore.dll
18:01:32.0398 4804 C:\Windows\System32\wbem\wbemcore.dll - ok
18:01:32.0405 4804 [ C3BAC3F95F2FB22BA903928B68B107CC ] C:\Windows\System32\wbem\esscli.dll
18:01:32.0405 4804 C:\Windows\System32\wbem\esscli.dll - ok
18:01:32.0413 4804 [ CB3A8976DE2F65349322DA7627CEA223 ] C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
18:01:32.0413 4804 C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe - ok
18:01:32.0420 4804 [ 798FD364677DA5278266102371B96F4B ] C:\Windows\System32\wbem\fastprox.dll
18:01:32.0420 4804 C:\Windows\System32\wbem\fastprox.dll - ok
18:01:32.0428 4804 [ 0066EB51C3E53E026D5CC65422809341 ] C:\Windows\System32\pcadm.dll
18:01:32.0428 4804 C:\Windows\System32\pcadm.dll - ok
18:01:32.0435 4804 [ 4297615D968B294D8E95270EA7FC6A65 ] C:\Windows\System32\wbem\wbemsvc.dll
18:01:32.0435 4804 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:01:32.0442 4804 [ 0F751202DD25E725CB9556A8A1257B9B ] C:\Windows\System32\wbem\wmiutils.dll
18:01:32.0442 4804 C:\Windows\System32\wbem\wmiutils.dll - ok
18:01:32.0449 4804 [ 990B4C7B63E5CCE829F504ADF891103E ] C:\Windows\System32\diagperf.dll
18:01:32.0449 4804 C:\Windows\System32\diagperf.dll - ok
18:01:32.0458 4804 [ CCA209EB7B096D2BAB66A4DBD500C088 ] C:\Windows\System32\wbem\repdrvfs.dll
18:01:32.0458 4804 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:01:32.0464 4804 [ E6E2DA076B902C99E40BD202A2936949 ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:01:32.0464 4804 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:01:32.0471 4804 [ 2D547CFD0C798EE94AC56300D6176AC1 ] C:\Windows\System32\regapi.dll
18:01:32.0471 4804 C:\Windows\System32\regapi.dll - ok
18:01:32.0478 4804 [ BD1D1FD2AC8579F94D97D976D498BECA ] C:\Windows\System32\wbem\wbemess.dll
18:01:32.0478 4804 C:\Windows\System32\wbem\wbemess.dll - ok
18:01:32.0485 4804 [ 07472441A6C6F655786A3BCC3EE30F38 ] C:\Windows\System32\pnpts.dll
18:01:32.0485 4804 C:\Windows\System32\pnpts.dll - ok
18:01:32.0493 4804 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
18:01:32.0493 4804 C:\Windows\System32\npmproxy.dll - ok
18:01:32.0501 4804 [ 5B5B284354E02E81FFED24FFB0DF3204 ] C:\Windows\System32\rdpwsx.dll
18:01:32.0501 4804 C:\Windows\System32\rdpwsx.dll - ok
18:01:32.0510 4804 [ AE0038B9CAF5DF6043C099C7871A0F99 ] C:\Windows\System32\mstlsapi.dll
18:01:32.0510 4804 C:\Windows\System32\mstlsapi.dll - ok
18:01:32.0518 4804 [ B4AF3DC7830EFEA4E50847CF225BB7DB ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
18:01:32.0518 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
18:01:32.0526 4804 [ 46828F2E7B4D68B706BFEBC1964A7D1A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
18:01:32.0526 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
18:01:32.0533 4804 [ A25A46E0813B36797D7F31234764E17A ] C:\Windows\Temp\logishrd\LVPrcInj04.dll
18:01:32.0533 4804 C:\Windows\Temp\logishrd\LVPrcInj04.dll - ok
18:01:32.0542 4804 [ 7D2C1AE1648A60FCE4AA0F7982E419D3 ] C:\Windows\System32\drivers\tdtcp.sys
18:01:32.0542 4804 C:\Windows\System32\drivers\tdtcp.sys - ok
18:01:32.0548 4804 [ 09C6750143ED0C22A5083FC5C1C90999 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
18:01:32.0548 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
18:01:32.0555 4804 [ 6AA1422C89E2C4ADACFD5B826C5E1044 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
18:01:32.0556 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
18:01:32.0563 4804 [ 29F0ECA726F0D51F7E048BDB0B372F29 ] C:\Windows\System32\drivers\tssecsrv.sys
18:01:32.0563 4804 C:\Windows\System32\drivers\tssecsrv.sys - ok
18:01:32.0570 4804 [ B7A75960A62C52495C0F2F9846C48353 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
18:01:32.0570 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
18:01:32.0579 4804 [ E2AFAC98FC6CA2AD2D09F2DE1BC71AD9 ] C:\Windows\System32\drivers\rdpwd.sys
18:01:32.0579 4804 C:\Windows\System32\drivers\rdpwd.sys - ok
18:01:32.0583 4804 [ 4DDF005065B3A1E25C9A69801C306D1E ] C:\Windows\System32\dimsjob.dll
18:01:32.0583 4804 C:\Windows\System32\dimsjob.dll - ok
18:01:32.0590 4804 [ 66E323AA1E41CF0F67723928B250202F ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
18:01:32.0590 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
18:01:32.0599 4804 [ 01DAAF5B3C8627B158C3FB8D6AC01EB3 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
18:01:32.0599 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
18:01:32.0606 4804 [ EBCDE8B48FADC6479D96A56D0A432160 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
18:01:32.0607 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe - ok
18:01:32.0615 4804 [ F371C6DF9A810EF2E6E4FA60ACBB5C33 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
18:01:32.0615 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
18:01:32.0621 4804 [ 0F04702C1599E632EB9C6E5AA7352F77 ] C:\Windows\System32\MsCtfMonitor.dll
18:01:32.0622 4804 C:\Windows\System32\MsCtfMonitor.dll - ok
18:01:32.0629 4804 [ AD306E253C5593B55564AE4B3BA5FEBA ] C:\Windows\System32\msutb.dll
18:01:32.0629 4804 C:\Windows\System32\msutb.dll - ok
18:01:32.0636 4804 [ F41F8B01EEDF74B99C06B0BE2D002AA9 ] C:\Windows\System32\TMM.dll
18:01:32.0636 4804 C:\Windows\System32\TMM.dll - ok
18:01:32.0643 4804 [ CF5C2CBCCC496B9157A7C56DA71EA6BB ] C:\PROGRA~1\McAfee\MSC\mcres.dll
18:01:32.0643 4804 C:\PROGRA~1\McAfee\MSC\mcres.dll - ok
18:01:32.0650 4804 [ 99B6E705C5CE392CA8FF526A6EB46175 ] C:\PROGRA~1\McAfee\MSC\mclocres.dll
18:01:32.0651 4804 C:\PROGRA~1\McAfee\MSC\mclocres.dll - ok
18:01:32.0658 4804 [ 35880A663DC4341B3DEB30F1000331A0 ] C:\Windows\System32\igfxTMM.dll
18:01:32.0658 4804 C:\Windows\System32\igfxTMM.dll - ok
18:01:32.0665 4804 [ 59EFC1827EE1A0E326E54B1315AA4E49 ] C:\Program Files\McAfee\MSC\oem\105-256\mccobres.dll
18:01:32.0666 4804 C:\Program Files\McAfee\MSC\oem\105-256\mccobres.dll - ok
18:01:32.0673 4804 [ 92014B08550DB313BC6DD90EBFE0E6F3 ] C:\PROGRA~1\McAfee\MSC\mccobres.dll
18:01:32.0673 4804 C:\PROGRA~1\McAfee\MSC\mccobres.dll - ok
18:01:32.0680 4804 [ 56DE7AEB7435FEE1EDB8A83030026884 ] C:\Windows\System32\QAGENT.DLL
18:01:32.0680 4804 C:\Windows\System32\QAGENT.DLL - ok
18:01:32.0687 4804 [ 409F5D96AD20EFABDFA9C8FA52A2D69B ] C:\Windows\System32\QUTIL.DLL
18:01:32.0687 4804 C:\Windows\System32\QUTIL.DLL - ok
18:01:32.0694 4804 [ 377A49EC40546CE62AB424F41D8D0300 ] C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll
18:01:32.0695 4804 C:\PROGRA~1\COMMON~1\McAfee\MSC\sqlite3.dll - ok
18:01:32.0701 4804 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
18:01:32.0701 4804 C:\Windows\System32\pautoenr.dll - ok
18:01:32.0709 4804 [ D24CEF0216E5AED59AFF4BA11F37274E ] C:\Windows\System32\runonce.exe
18:01:32.0709 4804 C:\Windows\System32\runonce.exe - ok
18:01:32.0716 4804 [ B08A1FEEEA9BB6475C03203DCF470691 ] C:\Windows\System32\certcli.dll
18:01:32.0716 4804 C:\Windows\System32\certcli.dll - ok
18:01:32.0723 4804 [ B1D4F4B30A7C4F32062C957EC3FBED8E ] C:\Windows\System32\CertEnroll.dll
18:01:32.0723 4804 C:\Windows\System32\CertEnroll.dll - ok
18:01:32.0731 4804 [ C26238D29B8D10BDBBB2BE74B0BFAB37 ] C:\Program Files\Common Files\microsoft shared\DAO\dao360.dll
18:01:32.0731 4804 C:\Program Files\Common Files\microsoft shared\DAO\dao360.dll - ok
18:01:32.0738 4804 [ 11DA01AF2DF58B122125EFD86E50777A ] C:\Windows\System32\msjet40.dll
18:01:32.0738 4804 C:\Windows\System32\msjet40.dll - ok
18:01:32.0746 4804 [ E6AEA5E91E4E53A11CDBF6FDE91E7875 ] C:\PROGRA~1\McAfee\MSC\mcoemmgr.exe
18:01:32.0746 4804 C:\PROGRA~1\McAfee\MSC\mcoemmgr.exe - ok
18:01:32.0753 4804 [ DF3B640B8A2527F152E7F4CCAAC0FA38 ] C:\Windows\System32\mswstr10.dll
18:01:32.0753 4804 C:\Windows\System32\mswstr10.dll - ok
18:01:32.0760 4804 [ 4995B131F6B4DA0F8F7D2191E37054BD ] C:\Windows\System32\vbajet32.dll
18:01:32.0760 4804 C:\Windows\System32\vbajet32.dll - ok
18:01:32.0768 4804 [ 9405B452064BFA6A0F78E2F177A988A4 ] C:\PROGRA~1\McAfee.com\Agent\mcagent.exe
18:01:32.0768 4804 C:\PROGRA~1\McAfee.com\Agent\mcagent.exe - ok
18:01:32.0774 4804 [ 254C64B570A99F10952ACA71F24A2236 ] C:\Windows\System32\expsrv.dll
18:01:32.0774 4804 C:\Windows\System32\expsrv.dll - ok
18:01:32.0782 4804 [ 86947F0A12A04408467305A8437140A6 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll
18:01:32.0782 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll - ok
18:01:32.0789 4804 [ 349CD4318E6E351C9BB72EE13B7CA807 ] C:\Windows\System32\cmd.exe
18:01:32.0789 4804 C:\Windows\System32\cmd.exe - ok
18:01:32.0797 4804 [ F844565191176E8DEFE997D0A736FEC7 ] C:\Windows\System32\msjtes40.dll
18:01:32.0797 4804 C:\Windows\System32\msjtes40.dll - ok
18:01:32.0804 4804 [ 900A9D261859EC999C9C7243410C3203 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll
18:01:32.0804 4804 C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok
18:01:32.0812 4804 [ 743E556A998074ED7EEB99CA495B2E5D ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll
18:01:32.0812 4804 C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
18:01:32.0819 4804 [ 1FD3F9722119BDF7B8CFF0ECD1E84EA6 ] C:\Windows\System32\mfc71.dll
18:01:32.0819 4804 C:\Windows\System32\mfc71.dll - ok
18:01:32.0827 4804 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL
18:01:32.0827 4804 C:\Windows\System32\MFC71ENU.DLL - ok
18:01:32.0831 4804 [ 3C84FCA13C4EB607478A45F2D7E16DB3 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll
18:01:32.0831 4804 C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok
18:01:32.0838 4804 [ DCA3FA9F9DD103DC39C24C85EF073DB1 ] C:\Windows\System32\icmp.dll
18:01:32.0839 4804 C:\Windows\System32\icmp.dll - ok
18:01:32.0846 4804 [ 8339E480B3D4740404D8EE50D415935B ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:01:32.0846 4804 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:01:32.0853 4804 [ 41E59135D4532EC9743430A5C148DEAA ] C:\Windows\System32\ieframe.dll
18:01:32.0853 4804 C:\Windows\System32\ieframe.dll - ok
18:01:32.0861 4804 [ F78E7DE3BC14CB841FB5223A419D4F39 ] C:\Windows\System32\wbem\cimwin32.dll
18:01:32.0861 4804 C:\Windows\System32\wbem\cimwin32.dll - ok
18:01:32.0868 4804 [ 0E928D62F1E907214C613D4A470BA036 ] C:\Windows\System32\wbem\framedynos.dll
18:01:32.0868 4804 C:\Windows\System32\wbem\framedynos.dll - ok
18:01:32.0875 4804 [ 34B8ECDBA9B8806578DD3770264E2702 ] C:\Program Files\McAfee.com\Agent\mcagntps.dll
18:01:32.0875 4804 C:\Program Files\McAfee.com\Agent\mcagntps.dll - ok
18:01:32.0883 4804 [ 420CA75E4E310D5903EF2396DFFFCAFD ] C:\Windows\System32\igfxdev.dll
18:01:32.0883 4804 C:\Windows\System32\igfxdev.dll - ok
18:01:32.0890 4804 [ EE64560328E5800C38B7BC78E45699A1 ] C:\Windows\System32\wmi.dll
18:01:32.0890 4804 C:\Windows\System32\wmi.dll - ok
18:01:32.0897 4804 [ 24422E879BAEA2B69C9B131548D16888 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll
18:01:32.0898 4804 C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
18:01:32.0905 4804 [ CD4654BA4F1264532033B1E34DDABE14 ] C:\Windows\System32\PresentationSettings.exe
18:01:32.0905 4804 C:\Windows\System32\PresentationSettings.exe - ok
18:01:32.0913 4804 [ CC2CA1AA9623A737EF4905271B3FC62D ] C:\PROGRA~1\McAfee\MSC\mccfgpv.dll
18:01:32.0913 4804 C:\PROGRA~1\McAfee\MSC\mccfgpv.dll - ok
18:01:32.0920 4804 [ 69E80DE1872D339A5AE5D348333B570B ] C:\Windows\System32\igfxsrvc.exe
18:01:32.0920 4804 C:\Windows\System32\igfxsrvc.exe - ok
18:01:32.0927 4804 [ 6808762C4FC147C6D8AF1CE3E9267517 ] C:\PROGRA~1\McAfee\MSC\mcuicfg.dll
18:01:32.0928 4804 C:\PROGRA~1\McAfee\MSC\mcuicfg.dll - ok
18:01:32.0934 4804 [ 35F247B346C47AC7FC1DF938B95E5C0A ] C:\Windows\System32\igfxsrvc.dll
18:01:32.0934 4804 C:\Windows\System32\igfxsrvc.dll - ok
18:01:32.0941 4804 [ D351DFCAF085B4771580E3F256F8F6E0 ] C:\Windows\System32\cryptnet.dll
18:01:32.0941 4804 C:\Windows\System32\cryptnet.dll - ok
18:01:32.0949 4804 [ 2C8D466741833D6CA430DA2B07BCB16A ] C:\Windows\System32\wermgr.exe
18:01:32.0949 4804 C:\Windows\System32\wermgr.exe - ok
18:01:32.0956 4804 [ E6406A6BBB052B6CC47DFCE847F88408 ] C:\Windows\System32\wer.dll
18:01:32.0956 4804 C:\Windows\System32\wer.dll - ok
18:01:32.0964 4804 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
18:01:32.0964 4804 C:\Windows\System32\msiltcfg.dll - ok
18:01:32.0971 4804 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Naz\AppData\Local\Temp\4D06AE54-0015-4C00-B07E-C459EEA58564.exe
18:01:32.0972 4804 C:\Users\Naz\AppData\Local\Temp\4D06AE54-0015-4C00-B07E-C459EEA58564.exe - ok
18:01:32.0979 4804 [ BA174723B7998BC2332D657DE720A9D3 ] C:\Windows\System32\timedate.cpl
18:01:32.0979 4804 C:\Windows\System32\timedate.cpl - ok
18:01:32.0987 4804 [ 7812ED1E5F39F057C725ED9EFAE19529 ] C:\Windows\System32\actxprxy.dll
18:01:32.0987 4804 C:\Windows\System32\actxprxy.dll - ok
18:01:32.0995 4804 [ B9D6F987566F13E99E10AE0E0C680A2B ] C:\Windows\System32\msshsq.dll
18:01:32.0995 4804 C:\Windows\System32\msshsq.dll - ok
18:01:33.0001 4804 [ AB26EB32F91D3F04E14101B62EB47589 ] C:\Windows\System32\NaturalLanguage6.dll
18:01:33.0001 4804 C:\Windows\System32\NaturalLanguage6.dll - ok
18:01:33.0008 4804 [ 29ADC97527E30540944F1735B2795C3D ] C:\Windows\System32\NlsData0009.dll
18:01:33.0008 4804 C:\Windows\System32\NlsData0009.dll - ok
18:01:33.0015 4804 [ FD7B6F48B20D9A29D5811BA50051509A ] C:\Windows\System32\NlsLexicons0009.dll
18:01:33.0016 4804 C:\Windows\System32\NlsLexicons0009.dll - ok
18:01:33.0023 4804 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
18:01:33.0023 4804 C:\Windows\System32\linkinfo.dll - ok
18:01:33.0031 4804 [ 810AE8B27B91240252D7223A536BB95E ] C:\Windows\System32\networkexplorer.dll
18:01:33.0031 4804 C:\Windows\System32\networkexplorer.dll - ok
18:01:33.0037 4804 [ 5EF24621ABCE6965E32A365CA613A544 ] C:\Program Files\DellTPad\Apoint.exe
18:01:33.0038 4804 C:\Program Files\DellTPad\Apoint.exe - ok
18:01:33.0045 4804 [ 23242FD6C7D4C61807E84FD3A79248C4 ] C:\Windows\OEM02Mon.exe
18:01:33.0045 4804 C:\Windows\OEM02Mon.exe - ok
18:01:33.0052 4804 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\70048961.sys
18:01:33.0052 4804 C:\Windows\System32\drivers\70048961.sys - ok
18:01:33.0059 4804 [ 982C5A06C1B2FDDF2860EE4DC630CEF8 ] C:\Windows\System32\igfxtray.exe
18:01:33.0059 4804 C:\Windows\System32\igfxtray.exe - ok
18:01:33.0066 4804 [ 561367A25A7E24AA37FF10A017750390 ] C:\Windows\System32\hkcmd.exe
18:01:33.0066 4804 C:\Windows\System32\hkcmd.exe - ok
18:01:33.0073 4804 [ A702A2ED07645100C2CAD8E0ADB87E9D ] C:\Windows\System32\thumbcache.dll
18:01:33.0073 4804 C:\Windows\System32\thumbcache.dll - ok
18:01:33.0081 4804 [ 05145613C47BF084976C2C762CD19A61 ] C:\Windows\System32\ntshrui.dll
18:01:33.0081 4804 C:\Windows\System32\ntshrui.dll - ok
18:01:33.0089 4804 [ 3DC6F4E0570247797A04ABA0B5789F1E ] C:\Program Files\Microsoft Office\Office10\MLSHEXT.DLL
18:01:33.0090 4804 C:\Program Files\Microsoft Office\Office10\MLSHEXT.DLL - ok
18:01:33.0098 4804 [ 8399B30A9C8E4FDD5864600EFD37B054 ] C:\Windows\System32\igfxpers.exe
18:01:33.0098 4804 C:\Windows\System32\igfxpers.exe - ok
18:01:33.0106 4804 [ 8F58544719E1C435BC36A8B207096581 ] C:\Windows\System32\verclsid.exe
18:01:33.0106 4804 C:\Windows\System32\verclsid.exe - ok
18:01:33.0116 4804 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B ] C:\Windows\WindowsMobile\wmdc.exe
18:01:33.0116 4804 C:\Windows\WindowsMobile\wmdc.exe - ok
18:01:33.0123 4804 [ 1AAD451CCBECE62987591B35AE8037A8 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
18:01:33.0123 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe - ok
18:01:33.0131 4804 [ 267B3A856E9F4DB1CABD4E6DB71E07D2 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
18:01:33.0131 4804 C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok
18:01:33.0138 4804 [ B6687CA43A44F0D8732A22191028912F ] C:\Program Files\Dell\MediaDirect\PCMService.exe
18:01:33.0138 4804 C:\Program Files\Dell\MediaDirect\PCMService.exe - ok
18:01:33.0146 4804 [ E6E4A1D21DD1632F5C6FF15E05570A5A ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
18:01:33.0146 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe - ok
18:01:33.0153 4804 [ E828B65F172CDE0432B1DA5550C2EA21 ] C:\Program Files\MouseDriver\OfficeMouse.exe
18:01:33.0153 4804 C:\Program Files\MouseDriver\OfficeMouse.exe - ok
18:01:33.0160 4804 [ B93C4070F24E46B0097648C276B5039E ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
18:01:33.0161 4804 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
18:01:33.0168 4804 [ 339DFA98DDDA7DDF735CE21C82E6F1DD ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
18:01:33.0169 4804 C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe - ok
18:01:33.0175 4804 [ 1470E261095F6CAA86EE687E7632D64D ] C:\Windows\System32\hccutils.dll
18:01:33.0175 4804 C:\Windows\System32\hccutils.dll - ok
18:01:33.0183 4804 [ 4FF455520B17D15E9191C5BC7D8148FE ] C:\Windows\System32\riched20.dll
18:01:33.0183 4804 C:\Windows\System32\riched20.dll - ok
18:01:33.0190 4804 [ 29EF7A2EE634DD701571E781DE5E7E91 ] C:\Windows\System32\ddraw.dll
18:01:33.0190 4804 C:\Windows\System32\ddraw.dll - ok
18:01:33.0197 4804 [ C99248B969A799B771F484CD68BCB96E ] C:\Windows\System32\mscoree.dll
18:01:33.0197 4804 C:\Windows\System32\mscoree.dll - ok
18:01:33.0204 4804 [ B1E4D190CD21CC75AE38562400DD5345 ] C:\Windows\System32\rapistub.dll
18:01:33.0204 4804 C:\Windows\System32\rapistub.dll - ok
18:01:33.0213 4804 [ D517ACAF8252713960AA0E0BB41614D1 ] C:\Windows\System32\ExplorerFrame.dll
18:01:33.0213 4804 C:\Windows\System32\ExplorerFrame.dll - ok
18:01:33.0219 4804 [ 15CB3D044DA15A533E85C8428B848AF4 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Cfg.dll
18:01:33.0219 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Cfg.dll - ok
18:01:33.0226 4804 [ A9B849228C943EFDABE0268EA0D8D558 ] C:\Program Files\MouseDriver\dllset.dll
18:01:33.0226 4804 C:\Program Files\MouseDriver\dllset.dll - ok
18:01:33.0233 4804 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
18:01:33.0234 4804 C:\Windows\System32\control.exe - ok
18:01:33.0240 4804 [ 11FBB8CB6865B7BA387095398EB91ED4 ] C:\Windows\System32\rapi.dll
18:01:33.0240 4804 C:\Windows\System32\rapi.dll - ok
18:01:33.0248 4804 [ 82ABE656D4CAAB9FA69C601D988D23BE ] C:\Windows\System32\dciman32.dll
18:01:33.0248 4804 C:\Windows\System32\dciman32.dll - ok
18:01:33.0258 4804 [ B0B4C590C0CAE7741DA17E3DC86CC828 ] C:\Windows\System32\ceutil.dll
18:01:33.0258 4804 C:\Windows\System32\ceutil.dll - ok
18:01:33.0265 4804 [ 1F16F20318DBFD2E2ED54406A81A92FC ] C:\Program Files\DellTPad\Apoint.dll
18:01:33.0266 4804 C:\Program Files\DellTPad\Apoint.dll - ok
18:01:33.0272 4804 [ A7D6E11630EB4D8BED5AEB786C1556E5 ] C:\Windows\System32\Vxdif.dll
18:01:33.0272 4804 C:\Windows\System32\Vxdif.dll - ok
18:01:33.0280 4804 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\Dell\MediaDirect\MFC71.dll
18:01:33.0280 4804 C:\Program Files\Dell\MediaDirect\MFC71.dll - ok
18:01:33.0287 4804 [ 6C94F54E3EC097702A8CE8F46D687959 ] C:\Windows\System32\msvcp60.dll
18:01:33.0288 4804 C:\Windows\System32\msvcp60.dll - ok
18:01:33.0297 4804 [ E4AD277832E6CAF48101661BF7404E2E ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32sn.dll
18:01:33.0297 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32sn.dll - ok
18:01:33.0302 4804 [ 3379989F06B31347792836DCF028A325 ] C:\Windows\System32\rapiproxystub.dll
18:01:33.0302 4804 C:\Windows\System32\rapiproxystub.dll - ok
18:01:33.0309 4804 [ F927ADA4ADB1C52A8EEEE2CF97C16E02 ] C:\Windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe
18:01:33.0310 4804 C:\Windows\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe - ok
18:01:33.0318 4804 [ 1B0D6C6D7EE9057744CE455613BE38F8 ] C:\Windows\System32\winusb.dll
18:01:33.0318 4804 C:\Windows\System32\winusb.dll - ok
18:01:33.0325 4804 [ 8C8C82633A7E90A33E8D7D9617B2B46C ] C:\Windows\WindowsMobile\tcp2udp.dll
18:01:33.0325 4804 C:\Windows\WindowsMobile\tcp2udp.dll - ok
18:01:33.0333 4804 [ 917422E1B95A72B0328B301BACBF1B07 ] C:\Windows\System32\wcescommproxy.dll
18:01:33.0333 4804 C:\Windows\System32\wcescommproxy.dll - ok
18:01:33.0337 4804 [ 523DF3B590D8A353A49235B1B7C571AD ] C:\Windows\WindowsMobile\dtptdns.dll
18:01:33.0337 4804 C:\Windows\WindowsMobile\dtptdns.dll - ok
18:01:33.0344 4804 [ 78F9800FA0E89DA51747AEEAC8B422DB ] C:\Windows\System32\SyncCenter.dll
18:01:33.0344 4804 C:\Windows\System32\SyncCenter.dll - ok
18:01:33.0352 4804 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
18:01:33.0352 4804 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
18:01:33.0359 4804 [ D5D7C7CBDD63C5938C83846B313FCF3B ] C:\Windows\WindowsMobile\BthASPlugin.dll
18:01:33.0360 4804 C:\Windows\WindowsMobile\BthASPlugin.dll - ok
18:01:33.0367 4804 [ 9C632DC0F1B6D79B05F46A4A5349CEF4 ] C:\Windows\System32\mobsync.exe
18:01:33.0367 4804 C:\Windows\System32\mobsync.exe - ok
18:01:33.0374 4804 [ E270B78C30A4795978B8067E6A2252A2 ] C:\Windows\WindowsMobile\wmdsyncman.dll
18:01:33.0374 4804 C:\Windows\WindowsMobile\wmdsyncman.dll - ok
18:01:33.0382 4804 [ 8728A91948AC0FE779BDF47BC551BAF5 ] C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe
18:01:33.0382 4804 C:\Windows\Installer\{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe - ok
18:01:33.0389 4804 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
18:01:33.0389 4804 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
18:01:33.0397 4804 [ 39877CE56747FEA382175CD57D3BBA10 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
18:01:33.0397 4804 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll - ok
18:01:33.0404 4804 [ 9253C752DC9B5CEEAA7747E165B75EEB ] C:\Windows\System32\stobject.dll
18:01:33.0404 4804 C:\Windows\System32\stobject.dll - ok
18:01:33.0411 4804 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
18:01:33.0411 4804 C:\Windows\System32\batmeter.dll - ok
18:01:33.0419 4804 [ BB8D6E23FD3696422F23D43AEEAC76D1 ] C:\Program Files\Microsoft Works\MSWorks.exe
18:01:33.0419 4804 C:\Program Files\Microsoft Works\MSWorks.exe - ok
18:01:33.0426 4804 [ 31683ED3246A30D02AFD3969D6D99123 ] C:\Program Files\Microsoft Works\wksdb.exe
18:01:33.0426 4804 C:\Program Files\Microsoft Works\wksdb.exe - ok
18:01:33.0434 4804 [ 2589FFE360BED8F824CBC6171CB5B874 ] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
18:01:33.0434 4804 C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe - ok
18:01:33.0441 4804 [ 0AEE5668EB59912F32FF245BFA72465F ] C:\Program Files\QuickTime\QTTask.exe
18:01:33.0441 4804 C:\Program Files\QuickTime\QTTask.exe - ok
18:01:33.0449 4804 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
18:01:33.0449 4804 C:\Windows\System32\SndVolSSO.dll - ok
18:01:33.0456 4804 [ B8A77A513C9FF5C0D54611495CA41902 ] C:\Windows\System32\wbem\NCProv.dll
18:01:33.0456 4804 C:\Windows\System32\wbem\NCProv.dll - ok
18:01:33.0464 4804 [ AF44AB15F6328500762A48AEFE06595C ] C:\Program Files\Laser Electronics Ltd\Millennium Demo\MillenniumDemo.exe
18:01:33.0464 4804 C:\Program Files\Laser Electronics Ltd\Millennium Demo\MillenniumDemo.exe - ok
18:01:33.0471 4804 [ C4B15E1320CEAE3C713D2DBD0E4383F1 ] C:\Windows\System32\wbem\wbemcons.dll
18:01:33.0471 4804 C:\Windows\System32\wbem\wbemcons.dll - ok
18:01:33.0478 4804 [ CB1E463CE23C077FBB5061E824928F23 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Prod.dll
18:01:33.0478 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Prod.dll - ok
18:01:33.0486 4804 [ 4895E1BDA720F634ABDA31BBEC90DEAE ] C:\Program Files\DellTPad\EzAuto.dll
18:01:33.0487 4804 C:\Program Files\DellTPad\EzAuto.dll - ok
18:01:33.0494 4804 [ E14D7143DB2FCBD1E81847A868F74DE4 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll
18:01:33.0494 4804 C:\Program Files\Intel\Intel Matrix Storage Manager\Iaamon_ENU.dll - ok
18:01:33.0504 4804 [ 1EDEB2982D305451E689755DC4BCB7A2 ] C:\Program Files\Windows Calendar\WinCal.exe
18:01:33.0504 4804 C:\Program Files\Windows Calendar\WinCal.exe - ok
18:01:33.0511 4804 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Dell\MediaDirect\msvcr71.dll
18:01:33.0511 4804 C:\Program Files\Dell\MediaDirect\msvcr71.dll - ok
18:01:33.0518 4804 [ 02EA06DD2318BC0EAEAE17206D052A44 ] C:\Program Files\Windows Mail\wab.exe
18:01:33.0518 4804 C:\Program Files\Windows Mail\wab.exe - ok
18:01:33.0525 4804 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Dell\MediaDirect\msvcp71.dll
18:01:33.0525 4804 C:\Program Files\Dell\MediaDirect\msvcp71.dll - ok
18:01:33.0533 4804 [ 7E9F9A33C7266E5D28B301ECED6888A2 ] C:\Program Files\Movie Maker\DVDMaker.exe
18:01:33.0533 4804 C:\Program Files\Movie Maker\DVDMaker.exe - ok
18:01:33.0541 4804 [ 42CDFB2273EEC623B903C311B19FB484 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
18:01:33.0541 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe - ok
18:01:33.0548 4804 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
18:01:33.0549 4804 C:\Windows\ehome\ehshell.exe - ok
18:01:33.0555 4804 [ 5607B5FBA62A238D68CD1B5B0383728C ] C:\Windows\System32\oledlg.dll
18:01:33.0555 4804 C:\Windows\System32\oledlg.dll - ok
18:01:33.0562 4804 [ AA83361E1505A5AEC46FA0A2AAF18181 ] C:\Windows\ehome\ehSSO.dll
18:01:33.0565 4804 C:\Windows\ehome\ehSSO.dll - ok
18:01:33.0571 4804 [ 8EEEF4C038A3FF7E56D47D9C0B912EAC ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
18:01:33.0571 4804 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
18:01:33.0578 4804 [ 2CA3C0BBFE8E30117E6F5E2273B6AA02 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Comm.dll
18:01:33.0578 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Comm.dll - ok
18:01:33.0585 4804 [ F4FF57BE16BED8A8BD45D0DB14E6125D ] C:\Windows\System32\netshell.dll
18:01:33.0586 4804 C:\Windows\System32\netshell.dll - ok
18:01:33.0590 4804 [ 42370C1DE2B83844B253478DB8A907D5 ] C:\Program Files\DellTPad\ApMsgFwd.exe
18:01:33.0590 4804 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
18:01:33.0598 4804 [ BE37415BBEB27A0797088868C498ED54 ] C:\Windows\System32\pnidui.dll
18:01:33.0599 4804 C:\Windows\System32\pnidui.dll - ok
18:01:33.0605 4804 [ 9C2A1150A2902C503D092614E44A202A ] C:\Program Files\Windows Collaboration\WinCollab.exe
18:01:33.0605 4804 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
18:01:33.0612 4804 [ B7BF68E1FEE5FBC360FABDF8C4F4540A ] C:\Windows\System32\fdProxy.dll
18:01:33.0612 4804 C:\Windows\System32\fdProxy.dll - ok
18:01:33.0620 4804 [ 21C0D7CF8FF91A6ED206CD327FA1CE4B ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll
18:01:33.0620 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileMeNotification.dll - ok
18:01:33.0627 4804 [ 47C1DE0A890613FFCFF1D67648EEDF90 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:01:33.0627 4804 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
18:01:33.0636 4804 [ 494F99A5D968E6997A35B528648F74B9 ] C:\Windows\System32\fdWSD.dll
18:01:33.0636 4804 C:\Windows\System32\fdWSD.dll - ok
18:01:33.0643 4804 [ 425DE986081EB4ED5B58C12EAD23C03F ] C:\Windows\System32\consent.exe
18:01:33.0643 4804 C:\Windows\System32\consent.exe - ok
18:01:33.0651 4804 [ 77CCB4074CC32BF68CED66A90B865C8B ] C:\Program Files\Movie Maker\MOVIEMK.exe
18:01:33.0651 4804 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
18:01:33.0659 4804 [ A40432BB46793F3A2AD42E6D23A8290F ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:01:33.0659 4804 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
18:01:33.0669 4804 [ 6613680DAA6844EB2AB204AC6EAAA1E7 ] C:\Windows\System32\fdSSDP.dll
18:01:33.0669 4804 C:\Windows\System32\fdSSDP.dll - ok
18:01:33.0677 4804 [ DA20A42F514ADDD91F0E4D1533CB6AA0 ] C:\Windows\System32\rasdlg.dll
18:01:33.0677 4804 C:\Windows\System32\rasdlg.dll - ok
18:01:33.0687 4804 [ 2600A4854B435D3C15A28369CCD0B1F3 ] C:\Windows\System32\mprapi.dll
18:01:33.0687 4804 C:\Windows\System32\mprapi.dll - ok
18:01:33.0696 4804 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
18:01:33.0696 4804 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
18:01:33.0707 4804 [ 1BB128A09911A936E8EFC30C3F6C597C ] C:\Windows\System32\msconfig.exe
18:01:33.0707 4804 C:\Windows\System32\msconfig.exe - ok
18:01:33.0718 4804 [ 8870208FCB90E11960D45ECC994D268F ] C:\Windows\System32\wuapp.exe
18:01:33.0718 4804 C:\Windows\System32\wuapp.exe - ok
18:01:33.0726 4804 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:01:33.0726 4804 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
18:01:33.0737 4804 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
18:01:33.0737 4804 C:\Program Files\iTunes\iTunesHelper.exe - ok
18:01:33.0745 4804 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
18:01:33.0745 4804 C:\Program Files\iTunes\iTunesHelper.dll - ok
18:01:33.0756 4804 [ BA7A36A5CFFA8A4896F592FA8005F7DA ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\HerDocdll.dll
18:01:33.0756 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\HerDocdll.dll - ok
18:01:33.0767 4804 [ 2E0953919779A44BF9DFB7B07C58535A ] C:\Windows\ehome\ehtray.exe
18:01:33.0767 4804 C:\Windows\ehome\ehtray.exe - ok
18:01:33.0775 4804 [ 1B122DCCF1756DA3C9E37DD5D9AD88B3 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvipl.dll
18:01:33.0775 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvipl.dll - ok
18:01:33.0785 4804 [ 209079A828549205F9B5A7EC713E7E87 ] C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll
18:01:33.0785 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\XMPP.dll - ok
18:01:33.0793 4804 [ AFA1F8CC076AB0462512A78473D86D53 ] C:\Users\Naz\Program Files\DNA\btdna.exe
18:01:33.0793 4804 C:\Users\Naz\Program Files\DNA\btdna.exe - ok
18:01:33.0801 4804 [ 4B555106290BD117334E9A08761C035A ] C:\Windows\System32\rundll32.exe
18:01:33.0801 4804 C:\Windows\System32\rundll32.exe - ok
18:01:33.0808 4804 [ 6109C0E8AB58CD3D0506BB81E23F3B22 ] C:\Windows\System32\wlanapi.dll
18:01:33.0808 4804 C:\Windows\System32\wlanapi.dll - ok
18:01:33.0816 4804 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
18:01:33.0816 4804 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
18:01:33.0823 4804 [ 8D78BE3690DB07A2FD03D2A6B61E3DCD ] C:\Program Files\DellTPad\ApntEx.exe
18:01:33.0823 4804 C:\Program Files\DellTPad\ApntEx.exe - ok
18:01:33.0829 4804 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
18:01:33.0830 4804 C:\Windows\System32\AltTab.dll - ok
18:01:33.0837 4804 [ 5AEF652E978418E7554C09C6706B1FE1 ] C:\Windows\AppPatch\AcLayers.dll
18:01:33.0837 4804 C:\Windows\AppPatch\AcLayers.dll - ok
18:01:33.0841 4804 [ 20EF9002CFF89C4C1077E4415EC7297B ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:01:33.0841 4804 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:01:33.0850 4804 [ DE55F0A8D2F7DF728E796509C846A17E ] C:\Windows\System32\WPDShServiceObj.dll
18:01:33.0850 4804 C:\Windows\System32\WPDShServiceObj.dll - ok
18:01:33.0856 4804 [ C574C551637734B13278898FE2D12D15 ] C:\Program Files\DellTPad\hidfind.exe
18:01:33.0856 4804 C:\Program Files\DellTPad\hidfind.exe - ok
18:01:33.0863 4804 [ EDF5249A8DC8B453D54033E6A98807BF ] C:\Windows\System32\srchadmin.dll
18:01:33.0864 4804 C:\Windows\System32\srchadmin.dll - ok
18:01:33.0871 4804 [ 9130CCE19B5DB3D2E31F9F789263FC4A ] C:\Program Files\Microsoft CAPICOM 2.1.0.2\Lib\X86\capicom.dll
18:01:33.0871 4804 C:\Program Files\Microsoft CAPICOM 2.1.0.2\Lib\X86\capicom.dll - ok
18:01:33.0879 4804 [ F1DC6FE2102705272D58593091C6C6EF ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uipp.dll
18:01:33.0879 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uipp.dll - ok
18:01:33.0887 4804 [ 0DD6FEEE59EAF17A52564ACA95205341 ] C:\Windows\System32\mssign32.dll
18:01:33.0887 4804 C:\Windows\System32\mssign32.dll - ok
18:01:33.0893 4804 [ 0A11439975160B11E6AF7A4A3E50CDFD ] C:\Windows\System32\mssprxy.dll
18:01:33.0893 4804 C:\Windows\System32\mssprxy.dll - ok
18:01:33.0901 4804 [ 4FD45F2A2C445359482CA3F34EAB1A4D ] C:\Windows\System32\webcheck.dll
18:01:33.0901 4804 C:\Windows\System32\webcheck.dll - ok
18:01:33.0908 4804 [ 71E979899A9FFDDB0D1D80153192DB86 ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:01:33.0908 4804 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:01:33.0914 4804 [ 693E4C15CEE5D6487D7913A2701B5E40 ] C:\Windows\ehome\ehmsas.exe
18:01:33.0914 4804 C:\Windows\ehome\ehmsas.exe - ok
18:01:33.0922 4804 [ BB87F0D17A6E0C54918F488E1C68A55A ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileProtocolHandler.dll
18:01:33.0922 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileProtocolHandler.dll - ok
18:01:33.0929 4804 [ 267398F636881C34EE6E852308530C95 ] C:\Windows\System32\bthprops.cpl
18:01:33.0930 4804 C:\Windows\System32\bthprops.cpl - ok
18:01:33.0937 4804 [ 7E66BBDE4265006EFDF44E4B501A9766 ] C:\Users\Naz\AppData\Local\AC3Filter\ijkedlbg.dll
18:01:33.0937 4804 C:\Users\Naz\AppData\Local\AC3Filter\ijkedlbg.dll - ok
18:01:33.0944 4804 [ 6E30D310BC7D1684B1CE7407F9A1638D ] C:\Windows\System32\imapi2.dll
18:01:33.0944 4804 C:\Windows\System32\imapi2.dll - ok
18:01:33.0952 4804 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:01:34.0016 4804 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
18:01:34.0020 4804 [ D05DC087ABAE3927CEE384AF9FE184E9 ] C:\Windows\System32\PortableDeviceTypes.dll
18:01:34.0020 4804 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:01:34.0027 4804 [ 10571C829A0F5D529549DACCF2132725 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Cvt.dll
18:01:34.0027 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Cvt.dll - ok
18:01:34.0035 4804 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
18:01:34.0035 4804 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
18:01:34.0042 4804 [ F03FFC962E18F36A922E61F96BE09925 ] C:\Program Files\Digital Line Detect\DLG.exe
18:01:34.0042 4804 C:\Program Files\Digital Line Detect\DLG.exe - ok
18:01:34.0051 4804 [ 09FB6917E8E5108F0AEBB58FDD967A38 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Base.dll
18:01:34.0051 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Base.dll - ok
18:01:34.0058 4804 [ 1BA45CDEF852381DA4A95D056DDB4B48 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
18:01:34.0058 4804 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
18:01:34.0065 4804 [ A2C1288BD3DEDE03B2327E5972678C2E ] C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe
18:01:34.0065 4804 C:\Program Files\McAfee Security Scan\3.0.285\SSScheduler.exe - ok
18:01:34.0073 4804 [ 259E27152180B895DF395ED3E412B90E ] C:\Program Files\Internet Explorer\iexplore.exe
18:01:34.0073 4804 C:\Program Files\Internet Explorer\iexplore.exe - ok
18:01:34.0080 4804 [ CB1135906D951B574F9F2498BE8F11F9 ] C:\Program Files\Digital Line Detect\BVRPDiag.dll
18:01:34.0080 4804 C:\Program Files\Digital Line Detect\BVRPDiag.dll - ok
18:01:34.0088 4804 [ D9963D39F6711E9A1C14C939C3A25605 ] C:\Windows\System32\mdmxsdk.dll
18:01:34.0088 4804 C:\Windows\System32\mdmxsdk.dll - ok
18:01:34.0092 4804 [ 5BC65464354A9FD3BEAA28E18839734A ] C:\Program Files\Microsoft Office\Office10\OSA.EXE
18:01:34.0092 4804 C:\Program Files\Microsoft Office\Office10\OSA.EXE - ok
18:01:34.0101 4804 [ EA5F3BF2F1254EBF06731EE470EB29E8 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
18:01:34.0102 4804 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
18:01:34.0107 4804 [ 4A938E44BEB41641B70175DACAB1BBB0 ] C:\Windows\ehome\ehProxy.dll
18:01:34.0107 4804 C:\Windows\ehome\ehProxy.dll - ok
18:01:34.0114 4804 [ A3CDCDF1A0EE11A39F6BDEABB4DDE7EE ] C:\Program Files\Common Files\microsoft shared\Office10\MSO.DLL
18:01:34.0114 4804 C:\Program Files\Common Files\microsoft shared\Office10\MSO.DLL - ok
18:01:34.0122 4804 [ 9CEC7BEA826BA4F01AC93D51E3F2B221 ] C:\Program Files\Dell\QuickSet\quickset.exe
18:01:34.0122 4804 C:\Program Files\Dell\QuickSet\quickset.exe - ok
18:01:34.0130 4804 [ 10685A9A922E971B2B4D811A374A01E1 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll
18:01:34.0130 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncPref.resources\en.lproj\AppleSyncPrefLocalized.dll - ok
18:01:34.0138 4804 [ BBA2AC17489268DFF438E41FCCECFB92 ] C:\Program Files\McAfee\MSK\MskSet.dll
18:01:34.0138 4804 C:\Program Files\McAfee\MSK\MskSet.dll - ok
18:01:34.0145 4804 [ 2F75AC0D8CC1CB10130B27B2381679C1 ] C:\Windows\System32\wmpmde.dll
18:01:34.0145 4804 C:\Windows\System32\wmpmde.dll - ok
18:01:34.0152 4804 [ CB7BCE033EA4262A875E7DBC329025EC ] C:\Windows\System32\mf.dll
18:01:34.0152 4804 C:\Windows\System32\mf.dll - ok
18:01:34.0158 4804 [ 56369FEC5CE6699C191A4B65AF575108 ] C:\Windows\System32\evr.dll
18:01:34.0159 4804 C:\Windows\System32\evr.dll - ok
18:01:34.0165 4804 [ B8F366AAA577A37BD7705809D3F399A6 ] C:\Windows\System32\wmdrmsdk.dll
18:01:34.0165 4804 C:\Windows\System32\wmdrmsdk.dll - ok
18:01:34.0173 4804 [ B41DD8277022E22CE64BDD97F248D29C ] C:\Windows\System32\upnp.dll
18:01:34.0173 4804 C:\Windows\System32\upnp.dll - ok
18:01:34.0180 4804 [ F52929E460760081379C0D2A0B11AD23 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Vcvrt32.dll
18:01:34.0180 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Vcvrt32.dll - ok
18:01:34.0188 4804 [ 354D0D3FA5CD831509CE97DAFF2174D5 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
18:01:34.0188 4804 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
18:01:34.0195 4804 [ 4A36E63080922A2377C3AB4B313D97B6 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
18:01:34.0195 4804 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
18:01:34.0203 4804 [ 64E31BB32918CDC1B6B33C6107E6C02A ] C:\Windows\System32\wmp.dll
18:01:34.0203 4804 C:\Windows\System32\wmp.dll - ok
18:01:34.0209 4804 [ 6F120DB4262ADA8525C36B0A93936074 ] C:\Windows\System32\SearchProtocolHost.exe
18:01:34.0209 4804 C:\Windows\System32\SearchProtocolHost.exe - ok
18:01:34.0219 4804 [ B768327A1B2F192CAA67267A89AF3A31 ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
18:01:34.0219 4804 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
18:01:34.0224 4804 [ BA4F5126D65D25F34D56EF7C3DCBCFBB ] C:\Windows\System32\wmploc.DLL
18:01:34.0224 4804 C:\Windows\System32\wmploc.DLL - ok
18:01:34.0231 4804 [ A6C9085DB29CEB92FA32D9EFBAB0471D ] C:\Program Files\AC3Filter\spdif_test.exe
18:01:34.0231 4804 C:\Program Files\AC3Filter\spdif_test.exe - ok
18:01:34.0239 4804 [ 05CA049D3AEC68F6CF66952C18467ED5 ] C:\Windows\System32\igfxres.dll
18:01:34.0239 4804 C:\Windows\System32\igfxres.dll - ok
18:01:34.0245 4804 [ 617F9A5813E69F6E9ED94B811EC75396 ] C:\Windows\System32\wmpps.dll
18:01:34.0245 4804 C:\Windows\System32\wmpps.dll - ok
18:01:34.0253 4804 [ F91179E50070992C566DE7A6D50209E9 ] C:\Windows\System32\wmdrmdev.dll
18:01:34.0253 4804 C:\Windows\System32\wmdrmdev.dll - ok
18:01:34.0260 4804 [ 2BC3A721B3BD05A4B9BD48E5228838AB ] C:\Windows\System32\drmv2clt.dll
18:01:34.0260 4804 C:\Windows\System32\drmv2clt.dll - ok
18:01:34.0271 4804 [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
18:01:34.0271 4804 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
18:01:34.0278 4804 [ 145076536DB5E6561C0E24E047B07A62 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
18:01:34.0278 4804 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe - ok
18:01:34.0286 4804 [ A29E27328CAA54EE94104694270FD8D0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
18:01:34.0286 4804 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
18:01:34.0293 4804 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
18:01:34.0293 4804 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
18:01:34.0301 4804 [ 5874552B025CC71E12B321C760F0A12B ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uSurround.dll
18:01:34.0301 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uSurround.dll - ok
18:01:34.0309 4804 [ CA14FCBE316941A1052588883B5AD526 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv02.key
18:01:34.0309 4804 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv02.key - ok
18:01:34.0316 4804 [ 81CA5900886AA95FEC95CB4CCBE5CE26 ] C:\Windows\System32\wbem\wmiprov.dll
18:01:34.0316 4804 C:\Windows\System32\wbem\wmiprov.dll - ok
18:01:34.0324 4804 [ A94DC60A90EFD7A35C36D971E3EE7470 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\msvcp71.dll
18:01:34.0324 4804 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\msvcp71.dll - ok
18:01:34.0331 4804 [ EF8F7615788D0C354E9E5E0A627B2393 ] C:\Program Files\Common Files\System\wab32.dll
18:01:34.0331 4804 C:\Program Files\Common Files\System\wab32.dll - ok
18:01:34.0339 4804 [ CD5B686271E56F81E865B86CC55FA649 ] C:\Windows\AppPatch\AcSpecfc.dll
18:01:34.0339 4804 C:\Windows\AppPatch\AcSpecfc.dll - ok
18:01:34.0343 4804 [ 6CFCA2A5B71C1CB908049DBC6BF6C6D1 ] C:\Windows\System32\mscms.dll
18:01:34.0343 4804 C:\Windows\System32\mscms.dll - ok
18:01:34.0349 4804 [ 5088C107CEED276FFCE55F8BE549933B ] C:\Windows\System32\rasmontr.dll
18:01:34.0349 4804 C:\Windows\System32\rasmontr.dll - ok
18:01:34.0357 4804 [ 17EFB4C5F996F783E90BE1EB0077BA40 ] C:\Program Files\McAfee Security Scan\3.0.285\mcuicnt.exe
18:01:34.0357 4804 C:\Program Files\McAfee Security Scan\3.0.285\mcuicnt.exe - ok
18:01:34.0364 4804 [ 144048598C3D0F376C18E70ADA3399CE ] C:\Windows\System32\wmdrmnet.dll
18:01:34.0364 4804 C:\Windows\System32\wmdrmnet.dll - ok
18:01:34.0372 4804 [ D9AB631DFE5B28815838FC38F632B6C1 ] C:\Windows\System32\WMVCORE.DLL
18:01:34.0372 4804 C:\Windows\System32\WMVCORE.DLL - ok
18:01:34.0379 4804 [ A1AAC0D6828D2A69A952321AA9950A47 ] C:\Windows\System32\netsh.exe
18:01:34.0379 4804 C:\Windows\System32\netsh.exe - ok
18:01:34.0386 4804 [ 5B5F109BB2D0E5937A45F11842470A03 ] C:\Program Files\McAfee Security Scan\uninstall.exe
18:01:34.0386 4804 C:\Program Files\McAfee Security Scan\uninstall.exe - ok
18:01:34.0393 4804 [ 6A82BBD57C2DEDD4FB85DF87C8883243 ] C:\Windows\System32\mfc42u.dll
18:01:34.0393 4804 C:\Windows\System32\mfc42u.dll - ok
18:01:34.0400 4804 [ 64B7373D5DD4995C57A9AFCE45FE9586 ] C:\Windows\System32\WMASF.DLL
18:01:34.0400 4804 C:\Windows\System32\WMASF.DLL - ok
18:01:34.0407 4804 [ 7818D574CB625D272BABDA8C5338E23A ] C:\Windows\System32\rastapi.dll
18:01:34.0407 4804 C:\Windows\System32\rastapi.dll - ok
18:01:34.0414 4804 [ 254836A3CA138824C1BA0FA544BF2B78 ] C:\Windows\System32\unimdm.tsp
18:01:34.0414 4804 C:\Windows\System32\unimdm.tsp - ok
18:01:34.0421 4804 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
18:01:34.0421 4804 C:\Windows\System32\uniplat.dll - ok
18:01:34.0428 4804 [ E36FCD24EC9317EC157513FEA294738A ] C:\Program Files\Theorica Divx ;-) Codecs\ffdshow.ax
18:01:34.0428 4804 C:\Program Files\Theorica Divx ;-) Codecs\ffdshow.ax - ok
18:01:34.0436 4804 [ CA2F560921B7B8BE1CF555A5A18D54C3 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\msvcr71.dll
18:01:34.0436 4804 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\msvcr71.dll - ok
18:01:34.0444 4804 [ 498961DEAAC558A5D85F7596CBCA6DC3 ] C:\Windows\System32\cryptdlg.dll
18:01:34.0444 4804 C:\Windows\System32\cryptdlg.dll - ok
18:01:34.0450 4804 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
18:01:34.0450 4804 C:\Windows\System32\unimdmat.dll - ok
18:01:34.0458 4804 [ 917A728A12F25FCF4636858FAC9979FA ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
18:01:34.0458 4804 C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll - ok
18:01:34.0465 4804 [ 60C518CC84C7D9887860AAF99C32566D ] C:\Windows\System32\modemui.dll
18:01:34.0465 4804 C:\Windows\System32\modemui.dll - ok
18:01:34.0473 4804 [ E051555F2157272CDEC7EAE174692770 ] C:\Windows\System32\kmddsp.tsp
18:01:34.0473 4804 C:\Windows\System32\kmddsp.tsp - ok
18:01:34.0479 4804 [ 1FDFC86E6EFFC8CFEE05105A1B757D54 ] C:\Windows\System32\ndptsp.tsp
18:01:34.0479 4804 C:\Windows\System32\ndptsp.tsp - ok
18:01:34.0487 4804 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
18:01:34.0487 4804 C:\Windows\System32\hidphone.tsp - ok
18:01:34.0494 4804 [ 81294812D4D6884CA4E2DEB5E0747D48 ] C:\Windows\System32\rasppp.dll
18:01:34.0494 4804 C:\Windows\System32\rasppp.dll - ok
18:01:34.0504 4804 [ 408A0E30A2B8170B8DA32A44402B0E28 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
18:01:34.0504 4804 C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
18:01:34.0510 4804 [ 1CA27B5452B59AD895888D51C7C38E59 ] C:\Windows\System32\rasqec.dll
18:01:34.0510 4804 C:\Windows\System32\rasqec.dll - ok
18:01:34.0517 4804 [ 7C206778460F2ED59E81474A197458A7 ] C:\Windows\System32\cryptui.dll
18:01:34.0517 4804 C:\Windows\System32\cryptui.dll - ok
18:01:34.0524 4804 [ 8E4BB3A80000D4612441CC55F1C1348E ] C:\Windows\System32\mssph.dll
18:01:34.0524 4804 C:\Windows\System32\mssph.dll - ok
18:01:34.0532 4804 [ 863ABB8788D7A4562D845A70B3CCA426 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\MFC71u.dll
18:01:34.0532 4804 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\MFC71u.dll - ok
18:01:34.0540 4804 [ 472DAB07F8B2DE49714D32022B83D423 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
18:01:34.0540 4804 C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
18:01:34.0547 4804 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
18:01:34.0547 4804 C:\Windows\System32\mapi32.dll - ok
18:01:34.0554 4804 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
18:01:34.0554 4804 C:\Program Files\iPod\bin\iPodService.exe - ok
18:01:34.0561 4804 [ 3D239D80DC75619418AD4CE4346536E5 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcherLOC.dll
18:01:34.0561 4804 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcherLOC.dll - ok
18:01:34.0568 4804 [ DA81DCBCA4590DA2B32F340933CF2C9E ] C:\Windows\System32\msoert2.dll
18:01:34.0568 4804 C:\Windows\System32\msoert2.dll - ok
18:01:34.0576 4804 [ 8CDFB72D8C79CBAE6F3488AACFDF8A5F ] C:\Windows\System32\mssvp.dll
18:01:34.0576 4804 C:\Windows\System32\mssvp.dll - ok
18:01:34.0583 4804 [ A3F44D3E6E538E128E5C954AC2B65A99 ] C:\Program Files\McAfee\MPF\L10N.dll
18:01:34.0583 4804 C:\Program Files\McAfee\MPF\L10N.dll - ok
18:01:34.0591 4804 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
18:01:34.0591 4804 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
18:01:34.0595 4804 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
18:01:34.0596 4804 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
18:01:34.0605 4804 [ 7FCE5C54F97A995F09B6D448CF51F834 ] C:\Windows\System32\ntlanman.dll
18:01:34.0605 4804 C:\Windows\System32\ntlanman.dll - ok
18:01:34.0611 4804 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
18:01:34.0611 4804 C:\Windows\System32\drprov.dll - ok
18:01:34.0617 4804 [ D306EA7436AC1587463A89BE29B456FB ] C:\Windows\System32\davclnt.dll
18:01:34.0618 4804 C:\Windows\System32\davclnt.dll - ok
18:01:34.0625 4804 [ 94D3C18BDDF40C5EE4B0F477BF969796 ] C:\Program Files\Dell\QuickSet\dadkeyb.dll
18:01:34.0625 4804 C:\Program Files\Dell\QuickSet\dadkeyb.dll - ok
18:01:34.0632 4804 [ 809344867D0E3C6D03F38727F0853D74 ] C:\Windows\System32\msftedit.dll
18:01:34.0632 4804 C:\Windows\System32\msftedit.dll - ok
18:01:34.0640 4804 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
18:01:34.0640 4804 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
18:01:34.0647 4804 [ 5F456D858F142FC2B59E8BCF03B6D64E ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ULSCRUB.dll
18:01:34.0647 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ULSCRUB.dll - ok
18:01:34.0655 4804 [ F88A92D5F438E07295624B718C0F7A3F ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulRender.dll
18:01:34.0655 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulRender.dll - ok
18:01:34.0662 4804 [ 7F1393566DC7F09BEE5C83CCFD7D58C2 ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
18:01:34.0662 4804 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
18:01:34.0672 4804 [ 5BC02BC2CF639968013AA06F9C6AE76C ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uRenderS.dll
18:01:34.0672 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uRenderS.dll - ok
18:01:34.0678 4804 [ 091419CE0052D0B8A4B2860D9D4818E8 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Dir12.dll
18:01:34.0678 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Dir12.dll - ok
18:01:34.0685 4804 [ 974DBB61FE5028D6F8C5671893CE27C9 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulDARMgr.dll
18:01:34.0685 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulDARMgr.dll - ok
18:01:34.0693 4804 [ 3141BEDAE3CC53E9DAB21CDC0D0A3E57 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\MSPEEffectFunc.dll
18:01:34.0693 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\MSPEEffectFunc.dll - ok
18:01:34.0700 4804 [ 810C3BA34D19B7A69C3A28E5FE5291DD ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\upl.dll
18:01:34.0700 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\upl.dll - ok
18:01:34.0709 4804 [ 9915F44B9BD661565E1931B913D85038 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulPPMgr.dll
18:01:34.0709 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulPPMgr.dll - ok
18:01:34.0716 4804 [ C11CCDF2F695C3CBB970985B790AEC26 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uRenderA.dll
18:01:34.0716 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uRenderA.dll - ok
18:01:34.0724 4804 [ A6473A2518829FD29E33FA2EF67444FE ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32video.dll
18:01:34.0724 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32video.dll - ok
18:01:34.0731 4804 [ AF1BFD9198A66D4CD07344D0D8374990 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Brows.dll
18:01:34.0732 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Brows.dll - ok
18:01:34.0739 4804 [ A93582680F715C4B20D496C248E50D09 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Misc.dll
18:01:34.0739 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Misc.dll - ok
18:01:34.0747 4804 [ 7AA8B9129DAA1D540BDBD90E7F38880A ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Vepb40.dll
18:01:34.0747 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Vepb40.dll - ok
18:01:34.0755 4804 [ 966B17D2629F83E885813A35C0B7FC24 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvBase.dll
18:01:34.0755 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvBase.dll - ok
18:01:34.0762 4804 [ F83228E98C9C6A0BE628BD7A795BAA88 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\VioRC.dll
18:01:34.0762 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\VioRC.dll - ok
18:01:34.0769 4804 [ 3877820A8CCD1AA49FA77A2A79D8DAE6 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPlay.dll
18:01:34.0769 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPlay.dll - ok
18:01:34.0777 4804 [ D5B6015703289B4D7FAC03BB25EB592B ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32File.dll
18:01:34.0778 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32File.dll - ok
18:01:34.0785 4804 [ E9E43264704321F0E487B254B21D28DE ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Upfmgr.dll
18:01:34.0785 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\Upfmgr.dll - ok
18:01:34.0793 4804 [ D4863DAEDE8DED80ABFDFFE608E7245B ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\upfMgrRC.dll
18:01:34.0793 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\upfMgrRC.dll - ok
18:01:34.0800 4804 [ 8E03FAC881F39C46C00B55E25004BABB ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCVECOMM.dll
18:01:34.0800 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCVECOMM.dll - ok
18:01:34.0809 4804 [ 5082A02437366D62818A1624D60BA593 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCVEBUF.dll
18:01:34.0809 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCVEBUF.dll - ok
18:01:34.0816 4804 [ 3CDEAC3FEFD91A849B292DCA0C66D03D ] C:\Program Files\Common Files\System\wab32res.dll
18:01:34.0816 4804 C:\Program Files\Common Files\System\wab32res.dll - ok
18:01:34.0823 4804 [ 41E355B75AF63327A6A7FF3C42CAC8C5 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Tx.dll
18:01:34.0823 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Tx.dll - ok
18:01:34.0830 4804 [ AE7888BDAA2F721854B744CF3934F9B7 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCCOMMRC.dll
18:01:34.0831 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\UFCCOMMRC.dll - ok
18:01:34.0839 4804 [ 066B1558B0286677D4CCE0A20F01F0FE ] C:\Program Files\Dell\MediaDirect\Kernel\common\CLRCEngine3.dll
18:01:34.0839 4804 C:\Program Files\Dell\MediaDirect\Kernel\common\CLRCEngine3.dll - ok
18:01:34.0843 4804 [ 465DE95B0662069FBADABE490EF01E55 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ukMgr.dll
18:01:34.0843 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ukMgr.dll - ok
18:01:34.0850 4804 [ 2C8F31210B0D65B7ED4FE410A814A60F ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32txEx.dll
18:01:34.0850 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32txEx.dll - ok
18:01:34.0858 4804 [ DAD6BB2E1E1DCAC890E0D936FDE16477 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uTimeCode.dll
18:01:34.0858 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uTimeCode.dll - ok
18:01:34.0866 4804 [ CFEC2E5651F27E753B8302D39610B1E8 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\PexExif.dll
18:01:34.0866 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\PexExif.dll - ok
18:01:34.0874 4804 [ 08EC5A11185534F10C5D2330BAD66C5C ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uExifLib.dll
18:01:34.0874 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uExifLib.dll - ok
18:01:34.0882 4804 [ CC02BDE6C9C6B4F8C6C0492E9A764F65 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulibjpg.dll
18:01:34.0882 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulibjpg.dll - ok
18:01:34.0890 4804 [ 2EF1D56CA501040A889D3DF4E484F1B1 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulibtif.dll
18:01:34.0890 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ulibtif.dll - ok
18:01:34.0897 4804 [ AC5CC3AAB190F8DF35AE39CE8C9B37D5 ] C:\Program Files\Common Files\Nokia\MPlatform\MDatastorePH.dll
18:01:34.0897 4804 C:\Program Files\Common Files\Nokia\MPlatform\MDatastorePH.dll - ok
18:01:34.0905 4804 [ 30B11E7B0EA10359B7F94DC84BF4B5C8 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ucvtmem.dll
18:01:34.0905 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\ucvtmem.dll - ok
18:01:34.0912 4804 [ 16F140C5899082EBFAC36A5BE50F51F9 ] C:\Windows\System32\SearchFilterHost.exe
18:01:34.0912 4804 C:\Windows\System32\SearchFilterHost.exe - ok
18:01:34.0919 4804 [ EF5A686DC00A9C60E3E7C02E1411DE96 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderPNG.dll
18:01:34.0919 4804 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderPNG.dll - ok
18:01:34.0927 4804 [ A5DDD70930AF6540721ACD2EE169E68D ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uliblzw.dll
18:01:34.0927 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uliblzw.dll - ok
18:01:34.0935 4804 [ 3B2C584C14D01984AFE498797A329FE5 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\pexBuf.dll
18:01:34.0935 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\pexBuf.dll - ok
18:01:34.0943 4804 [ 27B5A445947FDEBFBE994DEB72115856 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Fido.dll
18:01:34.0943 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\u32Fido.dll - ok
18:01:34.0950 4804 [ DDF59E553222B47F4B0A7F96F648F787 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\HerDocRC.dll
18:01:34.0950 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\HerDocRC.dll - ok
18:01:34.0959 4804 [ 9D6B61522906DCD4E7BA1A8BA7E601E1 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uVeCfg.dll
18:01:34.0959 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uVeCfg.dll - ok
18:01:34.0966 4804 [ A411021E1FD67550671ED83C5EF390C0 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uAfxUnknown.dll
18:01:34.0966 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uAfxUnknown.dll - ok
18:01:34.0974 4804 [ 1AA939146E9F34F32EBE53525D9342A8 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uBaseObject.dll
18:01:34.0974 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uBaseObject.dll - ok
18:01:34.0982 4804 [ 26546543CFE2E5BFDAA3E88207F6DB22 ] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\cutime.dll
18:01:34.0983 4804 C:\Program Files\Ulead Systems\Ulead VideoStudio 11\cutime.dll - ok
18:01:34.0991 4804 [ 09841A0302BBBD24B95BB3F8B34A73E7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
18:01:34.0991 4804 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll - ok
18:01:34.0995 4804 ============================================================
18:01:34.0995 4804 Scan finished
18:01:34.0995 4804 ============================================================
18:01:35.0010 4416 Detected object count: 10
18:01:35.0010 4416 Actual detected object count: 10
18:03:52.0662 4416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0663 4416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0666 4416 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0666 4416 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0669 4416 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0669 4416 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0672 4416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0673 4416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0678 4416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0678 4416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0681 4416 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0682 4416 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0685 4416 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0685 4416 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0688 4416 RoxWatch9 ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0688 4416 RoxWatch9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0691 4416 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0691 4416 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:03:52.0696 4416 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
18:03:52.0696 4416 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:11:00.0872 3664 Deinitialize success
  • 0

Advertisements


#11
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
I ran Combox but have no idea where the file saved too? I have no file in C:/ called Combofix.txt.....I searched for a file and all that returns is the combofix.exe
  • 0

#12
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Beshoff,

Please restart your PC and try to run Combofix again. Hopefully we will get log this time.
  • 0

#13
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Ran Combofix again and it has created a whole new drive called Combofix under the C:. I read where is was saving an output file too and went into that folder (named 32788R22FWJFW) but no combofix.txt file - loads of other files.
  • 0

#14
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Beshoff,

Let's try this instead Combofix. This scan could take between 3 -5 hours to finish so please be patient.

Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post
  • 0

#15
Beshoff

Beshoff

    Member

  • Topic Starter
  • Member
  • PipPip
  • 31 posts
Left this to run overnight - but it stalled and I am out during the day and it stalled again so might take longer than a few hours. I did save a small initial report after the first stall thinking it would not restart I will attch that now and do the rest later - likelihood is another 24 hours from now. Please bear with me - thanks for your patience up to now.

Part 1

Status: Deleted (events: 4)
17/01/2013 06:32:47 Deleted Trojan program Backdoor.Win32.ZAccess.mbt C:\Qoobox\Quarantine\C\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected] High
17/01/2013 06:33:13 Deleted Trojan program Backdoor.Win32.ZAccess.mbs C:\Qoobox\Quarantine\C\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected] High
17/01/2013 06:33:16 Deleted Trojan program Trojan-Dropper.Win32.Miner.i C:\Qoobox\Quarantine\C\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected] High
17/01/2013 06:33:52 Deleted Trojan program Trojan.Win32.Small.cot C:\Qoobox\Quarantine\C\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected] High
Status: Detected (events: 1)
17/01/2013 06:33:14 Detected Trojan program Backdoor.Win32.ZAccess.amcs C:\Qoobox\Quarantine\C\Windows\Installer\{1e52d328-0a59-e7e0-c310-445c04e55c20}\U\[email protected] High
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP