Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Arestocrat [Closed]

Started by Nova11 , Apr 24 2013 12:33 AM

  • This topic is locked This topic is locked

#1
Nova11
Posted 24 April 2013 - 12:33 AM

Nova11

    Member

  • Member
  • PipPip
  • 17 posts
I've seen other topics about this, but I'm not sure what to do.

I have Arestocrat. It claims I need to pay a $450 fine.

The computer works fine as a different user. I have Windows Vista.

I ran OTL from an administator account (not the infected one) with "scan all users" checked and the Notepad file looks like this:

OTL logfile created on: 4/24/2013 12:42:20 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Staples1077\Documents
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.68 Mb Total Physical Memory | 379.38 Mb Available Physical Memory | 37.43% Memory free
2.24 Gb Paging File | 1.32 Gb Available in Paging File | 59.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.77 Gb Total Space | 73.30 Gb Free Space | 52.07% Space Free | Partition Type: NTFS
Drive D: | 8.28 Gb Total Space | 1.82 Gb Free Space | 22.04% Space Free | Partition Type: NTFS

Computer Name: STAPLES1077-PC | User Name: Staples1077 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/24 00:32:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Staples1077\Documents\OTL (1).exe
PRC - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2009/04/10 23:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/04/23 20:11:42 | 000,262,243 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2007/03/09 12:50:02 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/02/12 09:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 09:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/01/20 13:48:06 | 000,142,416 | R--- | M] (Command Software Systems, Inc.) -- C:\Program Files\Common Files\Command Software\dvpapi.exe
PRC - [2000/08/30 06:00:32 | 000,172,032 | ---- | M] (Sierra Online, Inc.) -- C:\Sierra\Planner\PLNRnote.exe


========== Modules (No Company Name) ==========

MOD - [2007/04/23 20:11:44 | 000,339,968 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/04/23 20:11:34 | 000,237,673 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/04/23 20:11:34 | 000,114,787 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/04/23 20:11:34 | 000,032,768 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
MOD - [2007/04/23 20:10:44 | 000,061,440 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll


========== Services (SafeList) ==========

SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/23 20:11:44 | 000,106,593 | ---- | M] () [Auto | Stopped] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched)
SRV - [2007/04/23 20:11:42 | 000,262,243 | ---- | M] () [Auto | Running] -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc)
SRV - [2007/02/12 09:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2006/01/20 13:48:06 | 000,142,416 | R--- | M] (Command Software Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Command Software\dvpapi.exe -- (dvpapi)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/04/23 23:07:13 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C436131D-39F0-4C70-83C0-94C0B616A4B8}\MpKsl34a37c9a.sys -- (MpKsl34a37c9a)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009/04/10 21:45:26 | 000,113,664 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rmcast.sys -- (RMCAST)
DRV - [2008/01/28 15:56:47 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/01/28 15:56:38 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/08/09 19:27:53 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/03/05 16:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/03/01 07:49:58 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/02/24 09:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 12:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/01/23 11:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/30 12:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\Windows\System32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2006/11/02 02:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/11/02 02:30:54 | 001,781,760 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32)
DRV - [2006/06/28 11:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2006/01/20 13:40:42 | 000,783,984 | R--- | M] (Command Software Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\css-dvp.sys -- (CSS DVP)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {9EECE930-EA06-477C-A728-406A4A40B9C1}
IE - HKLM\..\SearchScopes\{266B0F19-BF0E-4E12-8518-86D59D5A63A5}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKLM\..\SearchScopes\{9EECE930-EA06-477C-A728-406A4A40B9C1}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{B0F2BB51-91F8-46C6-AB21-953BC6C7B8D7}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..\SearchScopes,DefaultScope = {9EECE930-EA06-477C-A728-406A4A40B9C1}
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..\SearchScopes\{266B0F19-BF0E-4E12-8518-86D59D5A63A5}: "URL" = http://search.live.c...#38;FORM=HVDUS7
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..\SearchScopes\{9EECE930-EA06-477C-A728-406A4A40B9C1}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..\SearchScopes\{B0F2BB51-91F8-46C6-AB21-953BC6C7B8D7}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-966811989-3646494615-150306703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\npDisplayEngine: C:\Program Files\LivingPlay Games\nplplaypop.dll ( )



O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Elaine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe (Sony Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-966811989-3646494615-150306703-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46B7AD45-7614-4D28-BFAE-09BB72A4930D}: DhcpNameServer = 75.75.75.75 75.75.76.76
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/14 07:10:42 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/24 00:36:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Staples1077\Documents\OTL (1).exe
[2013/04/23 22:51:04 | 000,078,848 | ---- | C] (Hilgraeve, Inc.) -- C:\ProgramData\f34rfcdsfwe.exe

========== Files - Modified Within 30 Days ==========

[2013/04/24 00:40:52 | 000,000,149 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2013/04/24 00:32:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Staples1077\Documents\OTL (1).exe
[2013/04/23 23:06:12 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/04/23 23:06:09 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/23 23:06:09 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/23 23:05:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/23 23:05:53 | 1063,706,624 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/23 23:01:47 | 002,250,054 | ---- | M] () -- C:\ProgramData\1.bmp
[2013/04/23 23:01:32 | 000,302,806 | ---- | M] () -- C:\ProgramData\1.jpg
[2013/04/10 18:18:15 | 000,412,776 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/04/07 17:39:16 | 159,001,161 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/29 00:42:05 | 000,610,732 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/03/29 00:42:05 | 000,107,206 | ---- | M] () -- C:\Windows\System32\perfc009.dat

========== Files Created - No Company Name ==========

[2013/04/23 23:01:46 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/04/23 23:01:22 | 000,302,806 | ---- | C] () -- C:\ProgramData\1.jpg
[2011/12/22 21:28:55 | 000,007,950 | -HS- | C] () -- C:\ProgramData\n7qu45p3of7bww
[2011/12/14 20:04:03 | 000,005,780 | -HS- | C] () -- C:\ProgramData\370173d2u587h743k306j0xyi3v8
[2011/11/05 07:46:56 | 000,000,216 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011/11/05 07:46:55 | 000,000,312 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011/11/05 07:46:32 | 000,000,448 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk
[2008/03/02 10:29:12 | 000,000,680 | ---- | C] () -- C:\Users\Staples1077\AppData\Local\d3d9caps.dat
[2008/02/27 19:00:51 | 000,024,206 | ---- | C] () -- C:\Users\Staples1077\AppData\Roaming\UserTile.png
[2008/02/27 18:51:45 | 000,000,000 | ---- | C] () -- C:\Users\Staples1077\AppData\Roaming\wklnhst.dat
[2008/02/07 02:21:42 | 000,004,608 | ---- | C] () -- C:\Users\Staples1077\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2009/06/05 19:08:57 | 000,000,000 | ---D | M] -- C:\Users\Elaine\AppData\Roaming\Template
[2009/05/30 11:59:33 | 000,000,000 | ---D | M] -- C:\Users\Elaine\AppData\Roaming\WildTangent
[2010/10/13 06:34:40 | 000,000,000 | ---D | M] -- C:\Users\Elaine 2\AppData\Roaming\Avywo
[2010/10/14 07:47:36 | 000,000,000 | ---D | M] -- C:\Users\Elaine 2\AppData\Roaming\Faizlo
[2010/09/12 19:28:26 | 000,000,000 | ---D | M] -- C:\Users\Elaine 2\AppData\Roaming\WildTangent
[2009/06/05 18:57:24 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\Template
[2009/06/05 16:12:28 | 000,000,000 | ---D | M] -- C:\Users\Johnny\AppData\Roaming\WildTangent
[2009/08/24 18:17:46 | 000,000,000 | ---D | M] -- C:\Users\Staples1077\AppData\Roaming\LimeWire
[2008/01/12 06:12:57 | 000,000,000 | ---D | M] -- C:\Users\Staples1077\AppData\Roaming\MSNInstaller
[2009/05/29 18:58:34 | 000,000,000 | ---D | M] -- C:\Users\Staples1077\AppData\Roaming\Template
[2008/01/11 04:16:28 | 000,000,000 | ---D | M] -- C:\Users\Staples1077\AppData\Roaming\WildTangent

========== Purity Check ==========



< End of report >
  • 0

Advertisements

#2
gringo_pr
Posted 24 April 2013 - 12:49 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nova11

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
[2013/04/23 22:51:04 | 000,078,848 | ---- | C] (Hilgraeve, Inc.) -- C:\ProgramData\f34rfcdsfwe.exe
[2013/04/23 23:01:46 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/04/23 23:01:22 | 000,302,806 | ---- | C] () -- C:\ProgramData\1.jpg
[2011/12/22 21:28:55 | 000,007,950 | -HS- | C] () -- C:\ProgramData\n7qu45p3of7bww
[2011/12/14 20:04:03 | 000,005,780 | -HS- | C] () -- C:\ProgramData\370173d2u587h743k306j0xyi3v8
[2011/11/05 07:46:56 | 000,000,216 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr
[2011/11/05 07:46:55 | 000,000,312 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk
[2011/11/05 07:46:32 | 000,000,448 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk
:Files
ipconfig /flushdns /c

:Commands
[PURITY]
[emptyjava]
[EMPTYFLASH]
[reboot]
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo
  • 0

#3
Nova11
Posted 24 April 2013 - 07:39 AM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I did what you said and the ransom page doesn't appear anymore. It seems to be working normally.

Here's that report:

========== OTL ==========
C:\ProgramData\f34rfcdsfwe.exe moved successfully.
C:\ProgramData\1.bmp moved successfully.
C:\ProgramData\1.jpg moved successfully.
C:\ProgramData\n7qu45p3of7bww moved successfully.
C:\ProgramData\370173d2u587h743k306j0xyi3v8 moved successfully.
C:\ProgramData\~6DSS92c31Apgjkr moved successfully.
C:\ProgramData\~6DSS92c31Apgjk moved successfully.
C:\ProgramData\6DSS92c31Apgjk moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Staples1077\Documents\cmd.bat deleted successfully.
C:\Users\Staples1077\Documents\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: David 1

User: Default

User: Default User

User: Dennis

User: Dennis.Staples1077-PC
->Java cache emptied: 70577 bytes

User: Dennis_2
->Java cache emptied: 101855 bytes

User: Elaine
->Java cache emptied: 73990669 bytes

User: Elaine 2
->Java cache emptied: 174193 bytes

User: Guest
->Java cache emptied: 7617538 bytes

User: Johnny
->Java cache emptied: 43940936 bytes

User: Public

User: Staples1077
->Java cache emptied: 7617538 bytes

Total Java Files Cleaned = 127.00 mb


[EMPTYFLASH]

User: All Users

User: David 1
->Flash cache emptied: 36010 bytes

User: Default

User: Default User

User: Dennis

User: Dennis.Staples1077-PC
->Flash cache emptied: 209147 bytes

User: Dennis_2

User: Elaine
->Flash cache emptied: 131854 bytes

User: Elaine 2
->Flash cache emptied: 187956 bytes

User: Guest
->Flash cache emptied: 993 bytes

User: Johnny
->Flash cache emptied: 181819 bytes

User: Public

User: Staples1077
->Flash cache emptied: 5007 bytes

Total Flash Files Cleaned = 1.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04242013_075847
  • 0

#4
gringo_pr
Posted 24 April 2013 - 11:49 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nova11


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#5
gringo_pr
Posted 26 April 2013 - 11:44 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#6
Nova11
Posted 27 April 2013 - 10:00 PM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Sorry, I was busy with other things. I'm not having any obvious problems.

I just ran AdwCleaner the way you said to. The logfile did not open automatically after the reboot; does that matter?

Here is the content of the logfile

# AdwCleaner v2.202 - Logfile created 04/27/2013 at 22:35:22
# Updated 23/04/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Staples1077 - STAPLES1077-PC
# Boot Mode : Normal
# Running from : C:\Users\Dennis_2\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files\Dogpile Bundle Toolbar
Folder Deleted : C:\Users\Elaine 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dogpile Bundle Toolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.FCTB000060231Pos.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl
Key Deleted : HKLM\SOFTWARE\Classes\FCTB000060231.JSOptionsImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook
Key Deleted : HKLM\SOFTWARE\Classes\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\FCTB000060231
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C80BDEB2-8735-44C6-BD55-A1CCD555667A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C80BDEB2-8735-44C6-BD55-A1CCD555667A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [3718 octets] - [27/04/2013 22:35:22]

########## EOF - \AdwCleaner[S1].txt - [3778 octets] ##########







I don't remember where that dogpile toolbar originally came from, just that I had turned it off and never even thought about turning it back on. But I didn't realize it was something that could be causing any kind of problem?

Do you still think I need to use RogueKiller, and how do I know which version to use?
  • 0

#7
gringo_pr
Posted 27 April 2013 - 10:19 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
yes run the 32bit
  • 0

#8
Nova11
Posted 27 April 2013 - 10:40 PM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Uh, I downloaded it and did the scan part like you said (it found four things), but it opened a webpage (http://tigzyrk.blogs...access-max.html)in a browser that has the favorites and history of the administrator account.

And then Microsoft Security Essentials automatically detected and quarantined two trojans. (Trojan:Win64/SirefefB and Trojan:Win32/Sirefef!cfg)

I haven't done delete because I think something else is wrong now.
  • 0

#9
gringo_pr
Posted 27 April 2013 - 11:04 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


go ahead and run the delete - MSE detected it because of our scanning the infected files


gringo
  • 0

#10
Nova11
Posted 27 April 2013 - 11:21 PM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Okay, I did.

Here's the report

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Staples1077 [Admin rights]
Mode : Remove -- Date : 04/28/2013 00:14:05
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[RUN][SUSP PATH] HKUS\S-1-5-21-966811989-3646494615-150306703-1021[...]\Run : SoundDrivers ("C:\ProgramData\f34rfcdsfwe.exe") [x] -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤
[Del.Parent][FILE] 00000001.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1004\$ff24043d55f85ce9a20a8337d9b4b888\U\00000001.@ [-] --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1004\$ff24043d55f85ce9a20a8337d9b4b888\U\80000000.@ [-] --> REMOVED
[Del.Parent][FILE] 800000cb.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1004\$ff24043d55f85ce9a20a8337d9b4b888\U\800000cb.@ [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1004\$ff24043d55f85ce9a20a8337d9b4b888\U --> REMOVED
[Del.Parent][FILE] 00000001.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\00000001.@ [-] --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\00000004.@ [-] --> REMOVED
[Del.Parent][FILE] 00000008.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\00000008.@ [-] --> REMOVED
[Del.Parent][FILE] 000000cb.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\000000cb.@ [-] --> REMOVED
[Del.Parent][FILE] 80000000.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\80000000.@ [-] --> REMOVED
[Del.Parent][FILE] 80000032.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\80000032.@ [-] --> REMOVED
[Del.Parent][FILE] 800000cb.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U\800000cb.@ [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1004\$ff24043d55f85ce9a20a8337d9b4b888\L --> REMOVED
[Del.Parent][FILE] 00000004.@ : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\L\00000004.@ [-] --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\$recycle.bin\S-1-5-21-966811989-3646494615-150306703-1017\$ff24043d55f85ce9a20a8337d9b4b888\L --> REMOVED

¤¤¤ Driver : [LOADED] ¤¤¤
_INLINE_ : NtClose -> HOOKED (\SystemRoot\system32\DRIVERS\css-dvp.sys @ 0xAC482B50)
_INLINE_ : NtCreateSection -> HOOKED (\SystemRoot\system32\DRIVERS\css-dvp.sys @ 0xAC482DBB)
_INLINE_ : NtSetInformationFile -> HOOKED (\SystemRoot\system32\DRIVERS\css-dvp.sys @ 0xAC482239)
_INLINE_ : NtWriteFile -> HOOKED (\SystemRoot\system32\DRIVERS\css-dvp.sys @ 0xAC481E85)

¤¤¤ Infection : ZeroAccess ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1637GSX +++++
--- User ---
[MBR] b003ca704bbb6aea195a11b4027a621b
[BSP] c39d26b2944779cb28c982f13ef7cac7 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 144145 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 295210440 | Size: 8479 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_04282013_02d0014.txt >>
RKreport[1]_S_04272013_02d2328.txt ; RKreport[2]_D_04282013_02d0014.txt



It also opened that webpage again, opened my documents folder, and added what appear to be shortcuts to my user and my computer on the desktop.
  • 0

Advertisements

#11
gringo_pr
Posted 27 April 2013 - 11:24 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nova11

you can just delete those folders if you do not want them I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#12
Nova11
Posted 28 April 2013 - 01:34 AM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I did that, and it switched me to the administrator account (except with the desktop background from the other one).

And now I can't get my Control Panel to open!

(Combofix was also extremely slow; the scan that "typically takes less than 10 minutes" took 40, and for some reason it got stuck on deleting a folder near the end.)

Here's the log

ComboFix 13-04-27.04 - Staples1077 04/28/2013 1:26.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.1014.261 [GMT -5:00]
Running from: c:\users\Dennis_2\Desktop\Combo.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\DRM\6405.tmp
c:\programdata\Microsoft\Windows\DRM\73B.tmp
c:\users\Staples1077\AppData\Roaming\Motive
c:\users\Staples1077\AppData\Roaming\Motive\att-nap\Events\eventxml.tmp
c:\users\Staples1077\AppData\Roaming\Motive\Report.xml
c:\windows\system32\AutoRun.inf
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-28 )))))))))))))))))))))))))))))))
.
.
2013-04-28 07:04 . 2013-04-28 07:04 -------- d-----w- c:\users\Johnny\AppData\Local\temp
2013-04-28 07:01 . 2013-04-28 07:01 -------- d-----w- c:\users\Elaine 2\AppData\Local\temp
2013-04-28 07:00 . 2013-04-28 07:00 -------- d-----w- c:\users\Elaine\AppData\Local\temp
2013-04-28 07:00 . 2013-04-28 07:00 -------- d-----w- c:\users\Dennis.Staples1077-PC\AppData\Local\temp
2013-04-28 06:58 . 2013-04-28 06:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-28 06:58 . 2013-04-28 06:58 -------- d-----w- c:\users\David 1\AppData\Local\temp
2013-04-28 06:58 . 2013-04-28 07:18 -------- d-----w- c:\users\Staples1077\AppData\Local\temp
2013-04-28 06:58 . 2013-04-28 06:58 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-04-28 04:27 . 2013-04-28 04:27 60872 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{759B9029-31A7-4A01-B648-5B5CEA776B92}\offreg.dll
2013-04-28 03:40 . 2013-04-28 03:40 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{759B9029-31A7-4A01-B648-5B5CEA776B92}\MpKsl9adc603d.sys
2013-04-27 17:56 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{759B9029-31A7-4A01-B648-5B5CEA776B92}\mpengine.dll
2013-04-26 16:39 . 2013-04-10 03:08 6906960 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-24 14:08 . 2013-04-24 13:58 706640 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8793329C-FC6C-4DF8-A1A8-FFB56A9EF30B}\gapaengine.dll
2013-04-24 12:58 . 2013-04-24 14:57 -------- d-----w- C:\_OTL
2013-04-10 17:05 . 2013-03-03 19:07 1082232 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 17:05 . 2013-03-11 13:25 3603816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-10 17:04 . 2013-03-11 13:25 3551080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 17:04 . 2013-03-09 01:28 64000 ----a-w- c:\windows\system32\smss.exe
2013-04-10 17:04 . 2013-03-09 03:45 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 17:04 . 2013-03-08 03:52 2067968 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 17:01 . 2013-03-08 03:53 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-04-10 17:01 . 2013-03-05 01:40 2049024 ----a-w- c:\windows\system32\win32k.sys
2013-03-30 01:51 . 2013-03-30 01:51 -------- d-----w- c:\users\Dennis_2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 10:33 . 2009-10-03 05:01 237088 ------w- c:\windows\system32\MpSigStub.exe
2013-02-12 01:57 . 2013-03-21 23:20 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-02-08 00:45 . 2013-03-16 03:46 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4EA3F1DF-E52A-405A-815F-6D88571EF261}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 4390912]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-04-24 176128]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 159744]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 472776]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 317128]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-03 148888]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-02 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-01-02 133656]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-08 44128]
.
c:\users\Staples1077\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - c:\program files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]
Event Planner Reminders Tray Icon.lnk - c:\sierra\Planner\PLNRnote.exe [2008-2-27 172032]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL9ADC603D
*NewlyCreated* - TRUESIGHT
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe
AddRemove-Dogpile Bundle Toolbar - c:\program files\Dogpile Bundle Toolbar\Uninst.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-28 02:18
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2013-04-28 02:23:54
ComboFix-quarantined-files.txt 2013-04-28 07:23
.
Pre-Run: 79,347,007,488 bytes free
Post-Run: 84,154,490,880 bytes free
.
- - End Of File - - 9D3738DDC5E88247532FB481B6F03DD4
  • 0

#13
Nova11
Posted 28 April 2013 - 01:41 AM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
After logging off and back on, the control panel does work after all. (And the desktop went back to normal on its own too.)
  • 0

#14
gringo_pr
Posted 28 April 2013 - 01:54 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Nova11


Because of what was removed I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#15
Nova11
Posted 28 April 2013 - 09:33 AM

Nova11

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
TDSSKiller report

10:26:25.0252 3900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:26:25.0861 3900 ============================================================
10:26:25.0861 3900 Current date / time: 2013/04/28 10:26:25.0861
10:26:25.0861 3900 SystemInfo:
10:26:25.0861 3900
10:26:25.0861 3900 OS Version: 6.0.6002 ServicePack: 2.0
10:26:25.0861 3900 Product type: Workstation
10:26:25.0861 3900 ComputerName: STAPLES1077-PC
10:26:25.0876 3900 UserName: Staples1077
10:26:25.0876 3900 Windows directory: C:\Windows
10:26:25.0876 3900 System windows directory: C:\Windows
10:26:25.0876 3900 Processor architecture: Intel x86
10:26:25.0876 3900 Number of processors: 2
10:26:25.0876 3900 Page size: 0x1000
10:26:25.0876 3900 Boot type: Normal boot
10:26:25.0876 3900 ============================================================
10:26:26.0766 3900 BG loaded
10:26:27.0561 3900 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:26:27.0561 3900 ============================================================
10:26:27.0561 3900 \Device\Harddisk0\DR0:
10:26:27.0561 3900 MBR partitions:
10:26:27.0561 3900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11988D89
10:26:27.0561 3900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11988DC8, BlocksNum 0x108FCF9
10:26:27.0561 3900 ============================================================
10:26:27.0577 3900 C: <-> \Device\Harddisk0\DR0\Partition1
10:26:27.0624 3900 D: <-> \Device\Harddisk0\DR0\Partition2
10:26:27.0624 3900 ============================================================
10:26:27.0624 3900 Initialize success
10:26:27.0624 3900 ============================================================
10:26:59.0838 2184 ============================================================
10:26:59.0838 2184 Scan started
10:26:59.0838 2184 Mode: Manual; SigCheck; TDLFS;
10:26:59.0838 2184 ============================================================
10:27:00.0134 2184 ================ Scan system memory ========================
10:27:00.0134 2184 System memory - ok
10:27:00.0134 2184 ================ Scan services =============================
10:27:00.0368 2184 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:27:00.0571 2184 ACPI - ok
10:27:00.0633 2184 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:27:00.0696 2184 adp94xx - ok
10:27:00.0758 2184 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:27:00.0789 2184 adpahci - ok
10:27:00.0820 2184 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:27:00.0836 2184 adpu160m - ok
10:27:00.0867 2184 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:27:00.0883 2184 adpu320 - ok
10:27:00.0930 2184 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:27:01.0086 2184 AeLookupSvc - ok
10:27:01.0164 2184 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
10:27:01.0273 2184 AFD - ok
10:27:01.0320 2184 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:27:01.0335 2184 agp440 - ok
10:27:01.0366 2184 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:27:01.0382 2184 aic78xx - ok
10:27:01.0429 2184 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
10:27:01.0569 2184 ALG - ok
10:27:01.0585 2184 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
10:27:01.0600 2184 aliide - ok
10:27:01.0647 2184 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:27:01.0678 2184 amdagp - ok
10:27:01.0710 2184 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
10:27:01.0725 2184 amdide - ok
10:27:01.0756 2184 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:27:01.0990 2184 AmdK7 - ok
10:27:02.0022 2184 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:27:02.0100 2184 AmdK8 - ok
10:27:02.0178 2184 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
10:27:02.0349 2184 Appinfo - ok
10:27:02.0380 2184 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
10:27:02.0412 2184 arc - ok
10:27:02.0427 2184 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:27:02.0443 2184 arcsas - ok
10:27:02.0505 2184 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:27:02.0568 2184 AsyncMac - ok
10:27:02.0599 2184 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
10:27:02.0614 2184 atapi - ok
10:27:02.0677 2184 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:27:02.0739 2184 AudioEndpointBuilder - ok
10:27:02.0755 2184 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:27:02.0786 2184 Audiosrv - ok
10:27:02.0833 2184 [ CF6A67C90951E3E763D2135DEDE44B85 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
10:27:02.0973 2184 BCM43XV - ok
10:27:03.0036 2184 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:27:03.0114 2184 Beep - ok
10:27:03.0176 2184 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
10:27:03.0285 2184 BFE - ok
10:27:03.0379 2184 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
10:27:03.0519 2184 BITS - ok
10:27:03.0535 2184 blbdrive - ok
10:27:03.0582 2184 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:27:03.0660 2184 bowser - ok
10:27:03.0722 2184 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:27:03.0769 2184 BrFiltLo - ok
10:27:03.0800 2184 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:27:03.0847 2184 BrFiltUp - ok
10:27:03.0894 2184 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
10:27:03.0987 2184 Browser - ok
10:27:04.0018 2184 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:27:04.0112 2184 Brserid - ok
10:27:04.0128 2184 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:27:04.0190 2184 BrSerWdm - ok
10:27:04.0237 2184 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:27:04.0315 2184 BrUsbMdm - ok
10:27:04.0330 2184 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:27:04.0408 2184 BrUsbSer - ok
10:27:04.0455 2184 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:27:04.0549 2184 BTHMODEM - ok
10:27:04.0642 2184 catchme - ok
10:27:04.0689 2184 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:27:04.0752 2184 cdfs - ok
10:27:04.0798 2184 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:27:04.0861 2184 cdrom - ok
10:27:04.0923 2184 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
10:27:04.0970 2184 CertPropSvc - ok
10:27:04.0986 2184 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
10:27:05.0064 2184 circlass - ok
10:27:05.0188 2184 [ DBAFC6734C054FEEF9087754BD80F847 ] CLCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
10:27:05.0329 2184 CLCapSvc ( UnsignedFile.Multi.Generic ) - warning
10:27:05.0329 2184 CLCapSvc - detected UnsignedFile.Multi.Generic (1)
10:27:05.0376 2184 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
10:27:05.0391 2184 CLFS - ok
10:27:05.0469 2184 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:27:05.0485 2184 clr_optimization_v2.0.50727_32 - ok
10:27:05.0578 2184 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:27:05.0656 2184 clr_optimization_v4.0.30319_32 - ok
10:27:05.0688 2184 [ E67F8F036FD882E4AB62501C0D45B536 ] CLSched C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
10:27:05.0828 2184 CLSched ( UnsignedFile.Multi.Generic ) - warning
10:27:05.0828 2184 CLSched - detected UnsignedFile.Multi.Generic (1)
10:27:05.0890 2184 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:27:05.0937 2184 CmBatt - ok
10:27:05.0984 2184 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:27:06.0000 2184 cmdide - ok
10:27:06.0031 2184 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:27:06.0046 2184 Compbatt - ok
10:27:06.0062 2184 COMSysApp - ok
10:27:06.0062 2184 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:27:06.0078 2184 crcdisk - ok
10:27:06.0109 2184 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:27:06.0171 2184 Crusoe - ok
10:27:06.0218 2184 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:27:06.0280 2184 CryptSvc - ok
10:27:06.0343 2184 [ 10D08460D2415B38D4179D91A6AE3A25 ] CSS DVP C:\Windows\system32\DRIVERS\css-dvp.sys
10:27:06.0452 2184 CSS DVP - ok
10:27:06.0514 2184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:27:06.0639 2184 DcomLaunch - ok
10:27:06.0686 2184 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:27:06.0748 2184 DfsC - ok
10:27:06.0904 2184 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
10:27:07.0107 2184 DFSR - ok
10:27:07.0216 2184 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:27:07.0310 2184 Dhcp - ok
10:27:07.0388 2184 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
10:27:07.0404 2184 disk - ok
10:27:07.0450 2184 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:27:07.0497 2184 Dnscache - ok
10:27:07.0528 2184 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:27:07.0575 2184 dot3svc - ok
10:27:07.0638 2184 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
10:27:07.0700 2184 DPS - ok
10:27:07.0794 2184 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:27:07.0856 2184 drmkaud - ok
10:27:07.0981 2184 [ 68C9A40EA00417DF63F541FD8DFA65A1 ] dvpapi C:\Program Files\Common Files\Command Software\dvpapi.exe
10:27:08.0090 2184 dvpapi ( UnsignedFile.Multi.Generic ) - warning
10:27:08.0090 2184 dvpapi - detected UnsignedFile.Multi.Generic (1)
10:27:08.0137 2184 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:27:08.0184 2184 DXGKrnl - ok
10:27:08.0230 2184 [ C0B00E55CF82D122D25983C7A6A53DEA ] E100B C:\Windows\system32\DRIVERS\e100b325.sys
10:27:08.0293 2184 E100B - ok
10:27:08.0324 2184 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:27:08.0418 2184 E1G60 - ok
10:27:08.0464 2184 [ E88B0CFCECF745211BBA87F44F85D0DD ] eabfiltr C:\Windows\system32\DRIVERS\eabfiltr.sys
10:27:08.0542 2184 eabfiltr - ok
10:27:08.0605 2184 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
10:27:08.0636 2184 EapHost - ok
10:27:08.0683 2184 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:27:08.0730 2184 Ecache - ok
10:27:08.0792 2184 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:27:08.0854 2184 ehRecvr - ok
10:27:08.0870 2184 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
10:27:08.0948 2184 ehSched - ok
10:27:08.0964 2184 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
10:27:08.0979 2184 ehstart - ok
10:27:09.0026 2184 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:27:09.0057 2184 elxstor - ok
10:27:09.0104 2184 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:27:09.0244 2184 EMDMgmt - ok
10:27:09.0291 2184 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
10:27:09.0369 2184 EventSystem - ok
10:27:09.0432 2184 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
10:27:09.0494 2184 exfat - ok
10:27:09.0525 2184 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:27:09.0572 2184 fastfat - ok
10:27:09.0603 2184 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:27:09.0666 2184 fdc - ok
10:27:09.0728 2184 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:27:09.0775 2184 fdPHost - ok
10:27:09.0806 2184 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:27:09.0900 2184 FDResPub - ok
10:27:09.0946 2184 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:27:09.0962 2184 FileInfo - ok
10:27:10.0009 2184 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:27:10.0071 2184 Filetrace - ok
10:27:10.0102 2184 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:27:10.0180 2184 flpydisk - ok
10:27:10.0212 2184 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:27:10.0258 2184 FltMgr - ok
10:27:10.0321 2184 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
10:27:10.0399 2184 FontCache - ok
10:27:10.0477 2184 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:27:10.0492 2184 FontCache3.0.0.0 - ok
10:27:10.0539 2184 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:27:10.0586 2184 Fs_Rec - ok
10:27:10.0617 2184 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:27:10.0633 2184 gagp30kx - ok
10:27:10.0742 2184 [ BE3EE56CB0313DE6C9DE83D0DBF16026 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
10:27:10.0758 2184 GameConsoleService - ok
10:27:10.0820 2184 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
10:27:10.0882 2184 gpsvc - ok
10:27:10.0898 2184 [ DE15777902A5D9121857D155873A1D1B ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
10:27:10.0960 2184 HBtnKey - ok
10:27:11.0023 2184 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:27:11.0085 2184 HdAudAddService - ok
10:27:11.0148 2184 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:27:11.0241 2184 HDAudBus - ok
10:27:11.0272 2184 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:27:11.0350 2184 HidBth - ok
10:27:11.0366 2184 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
10:27:11.0460 2184 HidIr - ok
10:27:11.0491 2184 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
10:27:11.0538 2184 hidserv - ok
10:27:11.0569 2184 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:27:11.0631 2184 HidUsb - ok
10:27:11.0678 2184 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:27:11.0740 2184 hkmsvc - ok
10:27:11.0850 2184 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:27:11.0865 2184 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
10:27:11.0865 2184 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
10:27:11.0912 2184 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:27:11.0928 2184 HpCISSs - ok
10:27:12.0006 2184 [ 38D6B51F04DEF7FB248FA56E4C47407E ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:27:12.0271 2184 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:27:12.0271 2184 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:27:12.0302 2184 [ 3EE4A63539EC04EE2D4BD293985087AB ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:27:12.0318 2184 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:27:12.0318 2184 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:27:12.0364 2184 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:27:12.0380 2184 hpqwmiex ( UnsignedFile.Multi.Generic ) - warning
10:27:12.0380 2184 hpqwmiex - detected UnsignedFile.Multi.Generic (1)
10:27:12.0427 2184 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:27:12.0489 2184 HSFHWAZL - ok
10:27:12.0536 2184 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:27:12.0754 2184 HSF_DPV - ok
10:27:12.0817 2184 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:27:12.0988 2184 HTTP - ok
10:27:13.0035 2184 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:27:13.0051 2184 i2omp - ok
10:27:13.0129 2184 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:27:13.0176 2184 i8042prt - ok
10:27:13.0238 2184 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
10:27:13.0285 2184 IAANTMON - ok
10:27:13.0441 2184 [ C134E69CE901422D1F2D7EA8D69098FE ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
10:27:13.0612 2184 ialm - ok
10:27:13.0659 2184 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:27:13.0675 2184 iaStor - ok
10:27:13.0722 2184 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:27:13.0737 2184 iaStorV - ok
10:27:13.0784 2184 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:27:13.0815 2184 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:27:13.0815 2184 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:27:13.0893 2184 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:27:13.0956 2184 idsvc - ok
10:27:14.0049 2184 [ C134E69CE901422D1F2D7EA8D69098FE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
10:27:14.0143 2184 igfx - ok
10:27:14.0205 2184 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:27:14.0236 2184 iirsp - ok
10:27:14.0283 2184 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
10:27:14.0361 2184 IKEEXT - ok
10:27:14.0470 2184 [ 8D7EB1FD498FD0A34C95A298685EC1C7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:27:14.0751 2184 IntcAzAudAddService - ok
10:27:14.0814 2184 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
10:27:14.0829 2184 intelide - ok
10:27:14.0923 2184 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:27:14.0970 2184 intelppm - ok
10:27:15.0016 2184 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:27:15.0063 2184 IPBusEnum - ok
10:27:15.0094 2184 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:27:15.0157 2184 IpFilterDriver - ok
10:27:15.0188 2184 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:27:15.0235 2184 iphlpsvc - ok
10:27:15.0235 2184 IpInIp - ok
10:27:15.0282 2184 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:27:15.0344 2184 IPMIDRV - ok
10:27:15.0391 2184 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:27:15.0453 2184 IPNAT - ok
10:27:15.0500 2184 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:27:15.0531 2184 IRENUM - ok
10:27:15.0562 2184 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:27:15.0578 2184 isapnp - ok
10:27:15.0609 2184 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:27:15.0640 2184 iScsiPrt - ok
10:27:15.0640 2184 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:27:15.0672 2184 iteatapi - ok
10:27:15.0703 2184 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:27:15.0718 2184 iteraid - ok
10:27:15.0765 2184 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:27:15.0781 2184 kbdclass - ok
10:27:15.0812 2184 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:27:15.0890 2184 kbdhid - ok
10:27:15.0906 2184 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
10:27:15.0968 2184 KeyIso - ok
10:27:16.0030 2184 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:27:16.0062 2184 KSecDD - ok
10:27:16.0124 2184 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:27:16.0202 2184 KtmRm - ok
10:27:16.0233 2184 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
10:27:16.0327 2184 LanmanServer - ok
10:27:16.0389 2184 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:27:16.0436 2184 LanmanWorkstation - ok
10:27:16.0498 2184 [ 559C9B7800FAC92FC515CD0003D7C631 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:27:16.0514 2184 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
10:27:16.0514 2184 LightScribeService - detected UnsignedFile.Multi.Generic (1)
10:27:16.0561 2184 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:27:16.0608 2184 lltdio - ok
10:27:16.0654 2184 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:27:16.0717 2184 lltdsvc - ok
10:27:16.0748 2184 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:27:16.0826 2184 lmhosts - ok
10:27:16.0857 2184 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:27:16.0873 2184 LSI_FC - ok
10:27:16.0904 2184 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:27:16.0920 2184 LSI_SAS - ok
10:27:16.0951 2184 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:27:16.0966 2184 LSI_SCSI - ok
10:27:17.0013 2184 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
10:27:17.0076 2184 luafv - ok
10:27:17.0138 2184 [ 4F74184920B2D6E33024409B4C5C57C1 ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
10:27:17.0169 2184 McciCMService ( UnsignedFile.Multi.Generic ) - warning
10:27:17.0169 2184 McciCMService - detected UnsignedFile.Multi.Generic (1)
10:27:17.0200 2184 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:27:17.0232 2184 Mcx2Svc - ok
10:27:17.0278 2184 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
10:27:17.0294 2184 megasas - ok
10:27:17.0341 2184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:27:17.0372 2184 MMCSS - ok
10:27:17.0419 2184 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
10:27:17.0466 2184 Modem - ok
10:27:17.0512 2184 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:27:17.0559 2184 monitor - ok
10:27:17.0606 2184 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:27:17.0637 2184 mouclass - ok
10:27:17.0653 2184 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:27:17.0700 2184 mouhid - ok
10:27:17.0731 2184 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:27:17.0746 2184 MountMgr - ok
10:27:17.0793 2184 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:27:17.0824 2184 MpFilter - ok
10:27:17.0871 2184 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
10:27:17.0887 2184 mpio - ok
10:27:18.0012 2184 [ A69630D039C38018689190234F866D77 ] MpKsla4efdb36 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\MpKsla4efdb36.sys
10:27:18.0027 2184 MpKsla4efdb36 - ok
10:27:18.0074 2184 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:27:18.0105 2184 mpsdrv - ok
10:27:18.0152 2184 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
10:27:18.0214 2184 MpsSvc - ok
10:27:18.0261 2184 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:27:18.0277 2184 Mraid35x - ok
10:27:18.0324 2184 [ 80B2EC735495823AE5771A5F603E73BD ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
10:27:18.0417 2184 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
10:27:18.0417 2184 MREMP50 - detected UnsignedFile.Multi.Generic (1)
10:27:18.0433 2184 MREMP50a64 - ok
10:27:18.0464 2184 [ 37D7C22F7E26DA90E2D2D260E5D27846 ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
10:27:18.0542 2184 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
10:27:18.0542 2184 MRESP50 - detected UnsignedFile.Multi.Generic (1)
10:27:18.0542 2184 MRESP50a64 - ok
10:27:18.0573 2184 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:27:18.0604 2184 MRxDAV - ok
10:27:18.0651 2184 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:27:18.0682 2184 mrxsmb - ok
10:27:18.0714 2184 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:27:18.0745 2184 mrxsmb10 - ok
10:27:18.0760 2184 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:27:18.0792 2184 mrxsmb20 - ok
10:27:18.0838 2184 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
10:27:18.0854 2184 msahci - ok
10:27:18.0870 2184 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:27:18.0885 2184 msdsm - ok
10:27:18.0948 2184 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
10:27:19.0010 2184 MSDTC - ok
10:27:19.0072 2184 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:27:19.0119 2184 Msfs - ok
10:27:19.0182 2184 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:27:19.0197 2184 msisadrv - ok
10:27:19.0228 2184 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:27:19.0291 2184 MSiSCSI - ok
10:27:19.0291 2184 msiserver - ok
10:27:19.0353 2184 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:27:19.0400 2184 MSKSSRV - ok
10:27:19.0447 2184 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:27:19.0462 2184 MsMpSvc - ok
10:27:19.0509 2184 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:27:19.0572 2184 MSPCLOCK - ok
10:27:19.0587 2184 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:27:19.0650 2184 MSPQM - ok
10:27:19.0681 2184 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:27:19.0696 2184 MsRPC - ok
10:27:19.0759 2184 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:27:19.0774 2184 mssmbios - ok
10:27:19.0806 2184 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:27:19.0837 2184 MSTEE - ok
10:27:19.0884 2184 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
10:27:19.0899 2184 Mup - ok
10:27:19.0946 2184 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
10:27:19.0993 2184 napagent - ok
10:27:20.0055 2184 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:27:20.0086 2184 NativeWifiP - ok
10:27:20.0133 2184 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:27:20.0180 2184 NDIS - ok
10:27:20.0242 2184 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:27:20.0258 2184 NdisTapi - ok
10:27:20.0305 2184 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:27:20.0352 2184 Ndisuio - ok
10:27:20.0383 2184 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:27:20.0430 2184 NdisWan - ok
10:27:20.0476 2184 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:27:20.0508 2184 NDProxy - ok
10:27:20.0539 2184 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:27:20.0570 2184 NetBIOS - ok
10:27:20.0601 2184 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:27:20.0648 2184 netbt - ok
10:27:20.0679 2184 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
10:27:20.0695 2184 Netlogon - ok
10:27:20.0742 2184 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
10:27:20.0804 2184 Netman - ok
10:27:20.0851 2184 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
10:27:20.0913 2184 netprofm - ok
10:27:20.0944 2184 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:27:20.0960 2184 NetTcpPortSharing - ok
10:27:21.0054 2184 [ A15F219208843A5A210C8CB391384453 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
10:27:21.0225 2184 NETw3v32 - ok
10:27:21.0319 2184 [ 1D73499A6664B4DA05D750FF83FDB274 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
10:27:21.0506 2184 NETw4v32 - ok
10:27:21.0568 2184 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:27:21.0584 2184 nfrd960 - ok
10:27:21.0646 2184 [ 832E098BCA8235436FE2D8AE50AC3718 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:27:21.0662 2184 NisDrv - ok
10:27:21.0865 2184 [ E570ECA850F30EB740C2E9699DF3D2BD ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:27:21.0943 2184 NisSrv - ok
10:27:21.0990 2184 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:27:22.0068 2184 NlaSvc - ok
10:27:22.0114 2184 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:27:22.0177 2184 Npfs - ok
10:27:22.0224 2184 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
10:27:22.0270 2184 nsi - ok
10:27:22.0333 2184 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:27:22.0395 2184 nsiproxy - ok
10:27:22.0489 2184 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:27:22.0598 2184 Ntfs - ok
10:27:22.0645 2184 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:27:22.0723 2184 ntrigdigi - ok
10:27:22.0754 2184 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
10:27:22.0801 2184 Null - ok
10:27:22.0832 2184 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:27:22.0848 2184 nvraid - ok
10:27:22.0863 2184 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:27:22.0879 2184 nvstor - ok
10:27:22.0910 2184 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:27:22.0926 2184 nv_agp - ok
10:27:22.0926 2184 NwlnkFlt - ok
10:27:22.0941 2184 NwlnkFwd - ok
10:27:23.0050 2184 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:27:23.0082 2184 odserv - ok
10:27:23.0144 2184 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:27:23.0175 2184 ohci1394 - ok
10:27:23.0238 2184 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:27:23.0253 2184 ose - ok
10:27:23.0316 2184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:27:23.0487 2184 p2pimsvc - ok
10:27:23.0503 2184 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
10:27:23.0581 2184 p2psvc - ok
10:27:23.0612 2184 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
10:27:23.0674 2184 Parport - ok
10:27:23.0706 2184 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:27:23.0721 2184 partmgr - ok
10:27:23.0752 2184 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:27:23.0799 2184 Parvdm - ok
10:27:23.0862 2184 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
10:27:23.0924 2184 PcaSvc - ok
10:27:23.0971 2184 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
10:27:23.0986 2184 pci - ok
10:27:24.0033 2184 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\DRIVERS\pciide.sys
10:27:24.0049 2184 pciide - ok
10:27:24.0096 2184 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:27:24.0127 2184 pcmcia - ok
10:27:24.0189 2184 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:27:24.0314 2184 PEAUTH - ok
10:27:24.0408 2184 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
10:27:24.0548 2184 pla - ok
10:27:24.0595 2184 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:27:24.0626 2184 PlugPlay - ok
10:27:24.0657 2184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:27:24.0813 2184 PNRPAutoReg - ok
10:27:24.0829 2184 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:27:24.0969 2184 PNRPsvc - ok
10:27:25.0047 2184 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:27:25.0141 2184 PolicyAgent - ok
10:27:25.0203 2184 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:27:25.0250 2184 PptpMiniport - ok
10:27:25.0281 2184 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
10:27:25.0359 2184 Processor - ok
10:27:25.0406 2184 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
10:27:25.0437 2184 ProfSvc - ok
10:27:25.0468 2184 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:27:25.0484 2184 ProtectedStorage - ok
10:27:25.0531 2184 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:27:25.0593 2184 PSched - ok
10:27:25.0609 2184 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
10:27:25.0624 2184 PxHelp20 - ok
10:27:25.0687 2184 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:27:25.0749 2184 ql2300 - ok
10:27:25.0765 2184 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:27:25.0796 2184 ql40xx - ok
10:27:25.0843 2184 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
10:27:25.0905 2184 QWAVE - ok
10:27:25.0952 2184 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:27:25.0983 2184 QWAVEdrv - ok
10:27:26.0030 2184 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:27:26.0061 2184 RasAcd - ok
10:27:26.0108 2184 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
10:27:26.0170 2184 RasAuto - ok
10:27:26.0217 2184 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:27:26.0248 2184 Rasl2tp - ok
10:27:26.0280 2184 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
10:27:26.0326 2184 RasMan - ok
10:27:26.0358 2184 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:27:26.0389 2184 RasPppoe - ok
10:27:26.0404 2184 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:27:26.0436 2184 RasSstp - ok
10:27:26.0482 2184 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:27:26.0529 2184 rdbss - ok
10:27:26.0576 2184 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:27:26.0623 2184 RDPCDD - ok
10:27:26.0685 2184 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:27:26.0841 2184 rdpdr - ok
10:27:26.0872 2184 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:27:26.0919 2184 RDPENCDD - ok
10:27:26.0982 2184 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:27:27.0028 2184 RDPWD - ok
10:27:27.0091 2184 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:27:27.0138 2184 RemoteAccess - ok
10:27:27.0184 2184 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:27:27.0247 2184 RemoteRegistry - ok
10:27:27.0278 2184 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
10:27:27.0325 2184 rimmptsk - ok
10:27:27.0356 2184 [ A4216C71DD4F60B26418CCFD99CD0815 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
10:27:27.0403 2184 rimsptsk - ok
10:27:27.0434 2184 [ C663AF77E2F4EABF8EB08B388D2F1F36 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
10:27:27.0481 2184 rismxdp - ok
10:27:27.0543 2184 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
10:27:27.0590 2184 RMCAST - ok
10:27:27.0730 2184 [ 08FB7D968805001C7ADCBB14B0651FA2 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
10:27:28.0042 2184 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - warning
10:27:28.0042 2184 RoxMediaDB9 - detected UnsignedFile.Multi.Generic (1)
10:27:28.0074 2184 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
10:27:28.0136 2184 RpcLocator - ok
10:27:28.0183 2184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
10:27:28.0261 2184 RpcSs - ok
10:27:28.0308 2184 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:27:28.0354 2184 rspndr - ok
10:27:28.0417 2184 [ 71B7026D61293C1E91145BDAD11C53BF ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
10:27:28.0464 2184 RTL8169 - ok
10:27:28.0479 2184 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
10:27:28.0510 2184 SamSs - ok
10:27:28.0542 2184 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:27:28.0557 2184 sbp2port - ok
10:27:28.0604 2184 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:27:28.0666 2184 SCardSvr - ok
10:27:28.0729 2184 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
10:27:28.0885 2184 Schedule - ok
10:27:28.0947 2184 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:27:28.0978 2184 SCPolicySvc - ok
10:27:29.0025 2184 [ 8F36B54688C31EED4580129040C6A3D3 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:27:29.0056 2184 sdbus - ok
10:27:29.0119 2184 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:27:29.0197 2184 SDRSVC - ok
10:27:29.0228 2184 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:27:29.0322 2184 secdrv - ok
10:27:29.0368 2184 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
10:27:29.0431 2184 seclogon - ok
10:27:29.0446 2184 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
10:27:29.0493 2184 SENS - ok
10:27:29.0524 2184 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:27:29.0571 2184 Serenum - ok
10:27:29.0602 2184 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
10:27:29.0665 2184 Serial - ok
10:27:29.0680 2184 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:27:29.0727 2184 sermouse - ok
10:27:29.0774 2184 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
10:27:29.0821 2184 SessionEnv - ok
10:27:29.0852 2184 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:27:29.0930 2184 sffdisk - ok
10:27:29.0946 2184 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:27:30.0008 2184 sffp_mmc - ok
10:27:30.0024 2184 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:27:30.0086 2184 sffp_sd - ok
10:27:30.0102 2184 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:27:30.0180 2184 sfloppy - ok
10:27:30.0211 2184 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:27:30.0258 2184 SharedAccess - ok
10:27:30.0289 2184 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:27:30.0351 2184 ShellHWDetection - ok
10:27:30.0382 2184 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:27:30.0398 2184 sisagp - ok
10:27:30.0414 2184 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:27:30.0429 2184 SiSRaid2 - ok
10:27:30.0445 2184 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:27:30.0476 2184 SiSRaid4 - ok
10:27:30.0616 2184 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
10:27:30.0960 2184 slsvc - ok
10:27:30.0991 2184 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:27:31.0022 2184 SLUINotify - ok
10:27:31.0053 2184 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:27:31.0069 2184 Smb - ok
10:27:31.0147 2184 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys
10:27:31.0303 2184 smserial - ok
10:27:31.0350 2184 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:27:31.0365 2184 SNMPTRAP - ok
10:27:31.0412 2184 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
10:27:31.0428 2184 spldr - ok
10:27:31.0459 2184 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
10:27:31.0537 2184 Spooler - ok
10:27:31.0568 2184 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:27:31.0630 2184 srv - ok
10:27:31.0677 2184 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:27:31.0740 2184 srv2 - ok
10:27:31.0771 2184 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:27:31.0818 2184 srvnet - ok
10:27:31.0849 2184 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:27:31.0896 2184 SSDPSRV - ok
10:27:31.0942 2184 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:27:31.0989 2184 SstpSvc - ok
10:27:32.0036 2184 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
10:27:32.0114 2184 stisvc - ok
10:27:32.0208 2184 [ A9A23C8AF361F7A93FD632E91A8C346F ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:27:32.0317 2184 stllssvr - ok
10:27:32.0332 2184 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:27:32.0348 2184 swenum - ok
10:27:32.0395 2184 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
10:27:32.0442 2184 swprv - ok
10:27:32.0488 2184 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:27:32.0504 2184 Symc8xx - ok
10:27:32.0535 2184 [ 36C15C5F64E6DA17BA42DB833C813AF9 ] SymIMMP C:\Windows\system32\DRIVERS\SymIM.sys
10:27:32.0551 2184 SymIMMP - ok
10:27:32.0566 2184 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:27:32.0582 2184 Sym_hi - ok
10:27:32.0582 2184 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:27:32.0613 2184 Sym_u3 - ok
10:27:32.0660 2184 [ 8327106D1C93E9A7B98E63B9FCC24BB7 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:27:32.0676 2184 SynTP - ok
10:27:32.0707 2184 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
10:27:32.0800 2184 SysMain - ok
10:27:32.0847 2184 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:27:32.0910 2184 TabletInputService - ok
10:27:32.0956 2184 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:27:32.0988 2184 TapiSrv - ok
10:27:33.0034 2184 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
10:27:33.0097 2184 TBS - ok
10:27:33.0175 2184 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:27:33.0253 2184 Tcpip - ok
10:27:33.0268 2184 [ 3535CD93F944C00F098E73E12EE7FEB6 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:27:33.0331 2184 Tcpip6 - ok
10:27:33.0378 2184 [ CD21572F83F7EC6E2C20C465967BEDD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:27:33.0424 2184 tcpipreg - ok
10:27:33.0471 2184 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:27:33.0534 2184 TDPIPE - ok
10:27:33.0549 2184 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:27:33.0580 2184 TDTCP - ok
10:27:33.0627 2184 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:27:33.0658 2184 tdx - ok
10:27:33.0690 2184 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:27:33.0721 2184 TermDD - ok
10:27:33.0736 2184 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
10:27:33.0799 2184 TermService - ok
10:27:33.0846 2184 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
10:27:33.0861 2184 Themes - ok
10:27:33.0877 2184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
10:27:33.0924 2184 THREADORDER - ok
10:27:33.0970 2184 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
10:27:34.0017 2184 TrkWks - ok
10:27:34.0080 2184 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:27:34.0126 2184 TrustedInstaller - ok
10:27:34.0173 2184 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:27:34.0204 2184 tssecsrv - ok
10:27:34.0267 2184 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:27:34.0329 2184 tunmp - ok
10:27:34.0360 2184 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:27:34.0407 2184 tunnel - ok
10:27:34.0438 2184 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:27:34.0454 2184 uagp35 - ok
10:27:34.0485 2184 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:27:34.0532 2184 udfs - ok
10:27:34.0579 2184 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:27:34.0626 2184 UI0Detect - ok
10:27:34.0641 2184 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:27:34.0657 2184 uliagpkx - ok
10:27:34.0688 2184 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:27:34.0704 2184 uliahci - ok
10:27:34.0719 2184 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:27:34.0750 2184 UlSata - ok
10:27:34.0766 2184 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:27:34.0782 2184 ulsata2 - ok
10:27:34.0828 2184 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:27:34.0875 2184 umbus - ok
10:27:34.0938 2184 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
10:27:35.0000 2184 upnphost - ok
10:27:35.0062 2184 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:27:35.0109 2184 usbccgp - ok
10:27:35.0140 2184 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:27:35.0203 2184 usbcir - ok
10:27:35.0234 2184 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:27:35.0265 2184 usbehci - ok
10:27:35.0296 2184 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:27:35.0328 2184 usbhub - ok
10:27:35.0359 2184 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:27:35.0421 2184 usbohci - ok
10:27:35.0452 2184 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:27:35.0499 2184 usbprint - ok
10:27:35.0546 2184 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:27:35.0593 2184 USBSTOR - ok
10:27:35.0671 2184 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:27:35.0702 2184 usbuhci - ok
10:27:35.0764 2184 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:27:35.0811 2184 usbvideo - ok
10:27:35.0858 2184 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
10:27:35.0889 2184 UxSms - ok
10:27:35.0905 2184 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
10:27:36.0014 2184 vds - ok
10:27:36.0076 2184 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:27:36.0139 2184 vga - ok
10:27:36.0170 2184 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
10:27:36.0201 2184 VgaSave - ok
10:27:36.0232 2184 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:27:36.0248 2184 viaagp - ok
10:27:36.0264 2184 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:27:36.0326 2184 ViaC7 - ok
10:27:36.0342 2184 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
10:27:36.0357 2184 viaide - ok
10:27:36.0388 2184 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:27:36.0404 2184 volmgr - ok
10:27:36.0451 2184 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:27:36.0466 2184 volmgrx - ok
10:27:36.0560 2184 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:27:36.0607 2184 volsnap - ok
10:27:36.0654 2184 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:27:36.0685 2184 vsmraid - ok
10:27:36.0903 2184 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
10:27:37.0028 2184 VSS - ok
10:27:37.0075 2184 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
10:27:37.0122 2184 W32Time - ok
10:27:37.0168 2184 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:27:37.0231 2184 WacomPen - ok
10:27:37.0262 2184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:27:37.0293 2184 Wanarp - ok
10:27:37.0309 2184 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:27:37.0324 2184 Wanarpv6 - ok
10:27:37.0356 2184 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:27:37.0402 2184 wcncsvc - ok
10:27:37.0449 2184 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:27:37.0496 2184 WcsPlugInService - ok
10:27:37.0527 2184 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
10:27:37.0543 2184 Wd - ok
10:27:37.0590 2184 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:27:37.0668 2184 Wdf01000 - ok
10:27:37.0714 2184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:27:37.0777 2184 WdiServiceHost - ok
10:27:37.0792 2184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:27:37.0824 2184 WdiSystemHost - ok
10:27:37.0855 2184 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
10:27:37.0902 2184 WebClient - ok
10:27:37.0948 2184 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:27:38.0042 2184 Wecsvc - ok
10:27:38.0089 2184 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:27:38.0136 2184 wercplsupport - ok
10:27:38.0182 2184 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
10:27:38.0214 2184 WerSvc - ok
10:27:38.0276 2184 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:27:38.0385 2184 winachsf - ok
10:27:38.0463 2184 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:27:38.0494 2184 WinDefend - ok
10:27:38.0494 2184 WinHttpAutoProxySvc - ok
10:27:38.0572 2184 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:27:38.0619 2184 Winmgmt - ok
10:27:38.0697 2184 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
10:27:38.0838 2184 WinRM - ok
10:27:38.0916 2184 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:27:39.0009 2184 Wlansvc - ok
10:27:39.0072 2184 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:27:39.0118 2184 WmiAcpi - ok
10:27:39.0165 2184 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:27:39.0212 2184 wmiApSrv - ok
10:27:39.0306 2184 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:27:39.0462 2184 WMPNetworkSvc - ok
10:27:39.0508 2184 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:27:39.0602 2184 WPCSvc - ok
10:27:39.0649 2184 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:27:39.0727 2184 WPDBusEnum - ok
10:27:39.0852 2184 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:27:39.0898 2184 WPFFontCache_v0400 - ok
10:27:39.0945 2184 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:27:39.0992 2184 ws2ifsl - ok
10:27:40.0039 2184 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
10:27:40.0070 2184 wscsvc - ok
10:27:40.0070 2184 WSearch - ok
10:27:40.0195 2184 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:27:40.0320 2184 wuauserv - ok
10:27:40.0366 2184 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:27:40.0444 2184 WudfPf - ok
10:27:40.0476 2184 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:27:40.0522 2184 WUDFRd - ok
10:27:40.0569 2184 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:27:40.0585 2184 wudfsvc - ok
10:27:40.0616 2184 ================ Scan global ===============================
10:27:40.0663 2184 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:27:40.0710 2184 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:27:40.0725 2184 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:27:40.0772 2184 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:27:40.0788 2184 [Global] - ok
10:27:40.0788 2184 ================ Scan MBR ==================================
10:27:40.0803 2184 [ 1A1A06F62E891045814007163C1C76C3 ] \Device\Harddisk0\DR0
10:27:41.0349 2184 \Device\Harddisk0\DR0 - ok
10:27:41.0349 2184 ================ Scan VBR ==================================
10:27:41.0349 2184 [ 99F42A9E03952EA6847FF1D5CCAD9E8D ] \Device\Harddisk0\DR0\Partition1
10:27:41.0349 2184 \Device\Harddisk0\DR0\Partition1 - ok
10:27:41.0365 2184 [ 6BB7E5C46A5B53D1AEC0A961527530AD ] \Device\Harddisk0\DR0\Partition2
10:27:41.0365 2184 \Device\Harddisk0\DR0\Partition2 - ok
10:27:41.0365 2184 ================ Scan active images ========================
10:27:41.0365 2184 [ 36975327EF03949CC378AB01E316B574 ] C:\Windows\System32\drivers\crashdmp.sys
10:27:41.0365 2184 C:\Windows\System32\drivers\crashdmp.sys - ok
10:27:41.0365 2184 [ FD7F9D74C2B35DBDA400804A3F5ED5D8 ] C:\Windows\System32\drivers\iaStor.sys
10:27:41.0365 2184 C:\Windows\System32\drivers\iaStor.sys - ok
10:27:41.0380 2184 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\Windows\System32\drivers\tunnel.sys
10:27:41.0380 2184 C:\Windows\System32\drivers\tunnel.sys - ok
10:27:41.0380 2184 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\Windows\System32\drivers\CmBatt.sys
10:27:41.0380 2184 C:\Windows\System32\drivers\CmBatt.sys - ok
10:27:41.0396 2184 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\Windows\System32\drivers\TUNMP.SYS
10:27:41.0396 2184 C:\Windows\System32\drivers\TUNMP.SYS - ok
10:27:41.0396 2184 [ 224191001E78C89DFA78924C3EA595FF ] C:\Windows\System32\drivers\intelppm.sys
10:27:41.0396 2184 C:\Windows\System32\drivers\intelppm.sys - ok
10:27:41.0412 2184 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\Windows\System32\drivers\wmiacpi.sys
10:27:41.0412 2184 C:\Windows\System32\drivers\wmiacpi.sys - ok
10:27:41.0412 2184 [ C134E69CE901422D1F2D7EA8D69098FE ] C:\Windows\System32\drivers\igdkmd32.sys
10:27:41.0412 2184 C:\Windows\System32\drivers\igdkmd32.sys - ok
10:27:41.0427 2184 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] C:\Windows\System32\drivers\dxgkrnl.sys
10:27:41.0427 2184 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:27:41.0427 2184 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\Windows\System32\drivers\watchdog.sys
10:27:41.0427 2184 C:\Windows\System32\drivers\watchdog.sys - ok
10:27:41.0427 2184 [ A1C100A87D981AD0774FBC0B4B82E913 ] C:\Windows\System32\drivers\usbport.sys
10:27:41.0427 2184 C:\Windows\System32\drivers\usbport.sys - ok
10:27:41.0443 2184 [ 814D653EFC4D48BE3B04A307ECEFF56F ] C:\Windows\System32\drivers\usbuhci.sys
10:27:41.0443 2184 C:\Windows\System32\drivers\usbuhci.sys - ok
10:27:41.0443 2184 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] C:\Windows\System32\drivers\usbehci.sys
10:27:41.0443 2184 C:\Windows\System32\drivers\usbehci.sys - ok
10:27:41.0458 2184 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\Windows\System32\drivers\hdaudbus.sys
10:27:41.0458 2184 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:27:41.0458 2184 [ 1D73499A6664B4DA05D750FF83FDB274 ] C:\Windows\System32\drivers\NETw4v32.sys
10:27:41.0458 2184 C:\Windows\System32\drivers\NETw4v32.sys - ok
10:27:41.0474 2184 [ 71B7026D61293C1E91145BDAD11C53BF ] C:\Windows\System32\drivers\Rtlh86.sys
10:27:41.0474 2184 C:\Windows\System32\drivers\Rtlh86.sys - ok
10:27:41.0474 2184 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\Windows\System32\drivers\1394bus.sys
10:27:41.0474 2184 C:\Windows\System32\drivers\1394bus.sys - ok
10:27:41.0474 2184 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\Windows\System32\drivers\ohci1394.sys
10:27:41.0490 2184 C:\Windows\System32\drivers\ohci1394.sys - ok
10:27:41.0490 2184 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] C:\Windows\System32\drivers\rimmptsk.sys
10:27:41.0490 2184 C:\Windows\System32\drivers\rimmptsk.sys - ok
10:27:41.0490 2184 [ 8F36B54688C31EED4580129040C6A3D3 ] C:\Windows\System32\drivers\sdbus.sys
10:27:41.0490 2184 C:\Windows\System32\drivers\sdbus.sys - ok
10:27:41.0505 2184 [ A4216C71DD4F60B26418CCFD99CD0815 ] C:\Windows\System32\drivers\rimsptsk.sys
10:27:41.0505 2184 C:\Windows\System32\drivers\rimsptsk.sys - ok
10:27:41.0505 2184 [ C663AF77E2F4EABF8EB08B388D2F1F36 ] C:\Windows\System32\drivers\rixdptsk.sys
10:27:41.0505 2184 C:\Windows\System32\drivers\rixdptsk.sys - ok
10:27:41.0521 2184 [ DE15777902A5D9121857D155873A1D1B ] C:\Windows\System32\drivers\CPQBttn.sys
10:27:41.0521 2184 C:\Windows\System32\drivers\CPQBttn.sys - ok
10:27:41.0521 2184 [ 5961CADB7CAD938368D2028725EF771D ] C:\Windows\System32\drivers\hidclass.sys
10:27:41.0521 2184 C:\Windows\System32\drivers\hidclass.sys - ok
10:27:41.0536 2184 [ 175444D3A01CA45D0E1C5DC5F48DF7CD ] C:\Windows\System32\drivers\hidparse.sys
10:27:41.0536 2184 C:\Windows\System32\drivers\hidparse.sys - ok
10:27:41.0536 2184 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\Windows\System32\drivers\i8042prt.sys
10:27:41.0536 2184 C:\Windows\System32\drivers\i8042prt.sys - ok
10:27:41.0552 2184 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\Windows\System32\drivers\kbdclass.sys
10:27:41.0552 2184 C:\Windows\System32\drivers\kbdclass.sys - ok
10:27:41.0552 2184 [ 8327106D1C93E9A7B98E63B9FCC24BB7 ] C:\Windows\System32\drivers\SynTP.sys
10:27:41.0552 2184 C:\Windows\System32\drivers\SynTP.sys - ok
10:27:41.0552 2184 [ 790FDAC6D0C762DF9047C3C625A6FF6C ] C:\Windows\System32\drivers\usbd.sys
10:27:41.0568 2184 C:\Windows\System32\drivers\usbd.sys - ok
10:27:41.0568 2184 [ 5BF6A1326A335C5298477754A506D263 ] C:\Windows\System32\drivers\mouclass.sys
10:27:41.0568 2184 C:\Windows\System32\drivers\mouclass.sys - ok
10:27:41.0568 2184 [ 6B4BFFB9BECD728097024276430DB314 ] C:\Windows\System32\drivers\cdrom.sys
10:27:41.0568 2184 C:\Windows\System32\drivers\cdrom.sys - ok
10:27:41.0583 2184 [ 232FA340531D940AAC623B121A595034 ] C:\Windows\System32\drivers\msiscsi.sys
10:27:41.0583 2184 C:\Windows\System32\drivers\msiscsi.sys - ok
10:27:41.0583 2184 [ 47E55AFE1ED1D5AFF09690DB226F4A7A ] C:\Windows\System32\drivers\Storport.sys
10:27:41.0583 2184 C:\Windows\System32\drivers\Storport.sys - ok
10:27:41.0599 2184 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\Windows\System32\drivers\tdi.sys
10:27:41.0599 2184 C:\Windows\System32\drivers\tdi.sys - ok
10:27:41.0599 2184 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\Windows\System32\drivers\rasl2tp.sys
10:27:41.0599 2184 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:27:41.0614 2184 [ 0E186E90404980569FB449BA7519AE61 ] C:\Windows\System32\drivers\ndistapi.sys
10:27:41.0614 2184 C:\Windows\System32\drivers\ndistapi.sys - ok
10:27:41.0614 2184 [ 818F648618AE34F729FDB47EC68345C3 ] C:\Windows\System32\drivers\ndiswan.sys
10:27:41.0614 2184 C:\Windows\System32\drivers\ndiswan.sys - ok
10:27:41.0630 2184 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\Windows\System32\drivers\raspppoe.sys
10:27:41.0630 2184 C:\Windows\System32\drivers\raspppoe.sys - ok
10:27:41.0630 2184 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\Windows\System32\drivers\raspptp.sys
10:27:41.0630 2184 C:\Windows\System32\drivers\raspptp.sys - ok
10:27:41.0630 2184 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\Windows\System32\drivers\rassstp.sys
10:27:41.0630 2184 C:\Windows\System32\drivers\rassstp.sys - ok
10:27:41.0646 2184 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\Windows\System32\drivers\termdd.sys
10:27:41.0646 2184 C:\Windows\System32\drivers\termdd.sys - ok
10:27:41.0646 2184 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\Windows\System32\drivers\ks.sys
10:27:41.0646 2184 C:\Windows\System32\drivers\ks.sys - ok
10:27:41.0661 2184 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\Windows\System32\drivers\swenum.sys
10:27:41.0661 2184 C:\Windows\System32\drivers\swenum.sys - ok
10:27:41.0661 2184 [ E384487CB84BE41D09711C30CA79646C ] C:\Windows\System32\drivers\mssmbios.sys
10:27:41.0661 2184 C:\Windows\System32\drivers\mssmbios.sys - ok
10:27:41.0677 2184 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\Windows\System32\drivers\umbus.sys
10:27:41.0677 2184 C:\Windows\System32\drivers\umbus.sys - ok
10:27:41.0677 2184 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] C:\Windows\System32\drivers\usbhub.sys
10:27:41.0677 2184 C:\Windows\System32\drivers\usbhub.sys - ok
10:27:41.0692 2184 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\Windows\System32\drivers\kbdhid.sys
10:27:41.0692 2184 C:\Windows\System32\drivers\kbdhid.sys - ok
10:27:41.0692 2184 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\Windows\System32\drivers\ndproxy.sys
10:27:41.0692 2184 C:\Windows\System32\drivers\ndproxy.sys - ok
10:27:41.0692 2184 [ 7BE5A3C671A2CB56E94403BFC2020A0D ] C:\Windows\System32\drivers\drmk.sys
10:27:41.0692 2184 C:\Windows\System32\drivers\drmk.sys - ok
10:27:41.0708 2184 [ 218286724EC530FF252648369E05B090 ] C:\Windows\System32\drivers\portcls.sys
10:27:41.0708 2184 C:\Windows\System32\drivers\portcls.sys - ok
10:27:41.0708 2184 [ 8D7EB1FD498FD0A34C95A298685EC1C7 ] C:\Windows\System32\drivers\RTKVHDA.sys
10:27:41.0708 2184 C:\Windows\System32\drivers\RTKVHDA.sys - ok
10:27:41.0724 2184 [ C8A58FC905C9184FA70E37F71060C64D ] C:\Windows\System32\drivers\smserial.sys
10:27:41.0724 2184 C:\Windows\System32\drivers\smserial.sys - ok
10:27:41.0724 2184 [ E13B5EA0F51BA5B1512EC671393D09BA ] C:\Windows\System32\drivers\modem.sys
10:27:41.0724 2184 C:\Windows\System32\drivers\modem.sys - ok
10:27:41.0739 2184 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\Windows\System32\drivers\beep.sys
10:27:41.0739 2184 C:\Windows\System32\drivers\beep.sys - ok
10:27:41.0739 2184 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\Windows\System32\drivers\fs_rec.sys
10:27:41.0739 2184 C:\Windows\System32\drivers\fs_rec.sys - ok
10:27:41.0755 2184 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\Windows\System32\drivers\null.sys
10:27:41.0755 2184 C:\Windows\System32\drivers\null.sys - ok
10:27:41.0755 2184 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\Windows\System32\drivers\videoprt.sys
10:27:41.0755 2184 C:\Windows\System32\drivers\videoprt.sys - ok
10:27:41.0770 2184 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\Windows\System32\drivers\vga.sys
10:27:41.0770 2184 C:\Windows\System32\drivers\vga.sys - ok
10:27:41.0770 2184 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\Windows\System32\drivers\RDPCDD.sys
10:27:41.0770 2184 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:27:41.0786 2184 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\Windows\System32\drivers\RDPENCDD.sys
10:27:41.0786 2184 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:27:41.0786 2184 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\Windows\System32\drivers\msfs.sys
10:27:41.0786 2184 C:\Windows\System32\drivers\msfs.sys - ok
10:27:41.0786 2184 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\Windows\System32\drivers\npfs.sys
10:27:41.0786 2184 C:\Windows\System32\drivers\npfs.sys - ok
10:27:41.0802 2184 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\Windows\System32\drivers\rasacd.sys
10:27:41.0802 2184 C:\Windows\System32\drivers\rasacd.sys - ok
10:27:41.0802 2184 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\Windows\System32\drivers\tdx.sys
10:27:41.0802 2184 C:\Windows\System32\drivers\tdx.sys - ok
10:27:41.0817 2184 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\Windows\System32\drivers\smb.sys
10:27:41.0817 2184 C:\Windows\System32\drivers\smb.sys - ok
10:27:41.0817 2184 [ 3911B972B55FEA0478476B2E777B29FA ] C:\Windows\System32\drivers\afd.sys
10:27:41.0817 2184 C:\Windows\System32\drivers\afd.sys - ok
10:27:41.0833 2184 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\Windows\System32\drivers\netbt.sys
10:27:41.0833 2184 C:\Windows\System32\drivers\netbt.sys - ok
10:27:41.0833 2184 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\Windows\System32\drivers\ws2ifsl.sys
10:27:41.0833 2184 C:\Windows\System32\drivers\ws2ifsl.sys - ok
10:27:41.0848 2184 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\Windows\System32\drivers\pacer.sys
10:27:41.0848 2184 C:\Windows\System32\drivers\pacer.sys - ok
10:27:41.0848 2184 [ E88B0CFCECF745211BBA87F44F85D0DD ] C:\Windows\System32\drivers\eabfiltr.sys
10:27:41.0848 2184 C:\Windows\System32\drivers\eabfiltr.sys - ok
10:27:41.0864 2184 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\Windows\System32\drivers\netbios.sys
10:27:41.0864 2184 C:\Windows\System32\drivers\netbios.sys - ok
10:27:41.0864 2184 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\Windows\System32\drivers\wanarp.sys
10:27:41.0864 2184 C:\Windows\System32\drivers\wanarp.sys - ok
10:27:41.0864 2184 [ 609773E344A97410CE4EBF74A8914FCF ] C:\Windows\System32\drivers\nsiproxy.sys
10:27:41.0880 2184 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:27:41.0880 2184 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\Windows\System32\drivers\rdbss.sys
10:27:41.0880 2184 C:\Windows\System32\drivers\rdbss.sys - ok
10:27:41.0880 2184 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\Windows\System32\drivers\dfsc.sys
10:27:41.0880 2184 C:\Windows\System32\drivers\dfsc.sys - ok
10:27:41.0895 2184 [ CAF811AE4C147FFCD5B51750C7F09142 ] C:\Windows\System32\drivers\usbccgp.sys
10:27:41.0895 2184 C:\Windows\System32\drivers\usbccgp.sys - ok
10:27:41.0895 2184 [ E67998E8F14CB0627A769F6530BCB352 ] C:\Windows\System32\drivers\usbvideo.sys
10:27:41.0895 2184 C:\Windows\System32\drivers\usbvideo.sys - ok
10:27:41.0911 2184 [ DDA770BBD7C2ED024D6F50E279D90E5B ] C:\Windows\System32\ntdll.dll
10:27:41.0911 2184 C:\Windows\System32\ntdll.dll - ok
10:27:41.0911 2184 [ BE7480C91E89EB82FC080F772C220AE4 ] C:\Windows\System32\smss.exe
10:27:41.0911 2184 C:\Windows\System32\smss.exe - ok
10:27:41.0926 2184 [ 10761177A6EBE45843F443E99509F5E7 ] C:\Windows\System32\autochk.exe
10:27:41.0926 2184 C:\Windows\System32\autochk.exe - ok
10:27:41.0926 2184 [ 75510147B94598407666F4802797C75A ] C:\Windows\System32\user32.dll
10:27:41.0926 2184 C:\Windows\System32\user32.dll - ok
10:27:41.0942 2184 [ 9BDDA34DC4890169DE5BA21134B33EFB ] C:\Windows\System32\iertutil.dll
10:27:41.0942 2184 C:\Windows\System32\iertutil.dll - ok
10:27:41.0942 2184 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\Windows\System32\ws2_32.dll
10:27:41.0942 2184 C:\Windows\System32\ws2_32.dll - ok
10:27:41.0942 2184 [ 17AF64D727545F2804F6E6D998327E3F ] C:\Windows\System32\msvcrt.dll
10:27:41.0942 2184 C:\Windows\System32\msvcrt.dll - ok
10:27:41.0958 2184 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\Windows\System32\shlwapi.dll
10:27:41.0958 2184 C:\Windows\System32\shlwapi.dll - ok
10:27:41.0958 2184 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\Windows\System32\kernel32.dll
10:27:41.0958 2184 C:\Windows\System32\kernel32.dll - ok
10:27:41.0973 2184 [ 6F29236AB5926100972924BD29D9D225 ] C:\Windows\System32\normaliz.dll
10:27:41.0973 2184 C:\Windows\System32\normaliz.dll - ok
10:27:41.0973 2184 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\Windows\System32\oleaut32.dll
10:27:41.0973 2184 C:\Windows\System32\oleaut32.dll - ok
10:27:41.0989 2184 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\Windows\System32\nsi.dll
10:27:41.0989 2184 C:\Windows\System32\nsi.dll - ok
10:27:41.0989 2184 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\Windows\System32\setupapi.dll
10:27:41.0989 2184 C:\Windows\System32\setupapi.dll - ok
10:27:41.0989 2184 [ 50CAA7072C171B9887215C83D52069E4 ] C:\Windows\System32\advapi32.dll
10:27:41.0989 2184 C:\Windows\System32\advapi32.dll - ok
10:27:42.0004 2184 [ 4E7F83E1F6AEFA38E270EA7353D6911E ] C:\Windows\System32\urlmon.dll
10:27:42.0004 2184 C:\Windows\System32\urlmon.dll - ok
10:27:42.0004 2184 [ 7856E3B4594714EF89BB97375E8644EE ] C:\Windows\System32\gdi32.dll
10:27:42.0004 2184 C:\Windows\System32\gdi32.dll - ok
10:27:42.0020 2184 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\Windows\System32\comdlg32.dll
10:27:42.0020 2184 C:\Windows\System32\comdlg32.dll - ok
10:27:42.0020 2184 [ 9586E7CB2255A8B097A7E4538202585E ] C:\Windows\System32\ole32.dll
10:27:42.0020 2184 C:\Windows\System32\ole32.dll - ok
10:27:42.0036 2184 [ E2281CFF793D7A09CE2B35F9F8732EE3 ] C:\Windows\System32\rpcrt4.dll
10:27:42.0036 2184 C:\Windows\System32\rpcrt4.dll - ok
10:27:42.0036 2184 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\Windows\System32\msctf.dll
10:27:42.0036 2184 C:\Windows\System32\msctf.dll - ok
10:27:42.0036 2184 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\Windows\System32\shell32.dll
10:27:42.0036 2184 C:\Windows\System32\shell32.dll - ok
10:27:42.0051 2184 [ EB49FAA5EBBC06356FB12476438781B9 ] C:\Windows\System32\imagehlp.dll
10:27:42.0051 2184 C:\Windows\System32\imagehlp.dll - ok
10:27:42.0051 2184 [ C5B6468422DB1C8AA36C32CBB0197E5E ] C:\Windows\System32\wininet.dll
10:27:42.0051 2184 C:\Windows\System32\wininet.dll - ok
10:27:42.0067 2184 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\Windows\System32\imm32.dll
10:27:42.0067 2184 C:\Windows\System32\imm32.dll - ok
10:27:42.0067 2184 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\Windows\System32\lpk.dll
10:27:42.0067 2184 C:\Windows\System32\lpk.dll - ok
10:27:42.0082 2184 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\Windows\System32\usp10.dll
10:27:42.0082 2184 C:\Windows\System32\usp10.dll - ok
10:27:42.0082 2184 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\Windows\System32\Wldap32.dll
10:27:42.0082 2184 C:\Windows\System32\Wldap32.dll - ok
10:27:42.0098 2184 [ C394079EB162E812D682C73FA96AF6E4 ] C:\Windows\System32\clbcatq.dll
10:27:42.0098 2184 C:\Windows\System32\clbcatq.dll - ok
10:27:42.0098 2184 [ DC8891A9203810FC994E7FCCF76E94C8 ] C:\Windows\System32\comctl32.dll
10:27:42.0098 2184 C:\Windows\System32\comctl32.dll - ok
10:27:42.0098 2184 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\Windows\System32\psapi.dll
10:27:42.0098 2184 C:\Windows\System32\psapi.dll - ok
10:27:42.0114 2184 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\Windows\System32\drivers\dxapi.sys
10:27:42.0114 2184 C:\Windows\System32\drivers\dxapi.sys - ok
10:27:42.0114 2184 [ 88FB35233A80BB42FF5B4E722705FEF4 ] C:\Windows\System32\win32k.sys
10:27:42.0114 2184 C:\Windows\System32\win32k.sys - ok
10:27:42.0129 2184 [ 33F84B64D4765BCDFA0AB8464122DA14 ] C:\Windows\System32\csrsrv.dll
10:27:42.0129 2184 C:\Windows\System32\csrsrv.dll - ok
10:27:42.0129 2184 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\Windows\System32\csrss.exe
10:27:42.0129 2184 C:\Windows\System32\csrss.exe - ok
10:27:42.0145 2184 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\System32\basesrv.dll
10:27:42.0145 2184 C:\Windows\System32\basesrv.dll - ok
10:27:42.0145 2184 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\System32\winsrv.dll
10:27:42.0145 2184 C:\Windows\System32\winsrv.dll - ok
10:27:42.0145 2184 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\Windows\System32\drivers\monitor.sys
10:27:42.0160 2184 C:\Windows\System32\drivers\monitor.sys - ok
10:27:42.0160 2184 [ CC21507D246861671A0BF97E75CE1B00 ] C:\Windows\System32\tsddd.dll
10:27:42.0160 2184 C:\Windows\System32\tsddd.dll - ok
10:27:42.0160 2184 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\Windows\System32\wininit.exe
10:27:42.0160 2184 C:\Windows\System32\wininit.exe - ok
10:27:42.0176 2184 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\Windows\System32\secur32.dll
10:27:42.0176 2184 C:\Windows\System32\secur32.dll - ok
10:27:42.0176 2184 [ 665417528489096BBCB8AEA46D3DA924 ] C:\Windows\System32\userenv.dll
10:27:42.0176 2184 C:\Windows\System32\userenv.dll - ok
10:27:42.0192 2184 [ 12C8D6C564702B0776512932290A3F6B ] C:\Windows\System32\KBDUS.DLL
10:27:42.0192 2184 C:\Windows\System32\KBDUS.DLL - ok
10:27:42.0192 2184 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\Windows\System32\apphelp.dll
10:27:42.0192 2184 C:\Windows\System32\apphelp.dll - ok
10:27:42.0207 2184 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\System32\services.exe
10:27:42.0207 2184 C:\Windows\System32\services.exe - ok
10:27:42.0207 2184 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\Windows\System32\WlS0WndH.dll
10:27:42.0207 2184 C:\Windows\System32\WlS0WndH.dll - ok
10:27:42.0207 2184 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\Windows\System32\sxs.dll
10:27:42.0207 2184 C:\Windows\System32\sxs.dll - ok
10:27:42.0223 2184 [ CF9F5BBC2740C41DD471278C41B91F5F ] C:\Windows\System32\cdd.dll
10:27:42.0223 2184 C:\Windows\System32\cdd.dll - ok
10:27:42.0223 2184 [ A3E186B4B935905B829219502557314E ] C:\Windows\System32\lsass.exe
10:27:42.0223 2184 C:\Windows\System32\lsass.exe - ok
10:27:42.0238 2184 [ D90911B3FA05D7B930C1286084B404DE ] C:\Windows\System32\scesrv.dll
10:27:42.0238 2184 C:\Windows\System32\scesrv.dll - ok
10:27:42.0238 2184 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\Windows\System32\lsasrv.dll
10:27:42.0238 2184 C:\Windows\System32\lsasrv.dll - ok
10:27:42.0238 2184 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\Windows\System32\lsm.exe
10:27:42.0238 2184 C:\Windows\System32\lsm.exe - ok
10:27:42.0254 2184 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\Windows\System32\sysntfy.dll
10:27:42.0254 2184 C:\Windows\System32\sysntfy.dll - ok
10:27:42.0254 2184 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\Windows\System32\wmsgapi.dll
10:27:42.0254 2184 C:\Windows\System32\wmsgapi.dll - ok
10:27:42.0270 2184 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\Windows\System32\authz.dll
10:27:42.0270 2184 C:\Windows\System32\authz.dll - ok
10:27:42.0270 2184 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\Windows\System32\netapi32.dll
10:27:42.0270 2184 C:\Windows\System32\netapi32.dll - ok
10:27:42.0285 2184 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\Windows\System32\ncobjapi.dll
10:27:42.0285 2184 C:\Windows\System32\ncobjapi.dll - ok
10:27:42.0285 2184 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\Windows\System32\samsrv.dll
10:27:42.0285 2184 C:\Windows\System32\samsrv.dll - ok
10:27:42.0301 2184 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\Windows\System32\aelupsvc.dll
10:27:42.0301 2184 C:\Windows\System32\aelupsvc.dll - ok
10:27:42.0301 2184 [ A1545B731579895D8CC44FC0481C1192 ] C:\Windows\System32\alg.exe
10:27:42.0301 2184 C:\Windows\System32\alg.exe - ok
10:27:42.0301 2184 [ 459B48188494490707DCA8BAA91AA185 ] C:\Windows\System32\cryptdll.dll
10:27:42.0301 2184 C:\Windows\System32\cryptdll.dll - ok
10:27:42.0316 2184 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\Windows\System32\dnsapi.dll
10:27:42.0316 2184 C:\Windows\System32\dnsapi.dll - ok
10:27:42.0316 2184 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\Windows\System32\msasn1.dll
10:27:42.0316 2184 C:\Windows\System32\msasn1.dll - ok
10:27:42.0332 2184 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\Windows\System32\ntdsapi.dll
10:27:42.0332 2184 C:\Windows\System32\ntdsapi.dll - ok
10:27:42.0332 2184 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\Windows\System32\samlib.dll
10:27:42.0332 2184 C:\Windows\System32\samlib.dll - ok
10:27:42.0348 2184 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\Windows\System32\appinfo.dll
10:27:42.0348 2184 C:\Windows\System32\appinfo.dll - ok
10:27:42.0348 2184 [ B0F9073BE86C6D4EDD4EBA674251E699 ] C:\Windows\System32\crypt32.dll
10:27:42.0348 2184 C:\Windows\System32\crypt32.dll - ok
10:27:42.0363 2184 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\Windows\System32\feclient.dll
10:27:42.0363 2184 C:\Windows\System32\feclient.dll - ok
10:27:42.0363 2184 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\Windows\System32\mpr.dll
10:27:42.0363 2184 C:\Windows\System32\mpr.dll - ok
10:27:42.0363 2184 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\Windows\System32\audiosrv.dll
10:27:42.0363 2184 C:\Windows\System32\audiosrv.dll - ok
10:27:42.0379 2184 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\Windows\System32\BFE.DLL
10:27:42.0379 2184 C:\Windows\System32\BFE.DLL - ok
10:27:42.0379 2184 [ 93952506C6D67330367F7E7934B6A02F ] C:\Windows\System32\qmgr.dll
10:27:42.0379 2184 C:\Windows\System32\qmgr.dll - ok
10:27:42.0394 2184 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\Windows\System32\winlogon.exe
10:27:42.0394 2184 C:\Windows\System32\winlogon.exe - ok
10:27:42.0394 2184 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\Windows\System32\winsta.dll
10:27:42.0394 2184 C:\Windows\System32\winsta.dll - ok
10:27:42.0410 2184 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\Windows\System32\SLC.dll
10:27:42.0410 2184 C:\Windows\System32\SLC.dll - ok
10:27:42.0410 2184 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\Windows\System32\wevtapi.dll
10:27:42.0410 2184 C:\Windows\System32\wevtapi.dll - ok
10:27:42.0426 2184 [ 9028559C132146FB75EB7ACF384B086A ] C:\Windows\System32\dhcpcsvc.dll
10:27:42.0426 2184 C:\Windows\System32\dhcpcsvc.dll - ok
10:27:42.0426 2184 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\Windows\System32\IPHLPAPI.DLL
10:27:42.0426 2184 C:\Windows\System32\IPHLPAPI.DLL - ok
10:27:42.0441 2184 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\Windows\System32\dhcpcsvc6.dll
10:27:42.0441 2184 C:\Windows\System32\dhcpcsvc6.dll - ok
10:27:42.0441 2184 [ 6B09105742C75DF80CEF21700F20F55A ] C:\Windows\System32\winnsi.dll
10:27:42.0441 2184 C:\Windows\System32\winnsi.dll - ok
10:27:42.0441 2184 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\Windows\System32\browser.dll
10:27:42.0441 2184 C:\Windows\System32\browser.dll - ok
10:27:42.0457 2184 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\Windows\System32\certprop.dll
10:27:42.0457 2184 C:\Windows\System32\certprop.dll - ok
10:27:42.0457 2184 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\Windows\System32\cngaudit.dll
10:27:42.0457 2184 C:\Windows\System32\cngaudit.dll - ok
10:27:42.0472 2184 [ 4211249955AF9133E2E357CC92B54DFD ] C:\Windows\System32\comres.dll
10:27:42.0472 2184 C:\Windows\System32\comres.dll - ok
10:27:42.0472 2184 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\Windows\System32\ncrypt.dll
10:27:42.0472 2184 C:\Windows\System32\ncrypt.dll - ok
10:27:42.0488 2184 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\Windows\System32\bcrypt.dll
10:27:42.0488 2184 C:\Windows\System32\bcrypt.dll - ok
10:27:42.0488 2184 [ 26F139DDEC6407508071930D3D07337E ] C:\Windows\System32\credssp.dll
10:27:42.0488 2184 C:\Windows\System32\credssp.dll - ok
10:27:42.0504 2184 [ F1E8C34892336D33EDDCDFE44E474F64 ] C:\Windows\System32\cryptsvc.dll
10:27:42.0504 2184 C:\Windows\System32\cryptsvc.dll - ok
10:27:42.0504 2184 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\Windows\System32\kerberos.dll
10:27:42.0504 2184 C:\Windows\System32\kerberos.dll - ok
10:27:42.0519 2184 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\Windows\System32\msprivs.dll
10:27:42.0519 2184 C:\Windows\System32\msprivs.dll - ok
10:27:42.0519 2184 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\Windows\System32\dfsrres.dll
10:27:42.0519 2184 C:\Windows\System32\dfsrres.dll - ok
10:27:42.0535 2184 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\Windows\System32\oleres.dll
10:27:42.0535 2184 C:\Windows\System32\oleres.dll - ok
10:27:42.0535 2184 [ 69827805A221C21450BA22F4326A2EE3 ] C:\Windows\System32\version.dll
10:27:42.0535 2184 C:\Windows\System32\version.dll - ok
10:27:42.0535 2184 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\Windows\System32\dot3svc.dll
10:27:42.0535 2184 C:\Windows\System32\dot3svc.dll - ok
10:27:42.0550 2184 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\Windows\System32\dps.dll
10:27:42.0550 2184 C:\Windows\System32\dps.dll - ok
10:27:42.0550 2184 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\Windows\System32\wship6.dll
10:27:42.0550 2184 C:\Windows\System32\wship6.dll - ok
10:27:42.0566 2184 [ 22CFAEB9172F5F198048401485CD0571 ] C:\Windows\System32\WSHTCPIP.DLL
10:27:42.0566 2184 C:\Windows\System32\WSHTCPIP.DLL - ok
10:27:42.0566 2184 [ 9BE3744D295A7701EB425332014F0797 ] C:\Windows\ehome\ehrecvr.exe
10:27:42.0566 2184 C:\Windows\ehome\ehrecvr.exe - ok
10:27:42.0582 2184 [ C0B95E40D85CD807D614E264248A45B9 ] C:\Windows\System32\eapsvc.dll
10:27:42.0582 2184 C:\Windows\System32\eapsvc.dll - ok
10:27:42.0582 2184 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\Windows\System32\wshqos.dll
10:27:42.0582 2184 C:\Windows\System32\wshqos.dll - ok
10:27:42.0597 2184 [ FC62A635063B762E1C3C60EA77279378 ] C:\Windows\System32\NapiNSP.dll
10:27:42.0597 2184 C:\Windows\System32\NapiNSP.dll - ok
10:27:42.0597 2184 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\Windows\System32\nlasvc.dll
10:27:42.0597 2184 C:\Windows\System32\nlasvc.dll - ok
10:27:42.0597 2184 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\Windows\ehome\ehsched.exe
10:27:42.0597 2184 C:\Windows\ehome\ehsched.exe - ok
10:27:42.0613 2184 [ 8617350C9B590B63E620881092751BCB ] C:\Windows\System32\mswsock.dll
10:27:42.0613 2184 C:\Windows\System32\mswsock.dll - ok
10:27:42.0628 2184 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\Windows\System32\pnrpnsp.dll
10:27:42.0628 2184 C:\Windows\System32\pnrpnsp.dll - ok
10:27:42.0628 2184 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\Windows\ehome\ehstart.dll
10:27:42.0628 2184 C:\Windows\ehome\ehstart.dll - ok
10:27:42.0628 2184 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\Windows\System32\msv1_0.dll
10:27:42.0628 2184 C:\Windows\System32\msv1_0.dll - ok
10:27:42.0644 2184 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\Windows\System32\emdmgmt.dll
10:27:42.0644 2184 C:\Windows\System32\emdmgmt.dll - ok
10:27:42.0660 2184 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\Windows\System32\netlogon.dll
10:27:42.0660 2184 C:\Windows\System32\netlogon.dll - ok
10:27:42.0660 2184 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\Windows\System32\wevtsvc.dll
10:27:42.0660 2184 C:\Windows\System32\wevtsvc.dll - ok
10:27:42.0675 2184 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\Windows\System32\winbrand.dll
10:27:42.0675 2184 C:\Windows\System32\winbrand.dll - ok
10:27:42.0675 2184 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\Windows\System32\fdPHost.dll
10:27:42.0675 2184 C:\Windows\System32\fdPHost.dll - ok
10:27:42.0691 2184 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\Windows\System32\FDResPub.dll
10:27:42.0691 2184 C:\Windows\System32\FDResPub.dll - ok
10:27:42.0691 2184 [ 8CE364388C8ECA59B14B539179276D44 ] C:\Windows\System32\FntCache.dll
10:27:42.0691 2184 C:\Windows\System32\FntCache.dll - ok
10:27:42.0706 2184 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\Windows\System32\schannel.dll
10:27:42.0706 2184 C:\Windows\System32\schannel.dll - ok
10:27:42.0722 2184 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\Windows\System32\wdigest.dll
10:27:42.0722 2184 C:\Windows\System32\wdigest.dll - ok
10:27:42.0722 2184 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\Windows\System32\PresentationHost.exe
10:27:42.0722 2184 C:\Windows\System32\PresentationHost.exe - ok
10:27:42.0738 2184 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\Windows\System32\rsaenh.dll
10:27:42.0738 2184 C:\Windows\System32\rsaenh.dll - ok
10:27:42.0753 2184 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\Windows\System32\gpapi.dll
10:27:42.0753 2184 C:\Windows\System32\gpapi.dll - ok
10:27:42.0753 2184 [ 84067081F3318162797385E11A8F0582 ] C:\Windows\System32\hidserv.dll
10:27:42.0753 2184 C:\Windows\System32\hidserv.dll - ok
10:27:42.0769 2184 [ F8873D15018F411588BEC02C1725BADA ] C:\Windows\System32\TSpkg.dll
10:27:42.0769 2184 C:\Windows\System32\TSpkg.dll - ok
10:27:42.0769 2184 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\Windows\System32\KMSVC.DLL
10:27:42.0769 2184 C:\Windows\System32\KMSVC.DLL - ok
10:27:42.0784 2184 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
10:27:42.0784 2184 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
10:27:42.0784 2184 [ 9908D8A397B76CD8D31D0D383C5773C9 ] C:\Windows\System32\IKEEXT.DLL
10:27:42.0784 2184 C:\Windows\System32\IKEEXT.DLL - ok
10:27:42.0800 2184 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\Windows\System32\IPBusEnum.dll
10:27:42.0800 2184 C:\Windows\System32\IPBusEnum.dll - ok
10:27:42.0800 2184 [ 1998BD97F950680BB55F55A7244679C2 ] C:\Windows\System32\iphlpsvc.dll
10:27:42.0800 2184 C:\Windows\System32\iphlpsvc.dll - ok
10:27:42.0816 2184 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\Windows\System32\rascfg.dll
10:27:42.0816 2184 C:\Windows\System32\rascfg.dll - ok
10:27:42.0816 2184 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\Windows\System32\keyiso.dll
10:27:42.0816 2184 C:\Windows\System32\keyiso.dll - ok
10:27:42.0831 2184 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\Windows\System32\srvsvc.dll
10:27:42.0831 2184 C:\Windows\System32\srvsvc.dll - ok
10:27:42.0831 2184 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\Windows\System32\wkssvc.dll
10:27:42.0831 2184 C:\Windows\System32\wkssvc.dll - ok
10:27:42.0847 2184 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\Windows\ehome\ehres.dll
10:27:42.0847 2184 C:\Windows\ehome\ehres.dll - ok
10:27:42.0847 2184 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\Windows\System32\lltdres.dll
10:27:42.0847 2184 C:\Windows\System32\lltdres.dll - ok
10:27:42.0862 2184 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\Windows\System32\lmhsvc.dll
10:27:42.0862 2184 C:\Windows\System32\lmhsvc.dll - ok
10:27:42.0862 2184 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\Windows\System32\mmcss.dll
10:27:42.0862 2184 C:\Windows\System32\mmcss.dll - ok
10:27:42.0878 2184 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\Windows\System32\FirewallAPI.dll
10:27:42.0878 2184 C:\Windows\System32\FirewallAPI.dll - ok
10:27:42.0878 2184 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\Windows\System32\iscsidsc.dll
10:27:42.0878 2184 C:\Windows\System32\iscsidsc.dll - ok
10:27:42.0894 2184 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\Windows\System32\msimsg.dll
10:27:42.0894 2184 C:\Windows\System32\msimsg.dll - ok
10:27:42.0894 2184 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\Windows\System32\QAGENTRT.DLL
10:27:42.0894 2184 C:\Windows\System32\QAGENTRT.DLL - ok
10:27:42.0909 2184 [ C8052711DAECC48B982434C5116CA401 ] C:\Windows\System32\netman.dll
10:27:42.0909 2184 C:\Windows\System32\netman.dll - ok
10:27:42.0909 2184 [ ED640F4CE585058119B824CC76591D9C ] C:\Windows\System32\netprof.dll
10:27:42.0909 2184 C:\Windows\System32\netprof.dll - ok
10:27:42.0925 2184 [ 983B356504D443E61B9012EA9F36496B ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
10:27:42.0925 2184 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
10:27:42.0925 2184 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\Windows\System32\nsisvc.dll
10:27:42.0925 2184 C:\Windows\System32\nsisvc.dll - ok
10:27:42.0940 2184 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\Windows\System32\p2psvc.dll
10:27:42.0940 2184 C:\Windows\System32\p2psvc.dll - ok
10:27:42.0940 2184 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\Windows\System32\pcasvc.dll
10:27:42.0940 2184 C:\Windows\System32\pcasvc.dll - ok
10:27:42.0956 2184 [ B1689DF169143F57053F795390C99DB3 ] C:\Windows\System32\pla.dll
10:27:42.0956 2184 C:\Windows\System32\pla.dll - ok
10:27:42.0956 2184 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\Windows\System32\umpnpmgr.dll
10:27:42.0956 2184 C:\Windows\System32\umpnpmgr.dll - ok
10:27:42.0956 2184 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\Windows\System32\polstore.dll
10:27:42.0956 2184 C:\Windows\System32\polstore.dll - ok
10:27:42.0972 2184 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\Windows\System32\profsvc.dll
10:27:42.0972 2184 C:\Windows\System32\profsvc.dll - ok
10:27:42.0972 2184 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\Windows\System32\psbase.dll
10:27:42.0972 2184 C:\Windows\System32\psbase.dll - ok
10:27:42.0987 2184 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\Windows\System32\qwave.dll
10:27:42.0987 2184 C:\Windows\System32\qwave.dll - ok
10:27:42.0987 2184 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\Windows\System32\drivers\qwavedrv.sys
10:27:42.0987 2184 C:\Windows\System32\drivers\qwavedrv.sys - ok
10:27:43.0003 2184 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\Windows\System32\rasauto.dll
10:27:43.0003 2184 C:\Windows\System32\rasauto.dll - ok
10:27:43.0003 2184 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\Windows\System32\rasmans.dll
10:27:43.0003 2184 C:\Windows\System32\rasmans.dll - ok
10:27:43.0018 2184 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\Windows\System32\sstpsvc.dll
10:27:43.0018 2184 C:\Windows\System32\sstpsvc.dll - ok
10:27:43.0018 2184 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\Windows\System32\mprdim.dll
10:27:43.0018 2184 C:\Windows\System32\mprdim.dll - ok
10:27:43.0018 2184 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\Windows\System32\regsvc.dll
10:27:43.0018 2184 C:\Windows\System32\regsvc.dll - ok
10:27:43.0034 2184 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\Windows\System32\Locator.exe
10:27:43.0034 2184 C:\Windows\System32\Locator.exe - ok
10:27:43.0034 2184 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\Windows\System32\SCardSvr.dll
10:27:43.0034 2184 C:\Windows\System32\SCardSvr.dll - ok
10:27:43.0050 2184 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\Windows\System32\schedsvc.dll
10:27:43.0050 2184 C:\Windows\System32\schedsvc.dll - ok
10:27:43.0050 2184 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\Windows\System32\sdrsvc.dll
10:27:43.0050 2184 C:\Windows\System32\sdrsvc.dll - ok
10:27:43.0065 2184 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\Windows\System32\seclogon.dll
10:27:43.0065 2184 C:\Windows\System32\seclogon.dll - ok
10:27:43.0065 2184 [ A9BBAB5759771E523F55563D6CBE140F ] C:\Windows\System32\Sens.dll
10:27:43.0065 2184 C:\Windows\System32\Sens.dll - ok
10:27:43.0081 2184 [ D2193326F729B163125610DBF3E17D57 ] C:\Windows\System32\SessEnv.dll
10:27:43.0081 2184 C:\Windows\System32\SessEnv.dll - ok
10:27:43.0081 2184 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\Windows\System32\ipnathlp.dll
10:27:43.0081 2184 C:\Windows\System32\ipnathlp.dll - ok
10:27:43.0096 2184 [ C7230FBEE14437716701C15BE02C27B8 ] C:\Windows\System32\shsvcs.dll
10:27:43.0096 2184 C:\Windows\System32\shsvcs.dll - ok
10:27:43.0096 2184 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\Windows\System32\SLsvc.exe
10:27:43.0096 2184 C:\Windows\System32\SLsvc.exe - ok
10:27:43.0112 2184 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\Windows\System32\SLUINotify.dll
10:27:43.0112 2184 C:\Windows\System32\SLUINotify.dll - ok
10:27:43.0112 2184 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\Windows\System32\tcpipcfg.dll
10:27:43.0112 2184 C:\Windows\System32\tcpipcfg.dll - ok
10:27:43.0128 2184 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\Windows\System32\snmptrap.exe
10:27:43.0128 2184 C:\Windows\System32\snmptrap.exe - ok
10:27:43.0143 2184 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\Windows\System32\spoolsv.exe
10:27:43.0143 2184 C:\Windows\System32\spoolsv.exe - ok
10:27:43.0143 2184 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\Windows\System32\ssdpsrv.dll
10:27:43.0143 2184 C:\Windows\System32\ssdpsrv.dll - ok
10:27:43.0159 2184 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\Windows\System32\wiaservc.dll
10:27:43.0159 2184 C:\Windows\System32\wiaservc.dll - ok
10:27:43.0159 2184 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\Windows\System32\swprv.dll
10:27:43.0159 2184 C:\Windows\System32\swprv.dll - ok
10:27:43.0174 2184 [ 9A51B04E9886AA4EE90093586B0BA88D ] C:\Windows\System32\sysmain.dll
10:27:43.0174 2184 C:\Windows\System32\sysmain.dll - ok
10:27:43.0174 2184 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\Windows\System32\TabSvc.dll
10:27:43.0174 2184 C:\Windows\System32\TabSvc.dll - ok
10:27:43.0190 2184 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\Windows\System32\tapisrv.dll
10:27:43.0190 2184 C:\Windows\System32\tapisrv.dll - ok
10:27:43.0190 2184 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\Windows\System32\tbssvc.dll
10:27:43.0190 2184 C:\Windows\System32\tbssvc.dll - ok
10:27:43.0206 2184 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\Windows\System32\termsrv.dll
10:27:43.0206 2184 C:\Windows\System32\termsrv.dll - ok
10:27:43.0206 2184 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\Windows\servicing\TrustedInstaller.exe
10:27:43.0206 2184 C:\Windows\servicing\TrustedInstaller.exe - ok
10:27:43.0221 2184 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\Windows\System32\trkwks.dll
10:27:43.0221 2184 C:\Windows\System32\trkwks.dll - ok
10:27:43.0221 2184 [ ECEF404F62863755951E09C802C94AD5 ] C:\Windows\System32\UI0Detect.exe
10:27:43.0221 2184 C:\Windows\System32\UI0Detect.exe - ok
10:27:43.0237 2184 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\Windows\System32\upnphost.dll
10:27:43.0237 2184 C:\Windows\System32\upnphost.dll - ok
10:27:43.0237 2184 [ 01DD1004181FD46ECDC3628228EB269D ] C:\Windows\System32\dwm.exe
10:27:43.0237 2184 C:\Windows\System32\dwm.exe - ok
10:27:43.0252 2184 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\Windows\System32\vds.exe
10:27:43.0252 2184 C:\Windows\System32\vds.exe - ok
10:27:43.0252 2184 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\Windows\System32\VSSVC.exe
10:27:43.0252 2184 C:\Windows\System32\VSSVC.exe - ok
10:27:43.0268 2184 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\Windows\System32\w32time.dll
10:27:43.0268 2184 C:\Windows\System32\w32time.dll - ok
10:27:43.0268 2184 [ A3CD60FD826381B49F03832590E069AF ] C:\Windows\System32\wcncsvc.dll
10:27:43.0268 2184 C:\Windows\System32\wcncsvc.dll - ok
10:27:43.0284 2184 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\Windows\System32\WcsPlugInService.dll
10:27:43.0284 2184 C:\Windows\System32\WcsPlugInService.dll - ok
10:27:43.0284 2184 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
10:27:43.0284 2184 C:\Windows\System32\drivers\Wdf01000.sys - ok
10:27:43.0299 2184 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\Windows\System32\wdi.dll
10:27:43.0299 2184 C:\Windows\System32\wdi.dll - ok
10:27:43.0299 2184 [ 04C37D8107320312FBAE09926103D5E2 ] C:\Windows\System32\WebClnt.dll
10:27:43.0299 2184 C:\Windows\System32\WebClnt.dll - ok
10:27:43.0315 2184 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\Windows\System32\wecsvc.dll
10:27:43.0315 2184 C:\Windows\System32\wecsvc.dll - ok
10:27:43.0315 2184 [ 670FF720071ED741206D69BD995EA453 ] C:\Windows\System32\wercplsupport.dll
10:27:43.0315 2184 C:\Windows\System32\wercplsupport.dll - ok
10:27:43.0330 2184 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\Windows\System32\wersvc.dll
10:27:43.0330 2184 C:\Windows\System32\wersvc.dll - ok
10:27:43.0330 2184 [ 62DB790A860CDFC4278D2F03CC5675D8 ] C:\Program Files\Windows Defender\MsMpRes.dll
10:27:43.0330 2184 C:\Program Files\Windows Defender\MsMpRes.dll - ok
10:27:43.0346 2184 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\Windows\System32\winhttp.dll
10:27:43.0346 2184 C:\Windows\System32\winhttp.dll - ok
10:27:43.0346 2184 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\Windows\System32\wbem\WMIsvc.dll
10:27:43.0346 2184 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:27:43.0362 2184 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\Windows\System32\WsmSvc.dll
10:27:43.0362 2184 C:\Windows\System32\WsmSvc.dll - ok
10:27:43.0362 2184 [ C008405E4FEEB069E30DA1D823910234 ] C:\Windows\System32\wlansvc.dll
10:27:43.0362 2184 C:\Windows\System32\wlansvc.dll - ok
10:27:43.0377 2184 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\Windows\System32\wbem\WmiApSrv.exe
10:27:43.0377 2184 C:\Windows\System32\wbem\WmiApSrv.exe - ok
10:27:43.0393 2184 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:27:43.0393 2184 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:27:43.0393 2184 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\Windows\System32\wpcsvc.dll
10:27:43.0393 2184 C:\Windows\System32\wpcsvc.dll - ok
10:27:43.0408 2184 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\Windows\System32\wpdbusenum.dll
10:27:43.0408 2184 C:\Windows\System32\wpdbusenum.dll - ok
10:27:43.0408 2184 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:27:43.0408 2184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
10:27:43.0424 2184 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\Windows\System32\wscsvc.dll
10:27:43.0424 2184 C:\Windows\System32\wscsvc.dll - ok
10:27:43.0424 2184 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\Windows\System32\SearchIndexer.exe
10:27:43.0424 2184 C:\Windows\System32\SearchIndexer.exe - ok
10:27:43.0440 2184 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
10:27:43.0440 2184 C:\Windows\System32\wuaueng.dll - ok
10:27:43.0440 2184 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
10:27:43.0440 2184 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:27:43.0455 2184 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
10:27:43.0455 2184 C:\Windows\System32\WUDFSvc.dll - ok
10:27:43.0455 2184 [ 8FC182167381E9915651267044105EE1 ] C:\Windows\System32\scecli.dll
10:27:43.0455 2184 C:\Windows\System32\scecli.dll - ok
10:27:43.0471 2184 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\Windows\System32\ntmarta.dll
10:27:43.0471 2184 C:\Windows\System32\ntmarta.dll - ok
10:27:43.0486 2184 [ 3794B461C45882E06856F282EEF025AF ] C:\Windows\System32\svchost.exe
10:27:43.0486 2184 C:\Windows\System32\svchost.exe - ok
10:27:43.0486 2184 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\Windows\System32\powrprof.dll
10:27:43.0486 2184 C:\Windows\System32\powrprof.dll - ok
10:27:43.0502 2184 [ 8F5C7426567798E62A3B3614965D62CC ] C:\Windows\System32\drivers\luafv.sys
10:27:43.0502 2184 C:\Windows\System32\drivers\luafv.sys - ok
10:27:43.0502 2184 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\Windows\System32\rpcss.dll
10:27:43.0502 2184 C:\Windows\System32\rpcss.dll - ok
10:27:43.0518 2184 [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
10:27:43.0518 2184 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
10:27:43.0533 2184 [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
10:27:43.0533 2184 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
10:27:43.0533 2184 [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
10:27:43.0533 2184 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
10:27:43.0549 2184 [ F42483814FC39170B3982A184EC5AAA2 ] C:\Windows\System32\wtsapi32.dll
10:27:43.0549 2184 C:\Windows\System32\wtsapi32.dll - ok
10:27:43.0549 2184 [ 62D577288B48998FC6667BF22DC5B690 ] C:\Windows\System32\LogonUI.exe
10:27:43.0549 2184 C:\Windows\System32\LogonUI.exe - ok
10:27:43.0564 2184 [ B2E569EF26DAC9D6994A2AFF4F601B7A ] C:\Windows\System32\wintrust.dll
10:27:43.0564 2184 C:\Windows\System32\wintrust.dll - ok
10:27:43.0564 2184 [ 58C2521D87C494831A625202C80354AD ] C:\Windows\System32\authui.dll
10:27:43.0564 2184 C:\Windows\System32\authui.dll - ok
10:27:43.0580 2184 [ 4575AA12561C5648483403541D0D7F2B ] C:\Program Files\Windows Defender\MpSvc.dll
10:27:43.0580 2184 C:\Program Files\Windows Defender\MpSvc.dll - ok
10:27:43.0580 2184 [ 1BD363738B672A394EBE3B8A78EAB9D3 ] C:\Program Files\Windows Defender\MpClient.dll
10:27:43.0580 2184 C:\Program Files\Windows Defender\MpClient.dll - ok
10:27:43.0596 2184 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
10:27:43.0596 2184 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
10:27:43.0596 2184 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\Windows\System32\msimg32.dll
10:27:43.0596 2184 C:\Windows\System32\msimg32.dll - ok
10:27:43.0611 2184 [ 999D69DEB576C2C424294DF025891CC6 ] C:\Windows\System32\uxtheme.dll
10:27:43.0611 2184 C:\Windows\System32\uxtheme.dll - ok
10:27:43.0611 2184 [ 76EAEF4DDEBBC7C38853F586C0E91DCE ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll
10:27:43.0611 2184 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\GdiPlus.dll - ok
10:27:43.0627 2184 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\Windows\System32\duser.dll
10:27:43.0627 2184 C:\Windows\System32\duser.dll - ok
10:27:43.0627 2184 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\Windows\System32\xmllite.dll
10:27:43.0627 2184 C:\Windows\System32\xmllite.dll - ok
10:27:43.0642 2184 [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
10:27:43.0642 2184 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
10:27:43.0642 2184 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:27:43.0642 2184 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:27:43.0642 2184 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\Windows\System32\rasplap.dll
10:27:43.0642 2184 C:\Windows\System32\rasplap.dll - ok
10:27:43.0658 2184 [ 3CB863B78642405371CB3A71C07E2382 ] C:\Windows\System32\rasapi32.dll
10:27:43.0658 2184 C:\Windows\System32\rasapi32.dll - ok
10:27:43.0658 2184 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\Windows\System32\rasman.dll
10:27:43.0658 2184 C:\Windows\System32\rasman.dll - ok
10:27:43.0674 2184 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\Windows\System32\tapi32.dll
10:27:43.0674 2184 C:\Windows\System32\tapi32.dll - ok
10:27:43.0674 2184 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\Windows\System32\rtutils.dll
10:27:43.0674 2184 C:\Windows\System32\rtutils.dll - ok
10:27:43.0689 2184 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\Windows\System32\winmm.dll
10:27:43.0689 2184 C:\Windows\System32\winmm.dll - ok
10:27:43.0689 2184 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\Windows\System32\oleacc.dll
10:27:43.0689 2184 C:\Windows\System32\oleacc.dll - ok
10:27:43.0705 2184 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\Windows\System32\WinSCard.dll
10:27:43.0705 2184 C:\Windows\System32\WinSCard.dll - ok
10:27:43.0705 2184 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\Windows\System32\shgina.dll
10:27:43.0705 2184 C:\Windows\System32\shgina.dll - ok
10:27:43.0720 2184 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\Windows\System32\shacct.dll
10:27:43.0720 2184 C:\Windows\System32\shacct.dll - ok
10:27:43.0720 2184 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\Windows\System32\propsys.dll
10:27:43.0720 2184 C:\Windows\System32\propsys.dll - ok
10:27:43.0736 2184 [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
10:27:43.0736 2184 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
10:27:43.0736 2184 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\Windows\System32\fltLib.dll
10:27:43.0736 2184 C:\Windows\System32\fltLib.dll - ok
10:27:43.0752 2184 [ EE38212D3630819A6293A5BAE2D5C9A8 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
10:27:43.0752 2184 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
10:27:43.0752 2184 [ CF105EE42E3F71E648CEBB3F666E1CF0 ] C:\Windows\System32\drivers\MpFilter.sys
10:27:43.0752 2184 C:\Windows\System32\drivers\MpFilter.sys - ok
10:27:43.0767 2184 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\Windows\System32\avrt.dll
10:27:43.0767 2184 C:\Windows\System32\avrt.dll - ok
10:27:43.0767 2184 [ 801F1E963F7EEFFDA3F9EF89DB3EF133 ] C:\Windows\System32\radardt.dll
10:27:43.0767 2184 C:\Windows\System32\radardt.dll - ok
10:27:43.0783 2184 [ AC66A87B91D548D8DBDA58D00FA21547 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
10:27:43.0783 2184 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
10:27:43.0783 2184 [ 56B5914070B2C243DFB3D186070DA89D ] C:\Windows\System32\MMDevAPI.dll
10:27:43.0783 2184 C:\Windows\System32\MMDevAPI.dll - ok
10:27:43.0798 2184 [ 5FC8307E040C2E95EA4F486C8379FB64 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpengine.dll
10:27:43.0798 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpengine.dll - ok
10:27:43.0798 2184 [ A99871BA522CB2539AE275AC18CACC8F ] C:\Windows\System32\cabinet.dll
10:27:43.0798 2184 C:\Windows\System32\cabinet.dll - ok
10:27:43.0798 2184 [ A181FAA2F6C33FE5AF5A91BD8A0507D3 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpasbase.vdm
10:27:43.0798 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpasbase.vdm - ok
10:27:43.0814 2184 [ 79AC167ED1427F864EF3B6324DA0E12E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpasdlta.vdm
10:27:43.0814 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpasdlta.vdm - ok
10:27:43.0814 2184 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\Windows\System32\adtschema.dll
10:27:43.0814 2184 C:\Windows\System32\adtschema.dll - ok
10:27:43.0830 2184 [ 97FEF831AB90BEE128C9AF390E243F80 ] C:\Windows\System32\drivers\drmkaud.sys
10:27:43.0830 2184 C:\Windows\System32\drivers\drmkaud.sys - ok
10:27:43.0830 2184 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\Windows\System32\dimsjob.dll
10:27:43.0830 2184 C:\Windows\System32\dimsjob.dll - ok
10:27:43.0845 2184 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\Windows\System32\drivers\fltMgr.sys
10:27:43.0845 2184 C:\Windows\System32\drivers\fltMgr.sys - ok
10:27:43.0845 2184 [ 57418956DDAE128D1023C508E7D07071 ] C:\Windows\System32\PSHED.DLL
10:27:43.0845 2184 C:\Windows\System32\PSHED.DLL - ok
10:27:43.0861 2184 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\Windows\System32\audiodg.exe
10:27:43.0861 2184 C:\Windows\System32\audiodg.exe - ok
10:27:43.0861 2184 [ 7258434974EA735725FD2D4A65C5E821 ] C:\Windows\System32\AudioSes.dll
10:27:43.0861 2184 C:\Windows\System32\AudioSes.dll - ok
10:27:43.0861 2184 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\Windows\System32\ksuser.dll
10:27:43.0861 2184 C:\Windows\System32\ksuser.dll - ok
10:27:43.0876 2184 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\Windows\System32\wdmaud.drv
10:27:43.0876 2184 C:\Windows\System32\wdmaud.drv - ok
10:27:43.0876 2184 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\Windows\System32\AudioEng.dll
10:27:43.0876 2184 C:\Windows\System32\AudioEng.dll - ok
10:27:43.0892 2184 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\Windows\System32\nlaapi.dll
10:27:43.0892 2184 C:\Windows\System32\nlaapi.dll - ok
10:27:43.0892 2184 [ 409F36C8BD06FCE184631EB4142B009A ] C:\Windows\System32\atl.dll
10:27:43.0892 2184 C:\Windows\System32\atl.dll - ok
10:27:43.0908 2184 [ BDBB449425991154135E5ED1559927E6 ] C:\Windows\System32\msacm32.dll
10:27:43.0908 2184 C:\Windows\System32\msacm32.dll - ok
10:27:43.0908 2184 [ 166F004D73EA2CF4AC61800CA469458D ] C:\Windows\System32\msacm32.drv
10:27:43.0908 2184 C:\Windows\System32\msacm32.drv - ok
10:27:43.0923 2184 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\Windows\System32\gpsvc.dll
10:27:43.0923 2184 C:\Windows\System32\gpsvc.dll - ok
10:27:43.0923 2184 [ 83199EF88D691E730B80666E29F90D58 ] C:\Windows\System32\midimap.dll
10:27:43.0923 2184 C:\Windows\System32\midimap.dll - ok
10:27:43.0923 2184 [ 67058C46504BC12D821F38CF99B7B28F ] C:\Windows\System32\es.dll
10:27:43.0923 2184 C:\Windows\System32\es.dll - ok
10:27:43.0939 2184 [ 296937202E4D930AAE98085B99D744D8 ] C:\Windows\System32\AUDIOKSE.dll
10:27:43.0939 2184 C:\Windows\System32\AUDIOKSE.dll - ok
10:27:43.0939 2184 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\Windows\System32\drivers\spsys.sys
10:27:43.0939 2184 C:\Windows\System32\drivers\spsys.sys - ok
10:27:43.0954 2184 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\Windows\System32\uxsms.dll
10:27:43.0954 2184 C:\Windows\System32\uxsms.dll - ok
10:27:43.0954 2184 [ 473A5F85261E33EB42AFC7BA092A2427 ] C:\Windows\System32\RtkAPO.dll
10:27:43.0954 2184 C:\Windows\System32\RtkAPO.dll - ok
10:27:43.0970 2184 [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpavbase.vdm
10:27:43.0970 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpavbase.vdm - ok
10:27:43.0970 2184 [ 5E1D009433155B4DA364D46092A46BA0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpavdlta.vdm
10:27:43.0970 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\mpavdlta.vdm - ok
10:27:43.0986 2184 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\Windows\System32\hid.dll
10:27:43.0986 2184 C:\Windows\System32\hid.dll - ok
10:27:43.0986 2184 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\Windows\System32\WindowsCodecs.dll
10:27:43.0986 2184 C:\Windows\System32\WindowsCodecs.dll - ok
10:27:44.0001 2184 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\Windows\System32\WUDFPlatform.dll
10:27:44.0001 2184 C:\Windows\System32\WUDFPlatform.dll - ok
10:27:44.0001 2184 [ 0727200F10320A6BA7E59433094FBBA7 ] C:\Windows\System32\WMALFXGFXDSP.dll
10:27:44.0001 2184 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:27:44.0001 2184 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\Windows\System32\mfplat.dll
10:27:44.0001 2184 C:\Windows\System32\mfplat.dll - ok
10:27:44.0017 2184 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\Windows\System32\drivers\lltdio.sys
10:27:44.0017 2184 C:\Windows\System32\drivers\lltdio.sys - ok
10:27:44.0017 2184 [ EEC7EE5675294B03E88AA868540007C1 ] C:\Windows\System32\drivers\rmcast.sys
10:27:44.0017 2184 C:\Windows\System32\drivers\rmcast.sys - ok
10:27:44.0032 2184 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\Windows\System32\drivers\nwifi.sys
10:27:44.0032 2184 C:\Windows\System32\drivers\nwifi.sys - ok
10:27:44.0032 2184 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\Windows\System32\drivers\ndisuio.sys
10:27:44.0032 2184 C:\Windows\System32\drivers\ndisuio.sys - ok
10:27:44.0048 2184 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\Windows\System32\drivers\rspndr.sys
10:27:44.0048 2184 C:\Windows\System32\drivers\rspndr.sys - ok
10:27:44.0048 2184 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\Windows\System32\dnsrslvr.dll
10:27:44.0048 2184 C:\Windows\System32\dnsrslvr.dll - ok
10:27:44.0064 2184 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\Windows\System32\eapphost.dll
10:27:44.0064 2184 C:\Windows\System32\eapphost.dll - ok
10:27:44.0064 2184 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\Windows\System32\rastls.dll
10:27:44.0064 2184 C:\Windows\System32\rastls.dll - ok
10:27:44.0079 2184 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\Windows\System32\raschap.dll
10:27:44.0079 2184 C:\Windows\System32\raschap.dll - ok
10:27:44.0079 2184 [ E45051C374F845EDF3DB02A35BA13193 ] C:\Windows\System32\umb.dll
10:27:44.0079 2184 C:\Windows\System32\umb.dll - ok
10:27:44.0079 2184 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\Windows\System32\wlanmsm.dll
10:27:44.0095 2184 C:\Windows\System32\wlanmsm.dll - ok
10:27:44.0095 2184 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\Windows\System32\wlansec.dll
10:27:44.0095 2184 C:\Windows\System32\wlansec.dll - ok
10:27:44.0110 2184 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\Windows\System32\onex.dll
10:27:44.0110 2184 C:\Windows\System32\onex.dll - ok
10:27:44.0110 2184 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\Windows\System32\eappprxy.dll
10:27:44.0110 2184 C:\Windows\System32\eappprxy.dll - ok
10:27:44.0126 2184 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\Windows\System32\eappcfg.dll
10:27:44.0126 2184 C:\Windows\System32\eappcfg.dll - ok
10:27:44.0142 2184 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\Windows\System32\wlgpclnt.dll
10:27:44.0142 2184 C:\Windows\System32\wlgpclnt.dll - ok
10:27:44.0142 2184 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\Windows\System32\l2gpstore.dll
10:27:44.0142 2184 C:\Windows\System32\l2gpstore.dll - ok
10:27:44.0157 2184 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\Windows\System32\wlanutil.dll
10:27:44.0157 2184 C:\Windows\System32\wlanutil.dll - ok
10:27:44.0157 2184 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\Windows\System32\msxml6.dll
10:27:44.0157 2184 C:\Windows\System32\msxml6.dll - ok
10:27:44.0173 2184 [ 35ACD5EA63D75E97DD0E9A1629E582B2 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
10:27:44.0173 2184 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll - ok
10:27:44.0188 2184 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\Windows\System32\ktmw32.dll
10:27:44.0188 2184 C:\Windows\System32\ktmw32.dll - ok
10:27:44.0188 2184 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\Windows\System32\taskcomp.dll
10:27:44.0188 2184 C:\Windows\System32\taskcomp.dll - ok
10:27:44.0204 2184 [ F870AA3E254628EBEAFE754108D664DE ] C:\Windows\System32\drivers\http.sys
10:27:44.0204 2184 C:\Windows\System32\drivers\http.sys - ok
10:27:44.0204 2184 [ E79FDA8D320147FDC347C504B3487F87 ] C:\Windows\System32\spoolss.dll
10:27:44.0204 2184 C:\Windows\System32\spoolss.dll - ok
10:27:44.0220 2184 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\Windows\System32\wiarpc.dll
10:27:44.0220 2184 C:\Windows\System32\wiarpc.dll - ok
10:27:44.0235 2184 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\Windows\System32\netcfgx.dll
10:27:44.0235 2184 C:\Windows\System32\netcfgx.dll - ok
10:27:44.0235 2184 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\Windows\System32\drivers\srvnet.sys
10:27:44.0235 2184 C:\Windows\System32\drivers\srvnet.sys - ok
10:27:44.0251 2184 [ B0D12F4344EB2AE96E487D2DF6F74413 ] C:\Windows\System32\FWPUCLNT.DLL
10:27:44.0251 2184 C:\Windows\System32\FWPUCLNT.DLL - ok
10:27:44.0251 2184 [ 35F376253F687BDE63976CCB3F2108CA ] C:\Windows\System32\drivers\bowser.sys
10:27:44.0251 2184 C:\Windows\System32\drivers\bowser.sys - ok
10:27:44.0266 2184 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\Windows\System32\drivers\mpsdrv.sys
10:27:44.0266 2184 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:27:44.0282 2184 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\Windows\System32\MPSSVC.dll
10:27:44.0282 2184 C:\Windows\System32\MPSSVC.dll - ok
10:27:44.0282 2184 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\Windows\System32\drivers\mrxdav.sys
10:27:44.0282 2184 C:\Windows\System32\drivers\mrxdav.sys - ok
10:27:44.0298 2184 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\Windows\System32\drivers\mrxsmb.sys
10:27:44.0298 2184 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:27:44.0298 2184 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\Windows\System32\drivers\mrxsmb10.sys
10:27:44.0298 2184 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:27:44.0313 2184 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\Windows\System32\drivers\mrxsmb20.sys
10:27:44.0313 2184 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:27:44.0329 2184 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\Windows\System32\drivers\srv2.sys
10:27:44.0329 2184 C:\Windows\System32\drivers\srv2.sys - ok
10:27:44.0329 2184 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\Windows\System32\drivers\srv.sys
10:27:44.0329 2184 C:\Windows\System32\drivers\srv.sys - ok
10:27:44.0344 2184 [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
10:27:44.0344 2184 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
10:27:44.0360 2184 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\Windows\System32\wscapi.dll
10:27:44.0360 2184 C:\Windows\System32\wscapi.dll - ok
10:27:44.0360 2184 [ A324D72A06C110152E7607745F39BFA1 ] C:\Windows\System32\netmsg.dll
10:27:44.0360 2184 C:\Windows\System32\netmsg.dll - ok
10:27:44.0376 2184 [ 452341E471D2D961229DFE0842957272 ] C:\Windows\System32\sscore.dll
10:27:44.0376 2184 C:\Windows\System32\sscore.dll - ok
10:27:44.0376 2184 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\Windows\System32\clusapi.dll
10:27:44.0376 2184 C:\Windows\System32\clusapi.dll - ok
10:27:44.0391 2184 [ 0745D6EAD386710110817FBEC03F5161 ] C:\Windows\System32\wfapigp.dll
10:27:44.0391 2184 C:\Windows\System32\wfapigp.dll - ok
10:27:44.0407 2184 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\Windows\System32\activeds.dll
10:27:44.0407 2184 C:\Windows\System32\activeds.dll - ok
10:27:44.0407 2184 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\Windows\System32\mscms.dll
10:27:44.0407 2184 C:\Windows\System32\mscms.dll - ok
10:27:44.0422 2184 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\Windows\System32\adsldpc.dll
10:27:44.0422 2184 C:\Windows\System32\adsldpc.dll - ok
10:27:44.0422 2184 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\Windows\System32\credui.dll
10:27:44.0422 2184 C:\Windows\System32\credui.dll - ok
10:27:44.0438 2184 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\Windows\System32\resutils.dll
10:27:44.0438 2184 C:\Windows\System32\resutils.dll - ok
10:27:44.0438 2184 [ 1311171CF8F6D2954441EF2A42693035 ] C:\Windows\System32\WsmRes.dll
10:27:44.0438 2184 C:\Windows\System32\WsmRes.dll - ok
10:27:44.0454 2184 [ E230F3776F373F4C5E788794B53101E4 ] C:\Windows\System32\plasrv.exe
10:27:44.0454 2184 C:\Windows\System32\plasrv.exe - ok
10:27:44.0454 2184 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\Windows\System32\drivers\parport.sys
10:27:44.0454 2184 C:\Windows\System32\drivers\parport.sys - ok
10:27:44.0469 2184 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\Windows\System32\p2pcollab.dll
10:27:44.0469 2184 C:\Windows\System32\p2pcollab.dll - ok
10:27:44.0485 2184 [ DBAFC6734C054FEEF9087754BD80F847 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
10:27:44.0485 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe - ok
10:27:44.0485 2184 [ CC1959AB3929997F4198AA69C854086F ] C:\Windows\System32\regsvr32.exe
10:27:44.0485 2184 C:\Windows\System32\regsvr32.exe - ok
10:27:44.0500 2184 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\Windows\System32\shimeng.dll
10:27:44.0500 2184 C:\Windows\System32\shimeng.dll - ok
10:27:44.0500 2184 [ FD647CA82ACF232DBE5F20345647B948 ] C:\Windows\AppPatch\AcGenral.dll
10:27:44.0500 2184 C:\Windows\AppPatch\AcGenral.dll - ok
10:27:44.0516 2184 [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
10:27:44.0516 2184 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
10:27:44.0532 2184 [ DA887F28054D78EE8637BEBB924A2DB5 ] C:\Windows\System32\slwga.dll
10:27:44.0532 2184 C:\Windows\System32\slwga.dll - ok
10:27:44.0532 2184 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\Windows\System32\sfc.dll
10:27:44.0532 2184 C:\Windows\System32\sfc.dll - ok
10:27:44.0547 2184 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\Windows\System32\sfc_os.dll
10:27:44.0547 2184 C:\Windows\System32\sfc_os.dll - ok
10:27:44.0547 2184 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\Windows\System32\dwmapi.dll
10:27:44.0547 2184 C:\Windows\System32\dwmapi.dll - ok
10:27:44.0563 2184 [ 2B782A59BE3DD3970E9824D0CACE75A3 ] C:\Program Files\HP\QuickPlay\REGX.dll
10:27:44.0563 2184 C:\Program Files\HP\QuickPlay\REGX.dll - ok
10:27:44.0563 2184 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\HP\QuickPlay\msvcp71.dll
10:27:44.0563 2184 C:\Program Files\HP\QuickPlay\msvcp71.dll - ok
10:27:44.0578 2184 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\HP\QuickPlay\msvcr71.dll
10:27:44.0578 2184 C:\Program Files\HP\QuickPlay\msvcr71.dll - ok
10:27:44.0578 2184 [ 467A3B03E924B7B7EDD16D34740574B0 ] C:\Windows\regedit.exe
10:27:44.0578 2184 C:\Windows\regedit.exe - ok
10:27:44.0594 2184 [ 09C91E1F199C53E1114396B59B3B4D9E ] C:\Windows\System32\aclui.dll
10:27:44.0594 2184 C:\Windows\System32\aclui.dll - ok
10:27:44.0610 2184 [ 91E6B2F642DC66C7519EF55C4BA5C9F1 ] C:\Windows\System32\clb.dll
10:27:44.0610 2184 C:\Windows\System32\clb.dll - ok
10:27:44.0610 2184 [ 5C9541EFCE477BFCFFD0EF9B1A175457 ] C:\Windows\System32\ulib.dll
10:27:44.0610 2184 C:\Windows\System32\ulib.dll - ok
10:27:44.0625 2184 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\Windows\System32\vssapi.dll
10:27:44.0625 2184 C:\Windows\System32\vssapi.dll - ok
10:27:44.0625 2184 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\Windows\System32\shfolder.dll
10:27:44.0625 2184 C:\Windows\System32\shfolder.dll - ok
10:27:44.0641 2184 [ 10D08460D2415B38D4179D91A6AE3A25 ] C:\Windows\System32\drivers\css-dvp.sys
10:27:44.0641 2184 C:\Windows\System32\drivers\css-dvp.sys - ok
10:27:44.0641 2184 [ 1E9B9A70D332103C52995E957DC09EF8 ] C:\Windows\System32\drivers\fastfat.sys
10:27:44.0641 2184 C:\Windows\System32\drivers\fastfat.sys - ok
10:27:44.0656 2184 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\Windows\System32\taskschd.dll
10:27:44.0656 2184 C:\Windows\System32\taskschd.dll - ok
10:27:44.0672 2184 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\Windows\System32\vsstrace.dll
10:27:44.0672 2184 C:\Windows\System32\vsstrace.dll - ok
10:27:44.0672 2184 [ 09469B8EDD2755143FDA06867AAD7E73 ] C:\Windows\System32\cryptnet.dll
10:27:44.0672 2184 C:\Windows\System32\cryptnet.dll - ok
10:27:44.0688 2184 [ EC760B0B76A4353DE49D66520EB2141F ] C:\Windows\System32\SensApi.dll
10:27:44.0688 2184 C:\Windows\System32\SensApi.dll - ok
10:27:44.0703 2184 [ 68C9A40EA00417DF63F541FD8DFA65A1 ] C:\Program Files\Common Files\Command Software\dvpapi.exe
10:27:44.0703 2184 C:\Program Files\Common Files\Command Software\dvpapi.exe - ok
10:27:44.0703 2184 [ E659A28BF18544943CB052B7EA154C66 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
10:27:44.0703 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
10:27:44.0719 2184 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\Windows\System32\mfc42.dll
10:27:44.0719 2184 C:\Windows\System32\mfc42.dll - ok
10:27:44.0719 2184 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\Windows\System32\wdscore.dll
10:27:44.0719 2184 C:\Windows\System32\wdscore.dll - ok
10:27:44.0734 2184 [ 3EE4A63539EC04EE2D4BD293985087AB ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:27:44.0734 2184 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
10:27:44.0734 2184 [ 582F2D900A3AC34C98FBDC2C0ABEF6B9 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
10:27:44.0734 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
10:27:44.0750 2184 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\Windows\System32\msi.dll
10:27:44.0750 2184 C:\Windows\System32\msi.dll - ok
10:27:44.0766 2184 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\Windows\System32\WSDApi.dll
10:27:44.0766 2184 C:\Windows\System32\WSDApi.dll - ok
10:27:44.0766 2184 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\Windows\System32\httpapi.dll
10:27:44.0766 2184 C:\Windows\System32\httpapi.dll - ok
10:27:44.0781 2184 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\Windows\System32\fundisc.dll
10:27:44.0781 2184 C:\Windows\System32\fundisc.dll - ok
10:27:44.0781 2184 [ 862363973DCBCC31DD161EF41A69153C ] C:\Windows\System32\odbc32.dll
10:27:44.0781 2184 C:\Windows\System32\odbc32.dll - ok
10:27:44.0797 2184 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\Windows\System32\winspool.drv
10:27:44.0797 2184 C:\Windows\System32\winspool.drv - ok
10:27:44.0797 2184 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\Windows\System32\msxml3.dll
10:27:44.0797 2184 C:\Windows\System32\msxml3.dll - ok
10:27:44.0812 2184 [ E9E95E7B9527F9899E6DEDEAD894C574 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
10:27:44.0812 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
10:27:44.0812 2184 [ 559C9B7800FAC92FC515CD0003D7C631 ] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:27:44.0828 2184 C:\Program Files\Common Files\LightScribe\LSSrvc.exe - ok
10:27:44.0828 2184 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\Windows\System32\msvcp60.dll
10:27:44.0828 2184 C:\Windows\System32\msvcp60.dll - ok
10:27:44.0844 2184 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\Windows\System32\odbcint.dll
10:27:44.0844 2184 C:\Windows\System32\odbcint.dll - ok
10:27:44.0844 2184 [ C54A3E18BF80661104803DBDD929617B ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
10:27:44.0844 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
10:27:44.0859 2184 [ 938437451AFFAE8F76E0145D81D7960C ] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
10:27:44.0859 2184 C:\Program Files\Common Files\LightScribe\LSSProxy.dll - ok
10:27:44.0875 2184 [ 5B973EA48E154C83ADF42D0A0F57BB29 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
10:27:44.0875 2184 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
10:27:44.0875 2184 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:27:44.0875 2184 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:27:44.0875 2184 [ CF259D14E763F6EF88767655F9D64D0E ] C:\Program Files\Common Files\LightScribe\LSLog.dll
10:27:44.0875 2184 C:\Program Files\Common Files\LightScribe\LSLog.dll - ok
10:27:44.0890 2184 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:27:44.0890 2184 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:27:44.0906 2184 [ 4F74184920B2D6E33024409B4C5C57C1 ] C:\Program Files\Common Files\Motive\McciCMService.exe
10:27:44.0906 2184 C:\Program Files\Common Files\Motive\McciCMService.exe - ok
10:27:44.0906 2184 [ 6E13D9C64AAF6644B347A9F30F9D63A2 ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll
10:27:44.0906 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
10:27:44.0922 2184 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\Windows\System32\msiltcfg.dll
10:27:44.0922 2184 C:\Windows\System32\msiltcfg.dll - ok
10:27:44.0922 2184 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\Windows\System32\wbemcomn.dll
10:27:44.0922 2184 C:\Windows\System32\wbemcomn.dll - ok
10:27:44.0937 2184 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\Windows\System32\wbem\wbemprox.dll
10:27:44.0937 2184 C:\Windows\System32\wbem\wbemprox.dll - ok
10:27:44.0953 2184 [ 832E098BCA8235436FE2D8AE50AC3718 ] C:\Windows\System32\drivers\NisDrvWFP.sys
10:27:44.0953 2184 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
10:27:44.0953 2184 [ 50ABE7CDA2DAE898216121D14092C182 ] C:\Windows\System32\WMVCORE.DLL
10:27:44.0953 2184 C:\Windows\System32\WMVCORE.DLL - ok
10:27:44.0968 2184 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\Windows\System32\ncsi.dll
10:27:44.0968 2184 C:\Windows\System32\ncsi.dll - ok
10:27:44.0968 2184 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\Windows\System32\cfgmgr32.dll
10:27:44.0968 2184 C:\Windows\System32\cfgmgr32.dll - ok
10:27:44.0984 2184 [ 22F73612087430A94DBE912AB58E0C79 ] C:\Windows\System32\ci.dll
10:27:44.0984 2184 C:\Windows\System32\ci.dll - ok
10:27:44.0984 2184 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\Windows\System32\drivers\PEAuth.sys
10:27:44.0984 2184 C:\Windows\System32\drivers\PEAuth.sys - ok
10:27:45.0000 2184 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
10:27:45.0000 2184 C:\Windows\System32\drivers\secdrv.sys - ok
10:27:45.0000 2184 [ D0494460421A03CD5225CCA0059AA146 ] C:\Windows\System32\IPSECSVC.DLL
10:27:45.0000 2184 C:\Windows\System32\IPSECSVC.DLL - ok
10:27:45.0015 2184 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\Windows\System32\ssdpapi.dll
10:27:45.0015 2184 C:\Windows\System32\ssdpapi.dll - ok
10:27:45.0015 2184 [ CD21572F83F7EC6E2C20C465967BEDD9 ] C:\Windows\System32\drivers\tcpipreg.sys
10:27:45.0015 2184 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:27:45.0031 2184 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\Windows\System32\FwRemoteSvr.dll
10:27:45.0031 2184 C:\Windows\System32\FwRemoteSvr.dll - ok
10:27:45.0046 2184 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\Windows\System32\wiatrace.dll
10:27:45.0046 2184 C:\Windows\System32\wiatrace.dll - ok
10:27:45.0046 2184 [ 36CCD8A79539C4ACE3BABE09C2CFBA16 ] C:\Windows\System32\WMASF.DLL
10:27:45.0046 2184 C:\Windows\System32\WMASF.DLL - ok
10:27:45.0062 2184 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\Windows\System32\msdmo.dll
10:27:45.0062 2184 C:\Windows\System32\msdmo.dll - ok
10:27:45.0062 2184 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\Windows\System32\devenum.dll
10:27:45.0062 2184 C:\Windows\System32\devenum.dll - ok
10:27:45.0078 2184 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\Windows\System32\wsdchngr.dll
10:27:45.0078 2184 C:\Windows\System32\wsdchngr.dll - ok
10:27:45.0078 2184 [ 0C84B6AFFA7486422235584110D7176F ] C:\Windows\System32\icaapi.dll
10:27:45.0078 2184 C:\Windows\System32\icaapi.dll - ok
10:27:45.0093 2184 [ 928C90E02E05244D2290C1551DF732C8 ] C:\Windows\System32\avicap32.dll
10:27:45.0093 2184 C:\Windows\System32\avicap32.dll - ok
10:27:45.0109 2184 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\Windows\System32\msvfw32.dll
10:27:45.0109 2184 C:\Windows\System32\msvfw32.dll - ok
10:27:45.0109 2184 [ C411C80F90D6732380352B98B37BBD53 ] C:\Windows\System32\winrnr.dll
10:27:45.0109 2184 C:\Windows\System32\winrnr.dll - ok
10:27:45.0124 2184 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\Windows\System32\rasadhlp.dll
10:27:45.0124 2184 C:\Windows\System32\rasadhlp.dll - ok
10:27:45.0124 2184 [ 65C092EF598DCCA1D665D52F06829512 ] C:\Windows\System32\vfwwdm32.dll
10:27:45.0124 2184 C:\Windows\System32\vfwwdm32.dll - ok
10:27:45.0140 2184 [ 0BBA784F01BF8F78FF8237C598A9CE53 ] C:\Windows\System32\wshrm.dll
10:27:45.0140 2184 C:\Windows\System32\wshrm.dll - ok
10:27:45.0140 2184 [ DEB9D08750423069647C3A066CEC7A1B ] C:\Windows\System32\tquery.dll
10:27:45.0140 2184 C:\Windows\System32\tquery.dll - ok
10:27:45.0156 2184 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:27:45.0156 2184 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:27:45.0156 2184 [ 2205A220A264E8C8B86492BF3D112907 ] C:\Windows\System32\PortableDeviceApi.dll
10:27:45.0156 2184 C:\Windows\System32\PortableDeviceApi.dll - ok
10:27:45.0171 2184 [ B53BD9E63867CD9FD853F666CA172713 ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:27:45.0171 2184 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:27:45.0187 2184 [ 218B73EA8341EA9FDF018D43052E790A ] C:\Windows\System32\mssrch.dll
10:27:45.0187 2184 C:\Windows\System32\mssrch.dll - ok
10:27:45.0187 2184 [ 4934241CD20AC87D78121352E3BA8318 ] C:\Windows\System32\dbghelp.dll
10:27:45.0187 2184 C:\Windows\System32\dbghelp.dll - ok
10:27:45.0202 2184 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\Windows\System32\localspl.dll
10:27:45.0202 2184 C:\Windows\System32\localspl.dll - ok
10:27:45.0202 2184 [ E582816A4855914DEFFC212E12B3B744 ] C:\Windows\System32\wsock32.dll
10:27:45.0202 2184 C:\Windows\System32\wsock32.dll - ok
10:27:45.0218 2184 [ 04C1DCBB226C6AE647B794833CE3CEB6 ] C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:27:45.0218 2184 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe - ok
10:27:45.0234 2184 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\Windows\System32\msidle.dll
10:27:45.0234 2184 C:\Windows\System32\msidle.dll - ok
10:27:45.0234 2184 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\Windows\System32\wbem\wbemcore.dll
10:27:45.0234 2184 C:\Windows\System32\wbem\wbemcore.dll - ok
10:27:45.0249 2184 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\Windows\System32\wbem\esscli.dll
10:27:45.0249 2184 C:\Windows\System32\wbem\esscli.dll - ok
10:27:45.0249 2184 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\Windows\System32\netprofm.dll
10:27:45.0249 2184 C:\Windows\System32\netprofm.dll - ok
10:27:45.0265 2184 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\Windows\System32\Query.dll
10:27:45.0265 2184 C:\Windows\System32\Query.dll - ok
10:27:45.0265 2184 [ 3183BFA7BDF50662F9094BC720EB7AF9 ] C:\Windows\System32\hpzll5ha.dll
10:27:45.0265 2184 C:\Windows\System32\hpzll5ha.dll - ok
10:27:45.0280 2184 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\Windows\System32\wbem\fastprox.dll
10:27:45.0280 2184 C:\Windows\System32\wbem\fastprox.dll - ok
10:27:45.0296 2184 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\Windows\System32\npmproxy.dll
10:27:45.0296 2184 C:\Windows\System32\npmproxy.dll - ok
10:27:45.0296 2184 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\Windows\System32\wbem\wbemsvc.dll
10:27:45.0296 2184 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:27:45.0312 2184 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\Windows\System32\sqmapi.dll
10:27:45.0312 2184 C:\Windows\System32\sqmapi.dll - ok
10:27:45.0312 2184 [ C52CE534397E1D3A442FB4C88A3CBE42 ] C:\Windows\System32\msonpmon.dll
10:27:45.0312 2184 C:\Windows\System32\msonpmon.dll - ok
10:27:45.0327 2184 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\Windows\System32\tcpmon.dll
10:27:45.0327 2184 C:\Windows\System32\tcpmon.dll - ok
10:27:45.0327 2184 [ 1D6B95871DC006190964B04E5657E35F ] C:\Windows\System32\rastapi.dll
10:27:45.0327 2184 C:\Windows\System32\rastapi.dll - ok
10:27:45.0343 2184 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\Windows\System32\snmpapi.dll
10:27:45.0343 2184 C:\Windows\System32\snmpapi.dll - ok
10:27:45.0343 2184 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\Windows\System32\wbem\wmiutils.dll
10:27:45.0343 2184 C:\Windows\System32\wbem\wmiutils.dll - ok
10:27:45.0358 2184 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\Windows\System32\wsnmp32.dll
10:27:45.0358 2184 C:\Windows\System32\wsnmp32.dll - ok
10:27:45.0358 2184 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\Windows\System32\wbem\repdrvfs.dll
10:27:45.0358 2184 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:27:45.0374 2184 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\Windows\System32\mgmtapi.dll
10:27:45.0374 2184 C:\Windows\System32\mgmtapi.dll - ok
10:27:45.0390 2184 [ 5091452DC719281CF1DD69367E13B494 ] C:\Windows\System32\tcpmib.dll
10:27:45.0390 2184 C:\Windows\System32\tcpmib.dll - ok
10:27:45.0390 2184 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\Windows\System32\usbmon.dll
10:27:45.0390 2184 C:\Windows\System32\usbmon.dll - ok
10:27:45.0405 2184 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\Windows\System32\WSDMon.dll
10:27:45.0405 2184 C:\Windows\System32\WSDMon.dll - ok
10:27:45.0405 2184 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:27:45.0405 2184 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:27:45.0405 2184 [ A609A192E98934A8D352704C99AB8577 ] C:\Windows\System32\wbem\wbemess.dll
10:27:45.0405 2184 C:\Windows\System32\wbem\wbemess.dll - ok
10:27:45.0421 2184 [ D0E39177C896D2F8191A9C96636276DF ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll
10:27:45.0421 2184 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
10:27:45.0436 2184 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
10:27:45.0436 2184 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
10:27:45.0436 2184 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\Windows\System32\unimdm.tsp
10:27:45.0436 2184 C:\Windows\System32\unimdm.tsp - ok
10:27:45.0452 2184 [ C90B296C43EDD9DD1751AD3B590ACDE6 ] C:\Windows\System32\win32spl.dll
10:27:45.0452 2184 C:\Windows\System32\win32spl.dll - ok
10:27:45.0452 2184 [ A952D0DED445F26AEFCF593A935AB300 ] C:\Windows\System32\hnetcfg.dll
10:27:45.0452 2184 C:\Windows\System32\hnetcfg.dll - ok
10:27:45.0468 2184 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\Windows\System32\taskeng.exe
10:27:45.0468 2184 C:\Windows\System32\taskeng.exe - ok
10:27:45.0483 2184 [ 4BF053944E973C073339BE841C9ECF28 ] C:\Windows\System32\netrap.dll
10:27:45.0483 2184 C:\Windows\System32\netrap.dll - ok
10:27:45.0483 2184 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\Windows\System32\uniplat.dll
10:27:45.0483 2184 C:\Windows\System32\uniplat.dll - ok
10:27:45.0499 2184 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\Windows\System32\inetpp.dll
10:27:45.0499 2184 C:\Windows\System32\inetpp.dll - ok
10:27:45.0499 2184 [ E340845C8E96D107C36420065D7A5733 ] C:\Windows\System32\printcom.dll
10:27:45.0499 2184 C:\Windows\System32\printcom.dll - ok
10:27:45.0514 2184 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\Windows\System32\TSChannel.dll
10:27:45.0514 2184 C:\Windows\System32\TSChannel.dll - ok
10:27:45.0514 2184 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\Windows\System32\pautoenr.dll
10:27:45.0514 2184 C:\Windows\System32\pautoenr.dll - ok
10:27:45.0530 2184 [ 0B71899E60D1265229BF3D080EAB573D ] C:\Windows\System32\unimdmat.dll
10:27:45.0530 2184 C:\Windows\System32\unimdmat.dll - ok
10:27:45.0530 2184 [ 2E837F3D406224DF131C34BC8F71621E ] C:\Windows\System32\modemui.dll
10:27:45.0530 2184 C:\Windows\System32\modemui.dll - ok
10:27:45.0546 2184 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\Windows\System32\en-US\tquery.dll.mui
10:27:45.0546 2184 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:27:45.0561 2184 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:27:45.0561 2184 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:27:45.0561 2184 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\Windows\System32\esent.dll
10:27:45.0561 2184 C:\Windows\System32\esent.dll - ok
10:27:45.0577 2184 [ 953193A9DEA40348C1086D171F6440AE ] C:\Windows\System32\kmddsp.tsp
10:27:45.0577 2184 C:\Windows\System32\kmddsp.tsp - ok
10:27:45.0577 2184 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\Windows\System32\ndptsp.tsp
10:27:45.0577 2184 C:\Windows\System32\ndptsp.tsp - ok
10:27:45.0592 2184 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\Windows\System32\hidphone.tsp
10:27:45.0592 2184 C:\Windows\System32\hidphone.tsp - ok
10:27:45.0592 2184 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\Windows\System32\wbem\wmipcima.dll
10:27:45.0592 2184 C:\Windows\System32\wbem\wmipcima.dll - ok
10:27:45.0608 2184 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\Windows\System32\framedynos.dll
10:27:45.0608 2184 C:\Windows\System32\framedynos.dll - ok
10:27:45.0608 2184 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\Windows\System32\msscb.dll
10:27:45.0608 2184 C:\Windows\System32\msscb.dll - ok
10:27:45.0624 2184 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\Windows\System32\rasppp.dll
10:27:45.0624 2184 C:\Windows\System32\rasppp.dll - ok
10:27:45.0624 2184 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\Windows\System32\mprapi.dll
10:27:45.0624 2184 C:\Windows\System32\mprapi.dll - ok
10:27:45.0639 2184 [ 769D027B977CED05658C85E698D3C5B1 ] C:\Windows\System32\QUTIL.DLL
10:27:45.0639 2184 C:\Windows\System32\QUTIL.DLL - ok
10:27:45.0639 2184 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\Windows\System32\rasqec.dll
10:27:45.0639 2184 C:\Windows\System32\rasqec.dll - ok
10:27:45.0655 2184 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\Windows\System32\cryptui.dll
10:27:45.0655 2184 C:\Windows\System32\cryptui.dll - ok
10:27:45.0655 2184 [ E98E402067978DB38282158F9E8609CA ] C:\Windows\System32\netshell.dll
10:27:45.0655 2184 C:\Windows\System32\netshell.dll - ok
10:27:45.0670 2184 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\Windows\System32\certcli.dll
10:27:45.0670 2184 C:\Windows\System32\certcli.dll - ok
10:27:45.0670 2184 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\Windows\System32\CertEnroll.dll
10:27:45.0670 2184 C:\Windows\System32\CertEnroll.dll - ok
10:27:45.0670 2184 [ E67F8F036FD882E4AB62501C0D45B536 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
10:27:45.0670 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe - ok
10:27:45.0686 2184 [ 21BE62F0715126A3293CE8F7A0BEC0A6 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
10:27:45.0686 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
10:27:45.0686 2184 [ 03584231033AD0CA5D89865480A1600C ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
10:27:45.0686 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll - ok
10:27:45.0702 2184 [ 1B593FBB763150BD225DF266C69A9329 ] C:\Windows\System32\mfc42u.dll
10:27:45.0702 2184 C:\Windows\System32\mfc42u.dll - ok
10:27:45.0702 2184 [ C43DECDAC58C0A43E0376A216590F40A ] C:\Windows\System32\quartz.dll
10:27:45.0702 2184 C:\Windows\System32\quartz.dll - ok
10:27:45.0717 2184 [ 1D0D0D971AC0392096219DF8BC0256B8 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
10:27:45.0717 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
10:27:45.0733 2184 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\Windows\System32\dxva2.dll
10:27:45.0733 2184 C:\Windows\System32\dxva2.dll - ok
10:27:45.0733 2184 [ E570ECA850F30EB740C2E9699DF3D2BD ] C:\Program Files\Microsoft Security Client\NisSrv.exe
10:27:45.0733 2184 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
10:27:45.0748 2184 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\Windows\System32\dllhost.exe
10:27:45.0748 2184 C:\Windows\System32\dllhost.exe - ok
10:27:45.0748 2184 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\Windows\System32\qcap.dll
10:27:45.0748 2184 C:\Windows\System32\qcap.dll - ok
10:27:45.0764 2184 [ 3E81E93CBAD69FD0112F88148913B5FC ] C:\Program Files\Microsoft Security Client\NisLog.dll
10:27:45.0764 2184 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
10:27:45.0764 2184 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\Windows\System32\ksproxy.ax
10:27:45.0764 2184 C:\Windows\System32\ksproxy.ax - ok
10:27:45.0780 2184 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\Windows\System32\d3d9.dll
10:27:45.0780 2184 C:\Windows\System32\d3d9.dll - ok
10:27:45.0795 2184 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\Windows\System32\diagperf.dll
10:27:45.0795 2184 C:\Windows\System32\diagperf.dll - ok
10:27:45.0795 2184 [ FEA6D21F78922D641A0C9346D885133B ] C:\Windows\System32\mssprxy.dll
10:27:45.0795 2184 C:\Windows\System32\mssprxy.dll - ok
10:27:45.0811 2184 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\Windows\System32\userinit.exe
10:27:45.0811 2184 C:\Windows\System32\userinit.exe - ok
10:27:45.0811 2184 [ F0062778F50838145AC46B384FFB4FA3 ] C:\Windows\System32\pcadm.dll
10:27:45.0811 2184 C:\Windows\System32\pcadm.dll - ok
10:27:45.0826 2184 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\Windows\System32\HotStartUserAgent.dll
10:27:45.0826 2184 C:\Windows\System32\HotStartUserAgent.dll - ok
10:27:45.0826 2184 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\Windows\System32\PlaySndSrv.dll
10:27:45.0826 2184 C:\Windows\System32\PlaySndSrv.dll - ok
10:27:45.0842 2184 [ D80C6539C00CB4F5D59066865479C308 ] C:\Windows\System32\dwmredir.dll
10:27:45.0842 2184 C:\Windows\System32\dwmredir.dll - ok
10:27:45.0842 2184 [ C99403A5B641520DAED0021DDA06F272 ] C:\Windows\System32\milcore.dll
10:27:45.0842 2184 C:\Windows\System32\milcore.dll - ok
10:27:45.0858 2184 [ 43E1054C713C48D252A1826C5E14AACA ] C:\Windows\System32\MsCtfMonitor.dll
10:27:45.0858 2184 C:\Windows\System32\MsCtfMonitor.dll - ok
10:27:45.0873 2184 [ C6DA42ADA0C5FC8CB05744229D632B47 ] C:\Windows\System32\msutb.dll
10:27:45.0873 2184 C:\Windows\System32\msutb.dll - ok
10:27:45.0873 2184 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\Windows\explorer.exe
10:27:45.0873 2184 C:\Windows\explorer.exe - ok
10:27:45.0889 2184 [ 38D6B51F04DEF7FB248FA56E4C47407E ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:27:45.0889 2184 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
10:27:45.0889 2184 [ 4EBC60E4209A9491CE1DEFE1538CEBE8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
10:27:45.0889 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
10:27:45.0904 2184 [ 21322832C99E8DE85BD047689A2A69DB ] C:\Windows\System32\pnpts.dll
10:27:45.0904 2184 C:\Windows\System32\pnpts.dll - ok
10:27:45.0904 2184 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\Windows\System32\d3d8thk.dll
10:27:45.0904 2184 C:\Windows\System32\d3d8thk.dll - ok
10:27:45.0904 2184 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\Windows\System32\vidcap.ax
10:27:45.0920 2184 C:\Windows\System32\vidcap.ax - ok
10:27:45.0920 2184 [ 37722C57489F36565C4DDC2752AAFABD ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
10:27:45.0920 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
10:27:45.0920 2184 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\Windows\System32\Kswdmcap.ax
10:27:45.0920 2184 C:\Windows\System32\Kswdmcap.ax - ok
10:27:45.0936 2184 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\Windows\System32\drivers\mspqm.sys
10:27:45.0936 2184 C:\Windows\System32\drivers\mspqm.sys - ok
10:27:45.0936 2184 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\Windows\System32\TMM.dll
10:27:45.0936 2184 C:\Windows\System32\TMM.dll - ok
10:27:45.0951 2184 [ 34F0C5CBA3C2759B5B968A0F187AF85A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
10:27:45.0951 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
10:27:45.0951 2184 [ C9FC759D903B3ED249ACEC90678FB015 ] C:\Windows\System32\igdumd32.dll
10:27:45.0951 2184 C:\Windows\System32\igdumd32.dll - ok
10:27:45.0967 2184 [ 2BEDD3CBCD02A3CD62481E8DF1A792C2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
10:27:45.0967 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
10:27:45.0967 2184 [ DF17A55C5CED22F73949FB283CE836B0 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8793329C-FC6C-4DF8-A1A8-FFB56A9EF30B}\gapaengine.dll
10:27:45.0967 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8793329C-FC6C-4DF8-A1A8-FFB56A9EF30B}\gapaengine.dll - ok
10:27:45.0982 2184 [ BD3472750E35D4735EF202FD5A06D76A ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
10:27:45.0982 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
10:27:45.0982 2184 [ CD1EAE1495B7A95E280CD433850A81B8 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
10:27:45.0982 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
10:27:45.0998 2184 [ 66755EBF4768FAB6E12CEA6BD85738CD ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
10:27:45.0998 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
10:27:45.0998 2184 [ C7C70AE1DE8F0FCC8F2431C5D15632DF ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
10:27:45.0998 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe - ok
10:27:46.0014 2184 [ 639968DB8053498B00539D8018BD19DC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8793329C-FC6C-4DF8-A1A8-FFB56A9EF30B}\nisfull.vdm
10:27:46.0014 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8793329C-FC6C-4DF8-A1A8-FFB56A9EF30B}\nisfull.vdm - ok
10:27:46.0014 2184 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\Windows\System32\shdocvw.dll
10:27:46.0014 2184 C:\Windows\System32\shdocvw.dll - ok
10:27:46.0029 2184 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\Windows\System32\uDWM.dll
10:27:46.0029 2184 C:\Windows\System32\uDWM.dll - ok
10:27:46.0029 2184 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\Windows\System32\QAGENT.DLL
10:27:46.0029 2184 C:\Windows\System32\QAGENT.DLL - ok
10:27:46.0045 2184 [ 66397A699206CF9A5F9C66A79B978125 ] C:\Windows\System32\igfxTMM.dll
10:27:46.0045 2184 C:\Windows\System32\igfxTMM.dll - ok
10:27:46.0045 2184 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\Windows\System32\browseui.dll
10:27:46.0045 2184 C:\Windows\System32\browseui.dll - ok
10:27:46.0060 2184 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\Windows\System32\EhStorShell.dll
10:27:46.0060 2184 C:\Windows\System32\EhStorShell.dll - ok
10:27:46.0060 2184 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\Windows\System32\imageres.dll
10:27:46.0060 2184 C:\Windows\System32\imageres.dll - ok
10:27:46.0060 2184 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\Windows\System32\IconCodecService.dll
10:27:46.0060 2184 C:\Windows\System32\IconCodecService.dll - ok
10:27:46.0076 2184 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
10:27:46.0076 2184 C:\Windows\System32\ie4uinit.exe - ok
10:27:46.0076 2184 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
10:27:46.0076 2184 C:\Windows\System32\iedkcs32.dll - ok
10:27:46.0092 2184 [ 4B19A9A4191353007E9819A832B81186 ] C:\Windows\System32\timedate.cpl
10:27:46.0092 2184 C:\Windows\System32\timedate.cpl - ok
10:27:46.0092 2184 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\Windows\System32\actxprxy.dll
10:27:46.0092 2184 C:\Windows\System32\actxprxy.dll - ok
10:27:46.0107 2184 [ EA09309BE370C75E1393A5AAFFB8DD31 ] C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
10:27:46.0107 2184 C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll - ok
10:27:46.0107 2184 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\Windows\System32\msshsq.dll
10:27:46.0107 2184 C:\Windows\System32\msshsq.dll - ok
10:27:46.0123 2184 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\Windows\System32\NaturalLanguage6.dll
10:27:46.0123 2184 C:\Windows\System32\NaturalLanguage6.dll - ok
10:27:46.0123 2184 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\Windows\System32\NlsData0009.dll
10:27:46.0123 2184 C:\Windows\System32\NlsData0009.dll - ok
10:27:46.0138 2184 [ 8629B71343F61E1140243581C63BC0C7 ] C:\Windows\System32\NlsLexicons0009.dll
10:27:46.0138 2184 C:\Windows\System32\NlsLexicons0009.dll - ok
10:27:46.0138 2184 [ D922592AB65C5D9B88B30B4510A3464E ] C:\Windows\System32\cscapi.dll
10:27:46.0138 2184 C:\Windows\System32\cscapi.dll - ok
10:27:46.0154 2184 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\Windows\System32\networkexplorer.dll
10:27:46.0154 2184 C:\Windows\System32\networkexplorer.dll - ok
10:27:46.0154 2184 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\Windows\System32\linkinfo.dll
10:27:46.0154 2184 C:\Windows\System32\linkinfo.dll - ok
10:27:46.0170 2184 [ F3870C2935A3B36117EAB30FE389461A ] C:\Windows\System32\igfxdev.dll
10:27:46.0170 2184 C:\Windows\System32\igfxdev.dll - ok
10:27:46.0170 2184 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\Windows\System32\PresentationSettings.exe
10:27:46.0170 2184 C:\Windows\System32\PresentationSettings.exe - ok
10:27:46.0185 2184 [ DFE118C95C6571B87D1923DAB3FA0A77 ] C:\Windows\System32\ieframe.dll
10:27:46.0185 2184 C:\Windows\System32\ieframe.dll - ok
10:27:46.0185 2184 [ 450497C656D16B45EE9D121D64D3289F ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:27:46.0185 2184 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:27:46.0201 2184 [ 5016B8FC59AD616F03813FBE63295081 ] C:\Windows\System32\thumbcache.dll
10:27:46.0201 2184 C:\Windows\System32\thumbcache.dll - ok
10:27:46.0201 2184 [ 6F77B5BA086729378197CAA18DBDCB29 ] C:\Windows\RtHDVCpl.exe
10:27:46.0201 2184 C:\Windows\RtHDVCpl.exe - ok
10:27:46.0216 2184 [ 041AF1711BF3D6BFF12FD9D28F0AC303 ] C:\Program Files\HP\QuickPlay\QPService.exe
10:27:46.0216 2184 C:\Program Files\HP\QuickPlay\QPService.exe - ok
10:27:46.0232 2184 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\Windows\System32\ntshrui.dll
10:27:46.0232 2184 C:\Windows\System32\ntshrui.dll - ok
10:27:46.0232 2184 [ A04BE1DBBA0E554B2F33555CCBA5F969 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
10:27:46.0232 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe - ok
10:27:46.0248 2184 [ 61216539E55DDF2F78E421E7EF140650 ] C:\Windows\System32\ExplorerFrame.dll
10:27:46.0248 2184 C:\Windows\System32\ExplorerFrame.dll - ok
10:27:46.0248 2184 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\Windows\System32\control.exe
10:27:46.0248 2184 C:\Windows\System32\control.exe - ok
10:27:46.0263 2184 [ AF849798ECA383184C88ED436CF3EFB2 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
10:27:46.0263 2184 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
10:27:46.0279 2184 [ FCACE353ACC27780CB513298F916CE95 ] C:\Windows\System32\SynCOM.dll
10:27:46.0279 2184 C:\Windows\System32\SynCOM.dll - ok
10:27:46.0279 2184 [ F533507FE318B46629E84DF630A316F8 ] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
10:27:46.0279 2184 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe - ok
10:27:46.0294 2184 [ 7AF5A466CF4AECA28E3DCBCF5B6FD220 ] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
10:27:46.0294 2184 C:\Program Files\HP\HP Software Update\hpwuSchd2.exe - ok
10:27:46.0310 2184 [ A2D390F1F2408B94EF34BFE3A00C29D3 ] C:\Program Files\Java\jre6\bin\jusched.exe
10:27:46.0310 2184 C:\Program Files\Java\jre6\bin\jusched.exe - ok
10:27:46.0310 2184 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\Windows\System32\dsound.dll
10:27:46.0310 2184 C:\Windows\System32\dsound.dll - ok
10:27:46.0326 2184 [ B5950DF243837D8217F4E597919B224A ] C:\Windows\System32\stobject.dll
10:27:46.0326 2184 C:\Windows\System32\stobject.dll - ok
10:27:46.0326 2184 [ FA2A3AFADC4FB47DBC234A4E57F92CDB ] C:\Windows\System32\ddraw.dll
10:27:46.0326 2184 C:\Windows\System32\ddraw.dll - ok
10:27:46.0341 2184 [ EC69B16644C613F41A57169F8D068F1D ] C:\Windows\System32\batmeter.dll
10:27:46.0341 2184 C:\Windows\System32\batmeter.dll - ok
10:27:46.0341 2184 [ A0E2B368F7A1C70845EEEE5F2855FD0E ] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
10:27:46.0341 2184 C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe - ok
10:27:46.0357 2184 [ 806DB5F4FC5185AFC608E881979CC25F ] C:\Windows\System32\igfxtray.exe
10:27:46.0357 2184 C:\Windows\System32\igfxtray.exe - ok
10:27:46.0357 2184 [ 30F02D9C55053367E26A11482F51E255 ] C:\Windows\System32\SndVolSSO.dll
10:27:46.0357 2184 C:\Windows\System32\SndVolSSO.dll - ok
10:27:46.0372 2184 [ A69630D039C38018689190234F866D77 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\MpKsla4efdb36.sys
10:27:46.0372 2184 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1EAF62-DEBE-48B7-AEFD-870EA2E3E866}\MpKsla4efdb36.sys - ok
10:27:46.0388 2184 [ 21221CD7C7C844F6F0E0B7BC69CBA36B ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
10:27:46.0388 2184 C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
10:27:46.0388 2184 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\Windows\ehome\ehSSO.dll
10:27:46.0388 2184 C:\Windows\ehome\ehSSO.dll - ok
10:27:46.0404 2184 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\Windows\System32\pnidui.dll
10:27:46.0404 2184 C:\Windows\System32\pnidui.dll - ok
10:27:46.0404 2184 [ D4975555E91636FCF4809E51731F80D8 ] C:\Windows\System32\hkcmd.exe
10:27:46.0404 2184 C:\Windows\System32\hkcmd.exe - ok
10:27:46.0419 2184 [ CD12A46AE81306C2F14B19A58E1058B0 ] C:\Windows\System32\igfxpers.exe
10:27:46.0419 2184 C:\Windows\System32\igfxpers.exe - ok
10:27:46.0419 2184 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\Windows\System32\rasdlg.dll
10:27:46.0419 2184 C:\Windows\System32\rasdlg.dll - ok
10:27:46.0435 2184 [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
10:27:46.0435 2184 C:\Program Files\Microsoft Security Client\msseces.exe - ok
10:27:46.0435 2184 [ 26DE50A7F668F541B8130A0E26EFF3D8 ] C:\Program Files\Microsoft Works\MSWorks.exe
10:27:46.0435 2184 C:\Program Files\Microsoft Works\MSWorks.exe - ok
10:27:46.0450 2184 [ 8BEB7107A0CE4BB1C4F7294C377DF3E9 ] C:\Windows\System32\igfxsrvc.exe
10:27:46.0450 2184 C:\Windows\System32\igfxsrvc.exe - ok
10:27:46.0466 2184 [ C6C8DB2C5BE7665768DBE2D50EA13A65 ] C:\Windows\System32\igfxsrvc.dll
10:27:46.0466 2184 C:\Windows\System32\igfxsrvc.dll - ok
10:27:46.0466 2184 [ 9E35FF7F943AE0FB89192BFE058B7FD4 ] C:\Program Files\Windows Sidebar\sidebar.exe
10:27:46.0466 2184 C:\Program Files\Windows Sidebar\sidebar.exe - ok
10:27:46.0482 2184 [ 52766BBAD01607ECA5E5232103FB4883 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
10:27:46.0482 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
10:27:46.0482 2184 [ A466695888C0A53C475CD6D75AECF539 ] C:\Windows\System32\SynTPAPI.dll
10:27:46.0482 2184 C:\Windows\System32\SynTPAPI.dll - ok
10:27:46.0497 2184 [ EF764E33878B3A4A9E5A2FB5D0D031D0 ] C:\Windows\System32\dciman32.dll
10:27:46.0497 2184 C:\Windows\System32\dciman32.dll - ok
10:27:46.0497 2184 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\Windows\System32\oledlg.dll
10:27:46.0497 2184 C:\Windows\System32\oledlg.dll - ok
10:27:46.0513 2184 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\Windows\System32\wlanapi.dll
10:27:46.0513 2184 C:\Windows\System32\wlanapi.dll - ok
10:27:46.0513 2184 [ C37571F7C79C3972D641804F1DF7C0F5 ] C:\Program Files\Microsoft Works\wksdb.exe
10:27:46.0513 2184 C:\Program Files\Microsoft Works\wksdb.exe - ok
10:27:46.0528 2184 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\Windows\System32\mlang.dll
10:27:46.0528 2184 C:\Windows\System32\mlang.dll - ok
10:27:46.0544 2184 [ 54C88BFBD055621E2306534F445C0C8D ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
10:27:46.0544 2184 C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
10:27:46.0544 2184 [ 32732CEDE2A1106B736EF3D84054EE04 ] C:\Program Files\Internet Explorer\iexplore.exe
10:27:46.0544 2184 C:\Program Files\Internet Explorer\iexplore.exe - ok
10:27:46.0560 2184 [ 169C293CE9460A05646D17DC6AA2FB2C ] C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
10:27:46.0560 2184 C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe - ok
10:27:46.0560 2184 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\Windows\System32\AltTab.dll
10:27:46.0560 2184 C:\Windows\System32\AltTab.dll - ok
10:27:46.0575 2184 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\Windows\System32\WPDShServiceObj.dll
10:27:46.0575 2184 C:\Windows\System32\WPDShServiceObj.dll - ok
10:27:46.0575 2184 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\Windows\System32\PortableDeviceTypes.dll
10:27:46.0575 2184 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:27:46.0591 2184 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
10:27:46.0591 2184 C:\Program Files\Windows Mail\WinMail.exe - ok
10:27:46.0606 2184 [ B334B647DD17DB202297245C47B8930B ] C:\Program Files\HP\QuickPlay\QP.exe
10:27:46.0606 2184 C:\Program Files\HP\QuickPlay\QP.exe - ok
10:27:46.0606 2184 [ E8596AFDF876D7D59150802B4E311C05 ] C:\Program Files\HP\QuickPlay\QPManager.exe
10:27:46.0606 2184 C:\Program Files\HP\QuickPlay\QPManager.exe - ok
10:27:46.0622 2184 [ D9E45F2C46FFCB4FB5AF3F6D42327A64 ] C:\Sierra\Planner\PLNRnote.exe
10:27:46.0622 2184 C:\Sierra\Planner\PLNRnote.exe - ok
10:27:46.0622 2184 [ 719BFB48E1CD127D05974DA3DC1D1E6C ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMON_ENU.dll
10:27:46.0622 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\IAAMON_ENU.dll - ok
10:27:46.0638 2184 [ F14219FC767F1383526AB423F278A8E3 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
10:27:46.0638 2184 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - ok
10:27:46.0638 2184 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
10:27:46.0638 2184 C:\Program Files\Windows Calendar\WinCal.exe - ok
10:27:46.0653 2184 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\Windows\System32\srchadmin.dll
10:27:46.0653 2184 C:\Windows\System32\srchadmin.dll - ok
10:27:46.0669 2184 [ 86F047B6AE9C3C7ADE3140B657F00D5A ] C:\Windows\System32\hccutils.dll
10:27:46.0669 2184 C:\Windows\System32\hccutils.dll - ok
10:27:46.0669 2184 [ 10DE220BDFE330073762F89974DB8403 ] C:\Windows\System32\wbem\wmiprov.dll
10:27:46.0669 2184 C:\Windows\System32\wbem\wmiprov.dll - ok
10:27:46.0684 2184 [ 87CDFFCBD09C1CA03A068343D5D93250 ] C:\Windows\System32\wmi.dll
10:27:46.0684 2184 C:\Windows\System32\wmi.dll - ok
10:27:46.0684 2184 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\Windows\System32\cmd.exe
10:27:46.0684 2184 C:\Windows\System32\cmd.exe - ok
10:27:46.0700 2184 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
10:27:46.0700 2184 C:\Windows\System32\webcheck.dll - ok
10:27:46.0700 2184 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\Windows\System32\SyncCenter.dll
10:27:46.0700 2184 C:\Windows\System32\SyncCenter.dll - ok
10:27:46.0716 2184 [ CE0D0B4DC783694E82BAC116CA9C07AF ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll
10:27:46.0716 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll - ok
10:27:46.0731 2184 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
10:27:46.0731 2184 C:\Program Files\Windows Mail\wab.exe - ok
10:27:46.0731 2184 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\Windows\System32\notepad.exe
10:27:46.0731 2184 C:\Windows\System32\notepad.exe - ok
10:27:46.0747 2184 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\Windows\System32\drivers\cdfs.sys
10:27:46.0747 2184 C:\Windows\System32\drivers\cdfs.sys - ok
10:27:46.0762 2184 [ 9B0726A03B790E5B82BED44D24009BEF ] C:\Windows\System32\imapi2.dll
10:27:46.0762 2184 C:\Windows\System32\imapi2.dll - ok
10:27:46.0762 2184 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\Windows\System32\upnp.dll
10:27:46.0762 2184 C:\Windows\System32\upnp.dll - ok
10:27:46.0778 2184 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
10:27:46.0778 2184 C:\Program Files\Movie Maker\DVDMaker.exe - ok
10:27:46.0778 2184 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\Windows\System32\wbem\NCProv.dll
10:27:46.0778 2184 C:\Windows\System32\wbem\NCProv.dll - ok
10:27:46.0794 2184 [ 08904F860B94F29FCF200B623D93389E ] C:\Windows\System32\igfxres.dll
10:27:46.0794 2184 C:\Windows\System32\igfxres.dll - ok
10:27:46.0809 2184 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\Windows\System32\wbem\wbemcons.dll
10:27:46.0809 2184 C:\Windows\System32\wbem\wbemcons.dll - ok
10:27:46.0809 2184 [ B7ED332A57FC78CA29E40D3619550225 ] C:\Windows\ehome\ehshell.exe
10:27:46.0809 2184 C:\Windows\ehome\ehshell.exe - ok
10:27:46.0809 2184 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
10:27:46.0825 2184 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
10:27:46.0825 2184 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
10:27:46.0825 2184 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
10:27:46.0825 2184 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
10:27:46.0825 2184 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
10:27:46.0840 2184 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\Windows\System32\Magnify.exe
10:27:46.0840 2184 C:\Windows\System32\Magnify.exe - ok
10:27:46.0840 2184 [ 069385484EA57B663D688894C88975C5 ] C:\Windows\System32\wuapp.exe
10:27:46.0840 2184 C:\Windows\System32\wuapp.exe - ok
10:27:46.0856 2184 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\Windows\System32\Narrator.exe
10:27:46.0856 2184 C:\Windows\System32\Narrator.exe - ok
10:27:46.0856 2184 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\Windows\System32\osk.exe
10:27:46.0856 2184 C:\Windows\System32\osk.exe - ok
10:27:46.0872 2184 [ F6F1F9773356F02848B33F365F7DDB6E ] C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe
10:27:46.0872 2184 C:\Program Files\HP\Digital Imaging\bin\hpqdirec.exe - ok
10:27:46.0872 2184 [ 8F6F46C64A3621758DDDCC63AD7BA25D ] C:\Program Files\Rhapsody\rhapsody.exe
10:27:46.0872 2184 C:\Program Files\Rhapsody\rhapsody.exe - ok
10:27:46.0887 2184 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\Windows\System32\dot3api.dll
10:27:46.0887 2184 C:\Windows\System32\dot3api.dll - ok
10:27:46.0887 2184 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\Windows\System32\wlanhlp.dll
10:27:46.0887 2184 C:\Windows\System32\wlanhlp.dll - ok
10:27:46.0887 2184 [ 0B5AC46982E77CAF3EC1D55C9AC6AB56 ] C:\Windows\System32\wscntfy.dll
10:27:46.0887 2184 C:\Windows\System32\wscntfy.dll - ok
10:27:46.0903 2184 [ A729A608191D98E9239663D9FDFAA959 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.0 - SE\muveeapp.exe
10:27:46.0903 2184 C:\Program Files\muvee Technologies\muvee autoProducer 6.0 - SE\muveeapp.exe - ok
10:27:46.0903 2184 [ 0D392EDE3B97E0B3131B2F63EF1DB94E ] C:\Program Files\Windows Defender\MSASCui.exe
10:27:46.0903 2184 C:\Program Files\Windows Defender\MSASCui.exe - ok
10:27:46.0918 2184 [ C0ABD66F31C0B84CD944802E6D3D02C2 ] C:\Windows\System32\bthprops.cpl
10:27:46.0918 2184 C:\Windows\System32\bthprops.cpl - ok
10:27:46.0918 2184 [ 69D26BACDD8EF0E82DDA2F7425CB630F ] C:\2nd Story Software\TaxACT 2009\TaxACT09.exe
10:27:46.0918 2184 C:\2nd Story Software\TaxACT 2009\TaxACT09.exe - ok
10:27:46.0934 2184 [ 5085893F4834867A969CB98C34F2B97D ] C:\2nd Story Software\TaxACT 2010\TaxACT10.exe
10:27:46.0934 2184 C:\2nd Story Software\TaxACT 2010\TaxACT10.exe - ok
10:27:46.0934 2184 [ F96D86D99285905096E4ABDA1F0CBDED ] C:\Sierra\Planner\PLANNER.exe
10:27:46.0934 2184 C:\Sierra\Planner\PLANNER.exe - ok
10:27:46.0950 2184 [ 8E1E9E626BE68083E860E91B6DDAEF34 ] C:\Windows\System32\igfxress.dll
10:27:46.0950 2184 C:\Windows\System32\igfxress.dll - ok
10:27:46.0950 2184 [ E702FC1EE60BC6AAB122BFF7B2CA1320 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\BezlACTN.dll
10:27:46.0950 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\BezlACTN.dll - ok
10:27:46.0965 2184 [ 7AECDA936B1850B0CFD96586B2EAEC2D ] C:\2nd Story Software\TaxACT 2009\Unta09.exe
10:27:46.0965 2184 C:\2nd Story Software\TaxACT 2009\Unta09.exe - ok
10:27:46.0965 2184 [ 3A2EEE8444A8E5C1A454C57B2198F5FC ] C:\Windows\System32\ntlanman.dll
10:27:46.0965 2184 C:\Windows\System32\ntlanman.dll - ok
10:27:46.0981 2184 [ 582EFE56FC0858E58A6CEBA2A64B02C7 ] C:\Windows\System32\drprov.dll
10:27:46.0981 2184 C:\Windows\System32\drprov.dll - ok
10:27:46.0981 2184 [ CFBD2E1FE18B50748A76703A2DC6D4E3 ] C:\Windows\System32\davclnt.dll
10:27:46.0981 2184 C:\Windows\System32\davclnt.dll - ok
10:27:46.0996 2184 [ 9507A8E70A620A36CF2CF60740B8F022 ] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
10:27:46.0996 2184 C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll - ok
10:27:46.0996 2184 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Program Files\HP\QuickPlay\MFC71.dll
10:27:46.0996 2184 C:\Program Files\HP\QuickPlay\MFC71.dll - ok
10:27:47.0012 2184 [ E92143D1B2E32FAF6CC56FD97B908F6A ] C:\Windows\System32\wpdshext.dll
10:27:47.0012 2184 C:\Windows\System32\wpdshext.dll - ok
10:27:47.0028 2184 [ 5F9122D52CAFB9E86058DA8081830791 ] C:\2nd Story Software\TaxACT 2010\Unta10.exe
10:27:47.0028 2184 C:\2nd Story Software\TaxACT 2010\Unta10.exe - ok
10:27:47.0028 2184 [ 1BCE2C02487972FF0D5E6702D79E7A75 ] C:\Program Files\7-Zip\7zFM.exe
10:27:47.0028 2184 C:\Program Files\7-Zip\7zFM.exe - ok
10:27:47.0043 2184 [ 1ED2124313CCE34C877247574212EFC8 ] C:\Windows\System32\calc.exe
10:27:47.0043 2184 C:\Windows\System32\calc.exe - ok
10:27:47.0043 2184 [ 338104E0E18307CD65604FE317B5FB8D ] C:\Windows\System32\mblctr.exe
10:27:47.0043 2184 C:\Windows\System32\mblctr.exe - ok
10:27:47.0059 2184 [ B1AFF0B6DED627A1D22A6817DD58AC0F ] C:\Windows\System32\NetProj.exe
10:27:47.0059 2184 C:\Windows\System32\NetProj.exe - ok
10:27:47.0059 2184 [ 694AF8B27C9A0A99399E02CE977F986B ] C:\Windows\System32\mspaint.exe
10:27:47.0059 2184 C:\Windows\System32\mspaint.exe - ok
10:27:47.0074 2184 [ 16FEE292E95EDC274385103E6B498019 ] C:\Windows\System32\mstsc.exe
10:27:47.0074 2184 C:\Windows\System32\mstsc.exe - ok
10:27:47.0090 2184 [ 241B74792CC295DFDCB7940BBF52B226 ] C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
10:27:47.0090 2184 C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe - ok
10:27:47.0090 2184 [ E80DB295132C5EF0C623935422BD0FC7 ] C:\Windows\System32\SnippingTool.exe
10:27:47.0090 2184 C:\Windows\System32\SnippingTool.exe - ok
10:27:47.0090 2184 [ 248F33A6C2380757BC1E20E34D9E827B ] C:\Windows\System32\SoundRecorder.exe
10:27:47.0090 2184 C:\Windows\System32\SoundRecorder.exe - ok
10:27:47.0106 2184 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\Windows\System32\mobsync.exe
10:27:47.0106 2184 C:\Windows\System32\mobsync.exe - ok
10:27:47.0106 2184 [ 19D0FC69D4E68D5CE2E4B34940529727 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
10:27:47.0106 2184 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
10:27:47.0121 2184 [ 105A4D87C8DCF2CF5DB042830B203E5F ] C:\Windows\Speech\Common\sapisvr.exe
10:27:47.0121 2184 C:\Windows\Speech\Common\sapisvr.exe - ok
10:27:47.0121 2184 [ A623666C8A8EC9A57DCA07915A3F1EC6 ] C:\Windows\System32\sdclt.exe
10:27:47.0121 2184 C:\Windows\System32\sdclt.exe - ok
10:27:47.0137 2184 [ BB4910DE8B6C5E30DF39EC97308D44BA ] C:\Windows\System32\charmap.exe
10:27:47.0137 2184 C:\Windows\System32\charmap.exe - ok
10:27:47.0137 2184 [ 2327C11B043FCEB80BE00CC8D077E9AA ] C:\Windows\System32\dfrgui.exe
10:27:47.0137 2184 C:\Windows\System32\dfrgui.exe - ok
10:27:47.0152 2184 [ 86AB3F6C784197DC1D994A83AF4259CD ] C:\Windows\System32\cleanmgr.exe
10:27:47.0152 2184 C:\Windows\System32\cleanmgr.exe - ok
10:27:47.0152 2184 [ FBF628702A408977FEB0845D48F4F154 ] C:\Windows\System32\migwiz\migwiz.exe
10:27:47.0152 2184 C:\Windows\System32\migwiz\migwiz.exe - ok
10:27:47.0152 2184 [ D3D1CE8FF30786D50272DA3085149904 ] C:\Windows\System32\msinfo32.exe
10:27:47.0152 2184 C:\Windows\System32\msinfo32.exe - ok
10:27:47.0168 2184 [ 95D5AC5CCBE10E8B4B8A0DF41022568D ] C:\Windows\System32\rstrui.exe
10:27:47.0168 2184 C:\Windows\System32\rstrui.exe - ok
10:27:47.0168 2184 [ C9B520028498E5DA23651619F8A556D4 ] C:\Windows\System32\StikyNot.exe
10:27:47.0168 2184 C:\Windows\System32\StikyNot.exe - ok
10:27:47.0184 2184 [ 7122B0AA2212B07BBFC49BD22215BF3B ] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
10:27:47.0184 2184 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe - ok
10:27:47.0199 2184 [ C20436B4F0596ACD5569749206F99265 ] C:\Program Files\Windows Journal\Journal.exe
10:27:47.0199 2184 C:\Program Files\Windows Journal\Journal.exe - ok
10:27:47.0199 2184 [ 36B6F71B6D7D280302B348145DB05A9F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe
10:27:47.0199 2184 C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe - ok
10:27:47.0199 2184 [ DF4217DDB34A0B73DC7AAC7829371C0C ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
10:27:47.0199 2184 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
10:27:47.0215 2184 [ 4CAAD229A00C0DEFFF51841AE2B93B46 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll
10:27:47.0215 2184 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshmsg.dll - ok
10:27:47.0215 2184 [ 1C474C0C4CB5F15A555FE912CBF4549C ] C:\Windows\System32\odbcad32.exe
10:27:47.0215 2184 C:\Windows\System32\odbcad32.exe - ok
10:27:47.0230 2184 [ 1CB1B95D67BC380FBCCFAEA3CF2DDA80 ] C:\Windows\System32\iscsicpl.exe
10:27:47.0230 2184 C:\Windows\System32\iscsicpl.exe - ok
10:27:47.0230 2184 [ 8D865A3E7E2C78317EDE4EAE8316284F ] C:\Windows\System32\MdSched.exe
10:27:47.0230 2184 C:\Windows\System32\MdSched.exe - ok
10:27:47.0246 2184 [ 7629E9BB2FF06EACA62580A2C1D4FE6A ] C:\Windows\System32\msconfig.exe
10:27:47.0246 2184 C:\Windows\System32\msconfig.exe - ok
10:27:47.0246 2184 [ 626F198768F67A0FEB3AD909E638F551 ] C:\Windows\System32\WindowsAnytimeUpgrade.exe
10:27:47.0246 2184 C:\Windows\System32\WindowsAnytimeUpgrade.exe - ok
10:27:47.0262 2184 [ 53BA01A1AC1E251877DBE93548A8664A ] C:\Program Files\HP Games\onplay\onplay.exe
10:27:47.0262 2184 C:\Program Files\HP Games\onplay\onplay.exe - ok
10:27:47.0262 2184 [ 4304D04DFDAAE621171A2F955981016E ] C:\Program Files\Microsoft Games\Chess\Chess.exe
10:27:47.0262 2184 C:\Program Files\Microsoft Games\Chess\Chess.exe - ok
10:27:47.0277 2184 [ 21AD332BE723EFE40D9F32AD97BA8376 ] C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe
10:27:47.0277 2184 C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe - ok
10:27:47.0277 2184 [ 6ED28075D6D9E0C0464048A30432A142 ] C:\Program Files\Microsoft Games\Hearts\Hearts.exe
10:27:47.0277 2184 C:\Program Files\Microsoft Games\Hearts\Hearts.exe - ok
10:27:47.0293 2184 [ EFF7DBEE92519EB96F70E1E31FDE7098 ] C:\Program Files\Microsoft Games\inkball\inkball.exe
10:27:47.0293 2184 C:\Program Files\Microsoft Games\inkball\inkball.exe - ok
10:27:47.0293 2184 [ 7A88900F2F11882FFCE3BF3D4EAEFB4B ] C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe
10:27:47.0293 2184 C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe - ok
10:27:47.0308 2184 [ C8C383E6AA546780B2AD3034D6F6ACEF ] C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe
10:27:47.0308 2184 C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe - ok
10:27:47.0308 2184 [ 3F903BDD206EB3C688651048B5E304E1 ] C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe
10:27:47.0308 2184 C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe - ok
10:27:47.0324 2184 [ 07302F014858D038CB93CC349505D0E6 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
10:27:47.0324 2184 C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
10:27:47.0324 2184 [ 401A203AB058DEC44BD44AA81BF2CB64 ] C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe
10:27:47.0324 2184 C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe - ok
10:27:47.0340 2184 [ 406F7FD8FC91A0646C3D81070B5BA79F ] C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe
10:27:47.0340 2184 C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbui.exe - ok
10:27:47.0340 2184 [ 2D0F26CBE138E7B4FE0D93B16B193FFB ] C:\Program Files\HP\HP Software Update\HPWUCli.exe
10:27:47.0340 2184 C:\Program Files\HP\HP Software Update\HPWUCli.exe - ok
10:27:47.0355 2184 [ 07F0B8EEB0785B71B194BB5AED8EF0C8 ] C:\Program Files\HP\hpqSSupply.exe
10:27:47.0355 2184 C:\Program Files\HP\hpqSSupply.exe - ok
10:27:47.0355 2184 [ 0AF74A7197F021A788064B083C9DECCA ] C:\Program Files\HP\HPNetworkAssistant\HPNetworkAssistant.exe
10:27:47.0355 2184 C:\Program Files\HP\HPNetworkAssistant\HPNetworkAssistant.exe - ok
10:27:47.0371 2184 [ CF181B5B55297C0A9214403E8CED0F58 ] C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
10:27:47.0371 2184 C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe - ok
10:27:47.0371 2184 [ 1D83CA0045ABD0F613E049E4EB000E6D ] C:\Program Files\HP\Digital Imaging\{03E66394-42F0-4745-85F7-0A2F8F35C09F}\setup\hpzscr01.exe
10:27:47.0371 2184 C:\Program Files\HP\Digital Imaging\{03E66394-42F0-4745-85F7-0A2F8F35C09F}\setup\hpzscr01.exe - ok
10:27:47.0386 2184 [ 45DB654C4C2DF93DF73D7776BC9C7C3F ] C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
10:27:47.0386 2184 C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe - ok
10:27:47.0386 2184 [ C559672F31ABE6BA7277DD73C4502238 ] C:\Windows\System32\msiexec.exe
10:27:47.0386 2184 C:\Windows\System32\msiexec.exe - ok
10:27:47.0402 2184 [ 141F644E637FCB6729B86179B9CD6809 ] C:\Program Files\HP Games\ABC Island\Abc Island-WT.exe
10:27:47.0402 2184 C:\Program Files\HP Games\ABC Island\Abc Island-WT.exe - ok
10:27:47.0402 2184 [ DC2BDEBC4E49B26D75FC58A7F794B928 ] C:\Program Files\HP Games\Bejeweled\Bejeweled-WT.exe
10:27:47.0402 2184 C:\Program Files\HP Games\Bejeweled\Bejeweled-WT.exe - ok
10:27:47.0402 2184 [ 56B4E82EE1ABEFEAF1D0FC40FDC228B1 ] C:\Program Files\HP Games\Bookworm Adventures\BookwormAdventures-WT.exe
10:27:47.0402 2184 C:\Program Files\HP Games\Bookworm Adventures\BookwormAdventures-WT.exe - ok
10:27:47.0418 2184 [ 5162B29E1C50298541A2CF1138B4420F ] C:\Program Files\HP Games\Mahjong Escape Ancient Japan\MahjongEscapeAJ-WT.exe
10:27:47.0418 2184 C:\Program Files\HP Games\Mahjong Escape Ancient Japan\MahjongEscapeAJ-WT.exe - ok
10:27:47.0418 2184 [ 4D3DA06450EF7B24D6B6D957F6D32B57 ] C:\Program Files\HP Games\Super TextTwist\TextTwist-WT.exe
10:27:47.0418 2184 C:\Program Files\HP Games\Super TextTwist\TextTwist-WT.exe - ok
10:27:47.0433 2184 [ 3FE2A7F390FCAFE63F7663E95B143BF2 ] C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe
10:27:47.0433 2184 C:\Program Files\Intel\Intel Matrix Storage Manager\Shell.exe - ok
10:27:47.0433 2184 [ 8715BA9ECD52F8BE07901AAB18184F8B ] C:\Program Files\Common Files\LightScribe\LSLauncher.exe
10:27:47.0433 2184 C:\Program Files\Common Files\LightScribe\LSLauncher.exe - ok
10:27:47.0449 2184 [ BF899F57858B8C6F162D9EEB2370641C ] C:\Windows\System32\wercon.exe
10:27:47.0449 2184 C:\Windows\System32\wercon.exe - ok
10:27:47.0449 2184 [ 9D9F73BA0493671C59BD173419A28010 ] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
10:27:47.0449 2184 C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc - ok
10:27:47.0464 2184 [ 3141224EEBA075BC085175E60CD14782 ] C:\Windows\System32\msra.exe
10:27:47.0464 2184 C:\Windows\System32\msra.exe - ok
10:27:47.0464 2184 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe
10:27:47.0464 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - ok
10:27:47.0480 2184 [ 7E2CF680C69680064D43F4FFE5831DD1 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe
10:27:47.0480 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - ok
10:27:47.0480 2184 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe
10:27:47.0480 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - ok
10:27:47.0496 2184 [ FF6669F7A1782D54E338F5C6EC806E1E ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe
10:27:47.0496 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - ok
10:27:47.0496 2184 [ E1AB2AC4A4D50B479DF1B1CEA4A7409B ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe
10:27:47.0496 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe - ok
10:27:47.0511 2184 [ 3E5AA6A816FA331E64C38A45C6FF5637 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe
10:27:47.0511 2184 C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - ok
10:27:47.0511 2184 [ B6384C99ED7472F39977B1A2663C2BE2 ] C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe
10:27:47.0511 2184 C:\Program Files\Common Files\microsoft shared\Works Shared\WksCal.exe - ok
10:27:47.0527 2184 [ FE01A9088D1E62B0A4A31084CC6E43FC ] C:\Program Files\Microsoft Works\WksSb.exe
10:27:47.0527 2184 C:\Program Files\Microsoft Works\WksSb.exe - ok
10:27:47.0527 2184 [ CE56C2B2D0EE4669F2C193147A83E6B7 ] C:\Program Files\Microsoft Works\wksss.exe
10:27:47.0527 2184 C:\Program Files\Microsoft Works\wksss.exe - ok
10:27:47.0542 2184 [ B11DC3D321AA003E6BEB770DC2911D2A ] C:\Program Files\Microsoft Works\WksWP.exe
10:27:47.0542 2184 C:\Program Files\Microsoft Works\WksWP.exe - ok
10:27:47.0542 2184 [ 021CFC69A1874431DC88BEFC37A2A2FD ] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
10:27:47.0542 2184 C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll - ok
10:27:47.0542 2184 [ 772B5CF9A612BB33C03B26261B9A761F ] C:\Sierra\Planner\PLNRevnt.dll
10:27:47.0542 2184 C:\Sierra\Planner\PLNRevnt.dll - ok
10:27:47.0558 2184 [ 1C7D2B889C60361485F8D1FC9520BFC7 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbPresOV.exe
10:27:47.0558 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbPresOV.exe - ok
10:27:47.0558 2184 [ B51F285BDA949BC461ABE82DA828BDF3 ] C:\Program Files\muvee Technologies\muvee autoProducer 6.0 - SE\Flash\loader_pc_mprojector.exe
10:27:47.0558 2184 C:\Program Files\muvee Technologies\muvee autoProducer 6.0 - SE\Flash\loader_pc_mprojector.exe - ok
10:27:47.0574 2184 [ 87A456CCD99F3CE384F4B2460581BAB8 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
10:27:47.0574 2184 C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll - ok
10:27:47.0574 2184 [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\Windows\System32\MFC71ENU.DLL
10:27:47.0574 2184 C:\Windows\System32\MFC71ENU.DLL - ok
10:27:47.0589 2184 [ BF8318A936B70ABCED1D4BE450B6D8C5 ] C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe
10:27:47.0589 2184 C:\Program Files\Hewlett-Packard\SDP\HPSdpApp.exe - ok
10:27:47.0589 2184 [ 6FDE86CF4CA80D9D841F24A560E4B475 ] C:\Program Files\Online Services\Aolca\InstallAol.exe
10:27:47.0589 2184 C:\Program Files\Online Services\Aolca\InstallAol.exe - ok
10:27:47.0605 2184 [ 44750400065E54491115D85B7FD6E204 ] C:\Program Files\Online Services\EarthLink\InstallEarthLink.exe
10:27:47.0605 2184 C:\Program Files\Online Services\EarthLink\InstallEarthLink.exe - ok
10:27:47.0605 2184 [ E0B055AB64642F34F99267EA8A9864F9 ] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
10:27:47.0605 2184 C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
10:27:47.0620 2184 [ 2AC2C4AC49668B8C1ABDC1FD151006DA ] C:\Program Files\HP\QuickPlay\Helper.dll
10:27:47.0620 2184 C:\Program Files\HP\QuickPlay\Helper.dll - ok
10:27:47.0620 2184 [ 729F2055931D0AF930821F4FCFB6F8A0 ] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
10:27:47.0620 2184 C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc - ok
10:27:47.0636 2184 [ 88FD409677AC883CA3046B9672307F4C ] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
10:27:47.0636 2184 C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll - ok
10:27:47.0636 2184 [ A6E02F65BE0C48DE7101923AE70268BD ] C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll
10:27:47.0636 2184 C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll - ok
10:27:47.0652 2184 [ 564E468E1422FDD64A958A66B05B4D91 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
10:27:47.0652 2184 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
10:27:47.0652 2184 [ D0716BD0C0822A642D36E82F49F2B5B8 ] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
10:27:47.0652 2184 C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll - ok
10:27:47.0667 2184 [ 3A72AB0BAF2DC1AE0BA6E1EE28FFCC0B ] C:\Windows\System32\msftedit.dll
10:27:47.0667 2184 C:\Windows\System32\msftedit.dll - ok
10:27:47.0667 2184 [ 658EBC74BD38D16805648C4775F7FA82 ] C:\Windows\System32\mshtml.dll
10:27:47.0667 2184 C:\Windows\System32\mshtml.dll - ok
10:27:47.0683 2184 [ 65657FACC072D95367C6C803AD6B2F01 ] C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll
10:27:47.0683 2184 C:\Program Files\HP\QuickPlay\Kernel\common\CLRCEngine3.dll - ok
10:27:47.0683 2184 [ F723422A11CD6FA13036746272200993 ] C:\Windows\System32\wbem\cimwin32.dll
10:27:47.0683 2184 C:\Windows\System32\wbem\cimwin32.dll - ok
10:27:47.0698 2184 [ 1AE183708EC0CA7E8CECF98B9785D57C ] C:\Program Files\HP\Digital Imaging\bin\hpqddusr.dll
10:27:47.0698 2184 C:\Program Files\HP\Digital Imaging\bin\hpqddusr.dll - ok
10:27:47.0698 2184 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\Windows\System32\msimtf.dll
10:27:47.0698 2184 C:\Windows\System32\msimtf.dll - ok
10:27:47.0698 2184 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
10:27:47.0698 2184 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
10:27:47.0714 2184 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
10:27:47.0714 2184 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
10:27:47.0714 2184 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\Windows\System32\wermgr.exe
10:27:47.0714 2184 C:\Windows\System32\wermgr.exe - ok
10:27:47.0730 2184 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\Windows\System32\wer.dll
10:27:47.0730 2184 C:\Windows\System32\wer.dll - ok
10:27:47.0730 2184 [ BF622A2F0EB62FA22BAB244688C7F159 ] C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe
10:27:47.0730 2184 C:\Program Files\Online Services\JunoUS\JunoTurboSetup.exe - ok
10:27:47.0745 2184 [ 9D9BB0A1E319297E858BC38F74C7311C ] C:\Program Files\Online Services\MSN90\MSNSUSII.EXE
10:27:47.0745 2184 C:\Program Files\Online Services\MSN90\MSNSUSII.EXE - ok
10:27:47.0745 2184 [ 2815E6D94C633BC0C7F05FEA0BDA44FE ] C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe
10:27:47.0745 2184 C:\Program Files\Online Services\NetzeroUS_du\NetZeroHSSetup.exe - ok
10:27:47.0761 2184 [ 2815E6D94C633BC0C7F05FEA0BDA44FE ] C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe
10:27:47.0761 2184 C:\Program Files\Online Services\NetzeroUS_Acc\NetZeroHSSetup.exe - ok
10:27:47.0761 2184 [ 558618238BF303AF4CA6D8C27B21DD1A ] C:\Program Files\Radialpoint\QuickScn\ScanClean.exe
10:27:47.0761 2184 C:\Program Files\Radialpoint\QuickScn\ScanClean.exe - ok
10:27:47.0776 2184 [ 25F94FA2A1857DAFFDD3298E9C3AE8E4 ] C:\Windows\SMINST\CD Creator.exe
10:27:47.0776 2184 C:\Windows\SMINST\CD Creator.exe - ok
10:27:47.0776 2184 [ 7E27CE76AEC36BF1B1C6B27A5F932CD1 ] C:\Windows\SMINST\Restore7.exe
10:27:47.0776 2184 C:\Windows\SMINST\Restore7.exe - ok
10:27:47.0792 2184 [ BFDA20CB4816EACBFF4D755F2C30C2AC ] C:\Program Files\Rhapsody\WiseUpd2.exe
10:27:47.0792 2184 C:\Program Files\Rhapsody\WiseUpd2.exe - ok
10:27:47.0792 2184 [ 3A938ED2427DF10E571041069E6980CB ] C:\Program Files\Rhapsody\Unwise32.exe
10:27:47.0792 2184 C:\Program Files\Rhapsody\Unwise32.exe - ok
10:27:47.0792 2184 [ C6240A86290841D6333040E062374E97 ] C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe
10:27:47.0808 2184 C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\Main\Roxio_Central33.exe - ok
10:27:47.0808 2184 [ 4A55A0D006177BF37D2F705C1DA822B4 ] C:\Program Files\Roxio\Express Labeler 3\stax.exe
10:27:47.0808 2184 C:\Program Files\Roxio\Express Labeler 3\stax.exe - ok
10:27:47.0808 2184 [ 793A36EFEE040D9CD320956FB363D45B ] C:\Program Files\Roxio\Roxio MyDVD Basic v9\VideoUI 9\MyDVD9.exe
10:27:47.0808 2184 C:\Program Files\Roxio\Roxio MyDVD Basic v9\VideoUI 9\MyDVD9.exe - ok
10:27:47.0823 2184 [ 8EDD8401FA0828FEE071209B33FE6B15 ] C:\Sierra\Planner\PLNRexp.exe
10:27:47.0823 2184 C:\Sierra\Planner\PLNRexp.exe - ok
10:27:47.0823 2184 [ 7B11A80FA6AD5408C8CE3F69B2FCD6EA ] C:\Sierra\Planner\PLNRimp.exe
10:27:47.0823 2184 C:\Sierra\Planner\PLNRimp.exe - ok
10:27:47.0839 2184 [ E41DA9E19FDF91A2E0453DA0EC039C8D ] C:\Program Files\InstallShield Installation Information\{741849D8-E8D9-49CF-B373-0D7507ED0A56}\Setup.exe
10:27:47.0839 2184 C:\Program Files\InstallShield Installation Information\{741849D8-E8D9-49CF-B373-0D7507ED0A56}\Setup.exe - ok
10:27:47.0839 2184 [ 109BBB1C208524462FD85ED4D4B1F168 ] C:\Program Files\Sony\Sony Picture Utility\Browser\SPUBrowser.exe
10:27:47.0839 2184 C:\Program Files\Sony\Sony Picture Utility\Browser\SPUBrowser.exe - ok
10:27:47.0854 2184 [ 4CE61CE348676398EE1092760FD6E677 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll
10:27:47.0854 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapX.dll - ok
10:27:47.0854 2184 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:27:47.0854 2184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
10:27:47.0870 2184 [ EFC17011EA223FEDE80C0661CC1FD8F0 ] C:\Program Files\Sony\Sony Picture Utility\Importer\DCF\SPUDCFImporter.exe
10:27:47.0870 2184 C:\Program Files\Sony\Sony Picture Utility\Importer\DCF\SPUDCFImporter.exe - ok
10:27:47.0870 2184 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
10:27:47.0870 2184 C:\Windows\System32\msvcr100_clr0400.dll - ok
10:27:47.0886 2184 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\System32\mscoree.dll
10:27:47.0886 2184 C:\Windows\System32\mscoree.dll - ok
10:27:47.0886 2184 [ 7F5879CF5959948E38352FAE323AB313 ] C:\Program Files\Sony\Sony Digital Imaging Handbook\stepupguide\stepupguide.exe
10:27:47.0886 2184 C:\Program Files\Sony\Sony Digital Imaging Handbook\stepupguide\stepupguide.exe - ok
10:27:47.0901 2184 [ 1B70BCCFB571293733BE50FBFF943B9B ] C:\Program Files\Sony\Sony Picture Utility\Announce\SPUAnnounce.exe
10:27:47.0901 2184 C:\Program Files\Sony\Sony Picture Utility\Announce\SPUAnnounce.exe - ok
10:27:47.0901 2184 [ 91E3AEC16C8BD691979478E231485452 ] C:\Program Files\Sony\Sony Picture Utility\InitTool\SPULocaleSetting.exe
10:27:47.0901 2184 C:\Program Files\Sony\Sony Picture Utility\InitTool\SPULocaleSetting.exe - ok
10:27:47.0917 2184 [ 922EE8D6FF78BFA0062D1D7222D78F27 ] C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
10:27:47.0917 2184 C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe - ok
10:27:47.0917 2184 [ 5763C0995F5134D6D322652DD719E4B4 ] C:\Program Files\Sony\Sony Picture Utility\InitTool\SPUInit.exe
10:27:47.0917 2184 C:\Program Files\Sony\Sony Picture Utility\InitTool\SPUInit.exe - ok
10:27:47.0932 2184 [ 7E6052699CAF18ADEDD846D44ECCE81F ] C:\Windows\System32\jscript9.dll
10:27:47.0932 2184 C:\Windows\System32\jscript9.dll - ok
10:27:47.0932 2184 [ E9B39C81C87E5B790FCE121DA9E02701 ] C:\Windows\System32\d2d1.dll
10:27:47.0932 2184 C:\Windows\System32\d2d1.dll - ok
10:27:47.0948 2184 [ CABD1B34BD05C986B4DBC18BC0E947EE ] C:\Windows\System32\DWrite.dll
10:27:47.0948 2184 C:\Windows\System32\DWrite.dll - ok
10:27:47.0948 2184 [ AAAE543C535ED596ECAD2AB8761C2C6F ] C:\Windows\System32\dxgi.dll
10:27:47.0948 2184 C:\Windows\System32\dxgi.dll - ok
10:27:47.0964 2184 [ 5B6748DFA56A0BE54C45B989378293E1 ] C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll
10:27:47.0964 2184 C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll - ok
10:27:47.0964 2184 [ 5256383D1D266A9EEFCDB270340C0E5C ] C:\Windows\System32\d3d10_1.dll
10:27:47.0964 2184 C:\Windows\System32\d3d10_1.dll - ok
10:27:47.0979 2184 [ A441F5B43EAF4BD4E3ACFBE38841B46B ] C:\Windows\System32\d3d10_1core.dll
10:27:47.0979 2184 C:\Windows\System32\d3d10_1core.dll - ok
10:27:47.0979 2184 [ 4A4C71376ECA305D6DEA021F1A44816D ] C:\Windows\System32\d3d10warp.dll
10:27:47.0979 2184 C:\Windows\System32\d3d10warp.dll - ok
10:27:47.0995 2184 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
10:27:47.0995 2184 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
10:27:47.0995 2184 [ 6800A2686C0352F5B9571087D80FB670 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll
10:27:47.0995 2184 C:\Program Files\HP\QuickPlay\Kernel\TV\CLAuMixer.dll - ok
10:27:48.0010 2184 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
10:27:48.0010 2184 C:\Windows\System32\msls31.dll - ok
10:27:48.0010 2184 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\System32\dxtrans.dll
10:27:48.0010 2184 C:\Windows\System32\dxtrans.dll - ok
10:27:48.0010 2184 [ 734DAA4FEAC6905BCFB30410D6C7E003 ] C:\Windows\System32\ddrawex.dll
10:27:48.0010 2184 C:\Windows\System32\ddrawex.dll - ok
10:27:48.0026 2184 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\System32\dxtmsft.dll
10:27:48.0026 2184 C:\Windows\System32\dxtmsft.dll - ok
10:27:48.0026 2184 [ B5EF1DA337DB9859709A387638AC5E07 ] C:\Windows\System32\SearchProtocolHost.exe
10:27:48.0026 2184 C:\Windows\System32\SearchProtocolHost.exe - ok
10:27:48.0042 2184 [ 582BE479E7E286BB3B31C5A4C3DC3987 ] C:\Windows\System32\msshooks.dll
10:27:48.0042 2184 C:\Windows\System32\msshooks.dll - ok
10:27:48.0042 2184 [ 771AF583BC58373A84496CCD52C36E33 ] C:\Windows\System32\mssvp.dll
10:27:48.0042 2184 C:\Windows\System32\mssvp.dll - ok
10:27:48.0057 2184 [ 98C77FD99F3DB37B2C03F32B8F837B65 ] C:\Windows\System32\mapi32.dll
10:27:48.0057 2184 C:\Windows\System32\mapi32.dll - ok
10:27:48.0057 2184 [ 351319EF11C263C95FB721AC76F436D6 ] C:\Windows\System32\mssph.dll
10:27:48.0057 2184 C:\Windows\System32\mssph.dll - ok
10:27:48.0073 2184 [ A1CD5CE96F0A5426DB9A2F793854D1B8 ] C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
10:27:48.0073 2184 C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL - ok
10:27:48.0073 2184 [ 9DE04A790F697432871E88BB77EEBCF5 ] C:\Windows\System32\msfeeds.dll
10:27:48.0073 2184 C:\Windows\System32\msfeeds.dll - ok
10:27:48.0073 2184 [ C9EE7FF225EAC1CB9C78C413667CDB80 ] C:\Windows\System32\SearchFilterHost.exe
10:27:48.0073 2184 C:\Windows\System32\SearchFilterHost.exe - ok
10:27:48.0088 2184 [ 7DF26ADAD4A931D8E4E0E89278FC8E8B ] C:\Program Files\Internet Explorer\sqmapi.dll
10:27:48.0088 2184 C:\Program Files\Internet Explorer\sqmapi.dll - ok
10:27:48.0088 2184 [ 15435AD98E92CBADFDBF495D1D57BF33 ] C:\Program Files\Internet Explorer\IEShims.dll
10:27:48.0088 2184 C:\Program Files\Internet Explorer\IEShims.dll - ok
10:27:48.0104 2184 [ C720BD3BDE2C9A1BFC4476F6D3A4B64D ] C:\Windows\System32\ieui.dll
10:27:48.0104 2184 C:\Windows\System32\ieui.dll - ok
10:27:48.0104 2184 [ 6B0272B55C8958327CDBE1250CD4BD0A ] C:\Program Files\Internet Explorer\ieproxy.dll
10:27:48.0104 2184 C:\Program Files\Internet Explorer\ieproxy.dll - ok
10:27:48.0120 2184 [ 04802864F51046E93471083A24469ACE ] C:\Windows\System32\d3d10level9.dll
10:27:48.0120 2184 C:\Windows\System32\d3d10level9.dll - ok
10:27:48.0120 2184 [ 0D26C438E2938A3E6BDD91173BC96FF0 ] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
10:27:48.0120 2184 C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
10:27:48.0135 2184 [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\System32\ieapfltr.dll
10:27:48.0135 2184 C:\Windows\System32\ieapfltr.dll - ok
10:27:48.0135 2184 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:27:48.0135 2184 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:27:48.0151 2184 [ 4E289C24E5BEB5FF9CF5B118AB96FDB0 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:27:48.0151 2184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:27:48.0151 2184 [ B0D16BC319E37E875C4B491460807051 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll
10:27:48.0151 2184 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll - ok
10:27:48.0166 2184 [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:27:48.0166 2184 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:27:48.0166 2184 [ 92D1B7E3981A24B8F3093CE42AB31C68 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll
10:27:48.0166 2184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll - ok
10:27:48.0182 2184 [ 593555359AC8A70A59BC3A4EAE154F26 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll
10:27:48.0182 2184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\15e2d7f51f15830591727d6d6a1e4032\System.ServiceProcess.ni.dll - ok
10:27:48.0182 2184 [ CECB7971499C5E84F701AFABDDFFA27C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll
10:27:48.0182 2184 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll - ok
10:27:48.0198 2184 [ 0775A7424B1828AD1452BAE43F7069A8 ] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
10:27:48.0198 2184 C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll - ok
10:27:48.0198 2184 [ 8078F8F8F7A79E2E6B494523A828C585 ] C:\Windows\System32\msdtckrm.dll
10:27:48.0198 2184 C:\Windows\System32\msdtckrm.dll - ok
10:27:48.0213 2184 [ 8B02D2ECC7EF6E1F6AF08459E3F741F6 ] C:\Windows\System32\d3d10.dll
10:27:48.0213 2184 C:\Windows\System32\d3d10.dll - ok
10:27:48.0213 2184 [ 9C7094F537782A82B6A29B4A7172E180 ] C:\Windows\System32\d3d10core.dll
10:27:48.0213 2184 C:\Windows\System32\d3d10core.dll - ok
10:27:48.0213 2184 [ 2C7B4E944A48B9A07B7BF2AB262F197E ] C:\Windows\System32\icm32.dll
10:27:48.0213 2184 C:\Windows\System32\icm32.dll - ok
10:27:48.0229 2184 [ C166EF14CBC85AC9747DDA3797F30A06 ] C:\Windows\System32\d3dim700.dll
10:27:48.0229 2184 C:\Windows\System32\d3dim700.dll - ok
10:27:48.0229 2184 [ 5E41139EC6EFBCAFFD96D46925E544AB ] C:\Windows\System32\mspatcha.dll
10:27:48.0229 2184 C:\Windows\System32\mspatcha.dll - ok
10:27:48.0244 2184 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
10:27:48.0244 2184 C:\Windows\System32\wuapi.dll - ok
10:27:48.0244 2184 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
10:27:48.0244 2184 C:\Windows\System32\wups.dll - ok
10:27:48.0260 2184 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
10:27:48.0260 2184 C:\Windows\System32\wups2.dll - ok
10:27:48.0260 2184 [ 69EDE878C3891E7796D46B7E552330B1 ] C:\Windows\System32\url.dll
10:27:48.0260 2184 C:\Windows\System32\url.dll - ok
10:27:48.0276 2184 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\Windows\System32\wscisvif.dll
10:27:48.0276 2184 C:\Windows\System32\wscisvif.dll - ok
10:27:48.0276 2184 [ FE3702015BE4D214808A2FBC07B8E5FF ] C:\Windows\System32\wscproxystub.dll
10:27:48.0276 2184 C:\Windows\System32\wscproxystub.dll - ok
10:27:48.0291 2184 [ 8B1E277F554228A84126402BBBDC32F4 ] C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx
10:27:48.0291 2184 C:\Windows\System32\Macromed\Flash\Flash32_11_4_402_287.ocx - ok
10:27:48.0291 2184 [ 507183B4FCB535A7A973427D1F367CA8 ] C:\Windows\System32\vbscript.dll
10:27:48.0291 2184 C:\Windows\System32\vbscript.dll - ok
10:27:48.0291 2184 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\Windows\System32\dssenh.dll
10:27:48.0291 2184 C:\Windows\System32\dssenh.dll - ok
10:27:48.0307 2184 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\Windows\System32\security.dll
10:27:48.0307 2184 C:\Windows\System32\security.dll - ok
10:27:48.0307 2184 [ F8D8BB3F6173FFF00128612F33D3197A ] C:\Windows\System32\wbem\WMIADAP.exe
10:27:48.0307 2184 C:\Windows\System32\wbem\WMIADAP.exe - ok
10:27:48.0322 2184 [ 8B2D61CA83825CEAD423228ACD40CFBC ] C:\Windows\System32\loadperf.dll
10:27:48.0322 2184 C:\Windows\System32\loadperf.dll - ok
10:27:48.0322 2184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Dennis_2\Desktop\iexplore.exe.exe
10:27:48.0322 2184 C:\Users\Dennis_2\Desktop\iexplore.exe.exe - ok
10:27:48.0338 2184 [ E44C7D6F8D665DA2D9385E5E15EDEEF7 ] C:\Windows\System32\consent.exe
10:27:48.0338 2184 C:\Windows\System32\consent.exe - ok
10:27:48.0338 2184 [ 178A34E5554DCE485E1262DDF027960C ] C:\Windows\temp\iex7BE3.tmp
10:27:48.0338 2184 C:\Windows\temp\iex7BE3.tmp - ok
10:27:48.0354 2184 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\57314558.sys
10:27:48.0354 2184 C:\Windows\System32\drivers\57314558.sys - ok
10:27:48.0354 2184 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\Windows\System32\riched20.dll
10:27:48.0354 2184 C:\Windows\System32\riched20.dll - ok
10:27:48.0354 2184 ============================================================
10:27:48.0354 2184 Scan finished
10:27:48.0354 2184 ============================================================
10:27:48.0369 3184 Detected object count: 13
10:27:48.0369 3184 Actual detected object count: 13
10:28:54.0058 3184 CLCapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0058 3184 CLCapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0058 3184 CLSched ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0058 3184 CLSched ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0058 3184 dvpapi ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0058 3184 dvpapi ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0058 3184 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0058 3184 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0074 3184 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0074 3184 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0074 3184 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0074 3184 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0074 3184 hpqwmiex ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0074 3184 hpqwmiex ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0074 3184 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0074 3184 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0074 3184 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0074 3184 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0089 3184 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0089 3184 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0089 3184 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0089 3184 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0089 3184 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0089 3184 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:28:54.0089 3184 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - skipped by user
10:28:54.0089 3184 RoxMediaDB9 ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP