Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop sloooooow no matter what I try to do


  • This topic is locked This topic is locked

#61
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Alrighty here's that log:

ComboFix 14-01-04.03 - Chris 01/04/2014 9:49.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3068.1717 [GMT -5:00]
Running from: c:\users\Chris\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Chris\AppData\Local\assembly\tmp
c:\users\Chris\Desktop\Search.lnk
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_vpnagent
.
.
((((((((((((((((((((((((( Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))
.
.
2074-05-18 21:44 . 2008-03-21 18:46 607296 ----a-w- c:\program files\Microsoft Games\Age of Empires III\deformerdllyD.dll
2014-01-04 15:21 . 2014-01-04 15:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-04 05:34 . 2014-01-04 05:34 -------- d-----w- C:\_OTL
2014-01-02 15:34 . 2014-01-02 16:17 -------- d-----w- c:\program files\Uninstaller
2014-01-02 15:29 . 2014-01-02 15:29 -------- d-----w- c:\users\Chris\AppData\Roaming\AVAST Software
2014-01-02 15:27 . 2014-01-02 15:28 -------- d-----w- c:\program files\Google
2014-01-02 15:27 . 2014-01-02 15:27 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-01-02 15:27 . 2014-01-02 15:27 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-02 15:27 . 2014-01-02 15:27 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-02 15:27 . 2014-01-02 15:27 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-02 15:27 . 2014-01-02 15:27 410528 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-02 15:27 . 2014-01-02 15:27 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-02 15:27 . 2014-01-02 15:27 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-01-02 15:27 . 2014-01-02 15:27 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-02 15:27 . 2014-01-02 15:27 43152 ----a-w- c:\windows\avastSS.scr
2014-01-02 15:25 . 2014-01-02 15:25 -------- d-----w- c:\program files\AVAST Software
2014-01-02 15:22 . 2014-01-02 15:22 -------- d-----w- c:\programdata\AVAST Software
2014-01-02 15:18 . 2014-01-02 16:48 -------- d-----w- c:\users\Chris\AppData\Local\SwvUpdater
2014-01-01 22:00 . 2014-01-04 06:12 -------- d-----w- C:\AdwCleaner
2014-01-01 14:47 . 2014-01-01 15:17 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-01-01 11:48 . 2014-01-01 14:44 -------- d-----w- c:\program files\PassShow
2014-01-01 03:47 . 2014-01-04 05:22 -------- d-----w- c:\program files\Spybot - Search & Destroy
2014-01-01 03:37 . 2014-01-01 03:37 -------- d-----w- c:\programdata\WindowsSearch
2014-01-01 02:09 . 2014-01-01 02:09 -------- d-----w- c:\program files\Enigma Software Group
2014-01-01 02:06 . 2014-01-01 03:09 -------- d-----w- c:\windows\220FB0354744483A9A0B41DF77061583.TMP
2014-01-01 02:06 . 2014-01-01 02:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2013-12-22 04:50 . 2013-12-22 04:50 -------- d--h--w- c:\windows\msdownld.tmp
2013-12-22 04:48 . 2014-01-01 06:07 -------- d-----w- c:\programdata\WarThunder
2013-12-22 04:48 . 2013-12-22 04:48 -------- d-----w- c:\users\Chris\AppData\Local\WarThunder
2013-12-21 21:13 . 2013-12-21 21:13 -------- d-----w- c:\users\Chris\AppData\Local\URmedia
2013-12-14 22:09 . 2013-12-14 22:09 -------- d-----w- c:\users\Chris\AppData\Roaming\CyberLink
2013-12-11 19:06 . 2013-10-30 00:35 2050560 ----a-w- c:\windows\system32\win32k.sys
2013-12-11 19:06 . 2013-10-30 02:12 335360 ----a-w- c:\windows\system32\SysFxUI.dll
2013-12-11 19:06 . 2013-10-30 01:43 130048 ----a-w- c:\windows\system32\drivers\drmk.sys
2013-12-11 19:06 . 2013-10-30 00:43 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2013-12-11 19:06 . 2013-10-11 02:08 131072 ----a-w- c:\windows\system32\wshom.ocx
2013-12-11 19:06 . 2013-10-11 00:35 155648 ----a-w- c:\windows\system32\wscript.exe
2013-12-11 19:06 . 2013-10-11 02:08 36864 ----a-w- c:\windows\system32\wshcon.dll
2013-12-11 19:06 . 2013-10-11 02:08 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-12-11 19:06 . 2013-10-11 00:35 135168 ----a-w- c:\windows\system32\cscript.exe
2013-12-11 19:06 . 2013-10-22 07:19 158208 ----a-w- c:\windows\system32\imagehlp.dll
2013-12-08 12:30 . 2013-12-08 12:31 -------- d-----w- c:\program files\GUMB01C.tmp
2013-12-08 02:25 . 2013-12-08 02:25 -------- d-----w- c:\programdata\Auslogics
2013-12-08 02:25 . 2013-12-08 02:25 -------- d-----w- c:\program files\Auslogics
2013-12-08 01:55 . 2013-12-08 01:55 -------- d-----w- c:\windows\system32\Adobe
2013-12-07 02:39 . 2013-12-07 02:39 -------- d-----w- c:\users\Chris\AppData\Roaming\OpenOffice
2013-12-07 02:36 . 2013-12-07 02:37 -------- d-----w- c:\program files\OpenOffice 4
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 16:14 . 2013-11-25 07:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-11 16:14 . 2011-11-09 23:32 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-25 06:20 . 2013-11-25 06:20 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-11-24 19:11 . 2013-11-24 19:11 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2013-11-24 19:11 . 2013-11-24 19:11 91376 ----a-w- c:\windows\system32\bcmwlcoi.dll
2013-11-24 19:11 . 2013-11-24 19:11 3862528 ----a-w- c:\windows\system32\bcmihvsrv.dll
2013-11-24 19:11 . 2013-11-24 19:11 3551232 ----a-w- c:\windows\system32\bcmihvui.dll
2013-11-24 19:11 . 2013-11-24 19:11 2438648 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2013-11-04 20:12 . 2013-12-01 21:52 21720 ----a-w- c:\windows\help\OEM\scripts\PSGRedirector.exe
2013-10-30 02:13 . 2008-01-21 02:23 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2013-10-14 20:13 . 2013-12-01 21:52 15064 ----a-w- c:\windows\help\OEM\scripts\LaunchMsHelpTopic.exe
2013-10-11 02:08 . 2013-11-23 20:05 444928 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-10-11 02:07 . 2013-11-23 20:05 596480 ----a-w- c:\windows\system32\FWPUCLNT.DLL
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-02 15:26 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"URmedia"="c:\users\Chris\AppData\Local\URmedia\iTunesMod.dll" [2013-12-21 20480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2008-04-15 442433]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-02 3764024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2013-12-13 21720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-05-11 10:06 40048 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
2010-08-20 11:03 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-13 23:51 59720 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cisco AnyConnect Secure Mobility Agent for Windows]
2012-12-13 09:44 702024 ----a-w- c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-09-10 04:12 116648 ----atw- c:\users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-04-15 20:42 70912 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 23:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2007-08-22 23:31 80896 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-09-18 03:45 152392 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-14 02:09 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]
2007-11-02 01:42 554288 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeachtreePrefetcher.exe]
2011-10-25 16:27 29512 ----a-r- c:\program files\Sage\Peachtree\PeachtreePrefetcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-03-14 15:45 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-04-24 06:51 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-12-24 23:55 222504 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R3 acsint;acsint;c:\windows\system32\DRIVERS\acsint.sys [2012-12-13 39888]
R3 acsmux;acsmux;c:\windows\system32\DRIVERS\acsmux.sys [2012-12-13 58320]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe [2008-02-12 73728]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-25 16:14]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-02 15:27]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-01-02 15:27]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000Core.job
- c:\users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-10 04:12]
.
2014-01-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000UA.job
- c:\users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-10 04:12]
.
.
------- Supplementary Scan -------
.
uStart Page =
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=83&bd=Pavilion&pf=cnnb
uInternet Settings,ProxyOverride = *.local
uSearchAssistant =
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=057ce24d-4d07-d056-b9c7-1ba44095c7c7&searchtype=hp&installDate=02/01/2014
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=057ce24d-4d07-d056-b9c7-1ba44095c7c7&searchtype=ds&installDate=02/01/2014&q=
FF - ExtSQL: !HIDDEN! 1970-05-29 03:24; {6138D990-05A3-228B-79A7-867F1E107476}; -
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-ROC_ROC_APR2013_AV - c:\users\Chris\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe
MSConfigStartUp-SDTray - c:\program files\Spybot - Search & Destroy 2\SDTray.exe
MSConfigStartUp-vProt - c:\program files\AVG SafeGuard toolbar\vprot.exe
AddRemove-MyPC Backup - c:\program files\MyPC Backup\uninst.exe
AddRemove-Octoshape add-in for Adobe Flash Player - c:\users\Chris\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\octoshape\octoshape.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DbgagD\1*]
"value"="?\0b\03\09\00\1d\0fu"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5528)
c:\users\Chris\AppData\Local\URmedia\iTunesMod.dll
c:\windows\system32\ieframe.dll
.
- - - - - - - > 'Explorer.exe'(4156)
c:\users\Chris\AppData\Local\URmedia\iTunesMod.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Hpservice.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Hp\Common\HPSupportSolutionsFrameworkService.exe
c:\program files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\windows\SMINST\BLService.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\windows\System32\regsvr32.exe
c:\program files\Synaptics\SynTP\SynTPHelper.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\program files\Internet Explorer\iexplore.exe
c:\program files\Internet Explorer\iexplore.exe
.
**************************************************************************
.
Completion time: 2014-01-04 10:36:27 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-04 15:36
.
Pre-Run: 114,077,097,984 bytes free
Post-Run: 115,027,374,080 bytes free
.
- - End Of File - - 508493F3C36089F4F727B7F7EDC496ED
85D751F0E41B8E520AEE8C07A8DA777B
  • 0

Advertisements


#62
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Is Avast still popping up with that warning stating that explorer.exe is infected??

How's the system behaving?

I just noticed that you didn't click the Clean button after the initial scan ran on AdwCleaner.

Could you please double-click AdwCleaner.exe to run the tool again.
  • Click the Scan button.
    Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Also, please check to see if a log might have been generated in C:\_OTL\Moved Files for when the first scan froze on you and post that in your next reply:

Logs I'd like to see if found:

AdwCleaner[S0].txt
:\_OTL\[b]Moved Files


Thank you kindly! :)
  • 0

#63
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
I was just about to report that I had no pop-ups from Avast, but one just popped up. I'm not having as many notifications though.

The system is working better, though it is a little slow.

Here is that log:
# AdwCleaner v3.016 - Report created 05/01/2014 at 16:47:55
# Updated 23/12/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Chris - CHRIS-PC
# Running from : C:\Users\Chris\Downloads\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\Chris\AppData\Local\SwvUpdater
File Deleted : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\searchplugins\Web Search.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
Shortcut Disinfected : C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Search.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=057ce24d-4d07-d056-b9c7-1ba44095c7c7&searchtype=nt&installDate=02/01/2014");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("extensions.helperbar.lastExternalJsUpdate", "1388629517217");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=US&userid=057ce24d-4d07-d056-b9c7-1ba44095c7c7&searchtype=ds&installDate=02/01/2014&q=");

-\\ Google Chrome v

[ File : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [8359 octets] - [01/01/2014 17:01:32]
AdwCleaner[R1].txt - [8478 octets] - [01/01/2014 17:29:47]
AdwCleaner[R2].txt - [8538 octets] - [01/01/2014 18:45:31]
AdwCleaner[R3].txt - [7917 octets] - [01/01/2014 19:19:33]
AdwCleaner[R4].txt - [8036 octets] - [01/01/2014 19:30:36]
AdwCleaner[R5].txt - [6699 octets] - [04/01/2014 01:11:00]
AdwCleaner[R6].txt - [5376 octets] - [05/01/2014 16:47:03]
AdwCleaner[S0].txt - [350 octets] - [01/01/2014 17:26:48]
AdwCleaner[S1].txt - [1147 octets] - [01/01/2014 18:52:14]
AdwCleaner[S2].txt - [350 octets] - [01/01/2014 19:20:20]
AdwCleaner[S3].txt - [7739 octets] - [01/01/2014 19:31:13]
AdwCleaner[S4].txt - [4793 octets] - [05/01/2014 16:47:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4853 octets] ##########


I only have that one OTL log. I can run it again if need be though.

Thanks!

Edited by CZ2761, 05 January 2014 - 04:56 PM.

  • 0

#64
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
For the moment, at least till we can get a hold on this infection and conquer it, could you please not play anymore games, download or surf at your leisure. It's affecting our ability to cleanse the your system.

No need to run OTL at the moment. I;d like you to run the following scan, please, and following the instructions as instructed below:

If you still have the previous version of TDSSKiller on your desktop please uninstall it and download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

Posted Image

  • Put a checkmark beside loaded modules.

Posted Image

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
Posted Image

  • Click the Start Scan button.
Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Posted Image
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Thank you! :)
  • 0

#65
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Here is the report:

00:52:54.0814 3692 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:52:56.0826 3692 ============================================================
00:52:56.0826 3692 Current date / time: 2014/01/06 00:52:56.0826
00:52:56.0826 3692 SystemInfo:
00:52:56.0826 3692
00:52:56.0826 3692 OS Version: 6.0.6002 ServicePack: 2.0
00:52:56.0826 3692 Product type: Workstation
00:52:56.0826 3692 ComputerName: CHRIS-PC
00:52:56.0826 3692 UserName: Chris
00:52:56.0826 3692 Windows directory: C:\Windows
00:52:56.0826 3692 System windows directory: C:\Windows
00:52:56.0826 3692 Processor architecture: Intel x86
00:52:56.0826 3692 Number of processors: 2
00:52:56.0826 3692 Page size: 0x1000
00:52:56.0826 3692 Boot type: Normal boot
00:52:56.0826 3692 ============================================================
00:53:00.0586 3692 BG loaded
00:53:03.0518 3692 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
00:53:03.0550 3692 ============================================================
00:53:03.0550 3692 \Device\Harddisk0\DR0:
00:53:03.0596 3692 MBR partitions:
00:53:03.0596 3692 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BCEAFC1
00:53:03.0596 3692 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BCEB000, BlocksNum 0x14D9000
00:53:03.0596 3692 ============================================================
00:53:03.0877 3692 C: <-> \Device\Harddisk0\DR0\Partition1
00:53:04.0423 3692 D: <-> \Device\Harddisk0\DR0\Partition2
00:53:04.0486 3692 ============================================================
00:53:04.0486 3692 Initialize success
00:53:04.0486 3692 ============================================================
00:54:29.0372 3716 ============================================================
00:54:29.0372 3716 Scan started
00:54:29.0372 3716 Mode: Manual; SigCheck; TDLFS;
00:54:29.0372 3716 ============================================================
00:54:37.0141 3716 ================ Scan system memory ========================
00:54:37.0141 3716 System memory - ok
00:54:37.0141 3716 ================ Scan services =============================
00:54:44.0052 3716 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
00:54:44.0239 3716 Accelerometer - ok
00:54:44.0645 3716 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
00:54:44.0691 3716 ACPI - ok
00:54:45.0035 3716 [ D2523D28674B03976AFC1AB6EF712F27 ] acsint C:\Windows\system32\DRIVERS\acsint.sys
00:54:45.0066 3716 acsint - ok
00:54:45.0284 3716 [ 9A7D29DAE24A01DCD33D8F563559B3AB ] acsmux C:\Windows\system32\DRIVERS\acsmux.sys
00:54:45.0393 3716 acsmux - ok
00:54:45.0737 3716 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:54:47.0749 3716 AdobeFlashPlayerUpdateSvc - ok
00:54:48.0030 3716 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:54:49.0574 3716 adp94xx - ok
00:54:49.0871 3716 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:54:49.0933 3716 adpahci - ok
00:54:50.0011 3716 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
00:54:50.0105 3716 adpu160m - ok
00:54:50.0214 3716 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:55:13.0583 3716 adpu320 - ok
00:55:14.0659 3716 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:55:17.0077 3716 AeLookupSvc - ok
00:55:19.0901 3716 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
00:55:26.0655 3716 AESTFilters - ok
00:55:27.0186 3716 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
00:55:27.0529 3716 AFD - ok
00:55:27.0716 3716 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
00:55:27.0872 3716 agp440 - ok
00:55:28.0028 3716 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
00:55:28.0184 3716 aic78xx - ok
00:55:28.0231 3716 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
00:55:31.0289 3716 ALG - ok
00:55:32.0022 3716 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
00:55:32.0100 3716 aliide - ok
00:55:32.0193 3716 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
00:55:32.0271 3716 amdagp - ok
00:55:32.0318 3716 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
00:55:32.0443 3716 amdide - ok
00:55:32.0583 3716 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
00:55:32.0771 3716 AmdK7 - ok
00:55:32.0802 3716 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:55:32.0958 3716 AmdK8 - ok
00:55:33.0613 3716 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
00:55:33.0878 3716 Appinfo - ok
00:55:34.0721 3716 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:55:35.0017 3716 Apple Mobile Device - ok
00:55:35.0267 3716 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
00:55:35.0516 3716 arc - ok
00:55:35.0672 3716 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:55:35.0719 3716 arcsas - ok
00:55:36.0359 3716 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
00:55:36.0437 3716 aswMonFlt - ok
00:55:36.0608 3716 [ B269C41DF93EFF71DF0986BD982D1C46 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
00:55:36.0733 3716 aswRdr - ok
00:55:36.0842 3716 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
00:55:36.0936 3716 aswRvrt - ok
00:55:37.0497 3716 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
00:55:37.0763 3716 aswSnx - ok
00:55:38.0137 3716 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys
00:55:38.0324 3716 aswSP - ok
00:55:38.0387 3716 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
00:55:38.0465 3716 aswTdi - ok
00:55:38.0605 3716 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
00:55:38.0792 3716 aswVmm - ok
00:55:39.0026 3716 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:55:39.0213 3716 AsyncMac - ok
00:55:39.0338 3716 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
00:55:39.0432 3716 atapi - ok
00:55:40.0321 3716 [ 99FDF0E65F82C0E47BC04363C09DE146 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
00:55:40.0961 3716 Ati External Event Utility - ok
00:55:43.0347 3716 [ E8044E9976D43B1D00EADE351E447349 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:55:46.0998 3716 atikmdag - ok
00:55:49.0665 3716 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:55:49.0821 3716 AudioEndpointBuilder - ok
00:55:52.0583 3716 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:55:52.0707 3716 Audiosrv - ok
00:55:53.0456 3716 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:55:53.0456 3716 avast! Antivirus - ok
00:55:56.0436 3716 [ A2CD1468BB0E796726DA95E95F87A715 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
00:55:57.0497 3716 BCM43XV - ok
00:55:59.0275 3716 [ A2CD1468BB0E796726DA95E95F87A715 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
00:56:02.0598 3716 BCM43XX - ok
00:56:03.0721 3716 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
00:56:03.0815 3716 Beep - ok
00:56:05.0780 3716 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
00:56:06.0155 3716 BFE - ok
00:56:09.0197 3716 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
00:56:09.0368 3716 BITS - ok
00:56:10.0928 3716 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
00:56:11.0271 3716 blbdrive - ok
00:56:13.0159 3716 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:56:13.0362 3716 Bonjour Service - ok
00:56:16.0482 3716 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:56:17.0246 3716 bowser - ok
00:56:20.0257 3716 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
00:56:20.0507 3716 BrFiltLo - ok
00:56:27.0558 3716 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
00:56:27.0839 3716 BrFiltUp - ok
00:56:33.0283 3716 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
00:56:33.0704 3716 Browser - ok
00:56:34.0359 3716 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
00:56:40.0350 3716 Brserid - ok
00:56:40.0599 3716 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
00:56:40.0911 3716 BrSerWdm - ok
00:56:41.0348 3716 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
00:56:42.0815 3716 BrUsbMdm - ok
00:56:42.0846 3716 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
00:56:43.0017 3716 BrUsbSer - ok
00:56:43.0158 3716 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:56:43.0532 3716 BthEnum - ok
00:56:43.0610 3716 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:56:43.0751 3716 BTHMODEM - ok
00:56:43.0953 3716 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
00:56:44.0063 3716 BthPan - ok
00:56:44.0312 3716 [ 671134053D59E23704F08DB19F11E10B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
00:56:44.0765 3716 BTHPORT - ok
00:56:44.0858 3716 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
00:56:45.0435 3716 BthServ - ok
00:56:45.0545 3716 [ 93D7007E2C660DFCCA6AE72622740B14 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
00:56:45.0669 3716 BTHUSB - ok
00:56:45.0732 3716 catchme - ok
00:56:45.0841 3716 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:56:45.0935 3716 cdfs - ok
00:56:46.0075 3716 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:56:46.0293 3716 cdrom - ok
00:56:46.0527 3716 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
00:56:46.0652 3716 CertPropSvc - ok
00:56:46.0699 3716 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:56:46.0855 3716 circlass - ok
00:56:46.0964 3716 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
00:56:47.0183 3716 CLFS - ok
00:56:47.0916 3716 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:56:48.0992 3716 clr_optimization_v2.0.50727_32 - ok
00:56:50.0240 3716 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:56:51.0551 3716 clr_optimization_v4.0.30319_32 - ok
00:56:51.0785 3716 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:56:51.0925 3716 CmBatt - ok
00:56:52.0050 3716 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:56:52.0159 3716 cmdide - ok
00:56:53.0282 3716 [ DF855C726818A71A14A0D6FAD8EDDC37 ] CodeMeter.exe C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
00:56:53.0766 3716 CodeMeter.exe - ok
00:56:54.0249 3716 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
00:56:54.0530 3716 Com4QLBEx - ok
00:56:54.0624 3716 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:56:54.0671 3716 Compbatt - ok
00:56:54.0671 3716 COMSysApp - ok
00:56:54.0764 3716 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:56:54.0842 3716 crcdisk - ok
00:56:54.0920 3716 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
00:56:55.0139 3716 Crusoe - ok
00:56:55.0295 3716 [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:56:56.0121 3716 CryptSvc - ok
00:56:56.0652 3716 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:56:57.0167 3716 DcomLaunch - ok
00:56:57.0276 3716 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:56:57.0915 3716 DfsC - ok
00:57:00.0037 3716 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
00:57:00.0567 3716 DFSR - ok
00:57:01.0098 3716 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
00:57:01.0176 3716 Dhcp - ok
00:57:01.0316 3716 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
00:57:01.0457 3716 disk - ok
00:57:01.0597 3716 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:57:01.0675 3716 Dnscache - ok
00:57:01.0769 3716 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
00:57:02.0034 3716 dot3svc - ok
00:57:02.0221 3716 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
00:57:02.0299 3716 DPS - ok
00:57:02.0611 3716 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:57:07.0369 3716 drmkaud - ok
00:57:07.0603 3716 [ 988670D8343EF9835FB3659DB71B2EFA ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:57:07.0915 3716 DXGKrnl - ok
00:57:08.0321 3716 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
00:57:08.0539 3716 E1G60 - ok
00:57:08.0695 3716 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
00:57:08.0757 3716 EapHost - ok
00:57:09.0272 3716 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
00:57:09.0428 3716 Ecache - ok
00:57:09.0849 3716 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:57:10.0177 3716 ehRecvr - ok
00:57:10.0255 3716 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
00:57:10.0567 3716 ehSched - ok
00:57:10.0739 3716 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
00:57:10.0863 3716 ehstart - ok
00:57:11.0144 3716 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:57:11.0285 3716 elxstor - ok
00:57:11.0534 3716 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
00:57:12.0174 3716 EMDMgmt - ok
00:57:12.0314 3716 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] enecir C:\Windows\system32\DRIVERS\enecir.sys
00:57:12.0689 3716 enecir - ok
00:57:12.0798 3716 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:57:12.0969 3716 ErrDev - ok
00:57:13.0094 3716 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
00:57:13.0125 3716 EventSystem - ok
00:57:13.0313 3716 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
00:57:13.0437 3716 exfat - ok
00:57:13.0562 3716 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:57:13.0625 3716 fastfat - ok
00:57:13.0749 3716 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:57:13.0859 3716 fdc - ok
00:57:13.0921 3716 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
00:57:13.0983 3716 fdPHost - ok
00:57:14.0046 3716 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
00:57:14.0108 3716 FDResPub - ok
00:57:14.0139 3716 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:57:14.0171 3716 FileInfo - ok
00:57:14.0233 3716 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:57:14.0358 3716 Filetrace - ok
00:57:14.0467 3716 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:57:14.0592 3716 flpydisk - ok
00:57:14.0654 3716 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:57:14.0701 3716 FltMgr - ok
00:57:15.0060 3716 [ 2AFA3A46986AE935DAECEBC7E66314CF ] FontCache C:\Windows\system32\FntCache.dll
00:57:15.0200 3716 FontCache - ok
00:57:15.0497 3716 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
00:57:15.0746 3716 FontCache3.0.0.0 - ok
00:57:15.0840 3716 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:57:16.0089 3716 Fs_Rec - ok
00:57:16.0167 3716 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:57:16.0214 3716 gagp30kx - ok
00:57:16.0370 3716 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:57:16.0386 3716 GEARAspiWDM - ok
00:57:16.0526 3716 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
00:57:16.0947 3716 gpsvc - ok
00:57:17.0103 3716 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:57:17.0150 3716 gupdate - ok
00:57:17.0150 3716 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:57:17.0166 3716 gupdatem - ok
00:57:17.0228 3716 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:57:17.0244 3716 gusvc - ok
00:57:17.0306 3716 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:57:17.0431 3716 HdAudAddService - ok
00:57:17.0665 3716 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:57:18.0055 3716 HDAudBus - ok
00:57:18.0117 3716 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:57:18.0258 3716 HidBth - ok
00:57:18.0336 3716 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:57:18.0539 3716 HidIr - ok
00:57:18.0617 3716 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
00:57:18.0741 3716 hidserv - ok
00:57:18.0866 3716 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:57:18.0929 3716 HidUsb - ok
00:57:19.0038 3716 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:57:19.0194 3716 hkmsvc - ok
00:57:19.0397 3716 [ D13E6BFD7E9189D26A42E94CB2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
00:57:19.0740 3716 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
00:57:19.0740 3716 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
00:57:19.0833 3716 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
00:57:19.0880 3716 HpCISSs - ok
00:57:20.0005 3716 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
00:57:20.0021 3716 hpdskflt - ok
00:57:20.0099 3716 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
00:57:20.0145 3716 HpqKbFiltr - ok
00:57:20.0177 3716 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
00:57:20.0255 3716 HpqRemHid - ok
00:57:20.0348 3716 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
00:57:20.0426 3716 hpqwmiex - ok
00:57:20.0457 3716 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
00:57:20.0520 3716 hpsrv - ok
00:57:20.0801 3716 [ 974A1F783ED34588B45FAD6375077BA6 ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
00:57:20.0832 3716 HPSupportSolutionsFrameworkService - ok
00:57:20.0988 3716 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
00:57:21.0253 3716 HSFHWAZL - ok
00:57:21.0549 3716 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
00:57:21.0877 3716 HSF_DPV - ok
00:57:22.0049 3716 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:57:22.0673 3716 HTTP - ok
00:57:22.0735 3716 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
00:57:22.0782 3716 i2omp - ok
00:57:22.0875 3716 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:57:22.0985 3716 i8042prt - ok
00:57:23.0078 3716 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
00:57:23.0343 3716 iaStorV - ok
00:57:23.0593 3716 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
00:57:23.0765 3716 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:57:23.0765 3716 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:57:24.0077 3716 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:57:24.0295 3716 idsvc - ok
00:57:24.0311 3716 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:57:24.0342 3716 iirsp - ok
00:57:24.0482 3716 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 ] IKEEXT C:\Windows\System32\ikeext.dll
00:57:24.0607 3716 IKEEXT - ok
00:57:24.0701 3716 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
00:57:24.0732 3716 intelide - ok
00:57:24.0763 3716 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:57:24.0810 3716 intelppm - ok
00:57:24.0935 3716 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:57:24.0997 3716 IPBusEnum - ok
00:57:25.0028 3716 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:57:25.0075 3716 IpFilterDriver - ok
00:57:25.0247 3716 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:57:25.0387 3716 iphlpsvc - ok
00:57:25.0387 3716 IpInIp - ok
00:57:25.0449 3716 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
00:57:25.0652 3716 IPMIDRV - ok
00:57:25.0668 3716 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
00:57:25.0730 3716 IPNAT - ok
00:57:26.0058 3716 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:57:26.0292 3716 iPod Service - ok
00:57:26.0417 3716 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:57:26.0463 3716 IRENUM - ok
00:57:26.0479 3716 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:57:26.0526 3716 isapnp - ok
00:57:26.0651 3716 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:57:26.0729 3716 iScsiPrt - ok
00:57:26.0744 3716 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
00:57:26.0791 3716 iteatapi - ok
00:57:26.0822 3716 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
00:57:26.0838 3716 iteraid - ok
00:57:26.0931 3716 [ DEDB6CC1B166928A8F3F68DEF1766DB0 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
00:57:26.0994 3716 JMCR - ok
00:57:27.0025 3716 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:57:27.0087 3716 kbdclass - ok
00:57:27.0119 3716 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:57:27.0181 3716 kbdhid - ok
00:57:27.0243 3716 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
00:57:27.0431 3716 KeyIso - ok
00:57:27.0571 3716 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:57:27.0696 3716 KSecDD - ok
00:57:27.0867 3716 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:57:28.0055 3716 KtmRm - ok
00:57:28.0148 3716 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
00:57:28.0195 3716 LanmanServer - ok
00:57:28.0273 3716 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:57:28.0304 3716 LanmanWorkstation - ok
00:57:28.0382 3716 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:57:28.0429 3716 lltdio - ok
00:57:28.0507 3716 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:57:28.0616 3716 lltdsvc - ok
00:57:28.0632 3716 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:57:28.0679 3716 lmhosts - ok
00:57:28.0772 3716 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:57:28.0803 3716 LSI_FC - ok
00:57:28.0850 3716 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:57:28.0881 3716 LSI_SAS - ok
00:57:28.0959 3716 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:57:29.0053 3716 LSI_SCSI - ok
00:57:29.0053 3716 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
00:57:29.0349 3716 luafv - ok
00:57:29.0459 3716 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
00:57:33.0936 3716 MBAMSwissArmy - ok
00:57:33.0967 3716 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:57:33.0998 3716 Mcx2Svc - ok
00:57:34.0029 3716 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
00:57:34.0045 3716 megasas - ok
00:57:34.0076 3716 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
00:57:34.0092 3716 MegaSR - ok
00:57:34.0201 3716 Microsoft SharePoint Workspace Audit Service - ok
00:57:34.0232 3716 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
00:57:34.0295 3716 MMCSS - ok
00:57:34.0326 3716 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
00:57:34.0373 3716 Modem - ok
00:57:34.0482 3716 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:57:34.0560 3716 monitor - ok
00:57:34.0591 3716 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:57:34.0622 3716 mouclass - ok
00:57:34.0716 3716 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:57:34.0856 3716 mouhid - ok
00:57:34.0872 3716 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
00:57:34.0887 3716 MountMgr - ok
00:57:35.0012 3716 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:57:35.0090 3716 MozillaMaintenance - ok
00:57:35.0121 3716 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
00:57:35.0137 3716 mpio - ok
00:57:35.0153 3716 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:57:35.0215 3716 mpsdrv - ok
00:57:35.0262 3716 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:57:35.0324 3716 MpsSvc - ok
00:57:35.0355 3716 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
00:57:35.0371 3716 Mraid35x - ok
00:57:35.0449 3716 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:57:35.0496 3716 MRxDAV - ok
00:57:35.0558 3716 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:57:35.0589 3716 mrxsmb - ok
00:57:35.0636 3716 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:57:35.0699 3716 mrxsmb10 - ok
00:57:35.0714 3716 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:57:35.0730 3716 mrxsmb20 - ok
00:57:35.0792 3716 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
00:57:35.0823 3716 msahci - ok
00:57:35.0855 3716 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:57:35.0870 3716 msdsm - ok
00:57:35.0901 3716 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
00:57:35.0933 3716 MSDTC - ok
00:57:35.0964 3716 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:57:36.0011 3716 Msfs - ok
00:57:36.0073 3716 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:57:36.0104 3716 msisadrv - ok
00:57:36.0151 3716 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:57:36.0229 3716 MSiSCSI - ok
00:57:36.0260 3716 msiserver - ok
00:57:36.0338 3716 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:57:36.0416 3716 MSKSSRV - ok
00:57:36.0510 3716 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:57:36.0525 3716 MSPCLOCK - ok
00:57:36.0541 3716 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:57:36.0572 3716 MSPQM - ok
00:57:36.0619 3716 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:57:36.0635 3716 MsRPC - ok
00:57:36.0666 3716 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:57:36.0666 3716 mssmbios - ok
00:57:36.0697 3716 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:57:36.0728 3716 MSTEE - ok
00:57:36.0759 3716 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
00:57:36.0791 3716 Mup - ok
00:57:36.0822 3716 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
00:57:36.0869 3716 napagent - ok
00:57:36.0931 3716 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:57:36.0962 3716 NativeWifiP - ok
00:57:37.0025 3716 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
00:57:37.0071 3716 NDIS - ok
00:57:37.0134 3716 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:57:37.0196 3716 NdisTapi - ok
00:57:37.0227 3716 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:57:37.0243 3716 Ndisuio - ok
00:57:37.0290 3716 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:57:37.0321 3716 NdisWan - ok
00:57:37.0337 3716 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:57:37.0352 3716 NDProxy - ok
00:57:37.0383 3716 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:57:37.0399 3716 NetBIOS - ok
00:57:37.0446 3716 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
00:57:37.0493 3716 netbt - ok
00:57:37.0508 3716 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
00:57:37.0524 3716 Netlogon - ok
00:57:37.0555 3716 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
00:57:37.0602 3716 Netman - ok
00:57:37.0617 3716 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
00:57:37.0649 3716 netprofm - ok
00:57:37.0680 3716 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:57:37.0695 3716 NetTcpPortSharing - ok
00:57:37.0820 3716 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
00:57:38.0039 3716 NETw5v32 - ok
00:57:38.0070 3716 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:57:38.0085 3716 nfrd960 - ok
00:57:38.0117 3716 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
00:57:38.0148 3716 NlaSvc - ok
00:57:38.0179 3716 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:57:38.0195 3716 Npfs - ok
00:57:38.0226 3716 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
00:57:38.0273 3716 nsi - ok
00:57:38.0288 3716 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:57:38.0335 3716 nsiproxy - ok
00:57:38.0382 3716 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:57:38.0460 3716 Ntfs - ok
00:57:38.0507 3716 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
00:57:38.0553 3716 ntrigdigi - ok
00:57:38.0585 3716 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
00:57:38.0616 3716 Null - ok
00:57:38.0756 3716 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
00:57:38.0865 3716 NVENETFD - ok
00:57:38.0897 3716 [ F972DC046C374A9E02F2DFBE74EBB203 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
00:57:38.0912 3716 NVHDA - ok
00:57:39.0287 3716 [ 6C1C07916A4FED3E26BF399F07370986 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
00:57:39.0864 3716 nvlddmkm - ok
00:57:39.0911 3716 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:57:39.0926 3716 nvraid - ok
00:57:39.0942 3716 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:57:39.0957 3716 nvstor - ok
00:57:39.0989 3716 [ 029DF21EB9FC3FF0D628278774C99DC0 ] nvsvc C:\Windows\system32\nvvsvc.exe
00:57:40.0035 3716 nvsvc - ok
00:57:40.0051 3716 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:57:40.0067 3716 nv_agp - ok
00:57:40.0067 3716 NwlnkFlt - ok
00:57:40.0067 3716 NwlnkFwd - ok
00:57:40.0113 3716 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:57:40.0160 3716 ohci1394 - ok
00:57:40.0223 3716 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:57:40.0238 3716 ose - ok
00:57:40.0410 3716 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:57:40.0675 3716 osppsvc - ok
00:57:40.0737 3716 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
00:57:40.0878 3716 p2pimsvc - ok
00:57:40.0925 3716 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
00:57:40.0971 3716 p2psvc - ok
00:57:41.0034 3716 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
00:57:41.0065 3716 Parport - ok
00:57:41.0096 3716 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:57:41.0112 3716 partmgr - ok
00:57:41.0127 3716 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
00:57:41.0190 3716 Parvdm - ok
00:57:41.0237 3716 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
00:57:41.0283 3716 PcaSvc - ok
00:57:41.0315 3716 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
00:57:41.0361 3716 pci - ok
00:57:41.0408 3716 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
00:57:41.0424 3716 pciide - ok
00:57:41.0439 3716 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:57:41.0892 3716 pcmcia - ok
00:57:42.0048 3716 [ 1AC0F275C583C3323FC36865914774B3 ] Peachtree SmartPosting 2011 C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe
00:57:42.0063 3716 Peachtree SmartPosting 2011 - ok
00:57:42.0126 3716 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:57:42.0204 3716 PEAUTH - ok
00:57:42.0329 3716 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
00:57:43.0592 3716 pla - ok
00:57:43.0655 3716 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:57:44.0076 3716 PlugPlay - ok
00:57:44.0185 3716 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
00:57:44.0201 3716 PNRPAutoReg - ok
00:57:44.0263 3716 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
00:57:44.0279 3716 PNRPsvc - ok
00:57:44.0325 3716 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:57:44.0388 3716 PolicyAgent - ok
00:57:44.0435 3716 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:57:44.0481 3716 PptpMiniport - ok
00:57:44.0497 3716 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
00:57:44.0528 3716 Processor - ok
00:57:44.0591 3716 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
00:57:44.0606 3716 ProfSvc - ok
00:57:44.0637 3716 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
00:57:44.0653 3716 ProtectedStorage - ok
00:57:44.0700 3716 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
00:57:44.0747 3716 PSched - ok
00:57:44.0856 3716 [ 1BA47BDD47A62F6E6B56BE4ECF221BE3 ] psqlWGE C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
00:57:44.0903 3716 psqlWGE - ok
00:57:44.0996 3716 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:57:45.0059 3716 ql2300 - ok
00:57:45.0090 3716 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:57:45.0105 3716 ql40xx - ok
00:57:45.0293 3716 [ 6803B69C14696CC4907C5F77FBB04A14 ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
00:57:45.0308 3716 QPCapSvc - ok
00:57:45.0339 3716 [ 95A0B86B9F1D27B613830864341A8252 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
00:57:45.0573 3716 QPSched - ok
00:57:45.0636 3716 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
00:57:45.0995 3716 QWAVE - ok
00:57:46.0026 3716 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:57:46.0041 3716 QWAVEdrv - ok
00:57:46.0073 3716 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:57:46.0151 3716 RasAcd - ok
00:57:46.0213 3716 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
00:57:46.0494 3716 RasAuto - ok
00:57:46.0525 3716 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:57:46.0603 3716 Rasl2tp - ok
00:57:46.0634 3716 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
00:57:46.0665 3716 RasMan - ok
00:57:46.0681 3716 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:57:46.0712 3716 RasPppoe - ok
00:57:46.0743 3716 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:57:46.0759 3716 RasSstp - ok
00:57:46.0790 3716 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:57:46.0853 3716 rdbss - ok
00:57:46.0915 3716 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:57:46.0962 3716 RDPCDD - ok
00:57:46.0993 3716 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
00:57:47.0024 3716 rdpdr - ok
00:57:47.0149 3716 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:57:47.0289 3716 RDPENCDD - ok
00:57:47.0383 3716 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:57:47.0445 3716 RDPWD - ok
00:57:47.0601 3716 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
00:57:47.0617 3716 Recovery Service for Windows - ok
00:57:47.0679 3716 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:57:47.0711 3716 RemoteAccess - ok
00:57:47.0726 3716 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:57:47.0773 3716 RemoteRegistry - ok
00:57:47.0835 3716 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
00:57:47.0882 3716 RFCOMM - ok
00:57:47.0960 3716 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:57:47.0960 3716 RichVideo - ok
00:57:47.0991 3716 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
00:57:48.0038 3716 RpcLocator - ok
00:57:48.0069 3716 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
00:57:48.0101 3716 RpcSs - ok
00:57:48.0179 3716 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:57:48.0241 3716 rspndr - ok
00:57:48.0288 3716 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
00:57:48.0335 3716 RTL8169 - ok
00:57:48.0350 3716 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
00:57:48.0366 3716 SamSs - ok
00:57:48.0413 3716 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:57:48.0459 3716 sbp2port - ok
00:57:48.0506 3716 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:57:48.0522 3716 SCardSvr - ok
00:57:48.0584 3716 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
00:57:48.0615 3716 Schedule - ok
00:57:48.0631 3716 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:57:48.0647 3716 SCPolicySvc - ok
00:57:48.0709 3716 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
00:57:48.0740 3716 sdbus - ok
00:57:48.0771 3716 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:57:48.0818 3716 SDRSVC - ok
00:57:48.0834 3716 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:57:48.0881 3716 secdrv - ok
00:57:48.0896 3716 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
00:57:48.0927 3716 seclogon - ok
00:57:48.0959 3716 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
00:57:48.0990 3716 SENS - ok
00:57:49.0021 3716 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
00:57:49.0083 3716 Serenum - ok
00:57:49.0099 3716 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
00:57:49.0161 3716 Serial - ok
00:57:49.0193 3716 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:57:49.0208 3716 sermouse - ok
00:57:49.0255 3716 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
00:57:49.0286 3716 SessionEnv - ok
00:57:49.0302 3716 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:57:49.0317 3716 sffdisk - ok
00:57:49.0349 3716 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:57:49.0395 3716 sffp_mmc - ok
00:57:49.0442 3716 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:57:49.0489 3716 sffp_sd - ok
00:57:49.0505 3716 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:57:49.0567 3716 sfloppy - ok
00:57:49.0645 3716 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:57:49.0723 3716 SharedAccess - ok
00:57:49.0754 3716 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:57:49.0785 3716 ShellHWDetection - ok
00:57:49.0817 3716 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
00:57:49.0832 3716 sisagp - ok
00:57:49.0848 3716 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
00:57:49.0863 3716 SiSRaid2 - ok
00:57:49.0879 3716 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:57:49.0895 3716 SiSRaid4 - ok
00:57:49.0941 3716 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
00:57:49.0957 3716 SkypeUpdate - ok
00:57:50.0051 3716 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
00:57:50.0144 3716 slsvc - ok
00:57:50.0191 3716 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
00:57:50.0238 3716 SLUINotify - ok
00:57:50.0253 3716 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:57:50.0285 3716 Smb - ok
00:57:50.0300 3716 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:57:50.0316 3716 SNMPTRAP - ok
00:57:50.0347 3716 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
00:57:50.0363 3716 spldr - ok
00:57:50.0394 3716 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
00:57:50.0425 3716 Spooler - ok
00:57:50.0487 3716 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\Windows\System32\Drivers\sptd.sys
00:57:50.0519 3716 sptd - ok
00:57:50.0565 3716 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:57:50.0628 3716 srv - ok
00:57:50.0659 3716 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:57:50.0690 3716 srv2 - ok
00:57:50.0706 3716 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:57:50.0721 3716 srvnet - ok
00:57:50.0753 3716 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:57:50.0799 3716 SSDPSRV - ok
00:57:50.0815 3716 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:57:50.0831 3716 SstpSvc - ok
00:57:50.0955 3716 [ E6F7D35741A6239CE7B54D7665EAB523 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
00:57:50.0987 3716 STacSV - ok
00:57:51.0049 3716 [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
00:57:51.0111 3716 Steam Client Service - ok
00:57:51.0158 3716 [ 5E71B3635D5F96D23EEE1DA92B85C850 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
00:57:51.0252 3716 STHDA - ok
00:57:51.0330 3716 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
00:57:51.0423 3716 stisvc - ok
00:57:51.0439 3716 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:57:51.0455 3716 swenum - ok
00:57:51.0486 3716 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
00:57:51.0579 3716 swprv - ok
00:57:51.0626 3716 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
00:57:51.0642 3716 Symc8xx - ok
00:57:51.0642 3716 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
00:57:51.0657 3716 Sym_hi - ok
00:57:51.0657 3716 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
00:57:51.0673 3716 Sym_u3 - ok
00:57:51.0704 3716 [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:57:51.0720 3716 SynTP - ok
00:57:51.0767 3716 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
00:57:51.0813 3716 SysMain - ok
00:57:51.0876 3716 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:57:51.0954 3716 TabletInputService - ok
00:57:51.0985 3716 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:57:52.0032 3716 TapiSrv - ok
00:57:52.0079 3716 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
00:57:52.0125 3716 TBS - ok
00:57:52.0172 3716 [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:57:52.0235 3716 Tcpip - ok
00:57:52.0281 3716 [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
00:57:52.0313 3716 Tcpip6 - ok
00:57:52.0375 3716 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:57:52.0609 3716 tcpipreg - ok
00:57:52.0625 3716 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:57:52.0671 3716 TDPIPE - ok
00:57:52.0687 3716 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:57:52.0718 3716 TDTCP - ok
00:57:52.0749 3716 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:57:52.0796 3716 tdx - ok
00:57:52.0812 3716 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:57:52.0827 3716 TermDD - ok
00:57:52.0859 3716 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
00:57:52.0937 3716 TermService - ok
00:57:52.0968 3716 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
00:57:53.0015 3716 Themes - ok
00:57:53.0030 3716 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
00:57:53.0061 3716 THREADORDER - ok
00:57:53.0093 3716 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
00:57:53.0139 3716 TrkWks - ok
00:57:53.0171 3716 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:57:53.0202 3716 TrustedInstaller - ok
00:57:53.0233 3716 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:57:53.0264 3716 tssecsrv - ok
00:57:53.0311 3716 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
00:57:53.0342 3716 tunmp - ok
00:57:53.0373 3716 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:57:53.0436 3716 tunnel - ok
00:57:53.0467 3716 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:57:53.0483 3716 uagp35 - ok
00:57:53.0561 3716 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:57:53.0607 3716 udfs - ok
00:57:53.0654 3716 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:57:53.0701 3716 UI0Detect - ok
00:57:53.0732 3716 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:57:53.0748 3716 uliagpkx - ok
00:57:53.0763 3716 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
00:57:53.0795 3716 uliahci - ok
00:57:53.0810 3716 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
00:57:53.0826 3716 UlSata - ok
00:57:53.0841 3716 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
00:57:53.0857 3716 ulsata2 - ok
00:57:53.0888 3716 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:57:53.0935 3716 umbus - ok
00:57:53.0982 3716 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
00:57:54.0013 3716 upnphost - ok
00:57:54.0091 3716 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
00:57:54.0216 3716 USBAAPL - ok
00:57:54.0247 3716 [ AAB0B5F72D2D726FBFDC895A2902DE1D ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:57:54.0294 3716 usbccgp - ok
00:57:54.0325 3716 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:57:54.0387 3716 usbcir - ok
00:57:54.0450 3716 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:57:54.0465 3716 usbehci - ok
00:57:54.0528 3716 [ 2AE6BCEBD85D31317E433733DAF25888 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:57:54.0575 3716 usbhub - ok
00:57:54.0606 3716 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
00:57:54.0637 3716 usbohci - ok
00:57:54.0668 3716 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:57:54.0715 3716 usbprint - ok
00:57:54.0777 3716 [ 1D714B8497CD68307806D5D3F60A5169 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:57:54.0809 3716 usbscan - ok
00:57:54.0840 3716 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:57:54.0933 3716 USBSTOR - ok
00:57:54.0933 3716 [ 44056325428A8E4C755830426E29878F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
00:57:54.0949 3716 usbuhci - ok
00:57:54.0996 3716 [ 73FF24E21B690625A58109637DDA0DF7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
00:57:55.0043 3716 usbvideo - ok
00:57:55.0074 3716 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
00:57:55.0121 3716 UxSms - ok
00:57:55.0183 3716 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
00:57:55.0230 3716 vds - ok
00:57:55.0292 3716 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:57:55.0323 3716 vga - ok
00:57:55.0355 3716 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
00:57:55.0386 3716 VgaSave - ok
00:57:55.0401 3716 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
00:57:55.0417 3716 viaagp - ok
00:57:55.0433 3716 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
00:57:55.0448 3716 ViaC7 - ok
00:57:55.0479 3716 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
00:57:55.0495 3716 viaide - ok
00:57:55.0511 3716 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:57:55.0526 3716 volmgr - ok
00:57:55.0557 3716 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:57:55.0573 3716 volmgrx - ok
00:57:55.0604 3716 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:57:55.0620 3716 volsnap - ok
00:57:55.0651 3716 [ EA39F36302DACBCDCDB113313718E768 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
00:57:55.0667 3716 vpnva - ok
00:57:55.0682 3716 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:57:55.0713 3716 vsmraid - ok
00:57:55.0760 3716 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
00:57:55.0838 3716 VSS - ok
00:57:55.0901 3716 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
00:57:55.0963 3716 W32Time - ok
00:57:55.0994 3716 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:57:56.0041 3716 WacomPen - ok
00:57:56.0057 3716 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:57:56.0088 3716 Wanarp - ok
00:57:56.0088 3716 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:57:56.0103 3716 Wanarpv6 - ok
00:57:56.0150 3716 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:57:56.0166 3716 wcncsvc - ok
00:57:56.0197 3716 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:57:56.0275 3716 WcsPlugInService - ok
00:57:56.0291 3716 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
00:57:56.0306 3716 Wd - ok
00:57:56.0369 3716 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
00:57:56.0431 3716 WDC_SAM - ok
00:57:56.0478 3716 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:57:56.0556 3716 Wdf01000 - ok
00:57:56.0587 3716 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:57:56.0665 3716 WdiServiceHost - ok
00:57:56.0665 3716 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:57:56.0696 3716 WdiSystemHost - ok
00:57:56.0727 3716 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
00:57:56.0774 3716 WebClient - ok
00:57:56.0805 3716 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:57:56.0852 3716 Wecsvc - ok
00:57:56.0883 3716 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:57:56.0946 3716 wercplsupport - ok
00:57:56.0977 3716 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
00:57:56.0993 3716 WerSvc - ok
00:57:57.0039 3716 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
00:57:57.0133 3716 winachsf - ok
00:57:57.0180 3716 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
00:57:57.0195 3716 WinDefend - ok
00:57:57.0195 3716 WinHttpAutoProxySvc - ok
00:57:57.0258 3716 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:57:57.0273 3716 Winmgmt - ok
00:57:57.0320 3716 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
00:57:57.0429 3716 WinRM - ok
00:57:57.0476 3716 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:57:57.0585 3716 Wlansvc - ok
00:57:57.0632 3716 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:57:57.0648 3716 WmiAcpi - ok
00:57:57.0695 3716 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:57:57.0710 3716 wmiApSrv - ok
00:57:57.0773 3716 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
00:57:57.0851 3716 WMPNetworkSvc - ok
00:57:57.0913 3716 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:57:57.0944 3716 WPCSvc - ok
00:57:57.0975 3716 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:57:58.0069 3716 WPDBusEnum - ok
00:57:58.0116 3716 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
00:57:58.0131 3716 WpdUsb - ok
00:57:58.0428 3716 [ 15673BD0B86150CB8E27766059C72A9B ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:57:58.0521 3716 WPFFontCache_v0400 - ok
00:57:58.0568 3716 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:57:58.0584 3716 ws2ifsl - ok
00:57:58.0631 3716 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
00:57:58.0662 3716 wscsvc - ok
00:57:58.0662 3716 WSearch - ok
00:57:59.0083 3716 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
00:57:59.0801 3716 wuauserv - ok
00:57:59.0879 3716 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:57:59.0988 3716 WudfPf - ok
00:58:00.0097 3716 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:58:00.0128 3716 WUDFRd - ok
00:58:00.0175 3716 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:58:00.0206 3716 wudfsvc - ok
00:58:00.0284 3716 ================ Scan global ===============================
00:58:00.0378 3716 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
00:58:00.0440 3716 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
00:58:00.0471 3716 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
00:58:00.0534 3716 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
00:58:00.0534 3716 [Global] - ok
00:58:00.0549 3716 ================ Scan MBR ==================================
00:58:00.0565 3716 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
00:58:01.0049 3716 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
00:58:01.0049 3716 \Device\Harddisk0\DR0 - detected TDSS File System (1)
00:58:01.0049 3716 ================ Scan VBR ==================================
00:58:01.0080 3716 [ C74FB020FB4AE489E74EAF8F0FA639DE ] \Device\Harddisk0\DR0\Partition1
00:58:01.0080 3716 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
00:58:01.0080 3716 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
00:58:01.0111 3716 [ 79A1664FF2D5CEAF015F32FB142A4814 ] \Device\Harddisk0\DR0\Partition2
00:58:01.0111 3716 \Device\Harddisk0\DR0\Partition2 - ok
00:58:01.0111 3716 ================ Scan active images ========================
00:58:01.0111 3716 [ 36975327EF03949CC378AB01E316B574 ] C:\WINDOWS\System32\drivers\crashdmp.sys
00:58:01.0111 3716 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
00:58:01.0127 3716 [ C67EBF9C05531C406E1E079FF669A2E6 ] C:\WINDOWS\System32\drivers\Dumpata.sys
00:58:01.0127 3716 C:\WINDOWS\System32\drivers\Dumpata.sys - ok
00:58:01.0127 3716 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] C:\WINDOWS\System32\drivers\msahci.sys
00:58:01.0127 3716 C:\WINDOWS\System32\drivers\msahci.sys - ok
00:58:01.0127 3716 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\WINDOWS\System32\drivers\CmBatt.sys
00:58:01.0127 3716 C:\WINDOWS\System32\drivers\CmBatt.sys - ok
00:58:01.0142 3716 [ 224191001E78C89DFA78924C3EA595FF ] C:\WINDOWS\System32\drivers\intelppm.sys
00:58:01.0142 3716 C:\WINDOWS\System32\drivers\intelppm.sys - ok
00:58:01.0142 3716 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\WINDOWS\System32\drivers\TUNMP.SYS
00:58:01.0142 3716 C:\WINDOWS\System32\drivers\TUNMP.SYS - ok
00:58:01.0142 3716 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\WINDOWS\System32\drivers\tunnel.sys
00:58:01.0142 3716 C:\WINDOWS\System32\drivers\tunnel.sys - ok
00:58:01.0158 3716 [ E8044E9976D43B1D00EADE351E447349 ] C:\WINDOWS\System32\drivers\atikmdag.sys
00:58:01.0158 3716 C:\WINDOWS\System32\drivers\atikmdag.sys - ok
00:58:01.0158 3716 [ 988670D8343EF9835FB3659DB71B2EFA ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
00:58:01.0158 3716 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
00:58:01.0173 3716 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\WINDOWS\System32\drivers\watchdog.sys
00:58:01.0173 3716 C:\WINDOWS\System32\drivers\watchdog.sys - ok
00:58:01.0173 3716 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\WINDOWS\System32\drivers\hdaudbus.sys
00:58:01.0173 3716 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
00:58:01.0173 3716 [ B09C74A41F26B08149707EA5E7F956C2 ] C:\WINDOWS\System32\drivers\usbport.sys
00:58:01.0173 3716 C:\WINDOWS\System32\drivers\usbport.sys - ok
00:58:01.0189 3716 [ 44056325428A8E4C755830426E29878F ] C:\WINDOWS\System32\drivers\usbuhci.sys
00:58:01.0189 3716 C:\WINDOWS\System32\drivers\usbuhci.sys - ok
00:58:01.0189 3716 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] C:\WINDOWS\System32\drivers\usbehci.sys
00:58:01.0189 3716 C:\WINDOWS\System32\drivers\usbehci.sys - ok
00:58:01.0189 3716 [ A2CD1468BB0E796726DA95E95F87A715 ] C:\WINDOWS\System32\drivers\BCMWL6.SYS
00:58:01.0189 3716 C:\WINDOWS\System32\drivers\BCMWL6.SYS - ok
00:58:01.0205 3716 [ 7157E70A90CCE49DEB8885D23A073A39 ] C:\WINDOWS\System32\drivers\Rtlh86.sys
00:58:01.0205 3716 C:\WINDOWS\System32\drivers\Rtlh86.sys - ok
00:58:01.0205 3716 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\WINDOWS\System32\drivers\1394bus.sys
00:58:01.0205 3716 C:\WINDOWS\System32\drivers\1394bus.sys - ok
00:58:01.0220 3716 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\WINDOWS\System32\drivers\ohci1394.sys
00:58:01.0220 3716 C:\WINDOWS\System32\drivers\ohci1394.sys - ok
00:58:01.0220 3716 [ DEDB6CC1B166928A8F3F68DEF1766DB0 ] C:\WINDOWS\System32\drivers\jmcr.sys
00:58:01.0220 3716 C:\WINDOWS\System32\drivers\jmcr.sys - ok
00:58:01.0220 3716 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\WINDOWS\System32\drivers\i8042prt.sys
00:58:01.0220 3716 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
00:58:01.0236 3716 [ 35956140E686D53BF676CF0C778880FC ] C:\WINDOWS\System32\drivers\HpqKbFiltr.sys
00:58:01.0236 3716 C:\WINDOWS\System32\drivers\HpqKbFiltr.sys - ok
00:58:01.0236 3716 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\WINDOWS\System32\drivers\kbdclass.sys
00:58:01.0236 3716 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
00:58:01.0251 3716 [ 5BF6A1326A335C5298477754A506D263 ] C:\WINDOWS\System32\drivers\mouclass.sys
00:58:01.0251 3716 C:\WINDOWS\System32\drivers\mouclass.sys - ok
00:58:01.0251 3716 [ BF7AA84D5AF0FAA0978C840E63B17DBF ] C:\WINDOWS\System32\drivers\SynTP.sys
00:58:01.0251 3716 C:\WINDOWS\System32\drivers\SynTP.sys - ok
00:58:01.0251 3716 [ FE619ED13CE12F5B43C04E3EA061BBD6 ] C:\WINDOWS\System32\drivers\usbd.sys
00:58:01.0251 3716 C:\WINDOWS\System32\drivers\usbd.sys - ok
00:58:01.0267 3716 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] C:\WINDOWS\System32\drivers\enecir.sys
00:58:01.0267 3716 C:\WINDOWS\System32\drivers\enecir.sys - ok
00:58:01.0267 3716 [ 6B4BFFB9BECD728097024276430DB314 ] C:\WINDOWS\System32\drivers\cdrom.sys
00:58:01.0267 3716 C:\WINDOWS\System32\drivers\cdrom.sys - ok
00:58:01.0283 3716 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
00:58:01.0283 3716 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
00:58:01.0283 3716 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\WINDOWS\System32\drivers\wmiacpi.sys
00:58:01.0283 3716 C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
00:58:01.0283 3716 [ 6277BBECFDBEC6513385966F46637442 ] \Device\978727307
00:58:01.0283 3716 \Device\978727307 - ok
00:58:01.0298 3716 [ 3B10711AD8656C097E0D16A41B29C54C ] C:\WINDOWS\System32\drivers\Accelerometer.sys
00:58:01.0298 3716 C:\WINDOWS\System32\drivers\Accelerometer.sys - ok
00:58:01.0298 3716 [ 232FA340531D940AAC623B121A595034 ] C:\WINDOWS\System32\drivers\msiscsi.sys
00:58:01.0298 3716 C:\WINDOWS\System32\drivers\msiscsi.sys - ok
00:58:01.0298 3716 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\WINDOWS\System32\drivers\tdi.sys
00:58:01.0298 3716 C:\WINDOWS\System32\drivers\tdi.sys - ok
00:58:01.0314 3716 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\WINDOWS\System32\drivers\rasl2tp.sys
00:58:01.0314 3716 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
00:58:01.0314 3716 [ 0E186E90404980569FB449BA7519AE61 ] C:\WINDOWS\System32\drivers\ndistapi.sys
00:58:01.0314 3716 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
00:58:01.0314 3716 [ 818F648618AE34F729FDB47EC68345C3 ] C:\WINDOWS\System32\drivers\ndiswan.sys
00:58:01.0314 3716 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
00:58:01.0329 3716 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\WINDOWS\System32\drivers\raspppoe.sys
00:58:01.0329 3716 C:\WINDOWS\System32\drivers\raspppoe.sys - ok
00:58:01.0329 3716 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\WINDOWS\System32\drivers\raspptp.sys
00:58:01.0329 3716 C:\WINDOWS\System32\drivers\raspptp.sys - ok
00:58:01.0329 3716 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\WINDOWS\System32\drivers\rassstp.sys
00:58:01.0329 3716 C:\WINDOWS\System32\drivers\rassstp.sys - ok
00:58:01.0345 3716 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\WINDOWS\System32\drivers\termdd.sys
00:58:01.0345 3716 C:\WINDOWS\System32\drivers\termdd.sys - ok
00:58:01.0345 3716 [ E5D4133F37219DBCFE102BC61072589D ] C:\WINDOWS\System32\drivers\circlass.sys
00:58:01.0345 3716 C:\WINDOWS\System32\drivers\circlass.sys - ok
00:58:01.0361 3716 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\WINDOWS\System32\drivers\ks.sys
00:58:01.0361 3716 C:\WINDOWS\System32\drivers\ks.sys - ok
00:58:01.0361 3716 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\WINDOWS\System32\drivers\swenum.sys
00:58:01.0361 3716 C:\WINDOWS\System32\drivers\swenum.sys - ok
00:58:01.0361 3716 [ E384487CB84BE41D09711C30CA79646C ] C:\WINDOWS\System32\drivers\mssmbios.sys
00:58:01.0361 3716 C:\WINDOWS\System32\drivers\mssmbios.sys - ok
00:58:01.0376 3716 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\WINDOWS\System32\drivers\umbus.sys
00:58:01.0376 3716 C:\WINDOWS\System32\drivers\umbus.sys - ok
00:58:01.0376 3716 [ 2AE6BCEBD85D31317E433733DAF25888 ] C:\WINDOWS\System32\drivers\usbhub.sys
00:58:01.0376 3716 C:\WINDOWS\System32\drivers\usbhub.sys - ok
00:58:01.0376 3716 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\WINDOWS\System32\drivers\ndproxy.sys
00:58:01.0376 3716 C:\WINDOWS\System32\drivers\ndproxy.sys - ok
00:58:01.0392 3716 [ 2A63675F6FA8EF0FF9F5C72695584CAA ] C:\WINDOWS\System32\drivers\drmk.sys
00:58:01.0392 3716 C:\WINDOWS\System32\drivers\drmk.sys - ok
00:58:01.0392 3716 [ 3F90E001369A07243763BD5A523D8722 ] C:\WINDOWS\System32\drivers\HdAudio.sys
00:58:01.0392 3716 C:\WINDOWS\System32\drivers\HdAudio.sys - ok
00:58:01.0407 3716 [ 6DBA75306DD9B242B6F1C343179AD201 ] C:\WINDOWS\System32\drivers\portcls.sys
00:58:01.0407 3716 C:\WINDOWS\System32\drivers\portcls.sys - ok
00:58:01.0407 3716 [ 5961CADB7CAD938368D2028725EF771D ] C:\WINDOWS\System32\drivers\hidclass.sys
00:58:01.0407 3716 C:\WINDOWS\System32\drivers\hidclass.sys - ok
00:58:01.0407 3716 [ D8DF3722D5E961BAA1292AA2F12827E2 ] C:\WINDOWS\System32\drivers\hidir.sys
00:58:01.0407 3716 C:\WINDOWS\System32\drivers\hidir.sys - ok
00:58:01.0423 3716 [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 ] C:\WINDOWS\System32\drivers\hidparse.sys
00:58:01.0423 3716 C:\WINDOWS\System32\drivers\hidparse.sys - ok
00:58:01.0423 3716 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\WINDOWS\System32\drivers\kbdhid.sys
00:58:01.0423 3716 C:\WINDOWS\System32\drivers\kbdhid.sys - ok
00:58:01.0423 3716 [ 93B8D4869E12CFBE663915502900876F ] C:\WINDOWS\System32\drivers\mouhid.sys
00:58:01.0423 3716 C:\WINDOWS\System32\drivers\mouhid.sys - ok
00:58:01.0439 3716 [ 0F639D0526820BA7872C963813E0EB8D ] C:\WINDOWS\System32\drivers\aswSnx.sys
00:58:01.0439 3716 C:\WINDOWS\System32\drivers\aswSnx.sys - ok
00:58:01.0439 3716 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] C:\WINDOWS\System32\drivers\aswSP.sys
00:58:01.0439 3716 C:\WINDOWS\System32\drivers\aswSP.sys - ok
00:58:01.0454 3716 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\WINDOWS\System32\drivers\beep.sys
00:58:01.0454 3716 C:\WINDOWS\System32\drivers\beep.sys - ok
00:58:01.0454 3716 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\WINDOWS\System32\drivers\fs_rec.sys
00:58:01.0454 3716 C:\WINDOWS\System32\drivers\fs_rec.sys - ok
00:58:01.0454 3716 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\WINDOWS\System32\drivers\vga.sys
00:58:01.0454 3716 C:\WINDOWS\System32\drivers\vga.sys - ok
00:58:01.0470 3716 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\WINDOWS\System32\drivers\videoprt.sys
00:58:01.0470 3716 C:\WINDOWS\System32\drivers\videoprt.sys - ok
00:58:01.0470 3716 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
00:58:01.0470 3716 C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
00:58:01.0470 3716 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
00:58:01.0470 3716 C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
00:58:01.0485 3716 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\WINDOWS\System32\drivers\msfs.sys
00:58:01.0485 3716 C:\WINDOWS\System32\drivers\msfs.sys - ok
00:58:01.0485 3716 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\WINDOWS\System32\drivers\npfs.sys
00:58:01.0485 3716 C:\WINDOWS\System32\drivers\npfs.sys - ok
00:58:01.0501 3716 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\WINDOWS\System32\drivers\rasacd.sys
00:58:01.0501 3716 C:\WINDOWS\System32\drivers\rasacd.sys - ok
00:58:01.0501 3716 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\WINDOWS\System32\drivers\tdx.sys
00:58:01.0501 3716 C:\WINDOWS\System32\drivers\tdx.sys - ok
00:58:01.0501 3716 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] C:\WINDOWS\System32\drivers\aswTdi.sys
00:58:01.0501 3716 C:\WINDOWS\System32\drivers\aswTdi.sys - ok
00:58:01.0517 3716 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\WINDOWS\System32\drivers\smb.sys
00:58:01.0517 3716 C:\WINDOWS\System32\drivers\smb.sys - ok
00:58:01.0517 3716 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\WINDOWS\System32\drivers\netbt.sys
00:58:01.0517 3716 C:\WINDOWS\System32\drivers\netbt.sys - ok
00:58:01.0532 3716 [ 3911B972B55FEA0478476B2E777B29FA ] C:\WINDOWS\System32\drivers\afd.sys
00:58:01.0532 3716 C:\WINDOWS\System32\drivers\afd.sys - ok
00:58:01.0532 3716 [ B269C41DF93EFF71DF0986BD982D1C46 ] C:\WINDOWS\System32\drivers\aswRdr.sys
00:58:01.0532 3716 C:\WINDOWS\System32\drivers\aswRdr.sys - ok
00:58:01.0532 3716 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:58:01.0532 3716 C:\WINDOWS\System32\drivers\ws2ifsl.sys - ok
00:58:01.0548 3716 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\WINDOWS\System32\drivers\netbios.sys
00:58:01.0548 3716 C:\WINDOWS\System32\drivers\netbios.sys - ok
00:58:01.0548 3716 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\WINDOWS\System32\drivers\pacer.sys
00:58:01.0548 3716 C:\WINDOWS\System32\drivers\pacer.sys - ok
00:58:01.0548 3716 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\WINDOWS\System32\drivers\wanarp.sys
00:58:01.0548 3716 C:\WINDOWS\System32\drivers\wanarp.sys - ok
00:58:01.0563 3716 [ 609773E344A97410CE4EBF74A8914FCF ] C:\WINDOWS\System32\drivers\nsiproxy.sys
00:58:01.0563 3716 C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
00:58:01.0563 3716 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\WINDOWS\System32\drivers\rdbss.sys
00:58:01.0563 3716 C:\WINDOWS\System32\drivers\rdbss.sys - ok
00:58:01.0579 3716 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\WINDOWS\System32\drivers\dfsc.sys
00:58:01.0579 3716 C:\WINDOWS\System32\drivers\dfsc.sys - ok
00:58:01.0579 3716 [ CCA4B519B17E23A00B826C55716809CC ] C:\WINDOWS\System32\drivers\hidusb.sys
00:58:01.0579 3716 C:\WINDOWS\System32\drivers\hidusb.sys - ok
00:58:01.0579 3716 [ B9FDFF876B0E7B4FECBAA5708C6ED616 ] C:\WINDOWS\System32\ntdll.dll
00:58:01.0579 3716 C:\WINDOWS\System32\ntdll.dll - ok
00:58:01.0595 3716 [ BE7480C91E89EB82FC080F772C220AE4 ] C:\WINDOWS\System32\smss.exe
00:58:01.0595 3716 C:\WINDOWS\System32\smss.exe - ok
00:58:01.0595 3716 [ 10761177A6EBE45843F443E99509F5E7 ] C:\WINDOWS\System32\autochk.exe
00:58:01.0595 3716 C:\WINDOWS\System32\autochk.exe - ok
00:58:01.0595 3716 [ AAB0B5F72D2D726FBFDC895A2902DE1D ] C:\WINDOWS\System32\drivers\usbccgp.sys
00:58:01.0595 3716 C:\WINDOWS\System32\drivers\usbccgp.sys - ok
00:58:01.0610 3716 [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15 ] C:\WINDOWS\System32\imagehlp.dll
00:58:01.0610 3716 C:\WINDOWS\System32\imagehlp.dll - ok
00:58:01.0610 3716 [ 73FF24E21B690625A58109637DDA0DF7 ] C:\WINDOWS\System32\drivers\usbvideo.sys
00:58:01.0610 3716 C:\WINDOWS\System32\drivers\usbvideo.sys - ok
00:58:01.0610 3716 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\WINDOWS\System32\usp10.dll
00:58:01.0610 3716 C:\WINDOWS\System32\usp10.dll - ok
00:58:01.0626 3716 [ C394079EB162E812D682C73FA96AF6E4 ] C:\WINDOWS\System32\clbcatq.dll
00:58:01.0626 3716 C:\WINDOWS\System32\clbcatq.dll - ok
00:58:01.0626 3716 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\WINDOWS\System32\imm32.dll
00:58:01.0626 3716 C:\WINDOWS\System32\imm32.dll - ok
00:58:01.0626 3716 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\WINDOWS\System32\lpk.dll
00:58:01.0626 3716 C:\WINDOWS\System32\lpk.dll - ok
00:58:01.0641 3716 [ 75510147B94598407666F4802797C75A ] C:\WINDOWS\System32\user32.dll
00:58:01.0641 3716 C:\WINDOWS\System32\user32.dll - ok
00:58:01.0641 3716 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\WINDOWS\System32\setupapi.dll
00:58:01.0641 3716 C:\WINDOWS\System32\setupapi.dll - ok
00:58:01.0657 3716 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\WINDOWS\System32\oleaut32.dll
00:58:01.0657 3716 C:\WINDOWS\System32\oleaut32.dll - ok
00:58:01.0657 3716 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\WINDOWS\System32\Wldap32.dll
00:58:01.0657 3716 C:\WINDOWS\System32\Wldap32.dll - ok
00:58:01.0657 3716 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\WINDOWS\System32\kernel32.dll
00:58:01.0657 3716 C:\WINDOWS\System32\kernel32.dll - ok
00:58:01.0673 3716 [ 6F29236AB5926100972924BD29D9D225 ] C:\WINDOWS\System32\normaliz.dll
00:58:01.0673 3716 C:\WINDOWS\System32\normaliz.dll - ok
00:58:01.0673 3716 [ E389C328AC7FE5673593ECAD269E7A54 ] C:\WINDOWS\System32\rpcrt4.dll
00:58:01.0673 3716 C:\WINDOWS\System32\rpcrt4.dll - ok
00:58:01.0673 3716 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\WINDOWS\System32\shell32.dll
00:58:01.0673 3716 C:\WINDOWS\System32\shell32.dll - ok
00:58:01.0688 3716 [ B787EE3F327ABAC1EC47313B3A673598 ] C:\WINDOWS\System32\iertutil.dll
00:58:01.0688 3716 C:\WINDOWS\System32\iertutil.dll - ok
00:58:01.0688 3716 [ 5AAFA41F2A09D68F43741EF13937650A ] C:\WINDOWS\System32\urlmon.dll
00:58:01.0688 3716 C:\WINDOWS\System32\urlmon.dll - ok
00:58:01.0704 3716 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\WINDOWS\System32\msctf.dll
00:58:01.0704 3716 C:\WINDOWS\System32\msctf.dll - ok
00:58:01.0704 3716 [ 4CC9DF09C3D915BA0A101A11DB684F26 ] C:\WINDOWS\System32\wininet.dll
00:58:01.0704 3716 C:\WINDOWS\System32\wininet.dll - ok
00:58:01.0704 3716 [ 17AF64D727545F2804F6E6D998327E3F ] C:\WINDOWS\System32\msvcrt.dll
00:58:01.0704 3716 C:\WINDOWS\System32\msvcrt.dll - ok
00:58:01.0719 3716 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\WINDOWS\System32\comdlg32.dll
00:58:01.0719 3716 C:\WINDOWS\System32\comdlg32.dll - ok
00:58:01.0719 3716 [ 872363237F24BCB03D73E2A3B4FBF38D ] C:\WINDOWS\System32\gdi32.dll
00:58:01.0719 3716 C:\WINDOWS\System32\gdi32.dll - ok
00:58:01.0719 3716 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\WINDOWS\System32\shlwapi.dll
00:58:01.0719 3716 C:\WINDOWS\System32\shlwapi.dll - ok
00:58:01.0735 3716 [ 9586E7CB2255A8B097A7E4538202585E ] C:\WINDOWS\System32\ole32.dll
00:58:01.0735 3716 C:\WINDOWS\System32\ole32.dll - ok
00:58:01.0735 3716 [ 50CAA7072C171B9887215C83D52069E4 ] C:\WINDOWS\System32\advapi32.dll
00:58:01.0735 3716 C:\WINDOWS\System32\advapi32.dll - ok
00:58:01.0751 3716 [ 58035212AB7869A5FC3AF186ACBA8F09 ] C:\WINDOWS\System32\comctl32.dll
00:58:01.0751 3716 C:\WINDOWS\System32\comctl32.dll - ok
00:58:01.0751 3716 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\WINDOWS\System32\nsi.dll
00:58:01.0751 3716 C:\WINDOWS\System32\nsi.dll - ok
00:58:01.0751 3716 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\WINDOWS\System32\psapi.dll
00:58:01.0751 3716 C:\WINDOWS\System32\psapi.dll - ok
00:58:01.0766 3716 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\WINDOWS\System32\ws2_32.dll
00:58:01.0766 3716 C:\WINDOWS\System32\ws2_32.dll - ok
00:58:01.0766 3716 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\WINDOWS\System32\drivers\dxapi.sys
00:58:01.0766 3716 C:\WINDOWS\System32\drivers\dxapi.sys - ok
00:58:01.0766 3716 [ A6E18756EA7B6E971184B57B86251FC5 ] C:\WINDOWS\System32\win32k.sys
00:58:01.0766 3716 C:\WINDOWS\System32\win32k.sys - ok
00:58:01.0782 3716 [ 33F84B64D4765BCDFA0AB8464122DA14 ] C:\WINDOWS\System32\csrsrv.dll
00:58:01.0782 3716 C:\WINDOWS\System32\csrsrv.dll - ok
00:58:01.0782 3716 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\WINDOWS\System32\csrss.exe
00:58:01.0782 3716 C:\WINDOWS\System32\csrss.exe - ok
00:58:01.0782 3716 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\WINDOWS\System32\basesrv.dll
00:58:01.0782 3716 C:\WINDOWS\System32\basesrv.dll - ok
00:58:01.0797 3716 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\WINDOWS\System32\winsrv.dll
00:58:01.0797 3716 C:\WINDOWS\System32\winsrv.dll - ok
00:58:01.0797 3716 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\WINDOWS\System32\drivers\monitor.sys
00:58:01.0797 3716 C:\WINDOWS\System32\drivers\monitor.sys - ok
00:58:01.0797 3716 [ CC21507D246861671A0BF97E75CE1B00 ] C:\WINDOWS\System32\tsddd.dll
00:58:01.0797 3716 C:\WINDOWS\System32\tsddd.dll - ok
00:58:01.0813 3716 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\WINDOWS\System32\wininit.exe
00:58:01.0813 3716 C:\WINDOWS\System32\wininit.exe - ok
00:58:01.0813 3716 [ 12C8D6C564702B0776512932290A3F6B ] C:\WINDOWS\System32\KBDUS.DLL
00:58:01.0813 3716 C:\WINDOWS\System32\KBDUS.DLL - ok
00:58:01.0829 3716 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\WINDOWS\System32\secur32.dll
00:58:01.0829 3716 C:\WINDOWS\System32\secur32.dll - ok
00:58:01.0829 3716 [ 665417528489096BBCB8AEA46D3DA924 ] C:\WINDOWS\System32\userenv.dll
00:58:01.0829 3716 C:\WINDOWS\System32\userenv.dll - ok
00:58:01.0829 3716 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\WINDOWS\System32\sxs.dll
00:58:01.0829 3716 C:\WINDOWS\System32\sxs.dll - ok
00:58:01.0844 3716 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\WINDOWS\System32\WlS0WndH.dll
00:58:01.0844 3716 C:\WINDOWS\System32\WlS0WndH.dll - ok
00:58:01.0844 3716 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\WINDOWS\System32\apphelp.dll
00:58:01.0844 3716 C:\WINDOWS\System32\apphelp.dll - ok
00:58:01.0844 3716 [ D6F0260D9051C0B60998F4CDBE9B2CC6 ] C:\WINDOWS\System32\cdd.dll
00:58:01.0844 3716 C:\WINDOWS\System32\cdd.dll - ok
00:58:01.0860 3716 [ A3E186B4B935905B829219502557314E ] C:\WINDOWS\System32\lsass.exe
00:58:01.0860 3716 C:\WINDOWS\System32\lsass.exe - ok
00:58:01.0860 3716 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\WINDOWS\System32\lsm.exe
00:58:01.0860 3716 C:\WINDOWS\System32\lsm.exe - ok
00:58:01.0860 3716 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\WINDOWS\System32\services.exe
00:58:01.0860 3716 C:\WINDOWS\System32\services.exe - ok
00:58:01.0875 3716 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\WINDOWS\System32\sysntfy.dll
00:58:01.0875 3716 C:\WINDOWS\System32\sysntfy.dll - ok
00:58:01.0875 3716 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\WINDOWS\System32\wmsgapi.dll
00:58:01.0875 3716 C:\WINDOWS\System32\wmsgapi.dll - ok
00:58:01.0875 3716 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\WINDOWS\System32\lsasrv.dll
00:58:01.0891 3716 C:\WINDOWS\System32\lsasrv.dll - ok
00:58:01.0891 3716 [ D90911B3FA05D7B930C1286084B404DE ] C:\WINDOWS\System32\scesrv.dll
00:58:01.0891 3716 C:\WINDOWS\System32\scesrv.dll - ok
00:58:01.0891 3716 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\WINDOWS\System32\authz.dll
00:58:01.0891 3716 C:\WINDOWS\System32\authz.dll - ok
00:58:01.0907 3716 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\WINDOWS\System32\netapi32.dll
00:58:01.0907 3716 C:\WINDOWS\System32\netapi32.dll - ok
00:58:01.0907 3716 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\WINDOWS\System32\ncobjapi.dll
00:58:01.0907 3716 C:\WINDOWS\System32\ncobjapi.dll - ok
00:58:01.0907 3716 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\WINDOWS\System32\aelupsvc.dll
00:58:01.0907 3716 C:\WINDOWS\System32\aelupsvc.dll - ok
00:58:01.0922 3716 [ A1545B731579895D8CC44FC0481C1192 ] C:\WINDOWS\System32\alg.exe
00:58:01.0922 3716 C:\WINDOWS\System32\alg.exe - ok
00:58:01.0922 3716 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\WINDOWS\System32\appinfo.dll
00:58:01.0922 3716 C:\WINDOWS\System32\appinfo.dll - ok
00:58:01.0922 3716 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\WINDOWS\System32\rascfg.dll
00:58:01.0922 3716 C:\WINDOWS\System32\rascfg.dll - ok
00:58:01.0938 3716 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\WINDOWS\System32\audiosrv.dll
00:58:01.0938 3716 C:\WINDOWS\System32\audiosrv.dll - ok
00:58:01.0938 3716 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\WINDOWS\System32\winlogon.exe
00:58:01.0938 3716 C:\WINDOWS\System32\winlogon.exe - ok
00:58:01.0953 3716 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\WINDOWS\System32\winsta.dll
00:58:01.0953 3716 C:\WINDOWS\System32\winsta.dll - ok
00:58:01.0953 3716 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\WINDOWS\System32\BFE.DLL
00:58:01.0953 3716 C:\WINDOWS\System32\BFE.DLL - ok
00:58:01.0953 3716 [ 93952506C6D67330367F7E7934B6A02F ] C:\WINDOWS\System32\qmgr.dll
00:58:01.0953 3716 C:\WINDOWS\System32\qmgr.dll - ok
00:58:01.0969 3716 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\WINDOWS\System32\browser.dll
00:58:01.0969 3716 C:\WINDOWS\System32\browser.dll - ok
00:58:01.0969 3716 [ A4C8377FA4A994E07075107DBE2E3DCE ] C:\WINDOWS\System32\bthserv.dll
00:58:01.0969 3716 C:\WINDOWS\System32\bthserv.dll - ok
00:58:01.0969 3716 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\WINDOWS\System32\certprop.dll
00:58:01.0969 3716 C:\WINDOWS\System32\certprop.dll - ok
00:58:01.0985 3716 [ 4211249955AF9133E2E357CC92B54DFD ] C:\WINDOWS\System32\comres.dll
00:58:01.0985 3716 C:\WINDOWS\System32\comres.dll - ok
00:58:01.0985 3716 [ 684C130BBC6DB681BAD4920A4C944AA5 ] C:\WINDOWS\System32\cryptsvc.dll
00:58:01.0985 3716 C:\WINDOWS\System32\cryptsvc.dll - ok
00:58:01.0985 3716 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\WINDOWS\System32\dfsrres.dll
00:58:01.0985 3716 C:\WINDOWS\System32\dfsrres.dll - ok
00:58:02.0000 3716 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\WINDOWS\System32\oleres.dll
00:58:02.0000 3716 C:\WINDOWS\System32\oleres.dll - ok
00:58:02.0000 3716 [ 9028559C132146FB75EB7ACF384B086A ] C:\WINDOWS\System32\dhcpcsvc.dll
00:58:02.0000 3716 C:\WINDOWS\System32\dhcpcsvc.dll - ok
00:58:02.0000 3716 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\WINDOWS\System32\dnsapi.dll
00:58:02.0000 3716 C:\WINDOWS\System32\dnsapi.dll - ok
00:58:02.0016 3716 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\WINDOWS\System32\dot3svc.dll
00:58:02.0016 3716 C:\WINDOWS\System32\dot3svc.dll - ok
00:58:02.0016 3716 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\WINDOWS\System32\dps.dll
00:58:02.0016 3716 C:\WINDOWS\System32\dps.dll - ok
00:58:02.0031 3716 [ 9BE3744D295A7701EB425332014F0797 ] C:\WINDOWS\ehome\ehrecvr.exe
00:58:02.0031 3716 C:\WINDOWS\ehome\ehrecvr.exe - ok
00:58:02.0031 3716 [ C0B95E40D85CD807D614E264248A45B9 ] C:\WINDOWS\System32\eapsvc.dll
00:58:02.0031 3716 C:\WINDOWS\System32\eapsvc.dll - ok
00:58:02.0031 3716 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\WINDOWS\ehome\ehsched.exe
00:58:02.0031 3716 C:\WINDOWS\ehome\ehsched.exe - ok
00:58:02.0047 3716 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\WINDOWS\ehome\ehstart.dll
00:58:02.0047 3716 C:\WINDOWS\ehome\ehstart.dll - ok
00:58:02.0047 3716 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\WINDOWS\System32\emdmgmt.dll
00:58:02.0047 3716 C:\WINDOWS\System32\emdmgmt.dll - ok
00:58:02.0047 3716 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\WINDOWS\System32\wevtsvc.dll
00:58:02.0047 3716 C:\WINDOWS\System32\wevtsvc.dll - ok
00:58:02.0063 3716 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\WINDOWS\System32\fdPHost.dll
00:58:02.0063 3716 C:\WINDOWS\System32\fdPHost.dll - ok
00:58:02.0063 3716 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\WINDOWS\System32\FDResPub.dll
00:58:02.0063 3716 C:\WINDOWS\System32\FDResPub.dll - ok
00:58:02.0078 3716 [ 2AFA3A46986AE935DAECEBC7E66314CF ] C:\WINDOWS\System32\FntCache.dll
00:58:02.0078 3716 C:\WINDOWS\System32\FntCache.dll - ok
00:58:02.0078 3716 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\WINDOWS\System32\PresentationHost.exe
00:58:02.0078 3716 C:\WINDOWS\System32\PresentationHost.exe - ok
00:58:02.0094 3716 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\WINDOWS\System32\gpapi.dll
00:58:02.0094 3716 C:\WINDOWS\System32\gpapi.dll - ok
00:58:02.0094 3716 [ 84067081F3318162797385E11A8F0582 ] C:\WINDOWS\System32\hidserv.dll
00:58:02.0094 3716 C:\WINDOWS\System32\hidserv.dll - ok
00:58:02.0094 3716 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\WINDOWS\System32\KMSVC.DLL
00:58:02.0094 3716 C:\WINDOWS\System32\KMSVC.DLL - ok
00:58:02.0109 3716 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
00:58:02.0109 3716 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
00:58:02.0109 3716 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 ] C:\WINDOWS\System32\IKEEXT.DLL
00:58:02.0109 3716 C:\WINDOWS\System32\IKEEXT.DLL - ok
00:58:02.0109 3716 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\WINDOWS\System32\IPBusEnum.dll
00:58:02.0109 3716 C:\WINDOWS\System32\IPBusEnum.dll - ok
00:58:02.0125 3716 [ 1998BD97F950680BB55F55A7244679C2 ] C:\WINDOWS\System32\iphlpsvc.dll
00:58:02.0125 3716 C:\WINDOWS\System32\iphlpsvc.dll - ok
00:58:02.0125 3716 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\WINDOWS\System32\keyiso.dll
00:58:02.0125 3716 C:\WINDOWS\System32\keyiso.dll - ok
00:58:02.0125 3716 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\WINDOWS\System32\srvsvc.dll
00:58:02.0125 3716 C:\WINDOWS\System32\srvsvc.dll - ok
00:58:02.0141 3716 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\WINDOWS\System32\wkssvc.dll
00:58:02.0141 3716 C:\WINDOWS\System32\wkssvc.dll - ok
00:58:02.0141 3716 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\WINDOWS\ehome\ehres.dll
00:58:02.0141 3716 C:\WINDOWS\ehome\ehres.dll - ok
00:58:02.0141 3716 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\WINDOWS\System32\lltdres.dll
00:58:02.0141 3716 C:\WINDOWS\System32\lltdres.dll - ok
00:58:02.0156 3716 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\WINDOWS\System32\lmhsvc.dll
00:58:02.0156 3716 C:\WINDOWS\System32\lmhsvc.dll - ok
00:58:02.0156 3716 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\WINDOWS\System32\FirewallAPI.dll
00:58:02.0156 3716 C:\WINDOWS\System32\FirewallAPI.dll - ok
00:58:02.0172 3716 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\WINDOWS\System32\mmcss.dll
00:58:02.0172 3716 C:\WINDOWS\System32\mmcss.dll - ok
00:58:02.0172 3716 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\WINDOWS\System32\iscsidsc.dll
00:58:02.0172 3716 C:\WINDOWS\System32\iscsidsc.dll - ok
00:58:02.0172 3716 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\WINDOWS\System32\msimsg.dll
00:58:02.0172 3716 C:\WINDOWS\System32\msimsg.dll - ok
00:58:02.0187 3716 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\WINDOWS\System32\QAGENTRT.DLL
00:58:02.0187 3716 C:\WINDOWS\System32\QAGENTRT.DLL - ok
00:58:02.0187 3716 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\WINDOWS\System32\netlogon.dll
00:58:02.0187 3716 C:\WINDOWS\System32\netlogon.dll - ok
00:58:02.0187 3716 [ C8052711DAECC48B982434C5116CA401 ] C:\WINDOWS\System32\netman.dll
00:58:02.0187 3716 C:\WINDOWS\System32\netman.dll - ok
00:58:02.0203 3716 [ ED640F4CE585058119B824CC76591D9C ] C:\WINDOWS\System32\netprof.dll
00:58:02.0203 3716 C:\WINDOWS\System32\netprof.dll - ok
00:58:02.0203 3716 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\WINDOWS\System32\nlasvc.dll
00:58:02.0203 3716 C:\WINDOWS\System32\nlasvc.dll - ok
00:58:02.0203 3716 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\WINDOWS\System32\nsisvc.dll
00:58:02.0203 3716 C:\WINDOWS\System32\nsisvc.dll - ok
00:58:02.0219 3716 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\WINDOWS\System32\p2psvc.dll
00:58:02.0219 3716 C:\WINDOWS\System32\p2psvc.dll - ok
00:58:02.0219 3716 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\WINDOWS\System32\pcasvc.dll
00:58:02.0219 3716 C:\WINDOWS\System32\pcasvc.dll - ok
00:58:02.0234 3716 [ B1689DF169143F57053F795390C99DB3 ] C:\WINDOWS\System32\pla.dll
00:58:02.0234 3716 C:\WINDOWS\System32\pla.dll - ok
00:58:02.0234 3716 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\WINDOWS\System32\umpnpmgr.dll
00:58:02.0234 3716 C:\WINDOWS\System32\umpnpmgr.dll - ok
00:58:02.0234 3716 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\WINDOWS\System32\polstore.dll
00:58:02.0234 3716 C:\WINDOWS\System32\polstore.dll - ok
00:58:02.0250 3716 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\WINDOWS\System32\profsvc.dll
00:58:02.0250 3716 C:\WINDOWS\System32\profsvc.dll - ok
00:58:02.0250 3716 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\WINDOWS\System32\psbase.dll
00:58:02.0250 3716 C:\WINDOWS\System32\psbase.dll - ok
00:58:02.0265 3716 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\WINDOWS\System32\drivers\qwavedrv.sys
00:58:02.0265 3716 C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
00:58:02.0265 3716 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\WINDOWS\System32\qwave.dll
00:58:02.0265 3716 C:\WINDOWS\System32\qwave.dll - ok
00:58:02.0265 3716 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\WINDOWS\System32\rasauto.dll
00:58:02.0265 3716 C:\WINDOWS\System32\rasauto.dll - ok
00:58:02.0281 3716 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\WINDOWS\System32\rasmans.dll
00:58:02.0281 3716 C:\WINDOWS\System32\rasmans.dll - ok
00:58:02.0281 3716 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\WINDOWS\System32\mprdim.dll
00:58:02.0281 3716 C:\WINDOWS\System32\mprdim.dll - ok
00:58:02.0281 3716 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\WINDOWS\System32\sstpsvc.dll
00:58:02.0281 3716 C:\WINDOWS\System32\sstpsvc.dll - ok
00:58:02.0297 3716 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\WINDOWS\System32\regsvc.dll
00:58:02.0297 3716 C:\WINDOWS\System32\regsvc.dll - ok
00:58:02.0297 3716 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\WINDOWS\System32\Locator.exe
00:58:02.0297 3716 C:\WINDOWS\System32\Locator.exe - ok
00:58:02.0312 3716 [ 459B48188494490707DCA8BAA91AA185 ] C:\WINDOWS\System32\cryptdll.dll
00:58:02.0312 3716 C:\WINDOWS\System32\cryptdll.dll - ok
00:58:02.0312 3716 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\WINDOWS\System32\samsrv.dll
00:58:02.0312 3716 C:\WINDOWS\System32\samsrv.dll - ok
00:58:02.0312 3716 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\WINDOWS\System32\SCardSvr.dll
00:58:02.0312 3716 C:\WINDOWS\System32\SCardSvr.dll - ok
00:58:02.0328 3716 [ 0317420D419E1885894B3ED9D375D245 ] C:\WINDOWS\System32\crypt32.dll
00:58:02.0328 3716 C:\WINDOWS\System32\crypt32.dll - ok
00:58:02.0328 3716 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\WINDOWS\System32\feclient.dll
00:58:02.0328 3716 C:\WINDOWS\System32\feclient.dll - ok
00:58:02.0343 3716 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\WINDOWS\System32\mpr.dll
00:58:02.0343 3716 C:\WINDOWS\System32\mpr.dll - ok
00:58:02.0343 3716 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\WINDOWS\System32\msasn1.dll
00:58:02.0343 3716 C:\WINDOWS\System32\msasn1.dll - ok
00:58:02.0343 3716 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\WINDOWS\System32\ntdsapi.dll
00:58:02.0343 3716 C:\WINDOWS\System32\ntdsapi.dll - ok
00:58:02.0359 3716 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\WINDOWS\System32\samlib.dll
00:58:02.0359 3716 C:\WINDOWS\System32\samlib.dll - ok
00:58:02.0359 3716 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\WINDOWS\System32\schedsvc.dll
00:58:02.0359 3716 C:\WINDOWS\System32\schedsvc.dll - ok
00:58:02.0375 3716 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\WINDOWS\System32\sdrsvc.dll
00:58:02.0375 3716 C:\WINDOWS\System32\sdrsvc.dll - ok
00:58:02.0375 3716 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\WINDOWS\System32\seclogon.dll
00:58:02.0375 3716 C:\WINDOWS\System32\seclogon.dll - ok
00:58:02.0375 3716 [ A9BBAB5759771E523F55563D6CBE140F ] C:\WINDOWS\System32\Sens.dll
00:58:02.0375 3716 C:\WINDOWS\System32\Sens.dll - ok
00:58:02.0390 3716 [ D2193326F729B163125610DBF3E17D57 ] C:\WINDOWS\System32\SessEnv.dll
00:58:02.0390 3716 C:\WINDOWS\System32\SessEnv.dll - ok
00:58:02.0390 3716 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\WINDOWS\System32\ipnathlp.dll
00:58:02.0390 3716 C:\WINDOWS\System32\ipnathlp.dll - ok
00:58:02.0390 3716 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\WINDOWS\System32\SLC.dll
00:58:02.0390 3716 C:\WINDOWS\System32\SLC.dll - ok
00:58:02.0406 3716 [ C7230FBEE14437716701C15BE02C27B8 ] C:\WINDOWS\System32\shsvcs.dll
00:58:02.0406 3716 C:\WINDOWS\System32\shsvcs.dll - ok
00:58:02.0406 3716 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\WINDOWS\System32\wevtapi.dll
00:58:02.0406 3716 C:\WINDOWS\System32\wevtapi.dll - ok
00:58:02.0421 3716 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\WINDOWS\System32\dhcpcsvc6.dll
00:58:02.0421 3716 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
00:58:02.0421 3716 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\WINDOWS\System32\IPHLPAPI.DLL
00:58:02.0421 3716 C:\WINDOWS\System32\IPHLPAPI.DLL - ok
00:58:02.0421 3716 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\WINDOWS\System32\SLsvc.exe
00:58:02.0421 3716 C:\WINDOWS\System32\SLsvc.exe - ok
00:58:02.0437 3716 [ 6B09105742C75DF80CEF21700F20F55A ] C:\WINDOWS\System32\winnsi.dll
00:58:02.0437 3716 C:\WINDOWS\System32\winnsi.dll - ok
00:58:02.0437 3716 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\WINDOWS\System32\cngaudit.dll
00:58:02.0437 3716 C:\WINDOWS\System32\cngaudit.dll - ok
00:58:02.0437 3716 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\WINDOWS\System32\ncrypt.dll
00:58:02.0437 3716 C:\WINDOWS\System32\ncrypt.dll - ok
00:58:02.0453 3716 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\WINDOWS\System32\bcrypt.dll
00:58:02.0453 3716 C:\WINDOWS\System32\bcrypt.dll - ok
00:58:02.0453 3716 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\WINDOWS\System32\SLUINotify.dll
00:58:02.0453 3716 C:\WINDOWS\System32\SLUINotify.dll - ok
00:58:02.0453 3716 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\WINDOWS\System32\tcpipcfg.dll
00:58:02.0453 3716 C:\WINDOWS\System32\tcpipcfg.dll - ok
00:58:02.0468 3716 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\WINDOWS\System32\snmptrap.exe
00:58:02.0468 3716 C:\WINDOWS\System32\snmptrap.exe - ok
00:58:02.0468 3716 [ 26F139DDEC6407508071930D3D07337E ] C:\WINDOWS\System32\credssp.dll
00:58:02.0468 3716 C:\WINDOWS\System32\credssp.dll - ok
00:58:02.0484 3716 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\WINDOWS\System32\spoolsv.exe
00:58:02.0484 3716 C:\WINDOWS\System32\spoolsv.exe - ok
00:58:02.0484 3716 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\WINDOWS\System32\ssdpsrv.dll
00:58:02.0484 3716 C:\WINDOWS\System32\ssdpsrv.dll - ok
00:58:02.0484 3716 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\WINDOWS\System32\wiaservc.dll
00:58:02.0484 3716 C:\WINDOWS\System32\wiaservc.dll - ok
00:58:02.0499 3716 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\WINDOWS\System32\kerberos.dll
00:58:02.0499 3716 C:\WINDOWS\System32\kerberos.dll - ok
00:58:02.0499 3716 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\WINDOWS\System32\msprivs.dll
00:58:02.0499 3716 C:\WINDOWS\System32\msprivs.dll - ok
00:58:02.0499 3716 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\WINDOWS\System32\swprv.dll
00:58:02.0499 3716 C:\WINDOWS\System32\swprv.dll - ok
00:58:02.0515 3716 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\WINDOWS\System32\wship6.dll
00:58:02.0515 3716 C:\WINDOWS\System32\wship6.dll - ok
00:58:02.0515 3716 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\WINDOWS\System32\TabSvc.dll
00:58:02.0515 3716 C:\WINDOWS\System32\TabSvc.dll - ok
00:58:02.0531 3716 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\WINDOWS\System32\tapisrv.dll
00:58:02.0531 3716 C:\WINDOWS\System32\tapisrv.dll - ok
00:58:02.0531 3716 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\WINDOWS\System32\wshqos.dll
00:58:02.0531 3716 C:\WINDOWS\System32\wshqos.dll - ok
00:58:02.0531 3716 [ 22CFAEB9172F5F198048401485CD0571 ] C:\WINDOWS\System32\WSHTCPIP.DLL
00:58:02.0531 3716 C:\WINDOWS\System32\WSHTCPIP.DLL - ok
00:58:02.0546 3716 [ FC62A635063B762E1C3C60EA77279378 ] C:\WINDOWS\System32\NapiNSP.dll
00:58:02.0546 3716 C:\WINDOWS\System32\NapiNSP.dll - ok
00:58:02.0546 3716 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\WINDOWS\System32\tbssvc.dll
00:58:02.0546 3716 C:\WINDOWS\System32\tbssvc.dll - ok
00:58:02.0546 3716 [ 8617350C9B590B63E620881092751BCB ] C:\WINDOWS\System32\mswsock.dll
00:58:02.0562 3716 C:\WINDOWS\System32\mswsock.dll - ok
00:58:02.0562 3716 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\WINDOWS\System32\pnrpnsp.dll
00:58:02.0562 3716 C:\WINDOWS\System32\pnrpnsp.dll - ok
00:58:02.0562 3716 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\WINDOWS\System32\termsrv.dll
00:58:02.0562 3716 C:\WINDOWS\System32\termsrv.dll - ok
00:58:02.0577 3716 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\WINDOWS\System32\msv1_0.dll
00:58:02.0577 3716 C:\WINDOWS\System32\msv1_0.dll - ok
00:58:02.0577 3716 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\WINDOWS\System32\winbrand.dll
00:58:02.0577 3716 C:\WINDOWS\System32\winbrand.dll - ok
00:58:02.0577 3716 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\WINDOWS\servicing\TrustedInstaller.exe
00:58:02.0577 3716 C:\WINDOWS\servicing\TrustedInstaller.exe - ok
00:58:02.0593 3716 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\WINDOWS\System32\trkwks.dll
00:58:02.0593 3716 C:\WINDOWS\System32\trkwks.dll - ok
00:58:02.0593 3716 [ ECEF404F62863755951E09C802C94AD5 ] C:\WINDOWS\System32\UI0Detect.exe
00:58:02.0593 3716 C:\WINDOWS\System32\UI0Detect.exe - ok
00:58:02.0593 3716 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\WINDOWS\System32\upnphost.dll
00:58:02.0593 3716 C:\WINDOWS\System32\upnphost.dll - ok
00:58:02.0609 3716 [ 01DD1004181FD46ECDC3628228EB269D ] C:\WINDOWS\System32\dwm.exe
00:58:02.0609 3716 C:\WINDOWS\System32\dwm.exe - ok
00:58:02.0609 3716 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\WINDOWS\System32\vds.exe
00:58:02.0609 3716 C:\WINDOWS\System32\vds.exe - ok
00:58:02.0624 3716 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\WINDOWS\System32\VSSVC.exe
00:58:02.0624 3716 C:\WINDOWS\System32\VSSVC.exe - ok
00:58:02.0624 3716 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\WINDOWS\System32\schannel.dll
00:58:02.0624 3716 C:\WINDOWS\System32\schannel.dll - ok
00:58:02.0624 3716 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\WINDOWS\System32\wdigest.dll
00:58:02.0624 3716 C:\WINDOWS\System32\wdigest.dll - ok
00:58:02.0640 3716 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\WINDOWS\System32\rsaenh.dll
00:58:02.0640 3716 C:\WINDOWS\System32\rsaenh.dll - ok
00:58:02.0640 3716 [ F8873D15018F411588BEC02C1725BADA ] C:\WINDOWS\System32\TSpkg.dll
00:58:02.0640 3716 C:\WINDOWS\System32\TSpkg.dll - ok
00:58:02.0640 3716 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\WINDOWS\System32\w32time.dll
00:58:02.0640 3716 C:\WINDOWS\System32\w32time.dll - ok
00:58:02.0655 3716 [ A3CD60FD826381B49F03832590E069AF ] C:\WINDOWS\System32\wcncsvc.dll
00:58:02.0655 3716 C:\WINDOWS\System32\wcncsvc.dll - ok
00:58:02.0655 3716 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\WINDOWS\System32\WcsPlugInService.dll
00:58:02.0655 3716 C:\WINDOWS\System32\WcsPlugInService.dll - ok
00:58:02.0655 3716 [ 25944D2CC49E0A6C581D02A74B7D6645 ] C:\WINDOWS\System32\drivers\Wdf01000.sys
00:58:02.0655 3716 C:\WINDOWS\System32\drivers\Wdf01000.sys - ok
00:58:02.0671 3716 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\WINDOWS\System32\wdi.dll
00:58:02.0671 3716 C:\WINDOWS\System32\wdi.dll - ok
00:58:02.0671 3716 [ 04C37D8107320312FBAE09926103D5E2 ] C:\WINDOWS\System32\WebClnt.dll
00:58:02.0671 3716 C:\WINDOWS\System32\WebClnt.dll - ok
00:58:02.0671 3716 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\WINDOWS\System32\wecsvc.dll
00:58:02.0671 3716 C:\WINDOWS\System32\wecsvc.dll - ok
00:58:02.0687 3716 [ 670FF720071ED741206D69BD995EA453 ] C:\WINDOWS\System32\wercplsupport.dll
00:58:02.0687 3716 C:\WINDOWS\System32\wercplsupport.dll - ok
00:58:02.0687 3716 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\WINDOWS\System32\wersvc.dll
00:58:02.0687 3716 C:\WINDOWS\System32\wersvc.dll - ok
00:58:02.0702 3716 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\WINDOWS\System32\winhttp.dll
00:58:02.0702 3716 C:\WINDOWS\System32\winhttp.dll - ok
00:58:02.0702 3716 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\WINDOWS\System32\wbem\WMIsvc.dll
00:58:02.0702 3716 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
00:58:02.0702 3716 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\WINDOWS\System32\WsmSvc.dll
00:58:02.0702 3716 C:\WINDOWS\System32\WsmSvc.dll - ok
00:58:02.0718 3716 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
00:58:02.0718 3716 C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
00:58:02.0718 3716 [ C008405E4FEEB069E30DA1D823910234 ] C:\WINDOWS\System32\wlansvc.dll
00:58:02.0718 3716 C:\WINDOWS\System32\wlansvc.dll - ok
00:58:02.0718 3716 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
00:58:02.0718 3716 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
00:58:02.0733 3716 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\WINDOWS\System32\wpcsvc.dll
00:58:02.0733 3716 C:\WINDOWS\System32\wpcsvc.dll - ok
00:58:02.0733 3716 [ 15673BD0B86150CB8E27766059C72A9B ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:58:02.0733 3716 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
00:58:02.0749 3716 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\WINDOWS\System32\wpdbusenum.dll
00:58:02.0749 3716 C:\WINDOWS\System32\wpdbusenum.dll - ok
00:58:02.0749 3716 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\WINDOWS\System32\wscsvc.dll
00:58:02.0749 3716 C:\WINDOWS\System32\wscsvc.dll - ok
00:58:02.0749 3716 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\WINDOWS\System32\SearchIndexer.exe
00:58:02.0749 3716 C:\WINDOWS\System32\SearchIndexer.exe - ok
00:58:02.0765 3716 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\System32\wuaueng.dll
00:58:02.0765 3716 C:\WINDOWS\System32\wuaueng.dll - ok
00:58:02.0765 3716 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\WINDOWS\System32\drivers\WUDFPf.sys
00:58:02.0765 3716 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
00:58:02.0765 3716 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\WINDOWS\System32\WUDFSvc.dll
00:58:02.0765 3716 C:\WINDOWS\System32\WUDFSvc.dll - ok
00:58:02.0780 3716 [ 8FC182167381E9915651267044105EE1 ] C:\WINDOWS\System32\scecli.dll
00:58:02.0780 3716 C:\WINDOWS\System32\scecli.dll - ok
00:58:02.0780 3716 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\WINDOWS\System32\ntmarta.dll
00:58:02.0780 3716 C:\WINDOWS\System32\ntmarta.dll - ok
00:58:02.0780 3716 [ 3794B461C45882E06856F282EEF025AF ] C:\WINDOWS\System32\svchost.exe
00:58:02.0780 3716 C:\WINDOWS\System32\svchost.exe - ok
00:58:02.0796 3716 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\WINDOWS\System32\powrprof.dll
00:58:02.0796 3716 C:\WINDOWS\System32\powrprof.dll - ok
00:58:02.0796 3716 [ 8F5C7426567798E62A3B3614965D62CC ] C:\WINDOWS\System32\drivers\luafv.sys
00:58:02.0796 3716 C:\WINDOWS\System32\drivers\luafv.sys - ok
00:58:02.0796 3716 [ 6F1505608202BBD179095A6A150D103F ] C:\WINDOWS\System32\drivers\aswMonFlt.sys
00:58:02.0796 3716 C:\WINDOWS\System32\drivers\aswMonFlt.sys - ok
00:58:02.0811 3716 [ 6C1C07916A4FED3E26BF399F07370986 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
00:58:02.0811 3716 C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
00:58:02.0811 3716 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\WINDOWS\System32\rpcss.dll
00:58:02.0811 3716 C:\WINDOWS\System32\rpcss.dll - ok
00:58:02.0827 3716 [ 69827805A221C21450BA22F4326A2EE3 ] C:\WINDOWS\System32\version.dll
00:58:02.0827 3716 C:\WINDOWS\System32\version.dll - ok
00:58:02.0827 3716 [ 99FDF0E65F82C0E47BC04363C09DE146 ] C:\WINDOWS\System32\Ati2evxx.exe
00:58:02.0827 3716 C:\WINDOWS\System32\Ati2evxx.exe - ok
00:58:02.0827 3716 [ 62D577288B48998FC6667BF22DC5B690 ] C:\WINDOWS\System32\LogonUI.exe
00:58:02.0827 3716 C:\WINDOWS\System32\LogonUI.exe - ok
00:58:02.0843 3716 [ F42483814FC39170B3982A184EC5AAA2 ] C:\WINDOWS\System32\wtsapi32.dll
00:58:02.0843 3716 C:\WINDOWS\System32\wtsapi32.dll - ok
00:58:02.0843 3716 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\WINDOWS\System32\cfgmgr32.dll
00:58:02.0843 3716 C:\WINDOWS\System32\cfgmgr32.dll - ok
00:58:02.0843 3716 [ 58C2521D87C494831A625202C80354AD ] C:\WINDOWS\System32\authui.dll
00:58:02.0843 3716 C:\WINDOWS\System32\authui.dll - ok
00:58:02.0858 3716 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
00:58:02.0858 3716 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
00:58:02.0858 3716 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\WINDOWS\System32\avrt.dll
00:58:02.0858 3716 C:\WINDOWS\System32\avrt.dll - ok
00:58:02.0858 3716 [ 56B5914070B2C243DFB3D186070DA89D ] C:\WINDOWS\System32\MMDevAPI.dll
00:58:02.0858 3716 C:\WINDOWS\System32\MMDevAPI.dll - ok
00:58:02.0874 3716 [ E6F7D35741A6239CE7B54D7665EAB523 ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe
00:58:02.0874 3716 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe - ok
00:58:02.0874 3716 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\WINDOWS\System32\dsound.dll
00:58:02.0874 3716 C:\WINDOWS\System32\dsound.dll - ok
00:58:02.0889 3716 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\WINDOWS\System32\winmm.dll
00:58:02.0889 3716 C:\WINDOWS\System32\winmm.dll - ok
00:58:02.0889 3716 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\WINDOWS\System32\oleacc.dll
00:58:02.0889 3716 C:\WINDOWS\System32\oleacc.dll - ok
00:58:02.0889 3716 [ 801F1E963F7EEFFDA3F9EF89DB3EF133 ] C:\WINDOWS\System32\radardt.dll
00:58:02.0889 3716 C:\WINDOWS\System32\radardt.dll - ok
00:58:02.0905 3716 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\WINDOWS\System32\adtschema.dll
00:58:02.0905 3716 C:\WINDOWS\System32\adtschema.dll - ok
00:58:02.0905 3716 [ D16A740186870C32941C0E61DF4F1298 ] C:\WINDOWS\System32\wintrust.dll
00:58:02.0905 3716 C:\WINDOWS\System32\wintrust.dll - ok
00:58:02.0905 3716 [ 028155F57397CEA8F3A5AACF0D4649FC ] C:\WINDOWS\System32\stapi32.dll
00:58:02.0905 3716 C:\WINDOWS\System32\stapi32.dll - ok
00:58:02.0921 3716 [ 70C6489D56008D75DEDF73226FA63C11 ] C:\WINDOWS\System32\dimsjob.dll
00:58:02.0921 3716 C:\WINDOWS\System32\dimsjob.dll - ok
00:58:02.0921 3716 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\WINDOWS\System32\drivers\fltMgr.sys
00:58:02.0921 3716 C:\WINDOWS\System32\drivers\fltMgr.sys - ok
00:58:02.0921 3716 [ 22F73612087430A94DBE912AB58E0C79 ] C:\WINDOWS\System32\ci.dll
00:58:02.0921 3716 C:\WINDOWS\System32\ci.dll - ok
00:58:02.0936 3716 [ 57418956DDAE128D1023C508E7D07071 ] C:\WINDOWS\System32\PSHED.DLL
00:58:02.0936 3716 C:\WINDOWS\System32\PSHED.DLL - ok
00:58:02.0936 3716 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\WINDOWS\System32\msimg32.dll
00:58:02.0936 3716 C:\WINDOWS\System32\msimg32.dll - ok
00:58:02.0936 3716 [ A99871BA522CB2539AE275AC18CACC8F ] C:\WINDOWS\System32\cabinet.dll
00:58:02.0936 3716 C:\WINDOWS\System32\cabinet.dll - ok
00:58:02.0952 3716 [ 999D69DEB576C2C424294DF025891CC6 ] C:\WINDOWS\System32\uxtheme.dll
00:58:02.0952 3716 C:\WINDOWS\System32\uxtheme.dll - ok
00:58:02.0952 3716 [ 040015B18F6779C25160A7854113CF50 ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll
00:58:02.0952 3716 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll - ok
00:58:02.0967 3716 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\WINDOWS\System32\duser.dll
00:58:02.0967 3716 C:\WINDOWS\System32\duser.dll - ok
00:58:02.0967 3716 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\WINDOWS\System32\xmllite.dll
00:58:02.0967 3716 C:\WINDOWS\System32\xmllite.dll - ok
00:58:02.0967 3716 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
00:58:02.0967 3716 C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
00:58:02.0983 3716 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\WINDOWS\System32\rasplap.dll
00:58:02.0983 3716 C:\WINDOWS\System32\rasplap.dll - ok
00:58:02.0983 3716 [ 3CB863B78642405371CB3A71C07E2382 ] C:\WINDOWS\System32\rasapi32.dll
00:58:02.0983 3716 C:\WINDOWS\System32\rasapi32.dll - ok
00:58:02.0999 3716 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\WINDOWS\System32\rasman.dll
00:58:02.0999 3716 C:\WINDOWS\System32\rasman.dll - ok
00:58:02.0999 3716 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\WINDOWS\System32\tapi32.dll
00:58:02.0999 3716 C:\WINDOWS\System32\tapi32.dll - ok
00:58:02.0999 3716 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\WINDOWS\System32\rtutils.dll
00:58:02.0999 3716 C:\WINDOWS\System32\rtutils.dll - ok
00:58:03.0014 3716 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\WINDOWS\System32\WinSCard.dll
00:58:03.0014 3716 C:\WINDOWS\System32\WinSCard.dll - ok
00:58:03.0014 3716 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\WINDOWS\System32\shgina.dll
00:58:03.0014 3716 C:\WINDOWS\System32\shgina.dll - ok
00:58:03.0014 3716 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\WINDOWS\System32\propsys.dll
00:58:03.0014 3716 C:\WINDOWS\System32\propsys.dll - ok
00:58:03.0030 3716 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\WINDOWS\System32\shacct.dll
00:58:03.0030 3716 C:\WINDOWS\System32\shacct.dll - ok
00:58:03.0030 3716 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\WINDOWS\System32\audiodg.exe
00:58:03.0030 3716 C:\WINDOWS\System32\audiodg.exe - ok
00:58:03.0030 3716 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\WINDOWS\System32\ksuser.dll
00:58:03.0030 3716 C:\WINDOWS\System32\ksuser.dll - ok
00:58:03.0045 3716 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\WINDOWS\System32\wdmaud.drv
00:58:03.0045 3716 C:\WINDOWS\System32\wdmaud.drv - ok
00:58:03.0045 3716 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\WINDOWS\System32\AudioEng.dll
00:58:03.0045 3716 C:\WINDOWS\System32\AudioEng.dll - ok
00:58:03.0045 3716 [ 7258434974EA735725FD2D4A65C5E821 ] C:\WINDOWS\System32\AudioSes.dll
00:58:03.0045 3716 C:\WINDOWS\System32\AudioSes.dll - ok
00:58:03.0061 3716 [ 83199EF88D691E730B80666E29F90D58 ] C:\WINDOWS\System32\midimap.dll
00:58:03.0061 3716 C:\WINDOWS\System32\midimap.dll - ok
00:58:03.0061 3716 [ BDBB449425991154135E5ED1559927E6 ] C:\WINDOWS\System32\msacm32.dll
00:58:03.0061 3716 C:\WINDOWS\System32\msacm32.dll - ok
00:58:03.0077 3716 [ 166F004D73EA2CF4AC61800CA469458D ] C:\WINDOWS\System32\msacm32.drv
00:58:03.0077 3716 C:\WINDOWS\System32\msacm32.drv - ok
00:58:03.0077 3716 [ 296937202E4D930AAE98085B99D744D8 ] C:\WINDOWS\System32\AUDIOKSE.dll
00:58:03.0077 3716 C:\WINDOWS\System32\AUDIOKSE.dll - ok
00:58:03.0077 3716 [ 41DFDCFCEF4878407AF1F6DCCA1CE905 ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
00:58:03.0077 3716 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
00:58:03.0092 3716 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\WINDOWS\System32\mfplat.dll
00:58:03.0092 3716 C:\WINDOWS\System32\mfplat.dll - ok
00:58:03.0092 3716 [ 409F36C8BD06FCE184631EB4142B009A ] C:\WINDOWS\System32\atl.dll
00:58:03.0092 3716 C:\WINDOWS\System32\atl.dll - ok
00:58:03.0092 3716 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\WINDOWS\System32\gpsvc.dll
00:58:03.0092 3716 C:\WINDOWS\System32\gpsvc.dll - ok
00:58:03.0108 3716 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\WINDOWS\System32\nlaapi.dll
00:58:03.0108 3716 C:\WINDOWS\System32\nlaapi.dll - ok
00:58:03.0108 3716 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\WINDOWS\System32\drivers\spsys.sys
00:58:03.0108 3716 C:\WINDOWS\System32\drivers\spsys.sys - ok
00:58:03.0123 3716 [ 67058C46504BC12D821F38CF99B7B28F ] C:\WINDOWS\System32\es.dll
00:58:03.0123 3716 C:\WINDOWS\System32\es.dll - ok
00:58:03.0123 3716 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] C:\WINDOWS\System32\hpservice.exe
00:58:03.0123 3716 C:\WINDOWS\System32\hpservice.exe - ok
00:58:03.0123 3716 [ 1B593FBB763150BD225DF266C69A9329 ] C:\WINDOWS\System32\mfc42u.dll
00:58:03.0123 3716 C:\WINDOWS\System32\mfc42u.dll - ok
00:58:03.0139 3716 [ 862363973DCBCC31DD161EF41A69153C ] C:\WINDOWS\System32\odbc32.dll
00:58:03.0139 3716 C:\WINDOWS\System32\odbc32.dll - ok
00:58:03.0139 3716 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\WINDOWS\System32\WindowsCodecs.dll
00:58:03.0139 3716 C:\WINDOWS\System32\WindowsCodecs.dll - ok
00:58:03.0139 3716 [ 9474AD3584430D24DA87517F9DB0CBB2 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
00:58:03.0139 3716 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
00:58:03.0155 3716 [ A9CF92FE53BE6CC03D428410269798C1 ] C:\WINDOWS\System32\accelerometerdll.DLL
00:58:03.0155 3716 C:\WINDOWS\System32\accelerometerdll.DLL - ok
00:58:03.0155 3716 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\WINDOWS\System32\odbcint.dll
00:58:03.0155 3716 C:\WINDOWS\System32\odbcint.dll - ok
00:58:03.0170 3716 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\WINDOWS\System32\hid.dll
00:58:03.0170 3716 C:\WINDOWS\System32\hid.dll - ok
00:58:03.0170 3716 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\WINDOWS\System32\uxsms.dll
00:58:03.0170 3716 C:\WINDOWS\System32\uxsms.dll - ok
00:58:03.0170 3716 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\WINDOWS\System32\WUDFPlatform.dll
00:58:03.0170 3716 C:\WINDOWS\System32\WUDFPlatform.dll - ok
00:58:03.0186 3716 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\WINDOWS\System32\drivers\lltdio.sys
00:58:03.0186 3716 C:\WINDOWS\System32\drivers\lltdio.sys - ok
00:58:03.0186 3716 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\WINDOWS\System32\drivers\nwifi.sys
00:58:03.0186 3716 C:\WINDOWS\System32\drivers\nwifi.sys - ok
00:58:03.0186 3716 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\WINDOWS\System32\drivers\ndisuio.sys
00:58:03.0186 3716 C:\WINDOWS\System32\drivers\ndisuio.sys - ok
00:58:03.0201 3716 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\WINDOWS\System32\drivers\rspndr.sys
00:58:03.0201 3716 C:\WINDOWS\System32\drivers\rspndr.sys - ok
00:58:03.0201 3716 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\WINDOWS\System32\dllhost.exe
00:58:03.0201 3716 C:\WINDOWS\System32\dllhost.exe - ok
00:58:03.0201 3716 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\WINDOWS\System32\shimeng.dll
00:58:03.0201 3716 C:\WINDOWS\System32\shimeng.dll - ok
00:58:03.0217 3716 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\WINDOWS\System32\dnsrslvr.dll
00:58:03.0217 3716 C:\WINDOWS\System32\dnsrslvr.dll - ok
00:58:03.0217 3716 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\WINDOWS\System32\eapphost.dll
00:58:03.0217 3716 C:\WINDOWS\System32\eapphost.dll - ok
00:58:03.0217 3716 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\WINDOWS\System32\rastls.dll
00:58:03.0217 3716 C:\WINDOWS\System32\rastls.dll - ok
00:58:03.0233 3716 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\WINDOWS\System32\raschap.dll
00:58:03.0233 3716 C:\WINDOWS\System32\raschap.dll - ok
00:58:03.0233 3716 [ 11DF6AD0125FA02FDC3DF2CB23F1F28A ] C:\WINDOWS\System32\ati2edxx.dll
00:58:03.0233 3716 C:\WINDOWS\System32\ati2edxx.dll - ok
00:58:03.0233 3716 [ 0789C032C87E55B07F2C1FD0A350993F ] C:\WINDOWS\System32\atipdlxx.dll
00:58:03.0233 3716 C:\WINDOWS\System32\atipdlxx.dll - ok
00:58:03.0248 3716 [ 671A7FE6ABE0CEC06FDA618E14AFD6DA ] C:\WINDOWS\System32\Ati2evxx.dll
00:58:03.0248 3716 C:\WINDOWS\System32\Ati2evxx.dll - ok
00:58:03.0248 3716 [ E45051C374F845EDF3DB02A35BA13193 ] C:\WINDOWS\System32\umb.dll
00:58:03.0248 3716 C:\WINDOWS\System32\umb.dll - ok
00:58:03.0264 3716 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\WINDOWS\System32\userinit.exe
00:58:03.0264 3716 C:\WINDOWS\System32\userinit.exe - ok
00:58:03.0264 3716 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\WINDOWS\System32\dwmapi.dll
00:58:03.0264 3716 C:\WINDOWS\System32\dwmapi.dll - ok
00:58:03.0264 3716 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\WINDOWS\System32\wlanmsm.dll
00:58:03.0264 3716 C:\WINDOWS\System32\wlanmsm.dll - ok
00:58:03.0279 3716 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\WINDOWS\System32\wlansec.dll
00:58:03.0279 3716 C:\WINDOWS\System32\wlansec.dll - ok
00:58:03.0279 3716 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\WINDOWS\System32\onex.dll
00:58:03.0279 3716 C:\WINDOWS\System32\onex.dll - ok
00:58:03.0279 3716 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\WINDOWS\System32\eappcfg.dll
00:58:03.0279 3716 C:\WINDOWS\System32\eappcfg.dll - ok
00:58:03.0295 3716 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\WINDOWS\System32\eappprxy.dll
00:58:03.0295 3716 C:\WINDOWS\System32\eappprxy.dll - ok
00:58:03.0295 3716 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\WINDOWS\System32\l2gpstore.dll
00:58:03.0295 3716 C:\WINDOWS\System32\l2gpstore.dll - ok
00:58:03.0295 3716 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\WINDOWS\System32\wlanutil.dll
00:58:03.0295 3716 C:\WINDOWS\System32\wlanutil.dll - ok
00:58:03.0311 3716 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\WINDOWS\System32\wlgpclnt.dll
00:58:03.0311 3716 C:\WINDOWS\System32\wlgpclnt.dll - ok
00:58:03.0311 3716 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\WINDOWS\System32\msxml6.dll
00:58:03.0311 3716 C:\WINDOWS\System32\msxml6.dll - ok
00:58:03.0326 3716 [ D80C6539C00CB4F5D59066865479C308 ] C:\WINDOWS\System32\dwmredir.dll
00:58:03.0326 3716 C:\WINDOWS\System32\dwmredir.dll - ok
00:58:03.0326 3716 [ C99403A5B641520DAED0021DDA06F272 ] C:\WINDOWS\System32\milcore.dll
00:58:03.0326 3716 C:\WINDOWS\System32\milcore.dll - ok
00:58:03.0326 3716 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\WINDOWS\explorer.exe
00:58:03.0326 3716 C:\WINDOWS\explorer.exe - ok
00:58:03.0342 3716 [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\WINDOWS\System32\wlanext.exe
00:58:03.0342 3716 C:\WINDOWS\System32\wlanext.exe - ok
00:58:03.0342 3716 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\WINDOWS\System32\d3d9.dll
00:58:03.0342 3716 C:\WINDOWS\System32\d3d9.dll - ok
00:58:03.0342 3716 [ 5107C6B2BA35356CEDB9565A33327F95 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
00:58:03.0342 3716 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
00:58:03.0357 3716 [ D74884939D53612FD84AC82C59CCFE27 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:58:03.0357 3716 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
00:58:03.0357 3716 [ E582816A4855914DEFFC212E12B3B744 ] C:\WINDOWS\System32\wsock32.dll
00:58:03.0357 3716 C:\WINDOWS\System32\wsock32.dll - ok
00:58:03.0357 3716 [ 3F768EF2E2553E675B42F103D57DF61B ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
00:58:03.0357 3716 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
00:58:03.0373 3716 [ E0BF47DD00BFF8D1154DE2409679620B ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
00:58:03.0373 3716 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
00:58:03.0373 3716 [ B4ECEEADF439A8DD27B953B0F3C2E202 ] C:\WINDOWS\System32\atiumdag.dll
00:58:03.0373 3716 C:\WINDOWS\System32\atiumdag.dll - ok
00:58:03.0389 3716 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\WINDOWS\System32\d3d8thk.dll
00:58:03.0389 3716 C:\WINDOWS\System32\d3d8thk.dll - ok
00:58:03.0389 3716 [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6 ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
00:58:03.0389 3716 C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
00:58:03.0389 3716 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\WINDOWS\System32\shdocvw.dll
00:58:03.0389 3716 C:\WINDOWS\System32\shdocvw.dll - ok
00:58:03.0404 3716 [ 3E29914113EC4B968BA5EB1F6D194A0A ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
00:58:03.0404 3716 C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
00:58:03.0404 3716 [ 1B36B7D2C9A9CA6C8A3F8DCB2FF0FD42 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
00:58:03.0404 3716 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
00:58:03.0420 3716 [ 0065505E1F82EE46C8F77FDBA5C04840 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
00:58:03.0420 3716 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
00:58:03.0420 3716 [ 42C11D627528727ED655DDDD4BDF7AF0 ] C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
00:58:03.0420 3716 C:\Program Files\AVAST Software\Avast\aswCommChannel.dll - ok
00:58:03.0420 3716 [ 5E0E3F5BAD6F6C81A01390D3AE5C6F9E ] C:\WINDOWS\System32\atiumdva.dll
00:58:03.0420 3716 C:\WINDOWS\System32\atiumdva.dll - ok
00:58:03.0435 3716 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\WINDOWS\System32\browseui.dll
00:58:03.0435 3716 C:\WINDOWS\System32\browseui.dll - ok
00:58:03.0435 3716 [ F585DC92DCCA1BCE7B776BA9610D410F ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
00:58:03.0435 3716 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
00:58:03.0435 3716 [ EE8A997A8D8490039568DDB419A270EF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
00:58:03.0435 3716 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
00:58:03.0451 3716 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
00:58:03.0451 3716 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
00:58:03.0451 3716 [ 790A7E2A5359DC666CEE8EC48628E62F ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
00:58:03.0451 3716 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
00:58:03.0451 3716 [ A5D5A868E117A9AAB8583CD1840100F8 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
00:58:03.0451 3716 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
00:58:03.0467 3716 [ C8DC9AF8D54899285FEE2920E09397E0 ] C:\WINDOWS\System32\bcmihvsrv.dll
00:58:03.0467 3716 C:\WINDOWS\System32\bcmihvsrv.dll - ok
00:58:03.0467 3716 [ CA2B39D914614F584813BE68E80F7E04 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
00:58:03.0467 3716 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
00:58:03.0482 3716 [ CDADF961272033E04D9C0B8EB075F840 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
00:58:03.0482 3716 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
00:58:03.0482 3716 [ 188B2746E1F436B9524BF38806CEF7D0 ] C:\Program Files\AVAST Software\Avast\libeay32.dll
00:58:03.0482 3716 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
00:58:03.0482 3716 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\WINDOWS\System32\wlanapi.dll
00:58:03.0482 3716 C:\WINDOWS\System32\wlanapi.dll - ok
00:58:03.0498 3716 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\WINDOWS\System32\netcfgx.dll
00:58:03.0498 3716 C:\WINDOWS\System32\netcfgx.dll - ok
00:58:03.0498 3716 [ 89F4F2C30953AEADDF882D1B4F5F7BA2 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
00:58:03.0498 3716 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
00:58:03.0498 3716 [ AC8A859A77D93C4F73DFBD756D9CE2DA ] C:\Program Files\AVAST Software\Avast\ashShell.dll
00:58:03.0498 3716 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
00:58:03.0513 3716 [ A0334F56B12235B18A68EFCC00245B15 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
00:58:03.0513 3716 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
00:58:03.0513 3716 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\WINDOWS\System32\msi.dll
00:58:03.0513 3716 C:\WINDOWS\System32\msi.dll - ok
00:58:03.0529 3716 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\WINDOWS\System32\wiarpc.dll
00:58:03.0529 3716 C:\WINDOWS\System32\wiarpc.dll - ok
00:58:03.0529 3716 [ 9273A7F57BFD3B0C1EF0EAB00EC603C3 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
00:58:03.0529 3716 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
00:58:03.0529 3716 [ AD8DD3FA042A2E18220180AA1DBDFB7A ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
00:58:03.0529 3716 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
00:58:03.0545 3716 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\WINDOWS\System32\uDWM.dll
00:58:03.0545 3716 C:\WINDOWS\System32\uDWM.dll - ok
00:58:03.0545 3716 [ CDEF792E46281D32BE6ADD6E4D4FAC05 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
00:58:03.0545 3716 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
00:58:03.0560 3716 [ 093F5D01D0E7158FA8A5BC8A87EC1D27 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
00:58:03.0560 3716 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
00:58:03.0560 3716 [ 05898609BFA8D2F62DA4A7D109CFF905 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
00:58:03.0560 3716 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
00:58:03.0560 3716 [ 49F3EC253EAD25256BFCB0AE71DF12F5 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
00:58:03.0607 3716 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
00:58:03.0607 3716 [ 4D3DA02268FADE3D2BC611F96347E0C6 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
00:58:03.0607 3716 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
00:58:03.0623 3716 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\WINDOWS\System32\ktmw32.dll
00:58:03.0623 3716 C:\WINDOWS\System32\ktmw32.dll - ok
00:58:03.0623 3716 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\WINDOWS\System32\taskcomp.dll
00:58:03.0623 3716 C:\WINDOWS\System32\taskcomp.dll - ok
00:58:03.0623 3716 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\WINDOWS\System32\wscapi.dll
00:58:03.0623 3716 C:\WINDOWS\System32\wscapi.dll - ok
00:58:03.0638 3716 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\WINDOWS\System32\wscisvif.dll
00:58:03.0638 3716 C:\WINDOWS\System32\wscisvif.dll - ok
00:58:03.0638 3716 [ F870AA3E254628EBEAFE754108D664DE ] C:\WINDOWS\System32\drivers\http.sys
00:58:03.0638 3716 C:\WINDOWS\System32\drivers\http.sys - ok
00:58:03.0654 3716 [ E79FDA8D320147FDC347C504B3487F87 ] C:\WINDOWS\System32\spoolss.dll
00:58:03.0654 3716 C:\WINDOWS\System32\spoolss.dll - ok
00:58:03.0654 3716 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\WINDOWS\System32\drivers\srvnet.sys
00:58:03.0654 3716 C:\WINDOWS\System32\drivers\srvnet.sys - ok
00:58:03.0654 3716 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\WINDOWS\System32\taskeng.exe
00:58:03.0654 3716 C:\WINDOWS\System32\taskeng.exe - ok
00:58:03.0669 3716 [ EE16F3E01C4A6C77383F1BBBD10AD6C2 ] C:\WINDOWS\System32\FWPUCLNT.DLL
00:58:03.0669 3716 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
00:58:03.0669 3716 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\WINDOWS\System32\EhStorShell.dll
00:58:03.0669 3716 C:\WINDOWS\System32\EhStorShell.dll - ok
00:58:03.0669 3716 [ D1F438E9DFD869B33D1EDB635764C892 ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
00:58:03.0669 3716 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok
00:58:03.0685 3716 [ 55704DFFD2DC14E0C942FDFEBDBBA96C ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswEngin.dll
00:58:03.0685 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswEngin.dll - ok
00:58:03.0685 3716 [ 35F376253F687BDE63976CCB3F2108CA ] C:\WINDOWS\System32\drivers\bowser.sys
00:58:03.0685 3716 C:\WINDOWS\System32\drivers\bowser.sys - ok
00:58:03.0701 3716 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\WINDOWS\System32\TSChannel.dll
00:58:03.0701 3716 C:\WINDOWS\System32\TSChannel.dll - ok
00:58:03.0701 3716 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
00:58:03.0701 3716 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
00:58:03.0716 3716 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\WINDOWS\System32\drivers\mpsdrv.sys
00:58:03.0716 3716 C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
00:58:03.0716 3716 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\WINDOWS\System32\drivers\mrxdav.sys
00:58:03.0716 3716 C:\WINDOWS\System32\drivers\mrxdav.sys - ok
00:58:03.0716 3716 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\WINDOWS\System32\MPSSVC.dll
00:58:03.0716 3716 C:\WINDOWS\System32\MPSSVC.dll - ok
00:58:03.0732 3716 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\WINDOWS\System32\drivers\mrxsmb.sys
00:58:03.0732 3716 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
00:58:03.0732 3716 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
00:58:03.0732 3716 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
00:58:03.0747 3716 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
00:58:03.0747 3716 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
00:58:03.0747 3716 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\WINDOWS\System32\drivers\srv2.sys
00:58:03.0747 3716 C:\WINDOWS\System32\drivers\srv2.sys - ok
00:58:03.0763 3716 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\WINDOWS\System32\drivers\srv.sys
00:58:03.0763 3716 C:\WINDOWS\System32\drivers\srv.sys - ok
00:58:03.0763 3716 [ A7495E342A2EE0160812AC856C11F6CF ] C:\Program Files\Google\Update\1.3.22.3\goopdate.dll
00:58:03.0763 3716 C:\Program Files\Google\Update\1.3.22.3\goopdate.dll - ok
00:58:03.0763 3716 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\WINDOWS\System32\HotStartUserAgent.dll
00:58:03.0779 3716 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
00:58:03.0779 3716 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\WINDOWS\System32\PlaySndSrv.dll
00:58:03.0779 3716 C:\WINDOWS\System32\PlaySndSrv.dll - ok
00:58:03.0779 3716 [ A324D72A06C110152E7607745F39BFA1 ] C:\WINDOWS\System32\netmsg.dll
00:58:03.0779 3716 C:\WINDOWS\System32\netmsg.dll - ok
00:58:03.0794 3716 [ 452341E471D2D961229DFE0842957272 ] C:\WINDOWS\System32\sscore.dll
00:58:03.0794 3716 C:\WINDOWS\System32\sscore.dll - ok
00:58:03.0794 3716 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\WINDOWS\System32\clusapi.dll
00:58:03.0794 3716 C:\WINDOWS\System32\clusapi.dll - ok
00:58:03.0794 3716 [ 0745D6EAD386710110817FBEC03F5161 ] C:\WINDOWS\System32\wfapigp.dll
00:58:03.0794 3716 C:\WINDOWS\System32\wfapigp.dll - ok
00:58:03.0810 3716 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\WINDOWS\System32\mscms.dll
00:58:03.0810 3716 C:\WINDOWS\System32\mscms.dll - ok
00:58:03.0810 3716 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\WINDOWS\System32\activeds.dll
00:58:03.0810 3716 C:\WINDOWS\System32\activeds.dll - ok
00:58:03.0810 3716 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\WINDOWS\System32\adsldpc.dll
00:58:03.0810 3716 C:\WINDOWS\System32\adsldpc.dll - ok
00:58:03.0825 3716 [ 1311171CF8F6D2954441EF2A42693035 ] C:\WINDOWS\System32\WsmRes.dll
00:58:03.0825 3716 C:\WINDOWS\System32\WsmRes.dll - ok
00:58:03.0825 3716 [ D922592AB65C5D9B88B30B4510A3464E ] C:\WINDOWS\System32\cscapi.dll
00:58:03.0825 3716 C:\WINDOWS\System32\cscapi.dll - ok
00:58:03.0841 3716 [ 4934241CD20AC87D78121352E3BA8318 ] C:\WINDOWS\System32\dbghelp.dll
00:58:03.0841 3716 C:\WINDOWS\System32\dbghelp.dll - ok
00:58:03.0841 3716 [ E230F3776F373F4C5E788794B53101E4 ] C:\WINDOWS\System32\plasrv.exe
00:58:03.0841 3716 C:\WINDOWS\System32\plasrv.exe - ok
00:58:03.0841 3716 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\WINDOWS\System32\credui.dll
00:58:03.0841 3716 C:\WINDOWS\System32\credui.dll - ok
00:58:03.0857 3716 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\WINDOWS\System32\resutils.dll
00:58:03.0857 3716 C:\WINDOWS\System32\resutils.dll - ok
00:58:03.0857 3716 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\WINDOWS\System32\TMM.dll
00:58:03.0857 3716 C:\WINDOWS\System32\TMM.dll - ok
00:58:03.0857 3716 [ 465680BDE344CE4FF6646626AA3A9125 ] C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
00:58:03.0857 3716 C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe - ok
00:58:03.0872 3716 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\WINDOWS\System32\mstask.dll
00:58:03.0872 3716 C:\WINDOWS\System32\mstask.dll - ok
00:58:03.0872 3716 [ 5F92C7B9CA03F41F0C2A883C8D7E1873 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnIS.dll
00:58:03.0872 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnIS.dll - ok
00:58:03.0888 3716 [ BDD6CA8BB4679B50EFEE94D366EE95B9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnOS.dll
00:58:03.0888 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnOS.dll - ok
00:58:03.0888 3716 [ D2BE55588F048124F26C5CF439AB6EAF ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnBS.dll
00:58:03.0888 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnBS.dll - ok
00:58:03.0888 3716 [ AB569F241A3E9D6374C4C90BBE4C9662 ] C:\WINDOWS\System32\atitmmxx.dll
00:58:03.0888 3716 C:\WINDOWS\System32\atitmmxx.dll - ok
00:58:03.0903 3716 [ 221096588BE187D3F56ED03EF91B83F5 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswScan.dll
00:58:03.0903 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswScan.dll - ok
00:58:03.0903 3716 [ 08ACE4629632221B2BC9D2374DCDA1C9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswRep.dll
00:58:03.0903 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswRep.dll - ok
00:58:03.0919 3716 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
00:58:03.0919 3716 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
00:58:03.0919 3716 [ 0277F74B245D07FEEB02B616AA71BB08 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswFiDb.dll
00:58:03.0919 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswFiDb.dll - ok
00:58:03.0919 3716 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
00:58:03.0919 3716 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
00:58:03.0935 3716 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
00:58:03.0935 3716 C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
00:58:03.0935 3716 [ 883D87AA9D3C15C3D57B11BABC180B4E ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
00:58:03.0935 3716 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
00:58:03.0950 3716 [ FF9DAAACD47C04387A4208888AF90EFE ] C:\Program Files\AVAST Software\Avast\defs\14010501\algo.dll
00:58:03.0950 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\algo.dll - ok
00:58:03.0950 3716 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
00:58:03.0950 3716 C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
00:58:03.0950 3716 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\WINDOWS\System32\QAGENT.DLL
00:58:03.0950 3716 C:\WINDOWS\System32\QAGENT.DLL - ok
00:58:03.0966 3716 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\WINDOWS\System32\drivers\parport.sys
00:58:03.0966 3716 C:\WINDOWS\System32\drivers\parport.sys - ok
00:58:03.0966 3716 [ EF1142512BEC12F1C2C87735DA1755BE ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
00:58:03.0966 3716 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe - ok
00:58:03.0981 3716 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\WINDOWS\System32\taskschd.dll
00:58:03.0981 3716 C:\WINDOWS\System32\taskschd.dll - ok
00:58:03.0981 3716 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\WINDOWS\System32\vssapi.dll
00:58:03.0981 3716 C:\WINDOWS\System32\vssapi.dll - ok
00:58:03.0981 3716 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\WINDOWS\System32\wdscore.dll
00:58:03.0981 3716 C:\WINDOWS\System32\wdscore.dll - ok
00:58:03.0997 3716 [ 974A1F783ED34588B45FAD6375077BA6 ] C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
00:58:03.0997 3716 C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe - ok
00:58:03.0997 3716 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\System32\mscoree.dll
00:58:03.0997 3716 C:\WINDOWS\System32\mscoree.dll - ok
00:58:03.0997 3716 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\WINDOWS\System32\WSDApi.dll
00:58:03.0997 3716 C:\WINDOWS\System32\WSDApi.dll - ok
00:58:04.0013 3716 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\WINDOWS\System32\fundisc.dll
00:58:04.0013 3716 C:\WINDOWS\System32\fundisc.dll - ok
00:58:04.0013 3716 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\WINDOWS\System32\httpapi.dll
00:58:04.0013 3716 C:\WINDOWS\System32\httpapi.dll - ok
00:58:04.0013 3716 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
00:58:04.0013 3716 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
00:58:04.0028 3716 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\WINDOWS\System32\msxml3.dll
00:58:04.0028 3716 C:\WINDOWS\System32\msxml3.dll - ok
00:58:04.0028 3716 [ E58796B5088EDD61E5EF03D693EA0D67 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
00:58:04.0028 3716 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
00:58:04.0044 3716 [ 71B479749F0F52C4FEC726C6FFA2CE1C ] C:\WINDOWS\System32\cryptnet.dll
00:58:04.0044 3716 C:\WINDOWS\System32\cryptnet.dll - ok
00:58:04.0044 3716 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\WINDOWS\System32\vsstrace.dll
00:58:04.0044 3716 C:\WINDOWS\System32\vsstrace.dll - ok
00:58:04.0044 3716 [ EC760B0B76A4353DE49D66520EB2141F ] C:\WINDOWS\System32\SensApi.dll
00:58:04.0044 3716 C:\WINDOWS\System32\SensApi.dll - ok
00:58:04.0059 3716 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
00:58:04.0059 3716 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
00:58:04.0059 3716 [ C6A94D4E2DD6E1C61818AC2186857AA8 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
00:58:04.0059 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll - ok
00:58:04.0075 3716 [ 769D027B977CED05658C85E698D3C5B1 ] C:\WINDOWS\System32\QUTIL.DLL
00:58:04.0075 3716 C:\WINDOWS\System32\QUTIL.DLL - ok
00:58:04.0075 3716 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\WINDOWS\System32\imageres.dll
00:58:04.0075 3716 C:\WINDOWS\System32\imageres.dll - ok
00:58:04.0075 3716 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
00:58:04.0075 3716 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
00:58:04.0091 3716 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\WINDOWS\System32\riched20.dll
00:58:04.0091 3716 C:\WINDOWS\System32\riched20.dll - ok
00:58:04.0091 3716 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\WINDOWS\System32\p2pcollab.dll
00:58:04.0091 3716 C:\WINDOWS\System32\p2pcollab.dll - ok
00:58:04.0091 3716 [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
00:58:04.0091 3716 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
00:58:04.0106 3716 [ 81B4A8947E497A28B96A2426033FE66B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
00:58:04.0106 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll - ok
00:58:04.0106 3716 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\WINDOWS\System32\IconCodecService.dll
00:58:04.0106 3716 C:\WINDOWS\System32\IconCodecService.dll - ok
00:58:04.0122 3716 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\WINDOWS\System32\runonce.exe
00:58:04.0122 3716 C:\WINDOWS\System32\runonce.exe - ok
00:58:04.0122 3716 [ DD79A6B15C2F28DE98DF4852AAF6B13B ] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
00:58:04.0122 3716 C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe - ok
00:58:04.0122 3716 [ EFA80360111D8D179E39E314A49C9ED4 ] C:\WINDOWS\System32\wshbth.dll
00:58:04.0122 3716 C:\WINDOWS\System32\wshbth.dll - ok
00:58:04.0137 3716 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:58:04.0137 3716 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:58:04.0137 3716 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\WINDOWS\System32\rasadhlp.dll
00:58:04.0137 3716 C:\WINDOWS\System32\rasadhlp.dll - ok
00:58:04.0137 3716 [ C411C80F90D6732380352B98B37BBD53 ] C:\WINDOWS\System32\winrnr.dll
00:58:04.0153 3716 C:\WINDOWS\System32\winrnr.dll - ok
00:58:04.0153 3716 [ 4E50C77A7558367FCDD79F24C34FA4AB ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
00:58:04.0153 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll - ok
00:58:04.0153 3716 [ 8ED5212422CC84B14C898E89F7F41B8B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll
00:58:04.0153 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll - ok
00:58:04.0169 3716 [ 996047633A94D54149C0968185673AB9 ] C:\Program Files\HP\Common\log4net.dll
00:58:04.0169 3716 C:\Program Files\HP\Common\log4net.dll - ok
00:58:04.0169 3716 [ 707BE9ACC449CDFEF8E3C435B633AECA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
00:58:04.0169 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll - ok
00:58:04.0169 3716 [ 97289924D704B061D9D38FFFF7A4AF8E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
00:58:04.0169 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll - ok
00:58:04.0184 3716 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\WINDOWS\System32\PresentationSettings.exe
00:58:04.0184 3716 C:\WINDOWS\System32\PresentationSettings.exe - ok
00:58:04.0184 3716 [ B231416DD7569B5C16F2DD2D2D64BB5A ] C:\WINDOWS\System32\ieframe.dll
00:58:04.0184 3716 C:\WINDOWS\System32\ieframe.dll - ok
00:58:04.0200 3716 [ 91DD75A62D5F1F63E08660001FE7AF13 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
00:58:04.0200 3716 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll - ok
00:58:04.0200 3716 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\WINDOWS\System32\ncsi.dll
00:58:04.0200 3716 C:\WINDOWS\System32\ncsi.dll - ok
00:58:04.0200 3716 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\WINDOWS\System32\drivers\PEAuth.sys
00:58:04.0200 3716 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
00:58:04.0215 3716 [ D0494460421A03CD5225CCA0059AA146 ] C:\WINDOWS\System32\IPSECSVC.DLL
00:58:04.0215 3716 C:\WINDOWS\System32\IPSECSVC.DLL - ok
00:58:04.0215 3716 [ 1BA47BDD47A62F6E6B56BE4ECF221BE3 ] C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
00:58:04.0215 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe - ok
00:58:04.0215 3716 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\WINDOWS\System32\ssdpapi.dll
00:58:04.0231 3716 C:\WINDOWS\System32\ssdpapi.dll - ok
00:58:04.0231 3716 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\WINDOWS\System32\FwRemoteSvr.dll
00:58:04.0231 3716 C:\WINDOWS\System32\FwRemoteSvr.dll - ok
00:58:04.0231 3716 [ 4B7A038F7859C60A1207EFE51A21FEAD ] C:\Program Files\Pervasive Software\PSQL\bin\pscore3.dll
00:58:04.0231 3716 C:\Program Files\Pervasive Software\PSQL\bin\pscore3.dll - ok
00:58:04.0247 3716 [ 20F6C253C05F7DE5E2A1D1EF0FF9141F ] C:\Program Files\Pervasive Software\PSQL\bin\pscl3.dll
00:58:04.0247 3716 C:\Program Files\Pervasive Software\PSQL\bin\pscl3.dll - ok
00:58:04.0247 3716 [ 762F752F29DA7922671CF3CCA2567987 ] C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.dll
00:58:04.0247 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.dll - ok
00:58:04.0247 3716 [ 6803B69C14696CC4907C5F77FBB04A14 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
00:58:04.0247 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
00:58:04.0262 3716 [ 2DB36351DD6C6C6297A4B5B90F88D3E1 ] C:\Program Files\Pervasive Software\PSQL\bin\w3odbcei.dll
00:58:04.0262 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3odbcei.dll - ok
00:58:04.0262 3716 [ 95A0B86B9F1D27B613830864341A8252 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
00:58:04.0262 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe - ok
00:58:04.0262 3716 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\WINDOWS\System32\shfolder.dll
00:58:04.0262 3716 C:\WINDOWS\System32\shfolder.dll - ok
00:58:04.0278 3716 [ BE551442445B13E114EB67F0E2216F89 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
00:58:04.0278 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
00:58:04.0278 3716 [ B9570481A1BABCC4A9E941C553596077 ] C:\WINDOWS\SMINST\BLService.exe
00:58:04.0278 3716 C:\WINDOWS\SMINST\BLService.exe - ok
00:58:04.0293 3716 [ 443AC12BCAC09A14DD5D665A2278565F ] C:\WINDOWS\SMINST\STDisks.dll
00:58:04.0293 3716 C:\WINDOWS\SMINST\STDisks.dll - ok
00:58:04.0293 3716 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\WINDOWS\System32\mfc42.dll
00:58:04.0293 3716 C:\WINDOWS\System32\mfc42.dll - ok
00:58:04.0293 3716 [ C45E8D6B795AA8D1DAA889ECFD83708E ] C:\WINDOWS\SMINST\CSTError.dll
00:58:04.0293 3716 C:\WINDOWS\SMINST\CSTError.dll - ok
00:58:04.0309 3716 [ A80F29D1DB2321C937D65DCA0EE4E032 ] C:\WINDOWS\SMINST\STString.dll
00:58:04.0309 3716 C:\WINDOWS\SMINST\STString.dll - ok
00:58:04.0309 3716 [ E98444D0CB6459A750FB594B31194F7C ] C:\WINDOWS\SMINST\STSystems.dll
00:58:04.0309 3716 C:\WINDOWS\SMINST\STSystems.dll - ok
00:58:04.0309 3716 [ 487611EF7C7D4D31BFE18B890F4DFF85 ] C:\WINDOWS\SMINST\STVdsDisks.dll
00:58:04.0309 3716 C:\WINDOWS\SMINST\STVdsDisks.dll - ok
00:58:04.0325 3716 [ F2DC53CF413BF5AE7491C4D2A188D022 ] C:\WINDOWS\SMINST\STWmiM.dll
00:58:04.0325 3716 C:\WINDOWS\SMINST\STWmiM.dll - ok
00:58:04.0325 3716 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\WINDOWS\System32\winspool.drv
00:58:04.0325 3716 C:\WINDOWS\System32\winspool.drv - ok
00:58:04.0340 3716 [ 20D73C965595C636BBA3867FD1EB8DA3 ] C:\Program Files\Pervasive Software\PSQL\bin\w3mif190.dll
00:58:04.0340 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3mif190.dll - ok
00:58:04.0340 3716 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\WINDOWS\System32\oledlg.dll
00:58:04.0340 3716 C:\WINDOWS\System32\oledlg.dll - ok
00:58:04.0340 3716 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
00:58:04.0340 3716 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
00:58:04.0356 3716 [ CB93D3C6B8C76710332AE57DCDF8A2C6 ] C:\Program Files\Pervasive Software\PSQL\bin\clientrb.dll
00:58:04.0356 3716 C:\Program Files\Pervasive Software\PSQL\bin\clientrb.dll - ok
00:58:04.0356 3716 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\System32\drivers\secdrv.sys
00:58:04.0356 3716 C:\WINDOWS\System32\drivers\secdrv.sys - ok
00:58:04.0371 3716 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\WINDOWS\System32\drivers\tcpipreg.sys
00:58:04.0371 3716 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
00:58:04.0371 3716 [ 351FA1DF82CFFDEDA801604246E63E95 ] C:\WINDOWS\System32\icaapi.dll
00:58:04.0371 3716 C:\WINDOWS\System32\icaapi.dll - ok
00:58:04.0371 3716 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\WINDOWS\System32\wiatrace.dll
00:58:04.0371 3716 C:\WINDOWS\System32\wiatrace.dll - ok
00:58:04.0387 3716 [ DEB9D08750423069647C3A066CEC7A1B ] C:\WINDOWS\System32\tquery.dll
00:58:04.0387 3716 C:\WINDOWS\System32\tquery.dll - ok
00:58:04.0387 3716 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\WINDOWS\System32\wbemcomn.dll
00:58:04.0387 3716 C:\WINDOWS\System32\wbemcomn.dll - ok
00:58:04.0387 3716 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\WINDOWS\System32\wsdchngr.dll
00:58:04.0387 3716 C:\WINDOWS\System32\wsdchngr.dll - ok
00:58:04.0403 3716 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\WINDOWS\System32\msvcp60.dll
00:58:04.0403 3716 C:\WINDOWS\System32\msvcp60.dll - ok
00:58:04.0403 3716 [ BA3DE6760CC3C158666C23631203456A ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll
00:58:04.0403 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
00:58:04.0418 3716 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
00:58:04.0418 3716 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
00:58:04.0418 3716 [ C3AE9A9AD584A9DE1083E1BD85D89FBE ] C:\Program Files\Pervasive Software\PSQL\bin\w3mkde.dll
00:58:04.0418 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3mkde.dll - ok
00:58:04.0418 3716 [ 2205A220A264E8C8B86492BF3D112907 ] C:\WINDOWS\System32\PortableDeviceApi.dll
00:58:04.0418 3716 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
00:58:04.0434 3716 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\WINDOWS\System32\cmd.exe
00:58:04.0434 3716 C:\WINDOWS\System32\cmd.exe - ok
00:58:04.0434 3716 [ C89906FA43A58FD4CFC7EA06D885A597 ] C:\WINDOWS\System32\mshtml.dll
00:58:04.0434 3716 C:\WINDOWS\System32\mshtml.dll - ok
00:58:04.0434 3716 [ 6EE9235E3BAC544798FCC6AF746DE7DC ] C:\Program Files\Pervasive Software\PSQL\bin\enginelm.dll
00:58:04.0434 3716 C:\Program Files\Pervasive Software\PSQL\bin\enginelm.dll - ok
00:58:04.0449 3716 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\WINDOWS\System32\msdmo.dll
00:58:04.0449 3716 C:\WINDOWS\System32\msdmo.dll - ok
00:58:04.0449 3716 [ 218B73EA8341EA9FDF018D43052E790A ] C:\WINDOWS\System32\mssrch.dll
00:58:04.0449 3716 C:\WINDOWS\System32\mssrch.dll - ok
00:58:04.0465 3716 [ B53BD9E63867CD9FD853F666CA172713 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
00:58:04.0465 3716 C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
00:58:04.0465 3716 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\WINDOWS\System32\devenum.dll
00:58:04.0465 3716 C:\WINDOWS\System32\devenum.dll - ok
00:58:04.0481 3716 [ 38BD86DA5D7B389D82E92B6A2605E878 ] C:\Program Files\Pervasive Software\PSQL\bin\mkderb.dll
00:58:04.0481 3716 C:\Program Files\Pervasive Software\PSQL\bin\mkderb.dll - ok
00:58:04.0481 3716 [ 928C90E02E05244D2290C1551DF732C8 ] C:\WINDOWS\System32\avicap32.dll
00:58:04.0481 3716 C:\WINDOWS\System32\avicap32.dll - ok
00:58:04.0481 3716 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\WINDOWS\System32\msvfw32.dll
00:58:04.0481 3716 C:\WINDOWS\System32\msvfw32.dll - ok
00:58:04.0496 3716 [ 810ABF8AF680E7B55955847A47F9819C ] C:\Program Files\Pervasive Software\PSQL\bin\w3nsl260.dll
00:58:04.0496 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3nsl260.dll - ok
00:58:04.0496 3716 [ 65C092EF598DCCA1D665D52F06829512 ] C:\WINDOWS\System32\vfwwdm32.dll
00:58:04.0496 3716 C:\WINDOWS\System32\vfwwdm32.dll - ok
00:58:04.0512 3716 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\WINDOWS\System32\wbem\wbemprox.dll
00:58:04.0512 3716 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
00:58:04.0512 3716 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\WINDOWS\System32\wbem\wbemcore.dll
00:58:04.0512 3716 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
00:58:04.0512 3716 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\WINDOWS\System32\msidle.dll
00:58:04.0512 3716 C:\WINDOWS\System32\msidle.dll - ok
00:58:04.0527 3716 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\WINDOWS\System32\wbem\esscli.dll
00:58:04.0527 3716 C:\WINDOWS\System32\wbem\esscli.dll - ok
00:58:04.0527 3716 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\WINDOWS\System32\Query.dll
00:58:04.0527 3716 C:\WINDOWS\System32\Query.dll - ok
00:58:04.0527 3716 [ 4E9C3A3C660A76ECF37E4942877EA6FE ] C:\Program Files\Pervasive Software\PSQL\bin\w3csm100.dll
00:58:04.0527 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3csm100.dll - ok
00:58:04.0543 3716 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Chris\AppData\Local\Temp\B543D505-6CC9-4314-92B8-5CD7182461DE.exe
00:58:04.0543 3716 C:\Users\Chris\AppData\Local\Temp\B543D505-6CC9-4314-92B8-5CD7182461DE.exe - ok
00:58:04.0543 3716 [ 41D9F439D5A95FC7D65A9C94CE66AADF ] C:\Program Files\Pervasive Software\PSQL\bin\w3csp100.dll
00:58:04.0543 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3csp100.dll - ok
00:58:04.0559 3716 [ 4436588C55BBCA0D617A82DDE767B792 ] C:\WINDOWS\System32\vdsldr.exe
00:58:04.0559 3716 C:\WINDOWS\System32\vdsldr.exe - ok
00:58:04.0559 3716 [ 9270E4C81A95E372CD0B90CA1D326E71 ] C:\Program Files\Pervasive Software\PSQL\bin\w3exp010.dll
00:58:04.0559 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3exp010.dll - ok
00:58:04.0574 3716 [ 09CF59E216C665C5306B143DD12376C2 ] C:\Program Files\Pervasive Software\PSQL\bin\dbcsipxy.dll
00:58:04.0574 3716 C:\Program Files\Pervasive Software\PSQL\bin\dbcsipxy.dll - ok
00:58:04.0574 3716 [ 7DE4CD241C47D52EFD2206D26ABD00C9 ] C:\Program Files\Pervasive Software\PSQL\bin\w3csi100.dll
00:58:04.0574 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3csi100.dll - ok
00:58:04.0574 3716 [ A5994C4FFD85BFCF2D8496E8B530C1E0 ] C:\Program Files\Pervasive Software\PSQL\bin\w3dcm100.dll
00:58:04.0574 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3dcm100.dll - ok
00:58:04.0590 3716 [ FE7742C93F6904A9B08BC6749C039CE9 ] C:\WINDOWS\System32\vdsutil.dll
00:58:04.0590 3716 C:\WINDOWS\System32\vdsutil.dll - ok
00:58:04.0590 3716 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\WINDOWS\System32\wbem\fastprox.dll
00:58:04.0590 3716 C:\WINDOWS\System32\wbem\fastprox.dll - ok
00:58:04.0605 3716 [ 0A584EAAF70A171E919D8CE592407E94 ] C:\WINDOWS\System32\vds_ps.dll
00:58:04.0605 3716 C:\WINDOWS\System32\vds_ps.dll - ok
00:58:04.0605 3716 [ B32F2D95281376697792B9E6A4C18E86 ] C:\Program Files\Pervasive Software\PSQL\bin\w3comsrv.dll
00:58:04.0605 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3comsrv.dll - ok
00:58:04.0605 3716 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\WINDOWS\System32\sqmapi.dll
00:58:04.0605 3716 C:\WINDOWS\System32\sqmapi.dll - ok
00:58:04.0621 3716 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\WINDOWS\System32\wbem\wbemsvc.dll
00:58:04.0621 3716 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
00:58:04.0621 3716 [ A952D0DED445F26AEFCF593A935AB300 ] C:\WINDOWS\System32\hnetcfg.dll
00:58:04.0621 3716 C:\WINDOWS\System32\hnetcfg.dll - ok
00:58:04.0621 3716 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\WINDOWS\System32\wbem\wmiutils.dll
00:58:04.0621 3716 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
00:58:04.0637 3716 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\WINDOWS\System32\netprofm.dll
00:58:04.0637 3716 C:\WINDOWS\System32\netprofm.dll - ok
00:58:04.0637 3716 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\WINDOWS\System32\npmproxy.dll
00:58:04.0637 3716 C:\WINDOWS\System32\npmproxy.dll - ok
00:58:04.0652 3716 [ 85642CD0E10F017A41B3C21E01ED1E6F ] C:\Program Files\Pervasive Software\PSQL\bin\w3mgrres.dll
00:58:04.0652 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3mgrres.dll - ok
00:58:04.0652 3716 [ BBEC4230D915F8DE6249D8AD8856D9CD ] C:\Program Files\Pervasive Software\PSQL\bin\w3mgrrsx.dll
00:58:04.0652 3716 C:\Program Files\Pervasive Software\PSQL\bin\w3mgrrsx.dll - ok
00:58:04.0652 3716 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\WINDOWS\System32\wbem\repdrvfs.dll
00:58:04.0652 3716 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
00:58:04.0668 3716 [ 1D6B95871DC006190964B04E5657E35F ] C:\WINDOWS\System32\rastapi.dll
00:58:04.0668 3716 C:\WINDOWS\System32\rastapi.dll - ok
00:58:04.0668 3716 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\WINDOWS\System32\unimdm.tsp
00:58:04.0668 3716 C:\WINDOWS\System32\unimdm.tsp - ok
00:58:04.0683 3716 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\WINDOWS\System32\en-US\tquery.dll.mui
00:58:04.0683 3716 C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
00:58:04.0683 3716 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\WINDOWS\System32\uniplat.dll
00:58:04.0683 3716 C:\WINDOWS\System32\uniplat.dll - ok
00:58:04.0683 3716 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\WINDOWS\System32\esent.dll
00:58:04.0683 3716 C:\WINDOWS\System32\esent.dll - ok
00:58:04.0699 3716 [ 953193A9DEA40348C1086D171F6440AE ] C:\WINDOWS\System32\kmddsp.tsp
00:58:04.0699 3716 C:\WINDOWS\System32\kmddsp.tsp - ok
00:58:04.0699 3716 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\WINDOWS\System32\ndptsp.tsp
00:58:04.0699 3716 C:\WINDOWS\System32\ndptsp.tsp - ok
00:58:04.0715 3716 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\WINDOWS\System32\hidphone.tsp
00:58:04.0715 3716 C:\WINDOWS\System32\hidphone.tsp - ok
00:58:04.0715 3716 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\WINDOWS\System32\rasppp.dll
00:58:04.0715 3716 C:\WINDOWS\System32\rasppp.dll - ok
00:58:04.0715 3716 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\WINDOWS\System32\mprapi.dll
00:58:04.0715 3716 C:\WINDOWS\System32\mprapi.dll - ok
00:58:04.0730 3716 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\WINDOWS\System32\rasqec.dll
00:58:04.0730 3716 C:\WINDOWS\System32\rasqec.dll - ok
00:58:04.0730 3716 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\WINDOWS\System32\cryptui.dll
00:58:04.0730 3716 C:\WINDOWS\System32\cryptui.dll - ok
00:58:04.0730 3716 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\WINDOWS\System32\msscb.dll
00:58:04.0730 3716 C:\WINDOWS\System32\msscb.dll - ok
00:58:04.0746 3716 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\WINDOWS\System32\fltLib.dll
00:58:04.0746 3716 C:\WINDOWS\System32\fltLib.dll - ok
00:58:04.0746 3716 [ 031ECB959CB3525CEB558CE6A278C199 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
00:58:04.0746 3716 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
00:58:04.0746 3716 [ 092155AEDE41225E0AA938ADB5D9BA64 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
00:58:04.0746 3716 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
00:58:04.0761 3716 [ 0E0C055123932FF2210A86C01D36A28E ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
00:58:04.0761 3716 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
00:58:04.0761 3716 [ 2FD048C0668645BAF20FD75A3AE80AE1 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
00:58:04.0761 3716 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
00:58:04.0777 3716 [ E98E402067978DB38282158F9E8609CA ] C:\WINDOWS\System32\netshell.dll
00:58:04.0777 3716 C:\WINDOWS\System32\netshell.dll - ok
00:58:04.0777 3716 [ 5CB36179AC1072C64A2CD55E5C1A211A ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
00:58:04.0777 3716 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
00:58:04.0777 3716 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
00:58:04.0777 3716 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
00:58:04.0793 3716 [ 3192ED5E2FFDF5B630541B9643AE1AA3 ] C:\WINDOWS\System32\upnp.dll
00:58:04.0793 3716 C:\WINDOWS\System32\upnp.dll - ok
00:58:04.0793 3716 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\WINDOWS\System32\mlang.dll
00:58:04.0793 3716 C:\WINDOWS\System32\mlang.dll - ok
00:58:04.0793 3716 [ AC6B8F8058EE27932F9AF8A2D959D201 ] C:\WINDOWS\System32\msimtf.dll
00:58:04.0793 3716 C:\WINDOWS\System32\msimtf.dll - ok
00:58:04.0808 3716 [ 35AAE2E841AA1A949775168E119482C9 ] C:\WINDOWS\System32\msls31.dll
00:58:04.0808 3716 C:\WINDOWS\System32\msls31.dll - ok
00:58:04.0808 3716 [ 90EB173A54E28CA09B89D4AFDEBC2F1A ] C:\Program Files\AVAST Software\Avast\defs\14010501\exts.dll
00:58:04.0808 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\exts.dll - ok
00:58:04.0824 3716 [ E828C391BB999BD85C15DA20B51CDF9C ] C:\WINDOWS\System32\d2d1.dll
00:58:04.0824 3716 C:\WINDOWS\System32\d2d1.dll - ok
00:58:04.0824 3716 [ A609A192E98934A8D352704C99AB8577 ] C:\WINDOWS\System32\wbem\wbemess.dll
00:58:04.0824 3716 C:\WINDOWS\System32\wbem\wbemess.dll - ok
00:58:04.0824 3716 [ C1D99BEC2E232AD268C2A5BE62ACD3F1 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
00:58:04.0824 3716 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
00:58:04.0839 3716 [ 9BD443B52350D2784544B637F103EBCF ] C:\WINDOWS\System32\DWrite.dll
00:58:04.0839 3716 C:\WINDOWS\System32\DWrite.dll - ok
00:58:04.0839 3716 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\WINDOWS\System32\security.dll
00:58:04.0839 3716 C:\WINDOWS\System32\security.dll - ok
00:58:04.0839 3716 [ 86DCB6213F35C04ED5EF663614D8EEB4 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
00:58:04.0839 3716 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
00:58:04.0855 3716 [ A7D519361CB323A355D870B3B8A91D1E ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
00:58:04.0855 3716 C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
00:58:04.0855 3716 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
00:58:04.0855 3716 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
00:58:04.0871 3716 [ BA51FC55F0D39CB8EF6FCFEFE68EAD50 ] C:\Program Files\AVAST Software\Avast\aswJSScan.dll
00:58:04.0871 3716 C:\Program Files\AVAST Software\Avast\aswJSScan.dll - ok
00:58:04.0871 3716 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\WINDOWS\System32\wbem\wmipcima.dll
00:58:04.0871 3716 C:\WINDOWS\System32\wbem\wmipcima.dll - ok
00:58:04.0871 3716 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\WINDOWS\System32\framedynos.dll
00:58:04.0871 3716 C:\WINDOWS\System32\framedynos.dll - ok
00:58:04.0886 3716 [ 7454D1F12F754ADEA11B890FE34C2402 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
00:58:04.0886 3716 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
00:58:04.0886 3716 [ FE2F3B2B2F189C345870F1AB307BD6C9 ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
00:58:04.0886 3716 C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
00:58:04.0886 3716 [ C43DECDAC58C0A43E0376A216590F40A ] C:\WINDOWS\System32\quartz.dll
00:58:04.0886 3716 C:\WINDOWS\System32\quartz.dll - ok
00:58:04.0902 3716 [ E4945031D0286F3DA8D0844D2F6BEEBE ] C:\Program Files\AVAST Software\Avast\defs\14010501\swhealthex.dll
00:58:04.0902 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\swhealthex.dll - ok
00:58:04.0902 3716 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\WINDOWS\System32\dxva2.dll
00:58:04.0902 3716 C:\WINDOWS\System32\dxva2.dll - ok
00:58:04.0917 3716 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\WINDOWS\System32\qcap.dll
00:58:04.0917 3716 C:\WINDOWS\System32\qcap.dll - ok
00:58:04.0917 3716 [ 98638A4CA187245C469DA0DEC4F04A45 ] C:\WINDOWS\System32\pautoenr.dll
00:58:04.0917 3716 C:\WINDOWS\System32\pautoenr.dll - ok
00:58:04.0917 3716 [ AC48FD62E22C4425879FCA5A63F50497 ] C:\WINDOWS\System32\certcli.dll
00:58:04.0917 3716 C:\WINDOWS\System32\certcli.dll - ok
00:58:04.0933 3716 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\WINDOWS\System32\ksproxy.ax
00:58:04.0933 3716 C:\WINDOWS\System32\ksproxy.ax - ok
00:58:04.0933 3716 [ 898ABECCD5F0B9A8E8F1318DDB234685 ] C:\WINDOWS\System32\dot3api.dll
00:58:04.0933 3716 C:\WINDOWS\System32\dot3api.dll - ok
00:58:04.0933 3716 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\WINDOWS\System32\vidcap.ax
00:58:04.0949 3716 C:\WINDOWS\System32\vidcap.ax - ok
00:58:04.0949 3716 [ 8D544AC1B7AA7FB9DFF0C3E7DA6AD295 ] C:\WINDOWS\System32\wlanhlp.dll
00:58:04.0949 3716 C:\WINDOWS\System32\wlanhlp.dll - ok
00:58:04.0949 3716 [ 0053319C4438CDE659AA75C19BBD22F1 ] C:\WINDOWS\System32\CertEnroll.dll
00:58:04.0949 3716 C:\WINDOWS\System32\CertEnroll.dll - ok
00:58:04.0964 3716 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\WINDOWS\System32\Kswdmcap.ax
00:58:04.0964 3716 C:\WINDOWS\System32\Kswdmcap.ax - ok
00:58:04.0964 3716 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\WINDOWS\System32\drivers\mspqm.sys
00:58:04.0964 3716 C:\WINDOWS\System32\drivers\mspqm.sys - ok
00:58:04.0964 3716 [ 0576C771DC0A20C49C3BA08D9013AB61 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
00:58:04.0964 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
00:58:04.0980 3716 [ C8DBFEF835FF54467425C8F3ABCF7046 ] C:\WINDOWS\System32\dssenh.dll
00:58:04.0980 3716 C:\WINDOWS\System32\dssenh.dll - ok
00:58:04.0980 3716 [ 39D71E143CD9D9E25D5DBC03A7C04BF9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswAR.dll
00:58:04.0980 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswAR.dll - ok
00:58:04.0995 3716 [ C8AE490A93C3CC2E537B6E06247785A1 ] C:\WINDOWS\System32\wbem\NCProv.dll
00:58:04.0995 3716 C:\WINDOWS\System32\wbem\NCProv.dll - ok
00:58:04.0995 3716 [ E3F535656B5ABF249702EB64F3CF9AF0 ] C:\WINDOWS\System32\wbem\wbemcons.dll
00:58:04.0995 3716 C:\WINDOWS\System32\wbem\wbemcons.dll - ok
00:58:04.0995 3716 [ 0752E49C9A4311C9C04CC1D4E571B025 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswRawFS.dll
00:58:04.0995 3716 C:\Program Files\AVAST Software\Avast\defs\14010501\aswRawFS.dll - ok
00:58:05.0011 3716 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\WINDOWS\System32\sfc.dll
00:58:05.0011 3716 C:\WINDOWS\System32\sfc.dll - ok
00:58:05.0011 3716 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\WINDOWS\System32\sfc_os.dll
00:58:05.0011 3716 C:\WINDOWS\System32\sfc_os.dll - ok
00:58:05.0011 3716 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\WINDOWS\System32\ie4uinit.exe
00:58:05.0011 3716 C:\WINDOWS\System32\ie4uinit.exe - ok
00:58:05.0027 3716 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\WINDOWS\System32\iedkcs32.dll
00:58:05.0027 3716 C:\WINDOWS\System32\iedkcs32.dll - ok
00:58:05.0027 3716 [ 4B19A9A4191353007E9819A832B81186 ] C:\WINDOWS\System32\timedate.cpl
00:58:05.0027 3716 C:\WINDOWS\System32\timedate.cpl - ok
00:58:05.0042 3716 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\WINDOWS\System32\actxprxy.dll
00:58:05.0042 3716 C:\WINDOWS\System32\actxprxy.dll - ok
00:58:05.0042 3716 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\WINDOWS\System32\msshsq.dll
00:58:05.0042 3716 C:\WINDOWS\System32\msshsq.dll - ok
00:58:05.0042 3716 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\WINDOWS\System32\NaturalLanguage6.dll
00:58:05.0042 3716 C:\WINDOWS\System32\NaturalLanguage6.dll - ok
00:58:05.0058 3716 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\WINDOWS\System32\NlsData0009.dll
00:58:05.0058 3716 C:\WINDOWS\System32\NlsData0009.dll - ok
00:58:05.0058 3716 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\System32\drivers\59070920.sys
00:58:05.0058 3716 C:\WINDOWS\System32\drivers\59070920.sys - ok
00:58:05.0058 3716 [ 3FCB7347D2DE38488C85A31EA7838A3C ] C:\WINDOWS\System32\WinSATAPI.dll
00:58:05.0058 3716 C:\WINDOWS\System32\WinSATAPI.dll - ok
00:58:05.0073 3716 [ 2BFF31508A58EA3F82CA8D6620AE6E13 ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
00:58:05.0073 3716 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
00:58:05.0073 3716 [ 8629B71343F61E1140243581C63BC0C7 ] C:\WINDOWS\System32\NlsLexicons0009.dll
00:58:05.0073 3716 C:\WINDOWS\System32\NlsLexicons0009.dll - ok
00:58:05.0089 3716 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\WINDOWS\System32\networkexplorer.dll
00:58:05.0089 3716 C:\WINDOWS\System32\networkexplorer.dll - ok
00:58:05.0089 3716 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\WINDOWS\System32\linkinfo.dll
00:58:05.0089 3716 C:\WINDOWS\System32\linkinfo.dll - ok
00:58:05.0089 3716 [ 376A9B411BF8B77D5BF84B24D0C7DACD ] C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe
00:58:05.0089 3716 C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe - ok
00:58:05.0105 3716 [ D90CCD7E9D2843E9F26B4323B3A13F46 ] C:\Program Files\PeerBlock\peerblock.exe
00:58:05.0105 3716 C:\Program Files\PeerBlock\peerblock.exe - ok
00:58:05.0105 3716 [ EA4F2D7F6C01B5E581F4BAFFDFAA45C7 ] C:\Program Files\iTunes\iTunes.exe
00:58:05.0105 3716 C:\Program Files\iTunes\iTunes.exe - ok
00:58:05.0120 3716 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\WINDOWS\System32\msiltcfg.dll
00:58:05.0120 3716 C:\WINDOWS\System32\msiltcfg.dll - ok
00:58:05.0120 3716 [ 43E6F2A7FB182F2D7CB0CE5B8F1005CF ] C:\Program Files\Internet Explorer\iexplore.exe
00:58:05.0120 3716 C:\Program Files\Internet Explorer\iexplore.exe - ok
00:58:05.0120 3716 [ 24DC2A6F110B79787D6C5D5FF52A0235 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
00:58:05.0120 3716 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
00:58:05.0136 3716 [ 63396CBB1365769D520E0FD89C2419F2 ] C:\WINDOWS\System32\localspl.dll
00:58:05.0136 3716 C:\WINDOWS\System32\localspl.dll - ok
00:58:05.0136 3716 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\WINDOWS\System32\SyncCenter.dll
00:58:05.0136 3716 C:\WINDOWS\System32\SyncCenter.dll - ok
00:58:05.0151 3716 [ 3AC24E5EE0EBB782EDD57CE520D66E93 ] C:\WINDOWS\System32\PJLMON.DLL
00:58:05.0151 3716 C:\WINDOWS\System32\PJLMON.DLL - ok
00:58:05.0151 3716 [ BB0EB921877A1A7EF15AE2D97A71CBA9 ] C:\WINDOWS\System32\tcpmon.dll
00:58:05.0151 3716 C:\WINDOWS\System32\tcpmon.dll - ok
00:58:05.0151 3716 [ AF24A9DF84637BF9858EC6FB88EBA7B2 ] C:\WINDOWS\System32\snmpapi.dll
00:58:05.0151 3716 C:\WINDOWS\System32\snmpapi.dll - ok
00:58:05.0167 3716 [ 1EDE113859276E4B0F19B80F39E2CC95 ] C:\WINDOWS\System32\wsnmp32.dll
00:58:05.0167 3716 C:\WINDOWS\System32\wsnmp32.dll - ok
00:58:05.0167 3716 [ 5091452DC719281CF1DD69367E13B494 ] C:\WINDOWS\System32\tcpmib.dll
00:58:05.0167 3716 C:\WINDOWS\System32\tcpmib.dll - ok
00:58:05.0167 3716 [ B4F5DE3DAD8E6B97272F45DB97674878 ] C:\WINDOWS\System32\mgmtapi.dll
00:58:05.0167 3716 C:\WINDOWS\System32\mgmtapi.dll - ok
00:58:05.0183 3716 [ 0BF0BB276F17B6AD61A8694D2551EC28 ] C:\WINDOWS\System32\usbmon.dll
00:58:05.0183 3716 C:\WINDOWS\System32\usbmon.dll - ok
00:58:05.0183 3716 [ 0EB1CC5EBFCAAB7DBAEE881E2887F7F9 ] C:\WINDOWS\System32\WSDMon.dll
00:58:05.0183 3716 C:\WINDOWS\System32\WSDMon.dll - ok
00:58:05.0198 3716 [ 01DC2B9CA45FC9ED76DBE3D28461544C ] C:\Program Files\AVAST Software\Avast\aswRvrt.dll
00:58:05.0198 3716 C:\Program Files\AVAST Software\Avast\aswRvrt.dll - ok
00:58:05.0198 3716 [ 19D93154C82FE39A99B269CED1056A92 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
00:58:05.0198 3716 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
00:58:05.0198 3716 [ 9B89B3BB79EA1ACF041F40A7B6FC5827 ] C:\WINDOWS\System32\mobsync.exe
00:58:05.0198 3716 C:\WINDOWS\System32\mobsync.exe - ok
00:58:05.0214 3716 [ 7599E425947A595448DA778B610923BC ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
00:58:05.0214 3716 C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
00:58:05.0214 3716 [ A4E7946B71BBDF8708C7AC97FD9E9008 ] C:\WINDOWS\System32\win32spl.dll
00:58:05.0214 3716 C:\WINDOWS\System32\win32spl.dll - ok
00:58:05.0229 3716 [ DCE0705B5D3861BFF813DB2A8160FBF0 ] C:\WINDOWS\System32\SynCOM.dll
00:58:05.0229 3716 C:\WINDOWS\System32\SynCOM.dll - ok
00:58:05.0229 3716 [ 7E6EA9CB72B5DE84A5D700BED877E5F9 ] C:\Program Files\Windows Mail\WinMail.exe
00:58:05.0229 3716 C:\Program Files\Windows Mail\WinMail.exe - ok
00:58:05.0229 3716 [ 4BF053944E973C073339BE841C9ECF28 ] C:\WINDOWS\System32\netrap.dll
00:58:05.0229 3716 C:\WINDOWS\System32\netrap.dll - ok
00:58:05.0245 3716 [ 2D3D47B93E0BE86EEBB261734AB5B6A1 ] C:\WINDOWS\System32\printcom.dll
00:58:05.0245 3716 C:\WINDOWS\System32\printcom.dll - ok
00:58:05.0245 3716 [ A67F3268E37FC54A2C5AD321A20829F9 ] C:\Program Files\IDT\WDM\sttray.exe
00:58:05.0245 3716 C:\Program Files\IDT\WDM\sttray.exe - ok
00:58:05.0245 3716 [ 2E8E30F3B318A9FDA5A2485723F4C2B3 ] C:\WINDOWS\System32\inetpp.dll
00:58:05.0245 3716 C:\WINDOWS\System32\inetpp.dll - ok
00:58:05.0261 3716 [ 2D821AFA5A1A9CA7F9F997A1AAD09E72 ] C:\Program Files\Windows Media Player\wmplayer.exe
00:58:05.0261 3716 C:\Program Files\Windows Media Player\wmplayer.exe - ok
00:58:05.0261 3716 [ DAF60E13E96ECB67F0EDAA89C6B01B8D ] C:\WINDOWS\System32\notepad.exe
00:58:05.0261 3716 C:\WINDOWS\System32\notepad.exe - ok
00:58:05.0276 3716 [ 9EF5CD37551AC5381FC2CA763DC1CEE8 ] C:\WINDOWS\System32\SynTPAPI.dll
00:58:05.0276 3716 C:\WINDOWS\System32\SynTPAPI.dll - ok
00:58:05.0276 3716 [ 5016B8FC59AD616F03813FBE63295081 ] C:\WINDOWS\System32\thumbcache.dll
00:58:05.0276 3716 C:\WINDOWS\System32\thumbcache.dll - ok
00:58:05.0276 3716 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\WINDOWS\System32\control.exe
00:58:05.0276 3716 C:\WINDOWS\System32\control.exe - ok
00:58:05.0292 3716 [ AFEBF9E0B223FF04709F747C172D3540 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
00:58:05.0292 3716 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
00:58:05.0292 3716 [ 941486AB385556BF6A62342F8CA15BD8 ] C:\WINDOWS\System32\accessibilitycpl.dll
00:58:05.0292 3716 C:\WINDOWS\System32\accessibilitycpl.dll - ok
00:58:05.0292 3716 [ 2A87549B881FAFF5A329D4BEFB26DAAF ] C:\Program Files\IDT\WDM\stlang.dll
00:58:05.0292 3716 C:\Program Files\IDT\WDM\stlang.dll - ok
00:58:05.0307 3716 [ CC1959AB3929997F4198AA69C854086F ] C:\WINDOWS\System32\regsvr32.exe
00:58:05.0307 3716 C:\WINDOWS\System32\regsvr32.exe - ok
00:58:05.0307 3716 [ E47C854A28A81F2939F42CBE9FEA994C ] C:\WINDOWS\System32\Magnify.exe
00:58:05.0307 3716 C:\WINDOWS\System32\Magnify.exe - ok
00:58:05.0307 3716 [ 27BB54357A51594D9F9B6257B5B9A879 ] C:\WINDOWS\System32\Narrator.exe
00:58:05.0307 3716 C:\WINDOWS\System32\Narrator.exe - ok
00:58:05.0323 3716 [ 877F2939794EBA4F3D1BB967007E99E8 ] C:\WINDOWS\System32\osk.exe
00:58:05.0323 3716 C:\WINDOWS\System32\osk.exe - ok
00:58:05.0323 3716 [ 12A9A45CAD7C2BA185F6CF19ABF6B287 ] C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe
00:58:05.0323 3716 C:\Program Files\CyberLink\DVD Suite\PowerStarter.exe - ok
00:58:05.0339 3716 [ BDB74DFFEB1DD3608E99B5B838CFAA91 ] C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe
00:58:05.0339 3716 C:\Program Files\CyberLink\LabelPrint\LabelPrint.exe - ok
00:58:05.0339 3716 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\WINDOWS\System32\ntshrui.dll
00:58:05.0339 3716 C:\WINDOWS\System32\ntshrui.dll - ok
00:58:05.0339 3716 [ AD75FA737061370FA410C5AE06D7D324 ] C:\Program Files\CyberLink\Power2Go\Power2Go.exe
00:58:05.0339 3716 C:\Program Files\CyberLink\Power2Go\Power2Go.exe - ok
00:58:05.0354 3716 [ 80660C611B596FFE8AF4074B31AA6FB7 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
00:58:05.0354 3716 C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
00:58:05.0354 3716 [ 0EF9876FA3041574F4C6E6FA1B646D2A ] C:\PROGRA~1\MICROS~3\Office12\Moc.exe
00:58:05.0354 3716 C:\PROGRA~1\MICROS~3\Office12\Moc.exe - ok
00:58:05.0370 3716 [ B0FD3872F6958AA93D6A7103AC01852C ] C:\Program Files\VideoLAN\VLC\vlc.exe
00:58:05.0370 3716 C:\Program Files\VideoLAN\VLC\vlc.exe - ok
00:58:05.0370 3716 [ D23764551068293A44E4D05609818025 ] C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
00:58:05.0370 3716 C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
00:58:05.0370 3716 [ F1CB88B90F5CE1A6D2BCDE90E2100ECC ] C:\Program Files\OpenOffice 4\program\swriter.exe
00:58:05.0370 3716 C:\Program Files\OpenOffice 4\program\swriter.exe - ok
00:58:05.0385 3716 [ 61216539E55DDF2F78E421E7EF140650 ] C:\WINDOWS\System32\ExplorerFrame.dll
00:58:05.0385 3716 C:\WINDOWS\System32\ExplorerFrame.dll - ok
00:58:05.0385 3716 [ 1EEA6C1B35191DC177EA83672B9C3FC0 ] C:\Program Files\Mozilla Firefox\firefox.exe
00:58:05.0385 3716 C:\Program Files\Mozilla Firefox\firefox.exe - ok
00:58:05.0401 3716 [ 66E9F5121482A086CF77B8A40827E922 ] C:\Program Files\WinRAR\WinRAR.exe
00:58:05.0401 3716 C:\Program Files\WinRAR\WinRAR.exe - ok
00:58:05.0401 3716 [ FD647CA82ACF232DBE5F20345647B948 ] C:\WINDOWS\AppPatch\AcGenral.dll
00:58:05.0401 3716 C:\WINDOWS\AppPatch\AcGenral.dll - ok
00:58:05.0401 3716 [ 5DB08DBBA056A98E20D46D4FA48EFDEB ] C:\Program Files\CyberLink\PowerDirector\PDR.exe
00:58:05.0401 3716 C:\Program Files\CyberLink\PowerDirector\PDR.exe - ok
00:58:05.0417 3716 [ 2C8AB779971C1FBE09213784CF18D878 ] C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll
00:58:05.0417 3716 C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll - ok
00:58:05.0417 3716 [ A511C16AE05EEEED4BD35ECB944D7E5F ] C:\Users\Chris\Desktop\ComboFix.exe
00:58:05.0417 3716 C:\Users\Chris\Desktop\ComboFix.exe - ok
00:58:05.0417 3716 [ B2FF810E89DCD5A1DC11E38A7E08A962 ] C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe
00:58:05.0417 3716 C:\Program Files\Auslogics\DiskDefrag\DiskDefrag.exe - ok
00:58:05.0432 3716 [ A09D272AA5C4CE836C5347EA36210FEA ] C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE
00:58:05.0432 3716 C:\PROGRA~1\MICROS~3\Office14\OUTLOOK.EXE - ok
00:58:05.0432 3716 [ 027E71E2E38C4EFAB0965F09DA23E129 ] C:\Program Files\CyberLink\YouCam\YouCam.exe
00:58:05.0432 3716 C:\Program Files\CyberLink\YouCam\YouCam.exe - ok
00:58:05.0448 3716 [ D5E00A92B66366CCAB2E20D7DDE189E2 ] C:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
00:58:05.0448 3716 C:\WINDOWS\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe - ok
00:58:05.0448 3716 [ E9ACE8568F9F906996B16363E9861829 ] C:\Program Files\Steam\Steam.exe
00:58:05.0448 3716 C:\Program Files\Steam\Steam.exe - ok
00:58:05.0448 3716 [ A5CBDC87E694154F90DBA134733E7E8B ] C:\WINDOWS\System32\brcpl.dll
00:58:05.0448 3716 C:\WINDOWS\System32\brcpl.dll - ok
00:58:05.0463 3716 [ 4E3FAB0CD6EC62BEDBB19B8A4DF200E5 ] C:\Program Files\Sage\Peachtree\PeachtreeBackup.exe
00:58:05.0463 3716 C:\Program Files\Sage\Peachtree\PeachtreeBackup.exe - ok
00:58:05.0463 3716 [ FA3BB3C9108F74D10D178DE0EE4F5C8B ] C:\Program Files\Sage\Peachtree\peachw.exe
00:58:05.0463 3716 C:\Program Files\Sage\Peachtree\peachw.exe - ok
00:58:05.0479 3716 [ 8BE000F9A0B0FF7194AAEFB02C9BDE99 ] C:\WINDOWS\System32\wer.dll
00:58:05.0479 3716 C:\WINDOWS\System32\wer.dll - ok
00:58:05.0479 3716 [ 254AC97C9AF4DDF3F5F57855198527B7 ] C:\WINDOWS\System32\wermgr.exe
00:58:05.0479 3716 C:\WINDOWS\System32\wermgr.exe - ok
00:58:05.0479 3716 [ FEA6D21F78922D641A0C9346D885133B ] C:\WINDOWS\System32\mssprxy.dll
00:58:05.0479 3716 C:\WINDOWS\System32\mssprxy.dll - ok
00:58:05.0495 3716 [ F0062778F50838145AC46B384FFB4FA3 ] C:\WINDOWS\System32\pcadm.dll
00:58:05.0495 3716 C:\WINDOWS\System32\pcadm.dll - ok
00:58:05.0495 3716 [ 304160DEB2D59721E38D807A99C74298 ] C:\WINDOWS\System32\osuninst.dll
00:58:05.0495 3716 C:\WINDOWS\System32\osuninst.dll - ok
00:58:05.0510 3716 [ 86596778315062303F4F69B70D6E54B4 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
00:58:05.0510 3716 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll - ok
00:58:05.0510 3716 [ F21F255B91CA4F04E4250DECD2067CBB ] C:\WINDOWS\System32\bitsperf.dll
00:58:05.0510 3716 C:\WINDOWS\System32\bitsperf.dll - ok
00:58:05.0526 3716 [ BB44CEE22800862E666974E7B14A1111 ] C:\WINDOWS\System32\uexfat.dll
00:58:05.0526 3716 C:\WINDOWS\System32\uexfat.dll - ok
00:58:05.0526 3716 ============================================================
00:58:05.0526 3716 Scan finished
00:58:05.0526 3716 ============================================================
00:58:05.0541 3524 Detected object count: 4
00:58:05.0541 3524 Actual detected object count: 4
01:00:16.0510 3524 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:00:16.0510 3524 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:00:16.0510 3524 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
01:00:16.0510 3524 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:00:16.0510 3524 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:00:16.0510 3524 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 - ok
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
01:00:42.0437 3644 Deinitialize success


I'll be sure not use the laptop until we can figure this out.
  • 0

#66
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Hi CZ2761,

I'll be sure not use the laptop until we can figure this out.


Thank you. I really appreciate your compliance! :thumbsup:

It appears that the last scan found what we were looking for. That's a nasty little booger lurking in the shadows and fairly new. :happy:

00:58:05.0541 3524 Detected object count: 4
00:58:05.0541 3524 Actual detected object count: 4
01:00:16.0510 3524 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:00:16.0510 3524 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:00:16.0510 3524 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
01:00:16.0510 3524 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:00:16.0510 3524 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
01:00:16.0510 3524 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 - ok
01:00:16.0556 3524 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
01:00:42.0437 3644 Deinitialize success


Please re-scan with TDSSKiller and this time when presented, click Cure or Delete and allow your laptop to reboot. Please post the log that is generated for my viewing pleasure.

:ph34r:
  • 0

#67
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Here it is!!! :thumbsup:

10:05:02.0864 3748 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:05:04.0892 3748 ============================================================
10:05:04.0892 3748 Current date / time: 2014/01/06 10:05:04.0892
10:05:04.0892 3748 SystemInfo:
10:05:04.0892 3748
10:05:04.0892 3748 OS Version: 6.0.6002 ServicePack: 2.0
10:05:04.0892 3748 Product type: Workstation
10:05:04.0892 3748 ComputerName: CHRIS-PC
10:05:04.0892 3748 UserName: Chris
10:05:04.0892 3748 Windows directory: C:\Windows
10:05:04.0892 3748 System windows directory: C:\Windows
10:05:04.0892 3748 Processor architecture: Intel x86
10:05:04.0892 3748 Number of processors: 2
10:05:04.0892 3748 Page size: 0x1000
10:05:04.0892 3748 Boot type: Normal boot
10:05:04.0892 3748 ============================================================
10:05:07.0154 3748 BG loaded
10:05:07.0950 3748 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:05:07.0981 3748 ============================================================
10:05:07.0981 3748 \Device\Harddisk0\DR0:
10:05:07.0996 3748 MBR partitions:
10:05:07.0996 3748 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BCEAFC1
10:05:07.0996 3748 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BCEB000, BlocksNum 0x14D9000
10:05:07.0996 3748 ============================================================
10:05:08.0168 3748 C: <-> \Device\Harddisk0\DR0\Partition1
10:05:08.0355 3748 D: <-> \Device\Harddisk0\DR0\Partition2
10:05:08.0355 3748 ============================================================
10:05:08.0355 3748 Initialize success
10:05:08.0355 3748 ============================================================
10:05:25.0641 2532 ============================================================
10:05:25.0641 2532 Scan started
10:05:25.0641 2532 Mode: Manual; SigCheck; TDLFS;
10:05:25.0641 2532 ============================================================
10:05:34.0455 2532 ================ Scan system memory ========================
10:05:34.0455 2532 System memory - ok
10:05:34.0455 2532 ================ Scan services =============================
10:05:40.0585 2532 [ 3B10711AD8656C097E0D16A41B29C54C ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
10:05:40.0773 2532 Accelerometer - ok
10:05:40.0897 2532 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
10:05:40.0991 2532 ACPI - ok
10:05:41.0553 2532 [ D2523D28674B03976AFC1AB6EF712F27 ] acsint C:\Windows\system32\DRIVERS\acsint.sys
10:05:41.0662 2532 acsint - ok
10:05:42.0411 2532 [ 9A7D29DAE24A01DCD33D8F563559B3AB ] acsmux C:\Windows\system32\DRIVERS\acsmux.sys
10:05:42.0598 2532 acsmux - ok
10:05:43.0160 2532 [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:05:43.0472 2532 AdobeFlashPlayerUpdateSvc - ok
10:05:43.0738 2532 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:05:43.0956 2532 adp94xx - ok
10:05:44.0252 2532 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:05:44.0315 2532 adpahci - ok
10:05:44.0393 2532 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
10:05:44.0455 2532 adpu160m - ok
10:05:44.0564 2532 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:05:44.0674 2532 adpu320 - ok
10:05:44.0908 2532 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:06:49.0648 2532 AeLookupSvc - ok
10:06:52.0705 2532 [ EF1142512BEC12F1C2C87735DA1755BE ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe
10:06:54.0593 2532 AESTFilters - ok
10:06:55.0014 2532 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
10:06:56.0558 2532 AFD - ok
10:06:57.0011 2532 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:06:57.0120 2532 agp440 - ok
10:06:57.0370 2532 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
10:06:57.0448 2532 aic78xx - ok
10:06:57.0650 2532 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
10:07:11.0768 2532 ALG - ok
10:07:12.0236 2532 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
10:07:13.0219 2532 aliide - ok
10:07:13.0516 2532 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
10:07:13.0609 2532 amdagp - ok
10:07:13.0640 2532 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
10:07:13.0843 2532 amdide - ok
10:07:13.0968 2532 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
10:07:14.0405 2532 AmdK7 - ok
10:07:14.0545 2532 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:07:14.0810 2532 AmdK8 - ok
10:07:15.0154 2532 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
10:07:18.0383 2532 Appinfo - ok
10:07:19.0054 2532 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:07:19.0428 2532 Apple Mobile Device - ok
10:07:19.0802 2532 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
10:07:19.0818 2532 arc - ok
10:07:20.0036 2532 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:07:20.0224 2532 arcsas - ok
10:07:20.0676 2532 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:07:20.0738 2532 aswMonFlt - ok
10:07:20.0770 2532 [ B269C41DF93EFF71DF0986BD982D1C46 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
10:07:20.0879 2532 aswRdr - ok
10:07:21.0004 2532 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:07:21.0050 2532 aswRvrt - ok
10:07:21.0440 2532 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:07:21.0737 2532 aswSnx - ok
10:07:22.0220 2532 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:07:22.0517 2532 aswSP - ok
10:07:22.0564 2532 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
10:07:22.0595 2532 aswTdi - ok
10:07:22.0704 2532 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:07:22.0798 2532 aswVmm - ok
10:07:22.0922 2532 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:07:23.0047 2532 AsyncMac - ok
10:07:23.0234 2532 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
10:07:23.0266 2532 atapi - ok
10:07:23.0702 2532 [ 99FDF0E65F82C0E47BC04363C09DE146 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
10:07:25.0980 2532 Ati External Event Utility - ok
10:07:27.0166 2532 [ E8044E9976D43B1D00EADE351E447349 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:07:27.0727 2532 atikmdag - ok
10:07:27.0836 2532 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:07:27.0946 2532 AudioEndpointBuilder - ok
10:07:27.0977 2532 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
10:07:28.0024 2532 Audiosrv - ok
10:07:28.0351 2532 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:07:28.0367 2532 avast! Antivirus - ok
10:07:29.0334 2532 [ A2CD1468BB0E796726DA95E95F87A715 ] BCM43XV C:\Windows\system32\DRIVERS\bcmwl6.sys
10:07:29.0896 2532 BCM43XV - ok
10:07:30.0800 2532 [ A2CD1468BB0E796726DA95E95F87A715 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
10:07:30.0988 2532 BCM43XX - ok
10:07:31.0112 2532 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
10:07:31.0253 2532 Beep - ok
10:07:31.0456 2532 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
10:07:31.0690 2532 BFE - ok
10:07:32.0002 2532 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
10:07:32.0594 2532 BITS - ok
10:07:32.0844 2532 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:07:32.0938 2532 blbdrive - ok
10:07:33.0858 2532 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:07:34.0466 2532 Bonjour Service - ok
10:07:34.0997 2532 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:07:35.0496 2532 bowser - ok
10:07:35.0777 2532 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
10:07:36.0011 2532 BrFiltLo - ok
10:07:36.0557 2532 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
10:07:36.0650 2532 BrFiltUp - ok
10:07:36.0760 2532 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
10:07:36.0822 2532 Browser - ok
10:07:37.0040 2532 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
10:07:40.0488 2532 Brserid - ok
10:07:41.0065 2532 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
10:07:41.0174 2532 BrSerWdm - ok
10:07:41.0627 2532 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
10:07:41.0814 2532 BrUsbMdm - ok
10:07:42.0095 2532 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
10:07:42.0251 2532 BrUsbSer - ok
10:07:42.0298 2532 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:07:42.0516 2532 BthEnum - ok
10:07:42.0578 2532 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:07:42.0656 2532 BTHMODEM - ok
10:07:42.0719 2532 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:07:42.0781 2532 BthPan - ok
10:07:42.0922 2532 [ 671134053D59E23704F08DB19F11E10B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:07:43.0109 2532 BTHPORT - ok
10:07:43.0156 2532 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
10:07:43.0296 2532 BthServ - ok
10:07:43.0343 2532 [ 93D7007E2C660DFCCA6AE72622740B14 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:07:43.0421 2532 BTHUSB - ok
10:07:43.0452 2532 catchme - ok
10:07:43.0530 2532 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:07:43.0624 2532 cdfs - ok
10:07:43.0655 2532 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:07:43.0702 2532 cdrom - ok
10:07:43.0826 2532 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
10:07:43.0951 2532 CertPropSvc - ok
10:07:43.0982 2532 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:07:44.0045 2532 circlass - ok
10:07:44.0092 2532 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
10:07:44.0138 2532 CLFS - ok
10:07:44.0294 2532 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:07:44.0372 2532 clr_optimization_v2.0.50727_32 - ok
10:07:44.0684 2532 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:07:44.0872 2532 clr_optimization_v4.0.30319_32 - ok
10:07:44.0950 2532 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:07:45.0012 2532 CmBatt - ok
10:07:45.0043 2532 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:07:45.0059 2532 cmdide - ok
10:07:45.0464 2532 [ DF855C726818A71A14A0D6FAD8EDDC37 ] CodeMeter.exe C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
10:07:46.0619 2532 CodeMeter.exe - ok
10:07:46.0822 2532 [ 7795F8CEBC284A426B53F541E538695F ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
10:07:46.0946 2532 Com4QLBEx - ok
10:07:46.0993 2532 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:07:47.0024 2532 Compbatt - ok
10:07:47.0024 2532 COMSysApp - ok
10:07:47.0087 2532 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:07:47.0118 2532 crcdisk - ok
10:07:47.0321 2532 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
10:07:47.0992 2532 Crusoe - ok
10:07:48.0163 2532 [ 684C130BBC6DB681BAD4920A4C944AA5 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:07:48.0350 2532 CryptSvc - ok
10:07:48.0569 2532 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:07:48.0787 2532 DcomLaunch - ok
10:07:48.0865 2532 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:07:49.0006 2532 DfsC - ok
10:07:49.0848 2532 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
10:07:50.0269 2532 DFSR - ok
10:07:50.0581 2532 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
10:07:50.0644 2532 Dhcp - ok
10:07:50.0753 2532 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
10:07:50.0800 2532 disk - ok
10:07:50.0893 2532 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:07:51.0252 2532 Dnscache - ok
10:07:51.0330 2532 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:07:51.0455 2532 dot3svc - ok
10:07:51.0548 2532 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
10:07:51.0626 2532 DPS - ok
10:07:51.0845 2532 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:07:51.0970 2532 drmkaud - ok
10:07:52.0048 2532 [ 988670D8343EF9835FB3659DB71B2EFA ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:07:52.0188 2532 DXGKrnl - ok
10:07:52.0297 2532 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
10:07:52.0391 2532 E1G60 - ok
10:07:52.0484 2532 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
10:07:52.0547 2532 EapHost - ok
10:07:52.0718 2532 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
10:07:52.0843 2532 Ecache - ok
10:07:53.0077 2532 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:07:53.0405 2532 ehRecvr - ok
10:07:53.0452 2532 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
10:07:53.0576 2532 ehSched - ok
10:07:53.0654 2532 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
10:07:53.0701 2532 ehstart - ok
10:07:53.0888 2532 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:07:54.0013 2532 elxstor - ok
10:07:54.0185 2532 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
10:07:54.0731 2532 EMDMgmt - ok
10:07:54.0934 2532 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] enecir C:\Windows\system32\DRIVERS\enecir.sys
10:07:55.0074 2532 enecir - ok
10:07:55.0199 2532 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:07:55.0402 2532 ErrDev - ok
10:07:55.0589 2532 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
10:07:55.0636 2532 EventSystem - ok
10:07:55.0823 2532 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
10:07:55.0916 2532 exfat - ok
10:07:55.0948 2532 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:07:56.0057 2532 fastfat - ok
10:07:56.0150 2532 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:07:56.0291 2532 fdc - ok
10:07:56.0338 2532 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
10:07:56.0416 2532 fdPHost - ok
10:07:56.0447 2532 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
10:07:56.0494 2532 FDResPub - ok
10:07:56.0587 2532 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:07:56.0618 2532 FileInfo - ok
10:07:56.0650 2532 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:07:56.0712 2532 Filetrace - ok
10:07:56.0759 2532 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:07:56.0821 2532 flpydisk - ok
10:07:56.0899 2532 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:07:56.0946 2532 FltMgr - ok
10:07:57.0274 2532 [ 2AFA3A46986AE935DAECEBC7E66314CF ] FontCache C:\Windows\system32\FntCache.dll
10:07:57.0352 2532 FontCache - ok
10:07:57.0492 2532 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:07:57.0523 2532 FontCache3.0.0.0 - ok
10:07:57.0554 2532 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:07:57.0648 2532 Fs_Rec - ok
10:07:57.0695 2532 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:07:57.0742 2532 gagp30kx - ok
10:07:57.0898 2532 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:07:57.0913 2532 GEARAspiWDM - ok
10:07:58.0022 2532 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
10:07:58.0100 2532 gpsvc - ok
10:07:58.0225 2532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:07:58.0272 2532 gupdate - ok
10:07:58.0288 2532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:07:58.0319 2532 gupdatem - ok
10:07:58.0506 2532 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:07:58.0709 2532 gusvc - ok
10:07:58.0818 2532 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:07:58.0927 2532 HdAudAddService - ok
10:07:59.0052 2532 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:07:59.0161 2532 HDAudBus - ok
10:07:59.0192 2532 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:07:59.0239 2532 HidBth - ok
10:07:59.0270 2532 [ D8DF3722D5E961BAA1292AA2F12827E2 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:07:59.0333 2532 HidIr - ok
10:07:59.0364 2532 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
10:07:59.0426 2532 hidserv - ok
10:07:59.0458 2532 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:07:59.0489 2532 HidUsb - ok
10:07:59.0520 2532 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:07:59.0567 2532 hkmsvc - ok
10:07:59.0660 2532 [ D13E6BFD7E9189D26A42E94CB2447044 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
10:07:59.0707 2532 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
10:07:59.0707 2532 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
10:07:59.0738 2532 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
10:07:59.0770 2532 HpCISSs - ok
10:07:59.0832 2532 [ 24F3F496C18EFC234777723A67A85F81 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
10:07:59.0848 2532 hpdskflt - ok
10:07:59.0894 2532 [ 35956140E686D53BF676CF0C778880FC ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
10:07:59.0926 2532 HpqKbFiltr - ok
10:07:59.0957 2532 [ 115C0933B3ED51DFBEC4449348C8065B ] HpqRemHid C:\Windows\system32\DRIVERS\HpqRemHid.sys
10:08:00.0175 2532 HpqRemHid - ok
10:08:00.0300 2532 [ D50FDAD1E57AA60F1973CFC77D905F0E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
10:08:00.0316 2532 hpqwmiex - ok
10:08:00.0331 2532 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] hpsrv C:\Windows\system32\Hpservice.exe
10:08:00.0378 2532 hpsrv - ok
10:08:00.0503 2532 [ 974A1F783ED34588B45FAD6375077BA6 ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
10:08:00.0518 2532 HPSupportSolutionsFrameworkService - ok
10:08:00.0581 2532 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
10:08:00.0643 2532 HSFHWAZL - ok
10:08:00.0862 2532 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
10:08:01.0236 2532 HSF_DPV - ok
10:08:01.0314 2532 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:08:01.0969 2532 HTTP - ok
10:08:02.0032 2532 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
10:08:02.0047 2532 i2omp - ok
10:08:02.0125 2532 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:08:02.0172 2532 i8042prt - ok
10:08:02.0219 2532 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
10:08:02.0281 2532 iaStorV - ok
10:08:02.0390 2532 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:08:02.0453 2532 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:08:02.0453 2532 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:08:02.0671 2532 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:08:02.0812 2532 idsvc - ok
10:08:02.0827 2532 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:08:02.0843 2532 iirsp - ok
10:08:03.0014 2532 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 ] IKEEXT C:\Windows\System32\ikeext.dll
10:08:03.0061 2532 IKEEXT - ok
10:08:03.0139 2532 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
10:08:03.0170 2532 intelide - ok
10:08:03.0217 2532 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:08:03.0264 2532 intelppm - ok
10:08:03.0311 2532 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:08:03.0358 2532 IPBusEnum - ok
10:08:03.0389 2532 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:08:03.0467 2532 IpFilterDriver - ok
10:08:03.0529 2532 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:08:03.0545 2532 iphlpsvc - ok
10:08:03.0560 2532 IpInIp - ok
10:08:03.0623 2532 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
10:08:03.0654 2532 IPMIDRV - ok
10:08:03.0670 2532 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
10:08:03.0716 2532 IPNAT - ok
10:08:04.0013 2532 [ C00149A7027081539A66DC5A46695EAD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:08:04.0418 2532 iPod Service - ok
10:08:04.0559 2532 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:08:04.0652 2532 IRENUM - ok
10:08:04.0777 2532 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:08:04.0808 2532 isapnp - ok
10:08:04.0918 2532 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
10:08:04.0964 2532 iScsiPrt - ok
10:08:04.0996 2532 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
10:08:05.0011 2532 iteatapi - ok
10:08:05.0074 2532 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
10:08:05.0120 2532 iteraid - ok
10:08:05.0198 2532 [ DEDB6CC1B166928A8F3F68DEF1766DB0 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
10:08:05.0245 2532 JMCR - ok
10:08:05.0276 2532 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:08:05.0292 2532 kbdclass - ok
10:08:05.0354 2532 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:08:05.0417 2532 kbdhid - ok
10:08:05.0464 2532 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
10:08:05.0557 2532 KeyIso - ok
10:08:05.0635 2532 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:08:05.0744 2532 KSecDD - ok
10:08:05.0885 2532 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
10:08:06.0119 2532 KtmRm - ok
10:08:06.0166 2532 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
10:08:06.0259 2532 LanmanServer - ok
10:08:06.0368 2532 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:08:06.0914 2532 LanmanWorkstation - ok
10:08:06.0961 2532 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:08:06.0992 2532 lltdio - ok
10:08:07.0024 2532 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:08:07.0102 2532 lltdsvc - ok
10:08:07.0117 2532 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:08:07.0164 2532 lmhosts - ok
10:08:07.0211 2532 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:08:07.0258 2532 LSI_FC - ok
10:08:07.0289 2532 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:08:07.0304 2532 LSI_SAS - ok
10:08:07.0351 2532 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:08:07.0382 2532 LSI_SCSI - ok
10:08:07.0398 2532 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
10:08:07.0445 2532 luafv - ok
10:08:07.0554 2532 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
10:08:07.0585 2532 MBAMSwissArmy - ok
10:08:07.0632 2532 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:08:07.0679 2532 Mcx2Svc - ok
10:08:07.0741 2532 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
10:08:07.0772 2532 megasas - ok
10:08:07.0819 2532 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
10:08:07.0866 2532 MegaSR - ok
10:08:08.0162 2532 Microsoft SharePoint Workspace Audit Service - ok
10:08:08.0209 2532 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
10:08:08.0240 2532 MMCSS - ok
10:08:08.0256 2532 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
10:08:08.0318 2532 Modem - ok
10:08:08.0396 2532 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:08:08.0506 2532 monitor - ok
10:08:08.0506 2532 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:08:08.0552 2532 mouclass - ok
10:08:08.0599 2532 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:08:08.0630 2532 mouhid - ok
10:08:08.0662 2532 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
10:08:08.0677 2532 MountMgr - ok
10:08:08.0724 2532 [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:08:08.0755 2532 MozillaMaintenance - ok
10:08:08.0818 2532 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
10:08:08.0833 2532 mpio - ok
10:08:08.0849 2532 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:08:08.0911 2532 mpsdrv - ok
10:08:08.0974 2532 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
10:08:09.0052 2532 MpsSvc - ok
10:08:09.0098 2532 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
10:08:09.0114 2532 Mraid35x - ok
10:08:09.0145 2532 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:08:09.0192 2532 MRxDAV - ok
10:08:09.0239 2532 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:08:09.0332 2532 mrxsmb - ok
10:08:09.0395 2532 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:08:09.0488 2532 mrxsmb10 - ok
10:08:09.0504 2532 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:08:09.0535 2532 mrxsmb20 - ok
10:08:09.0598 2532 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
10:08:09.0629 2532 msahci - ok
10:08:09.0660 2532 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:08:09.0691 2532 msdsm - ok
10:08:09.0707 2532 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
10:08:09.0738 2532 MSDTC - ok
10:08:09.0863 2532 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:08:09.0925 2532 Msfs - ok
10:08:10.0019 2532 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:08:10.0034 2532 msisadrv - ok
10:08:10.0097 2532 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:08:10.0222 2532 MSiSCSI - ok
10:08:10.0237 2532 msiserver - ok
10:08:10.0300 2532 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:08:10.0346 2532 MSKSSRV - ok
10:08:10.0424 2532 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:08:10.0456 2532 MSPCLOCK - ok
10:08:10.0471 2532 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:08:10.0502 2532 MSPQM - ok
10:08:10.0549 2532 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:08:10.0596 2532 MsRPC - ok
10:08:10.0643 2532 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:08:10.0674 2532 mssmbios - ok
10:08:10.0690 2532 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:08:10.0721 2532 MSTEE - ok
10:08:10.0768 2532 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
10:08:10.0799 2532 Mup - ok
10:08:10.0861 2532 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
10:08:10.0908 2532 napagent - ok
10:08:11.0017 2532 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:08:11.0064 2532 NativeWifiP - ok
10:08:11.0173 2532 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:08:11.0376 2532 NDIS - ok
10:08:11.0423 2532 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:08:11.0470 2532 NdisTapi - ok
10:08:11.0485 2532 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:08:11.0516 2532 Ndisuio - ok
10:08:11.0563 2532 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:08:11.0610 2532 NdisWan - ok
10:08:11.0672 2532 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:08:11.0704 2532 NDProxy - ok
10:08:11.0719 2532 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:08:11.0782 2532 NetBIOS - ok
10:08:11.0828 2532 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
10:08:11.0875 2532 netbt - ok
10:08:11.0906 2532 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
10:08:11.0922 2532 Netlogon - ok
10:08:12.0000 2532 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
10:08:12.0078 2532 Netman - ok
10:08:12.0125 2532 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
10:08:12.0172 2532 netprofm - ok
10:08:12.0218 2532 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:08:12.0265 2532 NetTcpPortSharing - ok
10:08:12.0889 2532 [ 8DE67BD902095A13329FD82C85A1FA09 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
10:08:13.0342 2532 NETw5v32 - ok
10:08:13.0373 2532 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:08:13.0388 2532 nfrd960 - ok
10:08:13.0435 2532 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:08:13.0466 2532 NlaSvc - ok
10:08:13.0482 2532 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:08:13.0513 2532 Npfs - ok
10:08:13.0560 2532 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
10:08:13.0591 2532 nsi - ok
10:08:13.0622 2532 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:08:13.0669 2532 nsiproxy - ok
10:08:13.0810 2532 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:08:13.0903 2532 Ntfs - ok
10:08:13.0934 2532 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
10:08:13.0981 2532 ntrigdigi - ok
10:08:13.0997 2532 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
10:08:14.0059 2532 Null - ok
10:08:14.0215 2532 [ 1657F3FBD9061526C14FF37E79306F98 ] NVENETFD C:\Windows\system32\DRIVERS\nvm60x32.sys
10:08:14.0340 2532 NVENETFD - ok
10:08:14.0387 2532 [ F972DC046C374A9E02F2DFBE74EBB203 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
10:08:14.0418 2532 NVHDA - ok
10:08:15.0682 2532 [ 6C1C07916A4FED3E26BF399F07370986 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:08:16.0540 2532 nvlddmkm - ok
10:08:16.0571 2532 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:08:16.0602 2532 nvraid - ok
10:08:16.0602 2532 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:08:16.0633 2532 nvstor - ok
10:08:16.0680 2532 [ 029DF21EB9FC3FF0D628278774C99DC0 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:08:16.0727 2532 nvsvc - ok
10:08:16.0742 2532 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:08:16.0789 2532 nv_agp - ok
10:08:16.0820 2532 NwlnkFlt - ok
10:08:16.0820 2532 NwlnkFwd - ok
10:08:16.0898 2532 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
10:08:16.0930 2532 ohci1394 - ok
10:08:17.0054 2532 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:17.0132 2532 ose - ok
10:08:17.0772 2532 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:08:18.0973 2532 osppsvc - ok
10:08:19.0098 2532 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
10:08:19.0504 2532 p2pimsvc - ok
10:08:19.0550 2532 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
10:08:20.0174 2532 p2psvc - ok
10:08:20.0237 2532 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
10:08:20.0284 2532 Parport - ok
10:08:20.0315 2532 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:08:20.0330 2532 partmgr - ok
10:08:20.0362 2532 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
10:08:20.0424 2532 Parvdm - ok
10:08:20.0455 2532 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
10:08:20.0564 2532 PcaSvc - ok
10:08:20.0627 2532 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
10:08:20.0658 2532 pci - ok
10:08:20.0689 2532 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
10:08:20.0705 2532 pciide - ok
10:08:20.0767 2532 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:08:20.0830 2532 pcmcia - ok
10:08:21.0298 2532 [ 1AC0F275C583C3323FC36865914774B3 ] Peachtree SmartPosting 2011 C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe
10:08:21.0469 2532 Peachtree SmartPosting 2011 - ok
10:08:21.0672 2532 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:08:21.0906 2532 PEAUTH - ok
10:08:22.0312 2532 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
10:08:22.0592 2532 pla - ok
10:08:22.0670 2532 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:08:22.0717 2532 PlugPlay - ok
10:08:22.0826 2532 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
10:08:23.0170 2532 PNRPAutoReg - ok
10:08:23.0513 2532 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
10:08:23.0575 2532 PNRPsvc - ok
10:08:23.0638 2532 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:08:23.0762 2532 PolicyAgent - ok
10:08:23.0794 2532 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:08:23.0856 2532 PptpMiniport - ok
10:08:23.0903 2532 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
10:08:23.0950 2532 Processor - ok
10:08:24.0028 2532 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
10:08:24.0043 2532 ProfSvc - ok
10:08:24.0059 2532 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:08:24.0074 2532 ProtectedStorage - ok
10:08:24.0121 2532 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
10:08:24.0152 2532 PSched - ok
10:08:24.0402 2532 [ 1BA47BDD47A62F6E6B56BE4ECF221BE3 ] psqlWGE C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
10:08:24.0449 2532 psqlWGE - ok
10:08:24.0589 2532 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:08:24.0714 2532 ql2300 - ok
10:08:24.0745 2532 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:08:24.0776 2532 ql40xx - ok
10:08:25.0120 2532 [ 6803B69C14696CC4907C5F77FBB04A14 ] QPCapSvc C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
10:08:25.0135 2532 QPCapSvc - ok
10:08:25.0166 2532 [ 95A0B86B9F1D27B613830864341A8252 ] QPSched C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
10:08:25.0166 2532 QPSched - ok
10:08:25.0198 2532 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
10:08:25.0244 2532 QWAVE - ok
10:08:25.0260 2532 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:08:25.0276 2532 QWAVEdrv - ok
10:08:25.0291 2532 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:08:25.0338 2532 RasAcd - ok
10:08:25.0385 2532 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
10:08:25.0432 2532 RasAuto - ok
10:08:25.0463 2532 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:08:25.0494 2532 Rasl2tp - ok
10:08:25.0541 2532 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
10:08:25.0572 2532 RasMan - ok
10:08:25.0619 2532 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:08:25.0650 2532 RasPppoe - ok
10:08:25.0681 2532 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:08:25.0697 2532 RasSstp - ok
10:08:25.0759 2532 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:08:25.0806 2532 rdbss - ok
10:08:25.0837 2532 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:08:25.0884 2532 RDPCDD - ok
10:08:25.0900 2532 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
10:08:25.0931 2532 rdpdr - ok
10:08:25.0946 2532 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:08:25.0993 2532 RDPENCDD - ok
10:08:26.0024 2532 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:08:26.0087 2532 RDPWD - ok
10:08:26.0180 2532 [ B9570481A1BABCC4A9E941C553596077 ] Recovery Service for Windows C:\Windows\SMINST\BLService.exe
10:08:26.0196 2532 Recovery Service for Windows - ok
10:08:26.0243 2532 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:08:26.0321 2532 RemoteAccess - ok
10:08:26.0383 2532 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:08:26.0446 2532 RemoteRegistry - ok
10:08:26.0555 2532 [ 34CC78C06587718C2AD6D3AA83B1F072 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:08:26.0602 2532 RFCOMM - ok
10:08:26.0680 2532 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:08:26.0695 2532 RichVideo - ok
10:08:26.0726 2532 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
10:08:26.0742 2532 RpcLocator - ok
10:08:26.0773 2532 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\System32\rpcss.dll
10:08:26.0804 2532 RpcSs - ok
10:08:26.0867 2532 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:08:26.0898 2532 rspndr - ok
10:08:26.0945 2532 [ 7157E70A90CCE49DEB8885D23A073A39 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
10:08:26.0992 2532 RTL8169 - ok
10:08:27.0007 2532 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
10:08:27.0023 2532 SamSs - ok
10:08:27.0054 2532 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:08:27.0085 2532 sbp2port - ok
10:08:27.0116 2532 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:08:27.0148 2532 SCardSvr - ok
10:08:27.0179 2532 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
10:08:27.0210 2532 Schedule - ok
10:08:27.0241 2532 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:08:27.0257 2532 SCPolicySvc - ok
10:08:27.0319 2532 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:08:27.0350 2532 sdbus - ok
10:08:27.0397 2532 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:08:27.0428 2532 SDRSVC - ok
10:08:27.0460 2532 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:08:27.0491 2532 secdrv - ok
10:08:27.0506 2532 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
10:08:27.0553 2532 seclogon - ok
10:08:27.0569 2532 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
10:08:27.0616 2532 SENS - ok
10:08:27.0631 2532 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
10:08:27.0694 2532 Serenum - ok
10:08:27.0709 2532 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
10:08:27.0772 2532 Serial - ok
10:08:27.0787 2532 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:08:27.0818 2532 sermouse - ok
10:08:27.0850 2532 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
10:08:27.0896 2532 SessionEnv - ok
10:08:27.0896 2532 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:08:27.0928 2532 sffdisk - ok
10:08:27.0928 2532 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:08:27.0974 2532 sffp_mmc - ok
10:08:27.0990 2532 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:08:28.0037 2532 sffp_sd - ok
10:08:28.0052 2532 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:08:28.0099 2532 sfloppy - ok
10:08:28.0130 2532 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:08:28.0177 2532 SharedAccess - ok
10:08:28.0208 2532 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:08:28.0271 2532 ShellHWDetection - ok
10:08:28.0302 2532 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
10:08:28.0318 2532 sisagp - ok
10:08:28.0333 2532 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
10:08:28.0349 2532 SiSRaid2 - ok
10:08:28.0364 2532 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:08:28.0380 2532 SiSRaid4 - ok
10:08:28.0427 2532 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:08:28.0442 2532 SkypeUpdate - ok
10:08:28.0536 2532 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
10:08:28.0614 2532 slsvc - ok
10:08:28.0676 2532 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
10:08:28.0723 2532 SLUINotify - ok
10:08:28.0786 2532 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:08:28.0817 2532 Smb - ok
10:08:28.0879 2532 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:08:28.0895 2532 SNMPTRAP - ok
10:08:28.0926 2532 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
10:08:28.0942 2532 spldr - ok
10:08:28.0973 2532 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
10:08:29.0004 2532 Spooler - ok
10:08:29.0051 2532 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\Windows\System32\Drivers\sptd.sys
10:08:29.0098 2532 sptd - ok
10:08:29.0129 2532 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:08:29.0176 2532 srv - ok
10:08:29.0207 2532 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:08:29.0238 2532 srv2 - ok
10:08:29.0254 2532 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:08:29.0269 2532 srvnet - ok
10:08:29.0300 2532 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:08:29.0347 2532 SSDPSRV - ok
10:08:29.0410 2532 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:08:29.0425 2532 SstpSvc - ok
10:08:29.0550 2532 [ E6F7D35741A6239CE7B54D7665EAB523 ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe
10:08:29.0597 2532 STacSV - ok
10:08:29.0659 2532 [ A87A39F9B42D82F5D60D36BB1D3CC9D3 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
10:08:29.0706 2532 Steam Client Service - ok
10:08:29.0784 2532 [ 5E71B3635D5F96D23EEE1DA92B85C850 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
10:08:29.0831 2532 STHDA - ok
10:08:29.0893 2532 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
10:08:29.0940 2532 stisvc - ok
10:08:30.0002 2532 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:08:30.0018 2532 swenum - ok
10:08:30.0049 2532 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
10:08:30.0112 2532 swprv - ok
10:08:30.0127 2532 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
10:08:30.0143 2532 Symc8xx - ok
10:08:30.0158 2532 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
10:08:30.0174 2532 Sym_hi - ok
10:08:30.0190 2532 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
10:08:30.0190 2532 Sym_u3 - ok
10:08:30.0221 2532 [ BF7AA84D5AF0FAA0978C840E63B17DBF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
10:08:30.0236 2532 SynTP - ok
10:08:30.0283 2532 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
10:08:30.0346 2532 SysMain - ok
10:08:30.0361 2532 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:08:30.0392 2532 TabletInputService - ok
10:08:30.0424 2532 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:08:30.0486 2532 TapiSrv - ok
10:08:30.0502 2532 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
10:08:30.0548 2532 TBS - ok
10:08:30.0595 2532 [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:08:30.0642 2532 Tcpip - ok
10:08:30.0673 2532 [ D18D53974FD715D50FC76F9FFE1C830D ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
10:08:30.0704 2532 Tcpip6 - ok
10:08:30.0736 2532 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:08:30.0798 2532 tcpipreg - ok
10:08:30.0814 2532 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:08:30.0845 2532 TDPIPE - ok
10:08:30.0907 2532 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:08:30.0923 2532 TDTCP - ok
10:08:30.0970 2532 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:08:31.0001 2532 tdx - ok
10:08:31.0016 2532 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:08:31.0032 2532 TermDD - ok
10:08:31.0048 2532 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
10:08:31.0110 2532 TermService - ok
10:08:31.0157 2532 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
10:08:31.0188 2532 Themes - ok
10:08:31.0204 2532 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
10:08:31.0235 2532 THREADORDER - ok
10:08:31.0266 2532 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
10:08:31.0313 2532 TrkWks - ok
10:08:31.0344 2532 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:08:31.0375 2532 TrustedInstaller - ok
10:08:31.0391 2532 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:08:31.0422 2532 tssecsrv - ok
10:08:31.0469 2532 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
10:08:31.0500 2532 tunmp - ok
10:08:31.0531 2532 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:08:31.0531 2532 tunnel - ok
10:08:31.0547 2532 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:08:31.0562 2532 uagp35 - ok
10:08:31.0609 2532 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:08:31.0656 2532 udfs - ok
10:08:31.0703 2532 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:08:31.0781 2532 UI0Detect - ok
10:08:31.0812 2532 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:08:31.0859 2532 uliagpkx - ok
10:08:31.0874 2532 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
10:08:31.0906 2532 uliahci - ok
10:08:31.0921 2532 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
10:08:31.0937 2532 UlSata - ok
10:08:31.0937 2532 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
10:08:31.0952 2532 ulsata2 - ok
10:08:31.0968 2532 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:08:32.0015 2532 umbus - ok
10:08:32.0046 2532 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
10:08:32.0108 2532 upnphost - ok
10:08:32.0171 2532 [ 6E421CCC57059B0186C6259CA3B6DFC9 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
10:08:32.0218 2532 USBAAPL - ok
10:08:32.0249 2532 [ AAB0B5F72D2D726FBFDC895A2902DE1D ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:08:32.0296 2532 usbccgp - ok
10:08:32.0327 2532 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:08:32.0374 2532 usbcir - ok
10:08:32.0405 2532 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:08:32.0420 2532 usbehci - ok
10:08:32.0436 2532 [ 2AE6BCEBD85D31317E433733DAF25888 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:08:32.0467 2532 usbhub - ok
10:08:32.0483 2532 [ 7BDB7B0E7D45AC0402D78B90789EF47C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:08:32.0514 2532 usbohci - ok
10:08:32.0545 2532 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:08:32.0592 2532 usbprint - ok
10:08:32.0639 2532 [ 1D714B8497CD68307806D5D3F60A5169 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:08:32.0654 2532 usbscan - ok
10:08:32.0670 2532 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:08:32.0717 2532 USBSTOR - ok
10:08:32.0717 2532 [ 44056325428A8E4C755830426E29878F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:08:32.0732 2532 usbuhci - ok
10:08:32.0764 2532 [ 73FF24E21B690625A58109637DDA0DF7 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
10:08:32.0810 2532 usbvideo - ok
10:08:32.0842 2532 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
10:08:32.0888 2532 UxSms - ok
10:08:32.0920 2532 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
10:08:32.0966 2532 vds - ok
10:08:33.0029 2532 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:08:33.0076 2532 vga - ok
10:08:33.0091 2532 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
10:08:33.0122 2532 VgaSave - ok
10:08:33.0138 2532 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
10:08:33.0154 2532 viaagp - ok
10:08:33.0185 2532 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
10:08:33.0200 2532 ViaC7 - ok
10:08:33.0232 2532 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
10:08:33.0247 2532 viaide - ok
10:08:33.0263 2532 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:08:33.0278 2532 volmgr - ok
10:08:33.0310 2532 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:08:33.0325 2532 volmgrx - ok
10:08:33.0356 2532 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:08:33.0403 2532 volsnap - ok
10:08:33.0434 2532 [ EA39F36302DACBCDCDB113313718E768 ] vpnva C:\Windows\system32\DRIVERS\vpnva.sys
10:08:33.0450 2532 vpnva - ok
10:08:33.0497 2532 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:08:33.0512 2532 vsmraid - ok
10:08:33.0544 2532 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
10:08:33.0622 2532 VSS - ok
10:08:33.0700 2532 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
10:08:33.0731 2532 W32Time - ok
10:08:33.0778 2532 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:08:33.0856 2532 WacomPen - ok
10:08:33.0871 2532 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
10:08:33.0887 2532 Wanarp - ok
10:08:33.0902 2532 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:08:33.0918 2532 Wanarpv6 - ok
10:08:33.0965 2532 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:08:33.0996 2532 wcncsvc - ok
10:08:34.0043 2532 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:08:34.0074 2532 WcsPlugInService - ok
10:08:34.0105 2532 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
10:08:34.0121 2532 Wd - ok
10:08:34.0168 2532 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
10:08:34.0214 2532 WDC_SAM - ok
10:08:34.0246 2532 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:08:34.0292 2532 Wdf01000 - ok
10:08:34.0324 2532 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:08:34.0386 2532 WdiServiceHost - ok
10:08:34.0386 2532 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:08:34.0417 2532 WdiSystemHost - ok
10:08:34.0448 2532 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
10:08:34.0480 2532 WebClient - ok
10:08:34.0511 2532 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:08:34.0542 2532 Wecsvc - ok
10:08:34.0573 2532 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:08:34.0620 2532 wercplsupport - ok
10:08:34.0651 2532 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
10:08:34.0667 2532 WerSvc - ok
10:08:34.0714 2532 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
10:08:34.0792 2532 winachsf - ok
10:08:34.0854 2532 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
10:08:34.0870 2532 WinDefend - ok
10:08:34.0870 2532 WinHttpAutoProxySvc - ok
10:08:34.0916 2532 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:08:34.0948 2532 Winmgmt - ok
10:08:34.0994 2532 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
10:08:35.0072 2532 WinRM - ok
10:08:35.0135 2532 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:08:35.0197 2532 Wlansvc - ok
10:08:35.0244 2532 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:08:35.0275 2532 WmiAcpi - ok
10:08:35.0306 2532 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:08:35.0338 2532 wmiApSrv - ok
10:08:35.0400 2532 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
10:08:35.0447 2532 WMPNetworkSvc - ok
10:08:35.0509 2532 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:08:35.0540 2532 WPCSvc - ok
10:08:35.0572 2532 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:08:35.0603 2532 WPDBusEnum - ok
10:08:35.0650 2532 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
10:08:35.0665 2532 WpdUsb - ok
10:08:35.0821 2532 [ 15673BD0B86150CB8E27766059C72A9B ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:08:35.0868 2532 WPFFontCache_v0400 - ok
10:08:35.0899 2532 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:08:35.0915 2532 ws2ifsl - ok
10:08:35.0962 2532 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
10:08:35.0993 2532 wscsvc - ok
10:08:35.0993 2532 WSearch - ok
10:08:36.0055 2532 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
10:08:36.0211 2532 wuauserv - ok
10:08:36.0305 2532 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:08:36.0320 2532 WudfPf - ok
10:08:36.0367 2532 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:08:36.0398 2532 WUDFRd - ok
10:08:36.0430 2532 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:08:36.0461 2532 wudfsvc - ok
10:08:36.0492 2532 ================ Scan global ===============================
10:08:36.0523 2532 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
10:08:36.0554 2532 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:08:36.0570 2532 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
10:08:36.0601 2532 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
10:08:36.0601 2532 [Global] - ok
10:08:36.0601 2532 ================ Scan MBR ==================================
10:08:36.0617 2532 [ 85D751F0E41B8E520AEE8C07A8DA777B ] \Device\Harddisk0\DR0
10:08:37.0381 2532 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:08:37.0381 2532 \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:08:37.0381 2532 ================ Scan VBR ==================================
10:08:37.0428 2532 [ DB4D8EE477617BFA5508DF2BFD7342D8 ] \Device\Harddisk0\DR0\Partition1
10:08:37.0428 2532 \Device\Harddisk0\DR0\Partition1 - ok
10:08:37.0459 2532 [ 79A1664FF2D5CEAF015F32FB142A4814 ] \Device\Harddisk0\DR0\Partition2
10:08:37.0459 2532 \Device\Harddisk0\DR0\Partition2 - ok
10:08:37.0459 2532 ================ Scan active images ========================
10:08:37.0459 2532 [ 36975327EF03949CC378AB01E316B574 ] C:\WINDOWS\System32\drivers\crashdmp.sys
10:08:37.0459 2532 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
10:08:37.0459 2532 [ C67EBF9C05531C406E1E079FF669A2E6 ] C:\WINDOWS\System32\drivers\Dumpata.sys
10:08:37.0459 2532 C:\WINDOWS\System32\drivers\Dumpata.sys - ok
10:08:37.0475 2532 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] C:\WINDOWS\System32\drivers\msahci.sys
10:08:37.0475 2532 C:\WINDOWS\System32\drivers\msahci.sys - ok
10:08:37.0475 2532 [ 300DB877AC094FEAB0BE7688C3454A9C ] C:\WINDOWS\System32\drivers\tunnel.sys
10:08:37.0475 2532 C:\WINDOWS\System32\drivers\tunnel.sys - ok
10:08:37.0475 2532 [ CAECC0120AC49E3D2F758B9169872D38 ] C:\WINDOWS\System32\drivers\TUNMP.SYS
10:08:37.0475 2532 C:\WINDOWS\System32\drivers\TUNMP.SYS - ok
10:08:37.0490 2532 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] C:\WINDOWS\System32\drivers\CmBatt.sys
10:08:37.0490 2532 C:\WINDOWS\System32\drivers\CmBatt.sys - ok
10:08:37.0490 2532 [ 224191001E78C89DFA78924C3EA595FF ] C:\WINDOWS\System32\drivers\intelppm.sys
10:08:37.0490 2532 C:\WINDOWS\System32\drivers\intelppm.sys - ok
10:08:37.0490 2532 [ E8044E9976D43B1D00EADE351E447349 ] C:\WINDOWS\System32\drivers\atikmdag.sys
10:08:37.0490 2532 C:\WINDOWS\System32\drivers\atikmdag.sys - ok
10:08:37.0506 2532 [ 988670D8343EF9835FB3659DB71B2EFA ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:08:37.0506 2532 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
10:08:37.0506 2532 [ 4A5C31E2C1646034E6A60EBA4C747FF6 ] C:\WINDOWS\System32\drivers\watchdog.sys
10:08:37.0506 2532 C:\WINDOWS\System32\drivers\watchdog.sys - ok
10:08:37.0522 2532 [ 062452B7FFD68C8C042A6261FE8DFF4A ] C:\WINDOWS\System32\drivers\hdaudbus.sys
10:08:37.0522 2532 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
10:08:37.0522 2532 [ B09C74A41F26B08149707EA5E7F956C2 ] C:\WINDOWS\System32\drivers\usbport.sys
10:08:37.0522 2532 C:\WINDOWS\System32\drivers\usbport.sys - ok
10:08:37.0522 2532 [ 44056325428A8E4C755830426E29878F ] C:\WINDOWS\System32\drivers\usbuhci.sys
10:08:37.0522 2532 C:\WINDOWS\System32\drivers\usbuhci.sys - ok
10:08:37.0537 2532 [ 153E8515CB86F8BB5D1A8B478EBF4BB2 ] C:\WINDOWS\System32\drivers\usbehci.sys
10:08:37.0537 2532 C:\WINDOWS\System32\drivers\usbehci.sys - ok
10:08:37.0537 2532 [ A2CD1468BB0E796726DA95E95F87A715 ] C:\WINDOWS\System32\drivers\BCMWL6.SYS
10:08:37.0537 2532 C:\WINDOWS\System32\drivers\BCMWL6.SYS - ok
10:08:37.0537 2532 [ 7157E70A90CCE49DEB8885D23A073A39 ] C:\WINDOWS\System32\drivers\Rtlh86.sys
10:08:37.0537 2532 C:\WINDOWS\System32\drivers\Rtlh86.sys - ok
10:08:37.0553 2532 [ 0349BE02F329F4F48F1D48097FD65974 ] C:\WINDOWS\System32\drivers\1394bus.sys
10:08:37.0553 2532 C:\WINDOWS\System32\drivers\1394bus.sys - ok
10:08:37.0553 2532 [ 6F310E890D46E246E0E261A63D9B36B4 ] C:\WINDOWS\System32\drivers\ohci1394.sys
10:08:37.0553 2532 C:\WINDOWS\System32\drivers\ohci1394.sys - ok
10:08:37.0553 2532 [ 35956140E686D53BF676CF0C778880FC ] C:\WINDOWS\System32\drivers\HpqKbFiltr.sys
10:08:37.0553 2532 C:\WINDOWS\System32\drivers\HpqKbFiltr.sys - ok
10:08:37.0568 2532 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] C:\WINDOWS\System32\drivers\i8042prt.sys
10:08:37.0568 2532 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
10:08:37.0568 2532 [ DEDB6CC1B166928A8F3F68DEF1766DB0 ] C:\WINDOWS\System32\drivers\jmcr.sys
10:08:37.0568 2532 C:\WINDOWS\System32\drivers\jmcr.sys - ok
10:08:37.0584 2532 [ 37605E0A8CF00CBBA538E753E4344C6E ] C:\WINDOWS\System32\drivers\kbdclass.sys
10:08:37.0584 2532 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
10:08:37.0584 2532 [ BF7AA84D5AF0FAA0978C840E63B17DBF ] C:\WINDOWS\System32\drivers\SynTP.sys
10:08:37.0584 2532 C:\WINDOWS\System32\drivers\SynTP.sys - ok
10:08:37.0584 2532 [ FE619ED13CE12F5B43C04E3EA061BBD6 ] C:\WINDOWS\System32\drivers\usbd.sys
10:08:37.0584 2532 C:\WINDOWS\System32\drivers\usbd.sys - ok
10:08:37.0600 2532 [ 5BF6A1326A335C5298477754A506D263 ] C:\WINDOWS\System32\drivers\mouclass.sys
10:08:37.0600 2532 C:\WINDOWS\System32\drivers\mouclass.sys - ok
10:08:37.0600 2532 [ 6B4BFFB9BECD728097024276430DB314 ] C:\WINDOWS\System32\drivers\cdrom.sys
10:08:37.0600 2532 C:\WINDOWS\System32\drivers\cdrom.sys - ok
10:08:37.0600 2532 [ 004B2EA6CC2598EC5F0552E43CE29CEF ] C:\WINDOWS\System32\drivers\enecir.sys
10:08:37.0600 2532 C:\WINDOWS\System32\drivers\enecir.sys - ok
10:08:37.0615 2532 [ 185ADA973B5020655CEE342059A86CBB ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
10:08:37.0615 2532 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
10:08:37.0615 2532 [ 6277BBECFDBEC6513385966F46637442 ] \Device\2146089514
10:08:37.0615 2532 \Device\2146089514 - ok
10:08:37.0615 2532 [ 3B10711AD8656C097E0D16A41B29C54C ] C:\WINDOWS\System32\drivers\Accelerometer.sys
10:08:37.0615 2532 C:\WINDOWS\System32\drivers\Accelerometer.sys - ok
10:08:37.0631 2532 [ 2E7255D172DF0B8283CDFB7B433B864E ] C:\WINDOWS\System32\drivers\wmiacpi.sys
10:08:37.0631 2532 C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
10:08:37.0631 2532 [ 232FA340531D940AAC623B121A595034 ] C:\WINDOWS\System32\drivers\msiscsi.sys
10:08:37.0631 2532 C:\WINDOWS\System32\drivers\msiscsi.sys - ok
10:08:37.0631 2532 [ 77937EFF009AC696B90E09F671F9D0A4 ] C:\WINDOWS\System32\drivers\tdi.sys
10:08:37.0631 2532 C:\WINDOWS\System32\drivers\tdi.sys - ok
10:08:37.0646 2532 [ 0E186E90404980569FB449BA7519AE61 ] C:\WINDOWS\System32\drivers\ndistapi.sys
10:08:37.0646 2532 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
10:08:37.0646 2532 [ A214ADBAF4CB47DD2728859EF31F26B0 ] C:\WINDOWS\System32\drivers\rasl2tp.sys
10:08:37.0646 2532 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
10:08:37.0646 2532 [ 818F648618AE34F729FDB47EC68345C3 ] C:\WINDOWS\System32\drivers\ndiswan.sys
10:08:37.0646 2532 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
10:08:37.0662 2532 [ 509A98DD18AF4375E1FC40BC175F1DEF ] C:\WINDOWS\System32\drivers\raspppoe.sys
10:08:37.0662 2532 C:\WINDOWS\System32\drivers\raspppoe.sys - ok
10:08:37.0662 2532 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] C:\WINDOWS\System32\drivers\raspptp.sys
10:08:37.0662 2532 C:\WINDOWS\System32\drivers\raspptp.sys - ok
10:08:37.0662 2532 [ 2005F4A1E05FA09389AC85840F0A9E4D ] C:\WINDOWS\System32\drivers\rassstp.sys
10:08:37.0662 2532 C:\WINDOWS\System32\drivers\rassstp.sys - ok
10:08:37.0678 2532 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] C:\WINDOWS\System32\drivers\termdd.sys
10:08:37.0678 2532 C:\WINDOWS\System32\drivers\termdd.sys - ok
10:08:37.0678 2532 [ EF73C1E29FBE7B0FD0274BF4394E346A ] C:\WINDOWS\System32\drivers\ks.sys
10:08:37.0678 2532 C:\WINDOWS\System32\drivers\ks.sys - ok
10:08:37.0678 2532 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] C:\WINDOWS\System32\drivers\swenum.sys
10:08:37.0678 2532 C:\WINDOWS\System32\drivers\swenum.sys - ok
10:08:37.0693 2532 [ E5D4133F37219DBCFE102BC61072589D ] C:\WINDOWS\System32\drivers\circlass.sys
10:08:37.0693 2532 C:\WINDOWS\System32\drivers\circlass.sys - ok
10:08:37.0693 2532 [ E384487CB84BE41D09711C30CA79646C ] C:\WINDOWS\System32\drivers\mssmbios.sys
10:08:37.0693 2532 C:\WINDOWS\System32\drivers\mssmbios.sys - ok
10:08:37.0709 2532 [ 32CFF9F809AE9AED85464492BF3E32D2 ] C:\WINDOWS\System32\drivers\umbus.sys
10:08:37.0709 2532 C:\WINDOWS\System32\drivers\umbus.sys - ok
10:08:37.0709 2532 [ 2AE6BCEBD85D31317E433733DAF25888 ] C:\WINDOWS\System32\drivers\usbhub.sys
10:08:37.0709 2532 C:\WINDOWS\System32\drivers\usbhub.sys - ok
10:08:37.0709 2532 [ 71DAB552B41936358F3B541AE5997FB3 ] C:\WINDOWS\System32\drivers\ndproxy.sys
10:08:37.0709 2532 C:\WINDOWS\System32\drivers\ndproxy.sys - ok
10:08:37.0724 2532 [ 2A63675F6FA8EF0FF9F5C72695584CAA ] C:\WINDOWS\System32\drivers\drmk.sys
10:08:37.0724 2532 C:\WINDOWS\System32\drivers\drmk.sys - ok
10:08:37.0724 2532 [ 3F90E001369A07243763BD5A523D8722 ] C:\WINDOWS\System32\drivers\HdAudio.sys
10:08:37.0724 2532 C:\WINDOWS\System32\drivers\HdAudio.sys - ok
10:08:37.0724 2532 [ 6DBA75306DD9B242B6F1C343179AD201 ] C:\WINDOWS\System32\drivers\portcls.sys
10:08:37.0724 2532 C:\WINDOWS\System32\drivers\portcls.sys - ok
10:08:37.0740 2532 [ 5961CADB7CAD938368D2028725EF771D ] C:\WINDOWS\System32\drivers\hidclass.sys
10:08:37.0740 2532 C:\WINDOWS\System32\drivers\hidclass.sys - ok
10:08:37.0740 2532 [ D8DF3722D5E961BAA1292AA2F12827E2 ] C:\WINDOWS\System32\drivers\hidir.sys
10:08:37.0740 2532 C:\WINDOWS\System32\drivers\hidir.sys - ok
10:08:37.0740 2532 [ BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 ] C:\WINDOWS\System32\drivers\hidparse.sys
10:08:37.0740 2532 C:\WINDOWS\System32\drivers\hidparse.sys - ok
10:08:37.0756 2532 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] C:\WINDOWS\System32\drivers\kbdhid.sys
10:08:37.0756 2532 C:\WINDOWS\System32\drivers\kbdhid.sys - ok
10:08:37.0756 2532 [ 93B8D4869E12CFBE663915502900876F ] C:\WINDOWS\System32\drivers\mouhid.sys
10:08:37.0756 2532 C:\WINDOWS\System32\drivers\mouhid.sys - ok
10:08:37.0771 2532 [ 0F639D0526820BA7872C963813E0EB8D ] C:\WINDOWS\System32\drivers\aswSnx.sys
10:08:37.0771 2532 C:\WINDOWS\System32\drivers\aswSnx.sys - ok
10:08:37.0771 2532 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] C:\WINDOWS\System32\drivers\aswSP.sys
10:08:37.0771 2532 C:\WINDOWS\System32\drivers\aswSP.sys - ok
10:08:37.0771 2532 [ B972A66758577E0BFD1DE0F91AAA27B5 ] C:\WINDOWS\System32\drivers\fs_rec.sys
10:08:37.0771 2532 C:\WINDOWS\System32\drivers\fs_rec.sys - ok
10:08:37.0787 2532 [ C5DBBCDA07D780BDA9B685DF333BB41E ] C:\WINDOWS\System32\drivers\null.sys
10:08:37.0787 2532 C:\WINDOWS\System32\drivers\null.sys - ok
10:08:37.0787 2532 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] C:\WINDOWS\System32\drivers\beep.sys
10:08:37.0787 2532 C:\WINDOWS\System32\drivers\beep.sys - ok
10:08:37.0787 2532 [ 2E93AC0A1D8C79D019DB6C51F036636C ] C:\WINDOWS\System32\drivers\vga.sys
10:08:37.0787 2532 C:\WINDOWS\System32\drivers\vga.sys - ok
10:08:37.0802 2532 [ C048D2C33D27441A0CDCAAE2651EB03D ] C:\WINDOWS\System32\drivers\videoprt.sys
10:08:37.0802 2532 C:\WINDOWS\System32\drivers\videoprt.sys - ok
10:08:37.0802 2532 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
10:08:37.0802 2532 C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
10:08:37.0802 2532 [ 9D91FE5286F748862ECFFA05F8A0710C ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
10:08:37.0802 2532 C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
10:08:37.0818 2532 [ A9927F4A46B816C92F461ACB90CF8515 ] C:\WINDOWS\System32\drivers\msfs.sys
10:08:37.0818 2532 C:\WINDOWS\System32\drivers\msfs.sys - ok
10:08:37.0818 2532 [ D36F239D7CCE1931598E8FB90A0DBC26 ] C:\WINDOWS\System32\drivers\npfs.sys
10:08:37.0818 2532 C:\WINDOWS\System32\drivers\npfs.sys - ok
10:08:37.0818 2532 [ 147D7F9C556D259924351FEB0DE606C3 ] C:\WINDOWS\System32\drivers\rasacd.sys
10:08:37.0818 2532 C:\WINDOWS\System32\drivers\rasacd.sys - ok
10:08:37.0834 2532 [ 76B06EB8A01FC8624D699E7045303E54 ] C:\WINDOWS\System32\drivers\tdx.sys
10:08:37.0834 2532 C:\WINDOWS\System32\drivers\tdx.sys - ok
10:08:37.0834 2532 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] C:\WINDOWS\System32\drivers\aswTdi.sys
10:08:37.0834 2532 C:\WINDOWS\System32\drivers\aswTdi.sys - ok
10:08:37.0849 2532 [ 7B75299A4D201D6A6533603D6914AB04 ] C:\WINDOWS\System32\drivers\smb.sys
10:08:37.0849 2532 C:\WINDOWS\System32\drivers\smb.sys - ok
10:08:37.0849 2532 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] C:\WINDOWS\System32\drivers\netbt.sys
10:08:37.0849 2532 C:\WINDOWS\System32\drivers\netbt.sys - ok
10:08:37.0849 2532 [ 3911B972B55FEA0478476B2E777B29FA ] C:\WINDOWS\System32\drivers\afd.sys
10:08:37.0849 2532 C:\WINDOWS\System32\drivers\afd.sys - ok
10:08:37.0865 2532 [ B269C41DF93EFF71DF0986BD982D1C46 ] C:\WINDOWS\System32\drivers\aswRdr.sys
10:08:37.0865 2532 C:\WINDOWS\System32\drivers\aswRdr.sys - ok
10:08:37.0865 2532 [ E3A3CB253C0EC2494D4A61F5E43A389C ] C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:08:37.0865 2532 C:\WINDOWS\System32\drivers\ws2ifsl.sys - ok
10:08:37.0865 2532 [ BCD093A5A6777CF626434568DC7DBA78 ] C:\WINDOWS\System32\drivers\netbios.sys
10:08:37.0865 2532 C:\WINDOWS\System32\drivers\netbios.sys - ok
10:08:37.0880 2532 [ 99514FAA8DF93D34B5589187DB3AA0BA ] C:\WINDOWS\System32\drivers\pacer.sys
10:08:37.0880 2532 C:\WINDOWS\System32\drivers\pacer.sys - ok
10:08:37.0880 2532 [ 55201897378CCA7AF8B5EFD874374A26 ] C:\WINDOWS\System32\drivers\wanarp.sys
10:08:37.0880 2532 C:\WINDOWS\System32\drivers\wanarp.sys - ok
10:08:37.0880 2532 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] C:\WINDOWS\System32\drivers\rdbss.sys
10:08:37.0880 2532 C:\WINDOWS\System32\drivers\rdbss.sys - ok
10:08:37.0896 2532 [ 609773E344A97410CE4EBF74A8914FCF ] C:\WINDOWS\System32\drivers\nsiproxy.sys
10:08:37.0896 2532 C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
10:08:37.0896 2532 [ 622C41A07CA7E6DD91770F50D532CB6C ] C:\WINDOWS\System32\drivers\dfsc.sys
10:08:37.0896 2532 C:\WINDOWS\System32\drivers\dfsc.sys - ok
10:08:37.0896 2532 [ CCA4B519B17E23A00B826C55716809CC ] C:\WINDOWS\System32\drivers\hidusb.sys
10:08:37.0896 2532 C:\WINDOWS\System32\drivers\hidusb.sys - ok
10:08:37.0912 2532 [ BE7480C91E89EB82FC080F772C220AE4 ] C:\WINDOWS\System32\smss.exe
10:08:37.0912 2532 C:\WINDOWS\System32\smss.exe - ok
10:08:37.0912 2532 [ B9FDFF876B0E7B4FECBAA5708C6ED616 ] C:\WINDOWS\System32\ntdll.dll
10:08:37.0912 2532 C:\WINDOWS\System32\ntdll.dll - ok
10:08:37.0912 2532 [ 10761177A6EBE45843F443E99509F5E7 ] C:\WINDOWS\System32\autochk.exe
10:08:37.0912 2532 C:\WINDOWS\System32\autochk.exe - ok
10:08:37.0927 2532 [ AAB0B5F72D2D726FBFDC895A2902DE1D ] C:\WINDOWS\System32\drivers\usbccgp.sys
10:08:37.0927 2532 C:\WINDOWS\System32\drivers\usbccgp.sys - ok
10:08:37.0927 2532 [ 80FFF14F1757B9AF8BE9D314FC1AE88B ] C:\WINDOWS\System32\usp10.dll
10:08:37.0927 2532 C:\WINDOWS\System32\usp10.dll - ok
10:08:37.0927 2532 [ E3C3BD69701CE6B7B17101E4F7740534 ] C:\WINDOWS\System32\msctf.dll
10:08:37.0927 2532 C:\WINDOWS\System32\msctf.dll - ok
10:08:37.0943 2532 [ 6F29236AB5926100972924BD29D9D225 ] C:\WINDOWS\System32\normaliz.dll
10:08:37.0943 2532 C:\WINDOWS\System32\normaliz.dll - ok
10:08:37.0943 2532 [ B787EE3F327ABAC1EC47313B3A673598 ] C:\WINDOWS\System32\iertutil.dll
10:08:37.0943 2532 C:\WINDOWS\System32\iertutil.dll - ok
10:08:37.0943 2532 [ B304D47D5744BA20FCB99FB8B2C07B0B ] C:\WINDOWS\System32\ws2_32.dll
10:08:37.0943 2532 C:\WINDOWS\System32\ws2_32.dll - ok
10:08:37.0958 2532 [ 73FF24E21B690625A58109637DDA0DF7 ] C:\WINDOWS\System32\drivers\usbvideo.sys
10:08:37.0958 2532 C:\WINDOWS\System32\drivers\usbvideo.sys - ok
10:08:37.0958 2532 [ 872363237F24BCB03D73E2A3B4FBF38D ] C:\WINDOWS\System32\gdi32.dll
10:08:37.0958 2532 C:\WINDOWS\System32\gdi32.dll - ok
10:08:37.0958 2532 [ 50CAA7072C171B9887215C83D52069E4 ] C:\WINDOWS\System32\advapi32.dll
10:08:37.0974 2532 C:\WINDOWS\System32\advapi32.dll - ok
10:08:37.0974 2532 [ DC3105CC925A0D47F61B54E66AB730FC ] C:\WINDOWS\System32\kernel32.dll
10:08:37.0974 2532 C:\WINDOWS\System32\kernel32.dll - ok
10:08:37.0974 2532 [ 75510147B94598407666F4802797C75A ] C:\WINDOWS\System32\user32.dll
10:08:37.0974 2532 C:\WINDOWS\System32\user32.dll - ok
10:08:37.0990 2532 [ AAF101900A23D75AE1AE00840FA6F3B8 ] C:\WINDOWS\System32\shell32.dll
10:08:37.0990 2532 C:\WINDOWS\System32\shell32.dll - ok
10:08:37.0990 2532 [ 551F51B66E5EA87A38D8197EB3BDB57A ] C:\WINDOWS\System32\setupapi.dll
10:08:37.0990 2532 C:\WINDOWS\System32\setupapi.dll - ok
10:08:37.0990 2532 [ B8A609FB5EFB4E44FC1355B1C01C64BC ] C:\WINDOWS\System32\Wldap32.dll
10:08:37.0990 2532 C:\WINDOWS\System32\Wldap32.dll - ok
10:08:38.0005 2532 [ 4AA2A0E26CEF1A803741253DCF9A1503 ] C:\WINDOWS\System32\comdlg32.dll
10:08:38.0005 2532 C:\WINDOWS\System32\comdlg32.dll - ok
10:08:38.0005 2532 [ C8BDCECEE082B54F0BAC838BF0A34597 ] C:\WINDOWS\System32\imm32.dll
10:08:38.0005 2532 C:\WINDOWS\System32\imm32.dll - ok
10:08:38.0005 2532 [ EB0E02749CE5C488741C9A0ABEAB5DEC ] C:\WINDOWS\System32\lpk.dll
10:08:38.0005 2532 C:\WINDOWS\System32\lpk.dll - ok
10:08:38.0021 2532 [ 420B075CD71AB9E58D15DD258958FBA3 ] C:\WINDOWS\System32\shlwapi.dll
10:08:38.0021 2532 C:\WINDOWS\System32\shlwapi.dll - ok
10:08:38.0021 2532 [ 09EA40F4DAD2EDB3587E5E0BAA9C3E15 ] C:\WINDOWS\System32\imagehlp.dll
10:08:38.0021 2532 C:\WINDOWS\System32\imagehlp.dll - ok
10:08:38.0021 2532 [ A64AEBC6C78B4CFD7F41A7277879DF8F ] C:\WINDOWS\System32\nsi.dll
10:08:38.0021 2532 C:\WINDOWS\System32\nsi.dll - ok
10:08:38.0036 2532 [ 9586E7CB2255A8B097A7E4538202585E ] C:\WINDOWS\System32\ole32.dll
10:08:38.0036 2532 C:\WINDOWS\System32\ole32.dll - ok
10:08:38.0036 2532 [ 4CC9DF09C3D915BA0A101A11DB684F26 ] C:\WINDOWS\System32\wininet.dll
10:08:38.0036 2532 C:\WINDOWS\System32\wininet.dll - ok
10:08:38.0036 2532 [ C394079EB162E812D682C73FA96AF6E4 ] C:\WINDOWS\System32\clbcatq.dll
10:08:38.0036 2532 C:\WINDOWS\System32\clbcatq.dll - ok
10:08:38.0052 2532 [ B218342214D9BBA0F54EA12BA2E9278C ] C:\WINDOWS\System32\oleaut32.dll
10:08:38.0052 2532 C:\WINDOWS\System32\oleaut32.dll - ok
10:08:38.0052 2532 [ 17AF64D727545F2804F6E6D998327E3F ] C:\WINDOWS\System32\msvcrt.dll
10:08:38.0052 2532 C:\WINDOWS\System32\msvcrt.dll - ok
10:08:38.0068 2532 [ 5AAFA41F2A09D68F43741EF13937650A ] C:\WINDOWS\System32\urlmon.dll
10:08:38.0068 2532 C:\WINDOWS\System32\urlmon.dll - ok
10:08:38.0068 2532 [ E389C328AC7FE5673593ECAD269E7A54 ] C:\WINDOWS\System32\rpcrt4.dll
10:08:38.0068 2532 C:\WINDOWS\System32\rpcrt4.dll - ok
10:08:38.0068 2532 [ 58035212AB7869A5FC3AF186ACBA8F09 ] C:\WINDOWS\System32\comctl32.dll
10:08:38.0068 2532 C:\WINDOWS\System32\comctl32.dll - ok
10:08:38.0083 2532 [ 93A1732F7F997E36A5C3893539E2FF02 ] C:\WINDOWS\System32\psapi.dll
10:08:38.0083 2532 C:\WINDOWS\System32\psapi.dll - ok
10:08:38.0083 2532 [ EAAAFEF04FBB45665C9576E525D45A12 ] C:\WINDOWS\System32\drivers\dxapi.sys
10:08:38.0083 2532 C:\WINDOWS\System32\drivers\dxapi.sys - ok
10:08:38.0083 2532 [ A6E18756EA7B6E971184B57B86251FC5 ] C:\WINDOWS\System32\win32k.sys
10:08:38.0083 2532 C:\WINDOWS\System32\win32k.sys - ok
10:08:38.0099 2532 [ ABCA209EBA02CB59233614DB83B4F50D ] C:\WINDOWS\System32\csrss.exe
10:08:38.0099 2532 C:\WINDOWS\System32\csrss.exe - ok
10:08:38.0099 2532 [ 33F84B64D4765BCDFA0AB8464122DA14 ] C:\WINDOWS\System32\csrsrv.dll
10:08:38.0099 2532 C:\WINDOWS\System32\csrsrv.dll - ok
10:08:38.0099 2532 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\WINDOWS\System32\basesrv.dll
10:08:38.0099 2532 C:\WINDOWS\System32\basesrv.dll - ok
10:08:38.0114 2532 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\WINDOWS\System32\winsrv.dll
10:08:38.0114 2532 C:\WINDOWS\System32\winsrv.dll - ok
10:08:38.0114 2532 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] C:\WINDOWS\System32\drivers\monitor.sys
10:08:38.0114 2532 C:\WINDOWS\System32\drivers\monitor.sys - ok
10:08:38.0114 2532 [ CC21507D246861671A0BF97E75CE1B00 ] C:\WINDOWS\System32\tsddd.dll
10:08:38.0114 2532 C:\WINDOWS\System32\tsddd.dll - ok
10:08:38.0130 2532 [ D602FEDBD9155FC2DED6863FB60C950F ] C:\WINDOWS\System32\secur32.dll
10:08:38.0130 2532 C:\WINDOWS\System32\secur32.dll - ok
10:08:38.0130 2532 [ 665417528489096BBCB8AEA46D3DA924 ] C:\WINDOWS\System32\userenv.dll
10:08:38.0130 2532 C:\WINDOWS\System32\userenv.dll - ok
10:08:38.0130 2532 [ 101BA3EA053480BB5D957EF37C06B5ED ] C:\WINDOWS\System32\wininit.exe
10:08:38.0130 2532 C:\WINDOWS\System32\wininit.exe - ok
10:08:38.0146 2532 [ 12C8D6C564702B0776512932290A3F6B ] C:\WINDOWS\System32\KBDUS.DLL
10:08:38.0146 2532 C:\WINDOWS\System32\KBDUS.DLL - ok
10:08:38.0146 2532 [ BE6FAC6F0745C67DAE7522C96406D083 ] C:\WINDOWS\System32\sxs.dll
10:08:38.0146 2532 C:\WINDOWS\System32\sxs.dll - ok
10:08:38.0146 2532 [ 92283D9E33EC5F41ECC0B430B7459241 ] C:\WINDOWS\System32\WlS0WndH.dll
10:08:38.0146 2532 C:\WINDOWS\System32\WlS0WndH.dll - ok
10:08:38.0161 2532 [ 1107BD574A84367735FEC38B9BD64E6B ] C:\WINDOWS\System32\apphelp.dll
10:08:38.0161 2532 C:\WINDOWS\System32\apphelp.dll - ok
10:08:38.0161 2532 [ D6F0260D9051C0B60998F4CDBE9B2CC6 ] C:\WINDOWS\System32\cdd.dll
10:08:38.0161 2532 C:\WINDOWS\System32\cdd.dll - ok
10:08:38.0177 2532 [ A3E186B4B935905B829219502557314E ] C:\WINDOWS\System32\lsass.exe
10:08:38.0177 2532 C:\WINDOWS\System32\lsass.exe - ok
10:08:38.0177 2532 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\WINDOWS\System32\services.exe
10:08:38.0177 2532 C:\WINDOWS\System32\services.exe - ok
10:08:38.0177 2532 [ 178FAC2B7C66E9A4400CE7AC37623E3F ] C:\WINDOWS\System32\lsasrv.dll
10:08:38.0177 2532 C:\WINDOWS\System32\lsasrv.dll - ok
10:08:38.0177 2532 [ 4774AD6C447E02E954BD9A793614EBEC ] C:\WINDOWS\System32\lsm.exe
10:08:38.0192 2532 C:\WINDOWS\System32\lsm.exe - ok
10:08:38.0192 2532 [ 71F5A7104FDF16C0AC5283A6CE666553 ] C:\WINDOWS\System32\sysntfy.dll
10:08:38.0192 2532 C:\WINDOWS\System32\sysntfy.dll - ok
10:08:38.0192 2532 [ F0321DA5203F1E71917F3B7A13DC4912 ] C:\WINDOWS\System32\wmsgapi.dll
10:08:38.0192 2532 C:\WINDOWS\System32\wmsgapi.dll - ok
10:08:38.0208 2532 [ D90911B3FA05D7B930C1286084B404DE ] C:\WINDOWS\System32\scesrv.dll
10:08:38.0208 2532 C:\WINDOWS\System32\scesrv.dll - ok
10:08:38.0208 2532 [ 1AE011BB950A5E0B05023D2AFEC3666D ] C:\WINDOWS\System32\authz.dll
10:08:38.0208 2532 C:\WINDOWS\System32\authz.dll - ok
10:08:38.0208 2532 [ 98B656EAF128CD06F625B09C84D959E1 ] C:\WINDOWS\System32\netapi32.dll
10:08:38.0208 2532 C:\WINDOWS\System32\netapi32.dll - ok
10:08:38.0224 2532 [ 7808BF0E367ED7348808879CEF482AB3 ] C:\WINDOWS\System32\samsrv.dll
10:08:38.0224 2532 C:\WINDOWS\System32\samsrv.dll - ok
10:08:38.0224 2532 [ 459B48188494490707DCA8BAA91AA185 ] C:\WINDOWS\System32\cryptdll.dll
10:08:38.0224 2532 C:\WINDOWS\System32\cryptdll.dll - ok
10:08:38.0224 2532 [ 2FA16465F64DB54B1F7F511395EB4FD7 ] C:\WINDOWS\System32\ncobjapi.dll
10:08:38.0224 2532 C:\WINDOWS\System32\ncobjapi.dll - ok
10:08:38.0239 2532 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] C:\WINDOWS\System32\aelupsvc.dll
10:08:38.0239 2532 C:\WINDOWS\System32\aelupsvc.dll - ok
10:08:38.0239 2532 [ A1545B731579895D8CC44FC0481C1192 ] C:\WINDOWS\System32\alg.exe
10:08:38.0239 2532 C:\WINDOWS\System32\alg.exe - ok
10:08:38.0255 2532 [ 85E861D0B88DB2B54ACB0839654C09F7 ] C:\WINDOWS\System32\dnsapi.dll
10:08:38.0255 2532 C:\WINDOWS\System32\dnsapi.dll - ok
10:08:38.0255 2532 [ 965AC9FBF2C67231C157E99C03C58D24 ] C:\WINDOWS\System32\feclient.dll
10:08:38.0255 2532 C:\WINDOWS\System32\feclient.dll - ok
10:08:38.0270 2532 [ 1F94EA31C9543B855F53BDAC7792DA4E ] C:\WINDOWS\System32\mpr.dll
10:08:38.0270 2532 C:\WINDOWS\System32\mpr.dll - ok
10:08:38.0270 2532 [ EE2FF9A3FC4404234BE3B7C6AA383AF8 ] C:\WINDOWS\System32\msasn1.dll
10:08:38.0270 2532 C:\WINDOWS\System32\msasn1.dll - ok
10:08:38.0270 2532 [ 7F0F1D4B0D847696F8E309423D227DCE ] C:\WINDOWS\System32\ntdsapi.dll
10:08:38.0270 2532 C:\WINDOWS\System32\ntdsapi.dll - ok
10:08:38.0286 2532 [ 453DE2958C885527E20C79A3FEFE6AF7 ] C:\WINDOWS\System32\samlib.dll
10:08:38.0286 2532 C:\WINDOWS\System32\samlib.dll - ok
10:08:38.0286 2532 [ 0317420D419E1885894B3ED9D375D245 ] C:\WINDOWS\System32\crypt32.dll
10:08:38.0286 2532 C:\WINDOWS\System32\crypt32.dll - ok
10:08:38.0286 2532 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] C:\WINDOWS\System32\appinfo.dll
10:08:38.0286 2532 C:\WINDOWS\System32\appinfo.dll - ok
10:08:38.0302 2532 [ 3464DAE0E801F5A81A23C571D86F30B2 ] C:\WINDOWS\System32\rascfg.dll
10:08:38.0302 2532 C:\WINDOWS\System32\rascfg.dll - ok
10:08:38.0302 2532 [ 68E2A1A0407A66CF50DA0300852424AB ] C:\WINDOWS\System32\audiosrv.dll
10:08:38.0302 2532 C:\WINDOWS\System32\audiosrv.dll - ok
10:08:38.0302 2532 [ 898E7C06A350D4A1A64A9EA264D55452 ] C:\WINDOWS\System32\winlogon.exe
10:08:38.0302 2532 C:\WINDOWS\System32\winlogon.exe - ok
10:08:38.0317 2532 [ 4AAFC7461633848AA87A363B2CBEC522 ] C:\WINDOWS\System32\winsta.dll
10:08:38.0317 2532 C:\WINDOWS\System32\winsta.dll - ok
10:08:38.0317 2532 [ C789AF0F724FDA5852FB9A7D3A432381 ] C:\WINDOWS\System32\BFE.DLL
10:08:38.0317 2532 C:\WINDOWS\System32\BFE.DLL - ok
10:08:38.0317 2532 [ 93952506C6D67330367F7E7934B6A02F ] C:\WINDOWS\System32\qmgr.dll
10:08:38.0317 2532 C:\WINDOWS\System32\qmgr.dll - ok
10:08:38.0333 2532 [ C6DF7A87063D006ECF1FD8156CB6DE3F ] C:\WINDOWS\System32\SLC.dll
10:08:38.0333 2532 C:\WINDOWS\System32\SLC.dll - ok
10:08:38.0333 2532 [ 4DE3C4D07BAFDE616EFA0ADE076CBAC2 ] C:\WINDOWS\System32\wevtapi.dll
10:08:38.0333 2532 C:\WINDOWS\System32\wevtapi.dll - ok
10:08:38.0348 2532 [ 9028559C132146FB75EB7ACF384B086A ] C:\WINDOWS\System32\dhcpcsvc.dll
10:08:38.0348 2532 C:\WINDOWS\System32\dhcpcsvc.dll - ok
10:08:38.0348 2532 [ 4FE8425F21B3F0F8C4B4726351D43EAA ] C:\WINDOWS\System32\IPHLPAPI.DLL
10:08:38.0348 2532 C:\WINDOWS\System32\IPHLPAPI.DLL - ok
10:08:38.0348 2532 [ DFB6B71CDABA9DFB49C9D2B318B97A1A ] C:\WINDOWS\System32\dhcpcsvc6.dll
10:08:38.0348 2532 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
10:08:38.0364 2532 [ 6B09105742C75DF80CEF21700F20F55A ] C:\WINDOWS\System32\winnsi.dll
10:08:38.0364 2532 C:\WINDOWS\System32\winnsi.dll - ok
10:08:38.0364 2532 [ 7F15B4953378C8B5161D65C26D5FED4D ] C:\WINDOWS\System32\cngaudit.dll
10:08:38.0364 2532 C:\WINDOWS\System32\cngaudit.dll - ok
10:08:38.0364 2532 [ 13CC59C1B04E9F20A87987C68CD4BE3F ] C:\WINDOWS\System32\ncrypt.dll
10:08:38.0364 2532 C:\WINDOWS\System32\ncrypt.dll - ok
10:08:38.0380 2532 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] C:\WINDOWS\System32\browser.dll
10:08:38.0380 2532 C:\WINDOWS\System32\browser.dll - ok
10:08:38.0380 2532 [ A4C8377FA4A994E07075107DBE2E3DCE ] C:\WINDOWS\System32\bthserv.dll
10:08:38.0380 2532 C:\WINDOWS\System32\bthserv.dll - ok
10:08:38.0380 2532 [ DE0DD9AE3430F84A96B5501112A696BE ] C:\WINDOWS\System32\bcrypt.dll
10:08:38.0380 2532 C:\WINDOWS\System32\bcrypt.dll - ok
10:08:38.0395 2532 [ 312EC3E37A0A1F2006534913E37B4423 ] C:\WINDOWS\System32\certprop.dll
10:08:38.0395 2532 C:\WINDOWS\System32\certprop.dll - ok
10:08:38.0395 2532 [ 4211249955AF9133E2E357CC92B54DFD ] C:\WINDOWS\System32\comres.dll
10:08:38.0395 2532 C:\WINDOWS\System32\comres.dll - ok
10:08:38.0395 2532 [ 26F139DDEC6407508071930D3D07337E ] C:\WINDOWS\System32\credssp.dll
10:08:38.0395 2532 C:\WINDOWS\System32\credssp.dll - ok
10:08:38.0411 2532 [ AA01497884F9CBAC89470120AF78D2B1 ] C:\WINDOWS\System32\kerberos.dll
10:08:38.0411 2532 C:\WINDOWS\System32\kerberos.dll - ok
10:08:38.0411 2532 [ ABE9EEA1EABEA0711610A637A7B1C25D ] C:\WINDOWS\System32\msprivs.dll
10:08:38.0411 2532 C:\WINDOWS\System32\msprivs.dll - ok
10:08:38.0411 2532 [ 684C130BBC6DB681BAD4920A4C944AA5 ] C:\WINDOWS\System32\cryptsvc.dll
10:08:38.0411 2532 C:\WINDOWS\System32\cryptsvc.dll - ok
10:08:38.0426 2532 [ 08D6D1692B62C9EE4062E1FA04D8FE2F ] C:\WINDOWS\System32\oleres.dll
10:08:38.0426 2532 C:\WINDOWS\System32\oleres.dll - ok
10:08:38.0426 2532 [ 9E80FF0752E365F97FD2D1D68C2AFDA1 ] C:\WINDOWS\System32\wship6.dll
10:08:38.0426 2532 C:\WINDOWS\System32\wship6.dll - ok
10:08:38.0426 2532 [ 74F380C8EC8813626C670D46E8A714D1 ] C:\WINDOWS\System32\dfsrres.dll
10:08:38.0426 2532 C:\WINDOWS\System32\dfsrres.dll - ok
10:08:38.0442 2532 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] C:\WINDOWS\System32\dot3svc.dll
10:08:38.0442 2532 C:\WINDOWS\System32\dot3svc.dll - ok
10:08:38.0442 2532 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] C:\WINDOWS\System32\nlasvc.dll
10:08:38.0442 2532 C:\WINDOWS\System32\nlasvc.dll - ok
10:08:38.0458 2532 [ 05C3B38DB95BA5585817A4F898EE5581 ] C:\WINDOWS\System32\wshqos.dll
10:08:38.0458 2532 C:\WINDOWS\System32\wshqos.dll - ok
10:08:38.0458 2532 [ 22CFAEB9172F5F198048401485CD0571 ] C:\WINDOWS\System32\WSHTCPIP.DLL
10:08:38.0458 2532 C:\WINDOWS\System32\WSHTCPIP.DLL - ok
10:08:38.0458 2532 [ 9BE3744D295A7701EB425332014F0797 ] C:\WINDOWS\ehome\ehrecvr.exe
10:08:38.0458 2532 C:\WINDOWS\ehome\ehrecvr.exe - ok
10:08:38.0473 2532 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] C:\WINDOWS\System32\dps.dll
10:08:38.0473 2532 C:\WINDOWS\System32\dps.dll - ok
10:08:38.0473 2532 [ C0B95E40D85CD807D614E264248A45B9 ] C:\WINDOWS\System32\eapsvc.dll
10:08:38.0473 2532 C:\WINDOWS\System32\eapsvc.dll - ok
10:08:38.0473 2532 [ 8617350C9B590B63E620881092751BCB ] C:\WINDOWS\System32\mswsock.dll
10:08:38.0473 2532 C:\WINDOWS\System32\mswsock.dll - ok
10:08:38.0489 2532 [ FC62A635063B762E1C3C60EA77279378 ] C:\WINDOWS\System32\NapiNSP.dll
10:08:38.0489 2532 C:\WINDOWS\System32\NapiNSP.dll - ok
10:08:38.0489 2532 [ 690D41DF1D555F96D4898A0F54EBA065 ] C:\WINDOWS\System32\pnrpnsp.dll
10:08:38.0489 2532 C:\WINDOWS\System32\pnrpnsp.dll - ok
10:08:38.0489 2532 [ 4ABCE74D012971305249E45E095E9EA6 ] C:\WINDOWS\System32\msv1_0.dll
10:08:38.0489 2532 C:\WINDOWS\System32\msv1_0.dll - ok
10:08:38.0504 2532 [ 95DAECF0FB120A7B5DA679CC54E37DDE ] C:\WINDOWS\System32\netlogon.dll
10:08:38.0504 2532 C:\WINDOWS\System32\netlogon.dll - ok
10:08:38.0504 2532 [ AD1870C8E5D6DD340C829E6074BF3C3F ] C:\WINDOWS\ehome\ehsched.exe
10:08:38.0504 2532 C:\WINDOWS\ehome\ehsched.exe - ok
10:08:38.0520 2532 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] C:\WINDOWS\ehome\ehstart.dll
10:08:38.0520 2532 C:\WINDOWS\ehome\ehstart.dll - ok
10:08:38.0520 2532 [ 4E6B23DFC917EA39306B529B773950F4 ] C:\WINDOWS\System32\emdmgmt.dll
10:08:38.0520 2532 C:\WINDOWS\System32\emdmgmt.dll - ok
10:08:38.0520 2532 [ 72910BC4A218C49EA8E43D1FAEC403A5 ] C:\WINDOWS\System32\winbrand.dll
10:08:38.0520 2532 C:\WINDOWS\System32\winbrand.dll - ok
10:08:38.0536 2532 [ A1B40A28F38D27A7E3229EE4C7064434 ] C:\WINDOWS\System32\wevtsvc.dll
10:08:38.0536 2532 C:\WINDOWS\System32\wevtsvc.dll - ok
10:08:38.0536 2532 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] C:\WINDOWS\System32\fdPHost.dll
10:08:38.0536 2532 C:\WINDOWS\System32\fdPHost.dll - ok
10:08:38.0536 2532 [ 50E3E76B0901BB4FC029BB88BFA5CE79 ] C:\WINDOWS\System32\schannel.dll
10:08:38.0536 2532 C:\WINDOWS\System32\schannel.dll - ok
10:08:38.0551 2532 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] C:\WINDOWS\System32\FDResPub.dll
10:08:38.0551 2532 C:\WINDOWS\System32\FDResPub.dll - ok
10:08:38.0551 2532 [ 2AFA3A46986AE935DAECEBC7E66314CF ] C:\WINDOWS\System32\FntCache.dll
10:08:38.0551 2532 C:\WINDOWS\System32\FntCache.dll - ok
10:08:38.0551 2532 [ 93620229F3CC3B67A3528BF39F064C30 ] C:\WINDOWS\System32\wdigest.dll
10:08:38.0551 2532 C:\WINDOWS\System32\wdigest.dll - ok
10:08:38.0567 2532 [ 302964DCAC79D618CC7B72C778DA9FD2 ] C:\WINDOWS\System32\PresentationHost.exe
10:08:38.0567 2532 C:\WINDOWS\System32\PresentationHost.exe - ok
10:08:38.0567 2532 [ E14170AEA125119B98FA2BDE3FF4F462 ] C:\WINDOWS\System32\rsaenh.dll
10:08:38.0567 2532 C:\WINDOWS\System32\rsaenh.dll - ok
10:08:38.0582 2532 [ 0F420E81062757EA8363CBACD4D40D6D ] C:\WINDOWS\System32\gpapi.dll
10:08:38.0582 2532 C:\WINDOWS\System32\gpapi.dll - ok
10:08:38.0582 2532 [ F8873D15018F411588BEC02C1725BADA ] C:\WINDOWS\System32\TSpkg.dll
10:08:38.0582 2532 C:\WINDOWS\System32\TSpkg.dll - ok
10:08:38.0582 2532 [ 84067081F3318162797385E11A8F0582 ] C:\WINDOWS\System32\hidserv.dll
10:08:38.0582 2532 C:\WINDOWS\System32\hidserv.dll - ok
10:08:38.0598 2532 [ D8AD255B37DA92434C26E4876DB7D418 ] C:\WINDOWS\System32\KMSVC.DLL
10:08:38.0598 2532 C:\WINDOWS\System32\KMSVC.DLL - ok
10:08:38.0598 2532 [ 05586F5438AB0DA4F5149159E0E5FD4B ] C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
10:08:38.0598 2532 C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
10:08:38.0598 2532 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 ] C:\WINDOWS\System32\IKEEXT.DLL
10:08:38.0598 2532 C:\WINDOWS\System32\IKEEXT.DLL - ok
10:08:38.0614 2532 [ 9AC218C6E6105477484C6FDBE7D409A4 ] C:\WINDOWS\System32\IPBusEnum.dll
10:08:38.0614 2532 C:\WINDOWS\System32\IPBusEnum.dll - ok
10:08:38.0614 2532 [ 1998BD97F950680BB55F55A7244679C2 ] C:\WINDOWS\System32\iphlpsvc.dll
10:08:38.0614 2532 C:\WINDOWS\System32\iphlpsvc.dll - ok
10:08:38.0629 2532 [ 74C2F29CC612B2B34231BEBD824D2FB2 ] C:\WINDOWS\System32\keyiso.dll
10:08:38.0629 2532 C:\WINDOWS\System32\keyiso.dll - ok
10:08:38.0629 2532 [ 1BF5EEBFD518DD7298434D8C862F825D ] C:\WINDOWS\System32\srvsvc.dll
10:08:38.0629 2532 C:\WINDOWS\System32\srvsvc.dll - ok
10:08:38.0629 2532 [ 1DB69705B695B987082C8BAEC0C6B34F ] C:\WINDOWS\System32\wkssvc.dll
10:08:38.0629 2532 C:\WINDOWS\System32\wkssvc.dll - ok
10:08:38.0645 2532 [ 132F6237FA3BF3E9715F63A1CCF72BF1 ] C:\WINDOWS\ehome\ehres.dll
10:08:38.0645 2532 C:\WINDOWS\ehome\ehres.dll - ok
10:08:38.0645 2532 [ FA0593D936C9B95FB6FAA32AD1595D49 ] C:\WINDOWS\System32\lltdres.dll
10:08:38.0645 2532 C:\WINDOWS\System32\lltdres.dll - ok
10:08:38.0645 2532 [ 35D40113E4A5B961B6CE5C5857702518 ] C:\WINDOWS\System32\lmhsvc.dll
10:08:38.0645 2532 C:\WINDOWS\System32\lmhsvc.dll - ok
10:08:38.0660 2532 [ 95F1EB99B81CFD6F581C85F0A0AA9B2B ] C:\WINDOWS\System32\FirewallAPI.dll
10:08:38.0660 2532 C:\WINDOWS\System32\FirewallAPI.dll - ok
10:08:38.0660 2532 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] C:\WINDOWS\System32\mmcss.dll
10:08:38.0660 2532 C:\WINDOWS\System32\mmcss.dll - ok
10:08:38.0676 2532 [ EA822412BBBA9B7D2B1A3748AD50EFB8 ] C:\WINDOWS\System32\iscsidsc.dll
10:08:38.0676 2532 C:\WINDOWS\System32\iscsidsc.dll - ok
10:08:38.0676 2532 [ ED21401F1E2F6BC2F54C462BB66D0D6B ] C:\WINDOWS\System32\msimsg.dll
10:08:38.0676 2532 C:\WINDOWS\System32\msimsg.dll - ok
10:08:38.0676 2532 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] C:\WINDOWS\System32\QAGENTRT.DLL
10:08:38.0676 2532 C:\WINDOWS\System32\QAGENTRT.DLL - ok
10:08:38.0676 2532 [ C8052711DAECC48B982434C5116CA401 ] C:\WINDOWS\System32\netman.dll
10:08:38.0676 2532 C:\WINDOWS\System32\netman.dll - ok
10:08:38.0692 2532 [ ED640F4CE585058119B824CC76591D9C ] C:\WINDOWS\System32\netprof.dll
10:08:38.0692 2532 C:\WINDOWS\System32\netprof.dll - ok
10:08:38.0692 2532 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] C:\WINDOWS\System32\nsisvc.dll
10:08:38.0692 2532 C:\WINDOWS\System32\nsisvc.dll - ok
10:08:38.0707 2532 [ 0C8E8E61AD1EB0B250B846712C917506 ] C:\WINDOWS\System32\p2psvc.dll
10:08:38.0707 2532 C:\WINDOWS\System32\p2psvc.dll - ok
10:08:38.0707 2532 [ C6276AD11F4BB49B58AA1ED88537F14A ] C:\WINDOWS\System32\pcasvc.dll
10:08:38.0707 2532 C:\WINDOWS\System32\pcasvc.dll - ok
10:08:38.0707 2532 [ B1689DF169143F57053F795390C99DB3 ] C:\WINDOWS\System32\pla.dll
10:08:38.0707 2532 C:\WINDOWS\System32\pla.dll - ok
10:08:38.0723 2532 [ C5E7F8A996EC0A82D508FD9064A5569E ] C:\WINDOWS\System32\umpnpmgr.dll
10:08:38.0723 2532 C:\WINDOWS\System32\umpnpmgr.dll - ok
10:08:38.0723 2532 [ 64B28D672B5B6A01E87B0C3096B1E047 ] C:\WINDOWS\System32\polstore.dll
10:08:38.0723 2532 C:\WINDOWS\System32\polstore.dll - ok
10:08:38.0723 2532 [ 0508FAA222D28835310B7BFCA7A77346 ] C:\WINDOWS\System32\profsvc.dll
10:08:38.0723 2532 C:\WINDOWS\System32\profsvc.dll - ok
10:08:38.0738 2532 [ 08F9134A2215B7ED985409A4DF60AC60 ] C:\WINDOWS\System32\psbase.dll
10:08:38.0738 2532 C:\WINDOWS\System32\psbase.dll - ok
10:08:38.0738 2532 [ E9ECAE663F47E6CB43962D18AB18890F ] C:\WINDOWS\System32\qwave.dll
10:08:38.0738 2532 C:\WINDOWS\System32\qwave.dll - ok
10:08:38.0754 2532 [ 9F5E0E1926014D17486901C88ECA2DB7 ] C:\WINDOWS\System32\drivers\qwavedrv.sys
10:08:38.0754 2532 C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
10:08:38.0754 2532 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] C:\WINDOWS\System32\rasauto.dll
10:08:38.0754 2532 C:\WINDOWS\System32\rasauto.dll - ok
10:08:38.0754 2532 [ 75D47445D70CA6F9F894B032FBC64FCF ] C:\WINDOWS\System32\rasmans.dll
10:08:38.0754 2532 C:\WINDOWS\System32\rasmans.dll - ok
10:08:38.0770 2532 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] C:\WINDOWS\System32\mprdim.dll
10:08:38.0770 2532 C:\WINDOWS\System32\mprdim.dll - ok
10:08:38.0770 2532 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] C:\WINDOWS\System32\sstpsvc.dll
10:08:38.0770 2532 C:\WINDOWS\System32\sstpsvc.dll - ok
10:08:38.0770 2532 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] C:\WINDOWS\System32\regsvc.dll
10:08:38.0770 2532 C:\WINDOWS\System32\regsvc.dll - ok
10:08:38.0785 2532 [ 5123F83CBC4349D065534EEB6BBDC42B ] C:\WINDOWS\System32\Locator.exe
10:08:38.0785 2532 C:\WINDOWS\System32\Locator.exe - ok
10:08:38.0785 2532 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] C:\WINDOWS\System32\SCardSvr.dll
10:08:38.0785 2532 C:\WINDOWS\System32\SCardSvr.dll - ok
10:08:38.0785 2532 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] C:\WINDOWS\System32\schedsvc.dll
10:08:38.0785 2532 C:\WINDOWS\System32\schedsvc.dll - ok
10:08:38.0801 2532 [ 716313D9F6B0529D03F726D5AAF6F191 ] C:\WINDOWS\System32\sdrsvc.dll
10:08:38.0801 2532 C:\WINDOWS\System32\sdrsvc.dll - ok
10:08:38.0801 2532 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] C:\WINDOWS\System32\seclogon.dll
10:08:38.0801 2532 C:\WINDOWS\System32\seclogon.dll - ok
10:08:38.0816 2532 [ A9BBAB5759771E523F55563D6CBE140F ] C:\WINDOWS\System32\Sens.dll
10:08:38.0816 2532 C:\WINDOWS\System32\Sens.dll - ok
10:08:38.0816 2532 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] C:\WINDOWS\System32\ipnathlp.dll
10:08:38.0816 2532 C:\WINDOWS\System32\ipnathlp.dll - ok
10:08:38.0816 2532 [ D2193326F729B163125610DBF3E17D57 ] C:\WINDOWS\System32\SessEnv.dll
10:08:38.0816 2532 C:\WINDOWS\System32\SessEnv.dll - ok
10:08:38.0832 2532 [ C7230FBEE14437716701C15BE02C27B8 ] C:\WINDOWS\System32\shsvcs.dll
10:08:38.0832 2532 C:\WINDOWS\System32\shsvcs.dll - ok
10:08:38.0832 2532 [ 862BB4CBC05D80C5B45BE430E5EF872F ] C:\WINDOWS\System32\SLsvc.exe
10:08:38.0832 2532 C:\WINDOWS\System32\SLsvc.exe - ok
10:08:38.0832 2532 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] C:\WINDOWS\System32\SLUINotify.dll
10:08:38.0832 2532 C:\WINDOWS\System32\SLUINotify.dll - ok
10:08:38.0848 2532 [ 2A146A055B4401C16EE62D18B8E2A032 ] C:\WINDOWS\System32\snmptrap.exe
10:08:38.0848 2532 C:\WINDOWS\System32\snmptrap.exe - ok
10:08:38.0848 2532 [ E4060CFE50F87C72316CB0FDB20E4913 ] C:\WINDOWS\System32\tcpipcfg.dll
10:08:38.0848 2532 C:\WINDOWS\System32\tcpipcfg.dll - ok
10:08:38.0848 2532 [ 8554097E5136C3BF9F69FE578A1B35F4 ] C:\WINDOWS\System32\spoolsv.exe
10:08:38.0848 2532 C:\WINDOWS\System32\spoolsv.exe - ok
10:08:38.0863 2532 [ 03D50B37234967433A5EA5BA72BC0B62 ] C:\WINDOWS\System32\ssdpsrv.dll
10:08:38.0863 2532 C:\WINDOWS\System32\ssdpsrv.dll - ok
10:08:38.0863 2532 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] C:\WINDOWS\System32\wiaservc.dll
10:08:38.0863 2532 C:\WINDOWS\System32\wiaservc.dll - ok
10:08:38.0863 2532 [ F21FD248040681CCA1FB6C9A03AAA93D ] C:\WINDOWS\System32\swprv.dll
10:08:38.0863 2532 C:\WINDOWS\System32\swprv.dll - ok
10:08:38.0879 2532 [ 2DCA225EAE15F42C0933E998EE0231C3 ] C:\WINDOWS\System32\TabSvc.dll
10:08:38.0879 2532 C:\WINDOWS\System32\TabSvc.dll - ok
10:08:38.0879 2532 [ D7673E4B38CE21EE54C59EEEB65E2483 ] C:\WINDOWS\System32\tapisrv.dll
10:08:38.0879 2532 C:\WINDOWS\System32\tapisrv.dll - ok
10:08:38.0894 2532 [ CB05822CD9CC6C688168E113C603DBE7 ] C:\WINDOWS\System32\tbssvc.dll
10:08:38.0894 2532 C:\WINDOWS\System32\tbssvc.dll - ok
10:08:38.0894 2532 [ BB95DA09BEF6E7A131BFF3BA5032090D ] C:\WINDOWS\System32\termsrv.dll
10:08:38.0894 2532 C:\WINDOWS\System32\termsrv.dll - ok
10:08:38.0894 2532 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] C:\WINDOWS\servicing\TrustedInstaller.exe
10:08:38.0894 2532 C:\WINDOWS\servicing\TrustedInstaller.exe - ok
10:08:38.0910 2532 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] C:\WINDOWS\System32\trkwks.dll
10:08:38.0910 2532 C:\WINDOWS\System32\trkwks.dll - ok
10:08:38.0910 2532 [ ECEF404F62863755951E09C802C94AD5 ] C:\WINDOWS\System32\UI0Detect.exe
10:08:38.0910 2532 C:\WINDOWS\System32\UI0Detect.exe - ok
10:08:38.0910 2532 [ 01DD1004181FD46ECDC3628228EB269D ] C:\WINDOWS\System32\dwm.exe
10:08:38.0910 2532 C:\WINDOWS\System32\dwm.exe - ok
10:08:38.0926 2532 [ 68308183F4AE0BE7BF8ECD07CB297999 ] C:\WINDOWS\System32\upnphost.dll
10:08:38.0926 2532 C:\WINDOWS\System32\upnphost.dll - ok
10:08:38.0926 2532 [ CD88D1B7776DC17A119049742EC07EB4 ] C:\WINDOWS\System32\vds.exe
10:08:38.0926 2532 C:\WINDOWS\System32\vds.exe - ok
10:08:38.0926 2532 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] C:\WINDOWS\System32\VSSVC.exe
10:08:38.0926 2532 C:\WINDOWS\System32\VSSVC.exe - ok
10:08:38.0941 2532 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] C:\WINDOWS\System32\w32time.dll
10:08:38.0941 2532 C:\WINDOWS\System32\w32time.dll - ok
10:08:38.0941 2532 [ A3CD60FD826381B49F03832590E069AF ] C:\WINDOWS\System32\wcncsvc.dll
10:08:38.0941 2532 C:\WINDOWS\System32\wcncsvc.dll - ok
10:08:38.0957 2532 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] C:\WINDOWS\System32\WcsPlugInService.dll
10:08:38.0957 2532 C:\WINDOWS\System32\WcsPlugInService.dll - ok
10:08:38.0957 2532 [ 25944D2CC49E0A6C581D02A74B7D6645 ] C:\WINDOWS\System32\drivers\Wdf01000.sys
10:08:38.0957 2532 C:\WINDOWS\System32\drivers\Wdf01000.sys - ok
10:08:38.0957 2532 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] C:\WINDOWS\System32\wdi.dll
10:08:38.0957 2532 C:\WINDOWS\System32\wdi.dll - ok
10:08:38.0972 2532 [ 04C37D8107320312FBAE09926103D5E2 ] C:\WINDOWS\System32\WebClnt.dll
10:08:38.0972 2532 C:\WINDOWS\System32\WebClnt.dll - ok
10:08:38.0972 2532 [ AE3736E7E8892241C23E4EBBB7453B60 ] C:\WINDOWS\System32\wecsvc.dll
10:08:38.0972 2532 C:\WINDOWS\System32\wecsvc.dll - ok
10:08:38.0988 2532 [ 670FF720071ED741206D69BD995EA453 ] C:\WINDOWS\System32\wercplsupport.dll
10:08:38.0988 2532 C:\WINDOWS\System32\wercplsupport.dll - ok
10:08:38.0988 2532 [ 32B88481D3B326DA6DEB07B1D03481E7 ] C:\WINDOWS\System32\wersvc.dll
10:08:38.0988 2532 C:\WINDOWS\System32\wersvc.dll - ok
10:08:39.0004 2532 [ DBD02E3E6F061EBBBF9B99A9D7CBA30B ] C:\WINDOWS\System32\winhttp.dll
10:08:39.0004 2532 C:\WINDOWS\System32\winhttp.dll - ok
10:08:39.0004 2532 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] C:\WINDOWS\System32\wbem\WMIsvc.dll
10:08:39.0004 2532 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
10:08:39.0004 2532 [ 7CFE68BDC065E55AA5E8421607037511 ] C:\WINDOWS\System32\WsmSvc.dll
10:08:39.0004 2532 C:\WINDOWS\System32\WsmSvc.dll - ok
10:08:39.0019 2532 [ C008405E4FEEB069E30DA1D823910234 ] C:\WINDOWS\System32\wlansvc.dll
10:08:39.0019 2532 C:\WINDOWS\System32\wlansvc.dll - ok
10:08:39.0019 2532 [ 43BE3875207DCB62A85C8C49970B66CC ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
10:08:39.0019 2532 C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
10:08:39.0035 2532 [ 3978704576A121A9204F8CC49A301A9B ] C:\Program Files\Windows Media Player\wmpnetwk.exe
10:08:39.0035 2532 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
10:08:39.0035 2532 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] C:\WINDOWS\System32\wpcsvc.dll
10:08:39.0035 2532 C:\WINDOWS\System32\wpcsvc.dll - ok
10:08:39.0035 2532 [ 801FBDB89D472B3C467EB112A0FC9246 ] C:\WINDOWS\System32\wpdbusenum.dll
10:08:39.0035 2532 C:\WINDOWS\System32\wpdbusenum.dll - ok
10:08:39.0050 2532 [ 15673BD0B86150CB8E27766059C72A9B ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:08:39.0050 2532 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
10:08:39.0050 2532 [ 1CA6C40261DDC0425987980D0CD2AAAB ] C:\WINDOWS\System32\wscsvc.dll
10:08:39.0050 2532 C:\WINDOWS\System32\wscsvc.dll - ok
10:08:39.0066 2532 [ AED0DFF80C6B3914769407E78D7AB21A ] C:\WINDOWS\System32\SearchIndexer.exe
10:08:39.0066 2532 C:\WINDOWS\System32\SearchIndexer.exe - ok
10:08:39.0066 2532 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\System32\wuaueng.dll
10:08:39.0066 2532 C:\WINDOWS\System32\wuaueng.dll - ok
10:08:39.0066 2532 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\WINDOWS\System32\drivers\WUDFPf.sys
10:08:39.0066 2532 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
10:08:39.0082 2532 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\WINDOWS\System32\WUDFSvc.dll
10:08:39.0082 2532 C:\WINDOWS\System32\WUDFSvc.dll - ok
10:08:39.0082 2532 [ 8FC182167381E9915651267044105EE1 ] C:\WINDOWS\System32\scecli.dll
10:08:39.0082 2532 C:\WINDOWS\System32\scecli.dll - ok
10:08:39.0097 2532 [ CD08EEC61C591AF59A39F4363C567D30 ] C:\WINDOWS\System32\ntmarta.dll
10:08:39.0097 2532 C:\WINDOWS\System32\ntmarta.dll - ok
10:08:39.0097 2532 [ 3794B461C45882E06856F282EEF025AF ] C:\WINDOWS\System32\svchost.exe
10:08:39.0097 2532 C:\WINDOWS\System32\svchost.exe - ok
10:08:39.0097 2532 [ 9A7F4B2EDACD11444D048AA19CBB26AF ] C:\WINDOWS\System32\powrprof.dll
10:08:39.0097 2532 C:\WINDOWS\System32\powrprof.dll - ok
10:08:39.0113 2532 [ 8F5C7426567798E62A3B3614965D62CC ] C:\WINDOWS\System32\drivers\luafv.sys
10:08:39.0113 2532 C:\WINDOWS\System32\drivers\luafv.sys - ok
10:08:39.0113 2532 [ 6F1505608202BBD179095A6A150D103F ] C:\WINDOWS\System32\drivers\aswMonFlt.sys
10:08:39.0113 2532 C:\WINDOWS\System32\drivers\aswMonFlt.sys - ok
10:08:39.0128 2532 [ 6C1C07916A4FED3E26BF399F07370986 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
10:08:39.0128 2532 C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
10:08:39.0128 2532 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] C:\WINDOWS\System32\rpcss.dll
10:08:39.0128 2532 C:\WINDOWS\System32\rpcss.dll - ok
10:08:39.0128 2532 [ 69827805A221C21450BA22F4326A2EE3 ] C:\WINDOWS\System32\version.dll
10:08:39.0128 2532 C:\WINDOWS\System32\version.dll - ok
10:08:39.0144 2532 [ 99FDF0E65F82C0E47BC04363C09DE146 ] C:\WINDOWS\System32\Ati2evxx.exe
10:08:39.0144 2532 C:\WINDOWS\System32\Ati2evxx.exe - ok
10:08:39.0144 2532 [ 1A09CB187440993FA5E24DE1EEB7B916 ] C:\WINDOWS\System32\cfgmgr32.dll
10:08:39.0144 2532 C:\WINDOWS\System32\cfgmgr32.dll - ok
10:08:39.0144 2532 [ 62D577288B48998FC6667BF22DC5B690 ] C:\WINDOWS\System32\LogonUI.exe
10:08:39.0144 2532 C:\WINDOWS\System32\LogonUI.exe - ok
10:08:39.0160 2532 [ F42483814FC39170B3982A184EC5AAA2 ] C:\WINDOWS\System32\wtsapi32.dll
10:08:39.0160 2532 C:\WINDOWS\System32\wtsapi32.dll - ok
10:08:39.0160 2532 [ 58C2521D87C494831A625202C80354AD ] C:\WINDOWS\System32\authui.dll
10:08:39.0160 2532 C:\WINDOWS\System32\authui.dll - ok
10:08:39.0160 2532 [ BE3C082837866C4C291ADAF163C10EA6 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
10:08:39.0160 2532 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll - ok
10:08:39.0175 2532 [ 56B5914070B2C243DFB3D186070DA89D ] C:\WINDOWS\System32\MMDevAPI.dll
10:08:39.0175 2532 C:\WINDOWS\System32\MMDevAPI.dll - ok
10:08:39.0175 2532 [ 2EC53B5A351C4D443896DBAD117F7E82 ] C:\WINDOWS\System32\msimg32.dll
10:08:39.0175 2532 C:\WINDOWS\System32\msimg32.dll - ok
10:08:39.0191 2532 [ 999D69DEB576C2C424294DF025891CC6 ] C:\WINDOWS\System32\uxtheme.dll
10:08:39.0191 2532 C:\WINDOWS\System32\uxtheme.dll - ok
10:08:39.0191 2532 [ C9244BCAC83B259B920BBEE18A97BFE1 ] C:\WINDOWS\System32\avrt.dll
10:08:39.0191 2532 C:\WINDOWS\System32\avrt.dll - ok
10:08:39.0191 2532 [ E6F7D35741A6239CE7B54D7665EAB523 ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe
10:08:39.0191 2532 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe - ok
10:08:39.0206 2532 [ 040015B18F6779C25160A7854113CF50 ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll
10:08:39.0206 2532 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a4\GdiPlus.dll - ok
10:08:39.0206 2532 [ A99871BA522CB2539AE275AC18CACC8F ] C:\WINDOWS\System32\cabinet.dll
10:08:39.0206 2532 C:\WINDOWS\System32\cabinet.dll - ok
10:08:39.0222 2532 [ D16A740186870C32941C0E61DF4F1298 ] C:\WINDOWS\System32\wintrust.dll
10:08:39.0222 2532 C:\WINDOWS\System32\wintrust.dll - ok
10:08:39.0222 2532 [ 84B8827562B005C118CADBA0F25DB2C6 ] C:\WINDOWS\System32\dsound.dll
10:08:39.0222 2532 C:\WINDOWS\System32\dsound.dll - ok
10:08:39.0222 2532 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] C:\WINDOWS\System32\drivers\fltMgr.sys
10:08:39.0222 2532 C:\WINDOWS\System32\drivers\fltMgr.sys - ok
10:08:39.0238 2532 [ EC43D9CC95C3BB5FEFDBCF22D375E1F5 ] C:\WINDOWS\System32\adtschema.dll
10:08:39.0238 2532 C:\WINDOWS\System32\adtschema.dll - ok
10:08:39.0238 2532 [ 14FF750EFE13B0C21E5A06507C3A97B1 ] C:\WINDOWS\System32\winmm.dll
10:08:39.0238 2532 C:\WINDOWS\System32\winmm.dll - ok
10:08:39.0238 2532 [ DC15AB7168C0309D8F04FD95B6240422 ] C:\WINDOWS\System32\oleacc.dll
10:08:39.0238 2532 C:\WINDOWS\System32\oleacc.dll - ok
10:08:39.0253 2532 [ 22F73612087430A94DBE912AB58E0C79 ] C:\WINDOWS\System32\ci.dll
10:08:39.0253 2532 C:\WINDOWS\System32\ci.dll - ok
10:08:39.0253 2532 [ 75EB73E64F5B4655D9797D20F26DE320 ] C:\WINDOWS\System32\duser.dll
10:08:39.0253 2532 C:\WINDOWS\System32\duser.dll - ok
10:08:39.0253 2532 [ 1908CC7673F72601AFFDCA022689CEDF ] C:\WINDOWS\System32\xmllite.dll
10:08:39.0253 2532 C:\WINDOWS\System32\xmllite.dll - ok
10:08:39.0269 2532 [ B25DBBA6C63A61FF4AFDB5ADAB4E70CB ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
10:08:39.0269 2532 C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
10:08:39.0269 2532 [ 028155F57397CEA8F3A5AACF0D4649FC ] C:\WINDOWS\System32\stapi32.dll
10:08:39.0269 2532 C:\WINDOWS\System32\stapi32.dll - ok
10:08:39.0269 2532 [ 9DC3723519F52B6BC63EACD4BD411313 ] C:\WINDOWS\System32\rasplap.dll
10:08:39.0269 2532 C:\WINDOWS\System32\rasplap.dll - ok
10:08:39.0284 2532 [ 3CB863B78642405371CB3A71C07E2382 ] C:\WINDOWS\System32\rasapi32.dll
10:08:39.0284 2532 C:\WINDOWS\System32\rasapi32.dll - ok
10:08:39.0284 2532 [ 3A1DDA77F331D107BA40DB06E4D666E9 ] C:\WINDOWS\System32\rasman.dll
10:08:39.0284 2532 C:\WINDOWS\System32\rasman.dll - ok
10:08:39.0300 2532 [ 3D418A22A56471295AEB1CEB9027C3DA ] C:\WINDOWS\System32\rtutils.dll
10:08:39.0300 2532 C:\WINDOWS\System32\rtutils.dll - ok
10:08:39.0300 2532 [ 70F08ECE7A30A639D3F0C8C433685C7D ] C:\WINDOWS\System32\tapi32.dll
10:08:39.0300 2532 C:\WINDOWS\System32\tapi32.dll - ok
10:08:39.0300 2532 [ 627920CFF5DFCF8CF54CF2D592D61307 ] C:\WINDOWS\System32\WinSCard.dll
10:08:39.0300 2532 C:\WINDOWS\System32\WinSCard.dll - ok
10:08:39.0316 2532 [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA ] C:\WINDOWS\System32\shgina.dll
10:08:39.0316 2532 C:\WINDOWS\System32\shgina.dll - ok
10:08:39.0316 2532 [ 7DACD94118E2D8B6D72F47ADEB0367BF ] C:\WINDOWS\System32\propsys.dll
10:08:39.0316 2532 C:\WINDOWS\System32\propsys.dll - ok
10:08:39.0316 2532 [ 70932D6C3D59B416CBD2BE5A3B3D4BE6 ] C:\WINDOWS\System32\shacct.dll
10:08:39.0316 2532 C:\WINDOWS\System32\shacct.dll - ok
10:08:39.0331 2532 [ 3437B9E218A2E4586BEF4F7A3BD00777 ] C:\WINDOWS\System32\audiodg.exe
10:08:39.0331 2532 C:\WINDOWS\System32\audiodg.exe - ok
10:08:39.0331 2532 [ 57418956DDAE128D1023C508E7D07071 ] C:\WINDOWS\System32\PSHED.DLL
10:08:39.0331 2532 C:\WINDOWS\System32\PSHED.DLL - ok
10:08:39.0347 2532 [ 919CC2A0476D5A6A4C935D4B88E29912 ] C:\WINDOWS\System32\ksuser.dll
10:08:39.0347 2532 C:\WINDOWS\System32\ksuser.dll - ok
10:08:39.0347 2532 [ 4DF066ECEE5A7B20BF8B39EF4D646600 ] C:\WINDOWS\System32\wdmaud.drv
10:08:39.0347 2532 C:\WINDOWS\System32\wdmaud.drv - ok
10:08:39.0362 2532 [ DB7F4AB85298F3FE522C5512B8B0F56D ] C:\WINDOWS\System32\AudioEng.dll
10:08:39.0362 2532 C:\WINDOWS\System32\AudioEng.dll - ok
10:08:39.0362 2532 [ 7258434974EA735725FD2D4A65C5E821 ] C:\WINDOWS\System32\AudioSes.dll
10:08:39.0362 2532 C:\WINDOWS\System32\AudioSes.dll - ok
10:08:39.0378 2532 [ BDBB449425991154135E5ED1559927E6 ] C:\WINDOWS\System32\msacm32.dll
10:08:39.0378 2532 C:\WINDOWS\System32\msacm32.dll - ok
10:08:39.0378 2532 [ 166F004D73EA2CF4AC61800CA469458D ] C:\WINDOWS\System32\msacm32.drv
10:08:39.0378 2532 C:\WINDOWS\System32\msacm32.drv - ok
10:08:39.0394 2532 [ 83199EF88D691E730B80666E29F90D58 ] C:\WINDOWS\System32\midimap.dll
10:08:39.0394 2532 C:\WINDOWS\System32\midimap.dll - ok
10:08:39.0394 2532 [ 296937202E4D930AAE98085B99D744D8 ] C:\WINDOWS\System32\AUDIOKSE.dll
10:08:39.0394 2532 C:\WINDOWS\System32\AUDIOKSE.dll - ok
10:08:39.0394 2532 [ 41DFDCFCEF4878407AF1F6DCCA1CE905 ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
10:08:39.0394 2532 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
10:08:39.0409 2532 [ BF142D4F8C61ED3629A9CDD7BA867900 ] C:\WINDOWS\System32\mfplat.dll
10:08:39.0409 2532 C:\WINDOWS\System32\mfplat.dll - ok
10:08:39.0409 2532 [ 409F36C8BD06FCE184631EB4142B009A ] C:\WINDOWS\System32\atl.dll
10:08:39.0409 2532 C:\WINDOWS\System32\atl.dll - ok
10:08:39.0409 2532 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] C:\WINDOWS\System32\gpsvc.dll
10:08:39.0409 2532 C:\WINDOWS\System32\gpsvc.dll - ok
10:08:39.0425 2532 [ D1A84F7D4CAFCFE2A32149FF418056E5 ] C:\WINDOWS\System32\nlaapi.dll
10:08:39.0425 2532 C:\WINDOWS\System32\nlaapi.dll - ok
10:08:39.0425 2532 [ 67058C46504BC12D821F38CF99B7B28F ] C:\WINDOWS\System32\es.dll
10:08:39.0425 2532 C:\WINDOWS\System32\es.dll - ok
10:08:39.0440 2532 [ A7F8BAD9590ADDC425B4003E94780DFA ] C:\WINDOWS\System32\drivers\spsys.sys
10:08:39.0440 2532 C:\WINDOWS\System32\drivers\spsys.sys - ok
10:08:39.0440 2532 [ 6D0AC28C5BD8D8495F83F5929A45E559 ] C:\WINDOWS\System32\hpservice.exe
10:08:39.0440 2532 C:\WINDOWS\System32\hpservice.exe - ok
10:08:39.0440 2532 [ 1B593FBB763150BD225DF266C69A9329 ] C:\WINDOWS\System32\mfc42u.dll
10:08:39.0440 2532 C:\WINDOWS\System32\mfc42u.dll - ok
10:08:39.0472 2532 [ 862363973DCBCC31DD161EF41A69153C ] C:\WINDOWS\System32\odbc32.dll
10:08:39.0472 2532 C:\WINDOWS\System32\odbc32.dll - ok
10:08:39.0472 2532 [ 9474AD3584430D24DA87517F9DB0CBB2 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll
10:08:39.0472 2532 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18879_none_88f80d1769beeaec\comctl32.dll - ok
10:08:39.0487 2532 [ A9CF92FE53BE6CC03D428410269798C1 ] C:\WINDOWS\System32\accelerometerdll.DLL
10:08:39.0487 2532 C:\WINDOWS\System32\accelerometerdll.DLL - ok
10:08:39.0487 2532 [ 0DAAF8032546D1B4543D7B101B53FD6C ] C:\WINDOWS\System32\odbcint.dll
10:08:39.0487 2532 C:\WINDOWS\System32\odbcint.dll - ok
10:08:39.0503 2532 [ 8269CC01940A202BBB9FDF26705DBD67 ] C:\WINDOWS\System32\hid.dll
10:08:39.0503 2532 C:\WINDOWS\System32\hid.dll - ok
10:08:39.0503 2532 [ 1509E705F3AC1D474C92454A5C2DD81F ] C:\WINDOWS\System32\uxsms.dll
10:08:39.0503 2532 C:\WINDOWS\System32\uxsms.dll - ok
10:08:39.0503 2532 [ D5CF1536137026ACDED95BF6CBF849F6 ] C:\WINDOWS\System32\WUDFPlatform.dll
10:08:39.0503 2532 C:\WINDOWS\System32\WUDFPlatform.dll - ok
10:08:39.0518 2532 [ 6836D001FC733F205ACB80A7986CB6C9 ] C:\WINDOWS\System32\WindowsCodecs.dll
10:08:39.0518 2532 C:\WINDOWS\System32\WindowsCodecs.dll - ok
10:08:39.0518 2532 [ D1C5883087A0C3F1344D9D55A44901F6 ] C:\WINDOWS\System32\drivers\lltdio.sys
10:08:39.0518 2532 C:\WINDOWS\System32\drivers\lltdio.sys - ok
10:08:39.0518 2532 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] C:\WINDOWS\System32\drivers\nwifi.sys
10:08:39.0518 2532 C:\WINDOWS\System32\drivers\nwifi.sys - ok
10:08:39.0534 2532 [ D6973AA34C4D5D76C0430B181C3CD389 ] C:\WINDOWS\System32\drivers\ndisuio.sys
10:08:39.0534 2532 C:\WINDOWS\System32\drivers\ndisuio.sys - ok
10:08:39.0534 2532 [ 9C508F4074A39E8B4B31D27198146FAD ] C:\WINDOWS\System32\drivers\rspndr.sys
10:08:39.0534 2532 C:\WINDOWS\System32\drivers\rspndr.sys - ok
10:08:39.0550 2532 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] C:\WINDOWS\System32\dnsrslvr.dll
10:08:39.0550 2532 C:\WINDOWS\System32\dnsrslvr.dll - ok
10:08:39.0550 2532 [ 3AB4023CBD406AC33AB8CDFF6C8079A0 ] C:\WINDOWS\System32\eapphost.dll
10:08:39.0550 2532 C:\WINDOWS\System32\eapphost.dll - ok
10:08:39.0550 2532 [ 3B0489DE8CC3058B48471660C60A7B75 ] C:\WINDOWS\System32\rastls.dll
10:08:39.0550 2532 C:\WINDOWS\System32\rastls.dll - ok
10:08:39.0565 2532 [ 82A79D5BE740D0AE9C91AA6DE4B3AC5A ] C:\WINDOWS\System32\raschap.dll
10:08:39.0565 2532 C:\WINDOWS\System32\raschap.dll - ok
10:08:39.0565 2532 [ BE01E566D1F569AAB32D0335613E1EEA ] C:\WINDOWS\System32\dllhost.exe
10:08:39.0565 2532 C:\WINDOWS\System32\dllhost.exe - ok
10:08:39.0581 2532 [ E45051C374F845EDF3DB02A35BA13193 ] C:\WINDOWS\System32\umb.dll
10:08:39.0581 2532 C:\WINDOWS\System32\umb.dll - ok
10:08:39.0581 2532 [ 3727F8B85E24BBDD325BFF75F029DDE3 ] C:\WINDOWS\System32\wlanmsm.dll
10:08:39.0581 2532 C:\WINDOWS\System32\wlanmsm.dll - ok
10:08:39.0581 2532 [ B64AC7967D6B9FB2D6152AC768A1CB88 ] C:\WINDOWS\System32\onex.dll
10:08:39.0581 2532 C:\WINDOWS\System32\onex.dll - ok
10:08:39.0596 2532 [ 4662AF853DFAD5648CE3814E7D9EF3D6 ] C:\WINDOWS\System32\wlansec.dll
10:08:39.0596 2532 C:\WINDOWS\System32\wlansec.dll - ok
10:08:39.0596 2532 [ 1DACD1530C6E58AEAE9F6DE7DA851935 ] C:\WINDOWS\System32\shimeng.dll
10:08:39.0596 2532 C:\WINDOWS\System32\shimeng.dll - ok
10:08:39.0596 2532 [ 5D0FE613570CABE3992F7DBCD68E61D1 ] C:\WINDOWS\System32\eappcfg.dll
10:08:39.0596 2532 C:\WINDOWS\System32\eappcfg.dll - ok
10:08:39.0612 2532 [ 9D9FFC923FADBB575E0452EA0BBB15BD ] C:\WINDOWS\System32\eappprxy.dll
10:08:39.0612 2532 C:\WINDOWS\System32\eappprxy.dll - ok
10:08:39.0612 2532 [ 19FFAD68A02AF1BF0BC336EE26CD6767 ] C:\WINDOWS\System32\l2gpstore.dll
10:08:39.0612 2532 C:\WINDOWS\System32\l2gpstore.dll - ok
10:08:39.0612 2532 [ EB2170D0DDF3B2A92506AE16BC524B0B ] C:\WINDOWS\System32\wlanutil.dll
10:08:39.0612 2532 C:\WINDOWS\System32\wlanutil.dll - ok
10:08:39.0628 2532 [ 91D995A67D9447592A1BF21CBC15C628 ] C:\WINDOWS\System32\wlgpclnt.dll
10:08:39.0628 2532 C:\WINDOWS\System32\wlgpclnt.dll - ok
10:08:39.0628 2532 [ 0296DAEB5555A248E8ABF7E5012A37A6 ] C:\WINDOWS\System32\msxml6.dll
10:08:39.0628 2532 C:\WINDOWS\System32\msxml6.dll - ok
10:08:39.0643 2532 [ D74884939D53612FD84AC82C59CCFE27 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:08:39.0643 2532 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
10:08:39.0643 2532 [ 0E135526E9785D085BCD9AEDE6FBCBF9 ] C:\WINDOWS\System32\userinit.exe
10:08:39.0643 2532 C:\WINDOWS\System32\userinit.exe - ok
10:08:39.0643 2532 [ 5107C6B2BA35356CEDB9565A33327F95 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
10:08:39.0643 2532 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
10:08:39.0659 2532 [ 9B96F6952186336CC6E3D4E08BE2E0AF ] C:\WINDOWS\System32\dwmapi.dll
10:08:39.0659 2532 C:\WINDOWS\System32\dwmapi.dll - ok
10:08:39.0659 2532 [ 3F768EF2E2553E675B42F103D57DF61B ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
10:08:39.0659 2532 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
10:08:39.0674 2532 [ E582816A4855914DEFFC212E12B3B744 ] C:\WINDOWS\System32\wsock32.dll
10:08:39.0674 2532 C:\WINDOWS\System32\wsock32.dll - ok
10:08:39.0674 2532 [ E0BF47DD00BFF8D1154DE2409679620B ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
10:08:39.0674 2532 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
10:08:39.0690 2532 [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6 ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
10:08:39.0690 2532 C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
10:08:39.0690 2532 [ D80C6539C00CB4F5D59066865479C308 ] C:\WINDOWS\System32\dwmredir.dll
10:08:39.0690 2532 C:\WINDOWS\System32\dwmredir.dll - ok
10:08:39.0690 2532 [ C99403A5B641520DAED0021DDA06F272 ] C:\WINDOWS\System32\milcore.dll
10:08:39.0690 2532 C:\WINDOWS\System32\milcore.dll - ok
10:08:39.0706 2532 [ 23C3A0680042C0D1DE1F360F8B62BC57 ] C:\WINDOWS\System32\wlanext.exe
10:08:39.0706 2532 C:\WINDOWS\System32\wlanext.exe - ok
10:08:39.0706 2532 [ C8DC9AF8D54899285FEE2920E09397E0 ] C:\WINDOWS\System32\bcmihvsrv.dll
10:08:39.0706 2532 C:\WINDOWS\System32\bcmihvsrv.dll - ok
10:08:39.0706 2532 [ D07D4C3038F3578FFCE1C0237F2A1253 ] C:\WINDOWS\explorer.exe
10:08:39.0706 2532 C:\WINDOWS\explorer.exe - ok
10:08:39.0721 2532 [ 11DF6AD0125FA02FDC3DF2CB23F1F28A ] C:\WINDOWS\System32\ati2edxx.dll
10:08:39.0721 2532 C:\WINDOWS\System32\ati2edxx.dll - ok
10:08:39.0721 2532 [ 671A7FE6ABE0CEC06FDA618E14AFD6DA ] C:\WINDOWS\System32\Ati2evxx.dll
10:08:39.0721 2532 C:\WINDOWS\System32\Ati2evxx.dll - ok
10:08:39.0737 2532 [ 0789C032C87E55B07F2C1FD0A350993F ] C:\WINDOWS\System32\atipdlxx.dll
10:08:39.0737 2532 C:\WINDOWS\System32\atipdlxx.dll - ok
10:08:39.0737 2532 [ 3E29914113EC4B968BA5EB1F6D194A0A ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
10:08:39.0737 2532 C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
10:08:39.0752 2532 [ 1B36B7D2C9A9CA6C8A3F8DCB2FF0FD42 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
10:08:39.0752 2532 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
10:08:39.0752 2532 [ 0065505E1F82EE46C8F77FDBA5C04840 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
10:08:39.0752 2532 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
10:08:39.0752 2532 [ 42C11D627528727ED655DDDD4BDF7AF0 ] C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
10:08:39.0752 2532 C:\Program Files\AVAST Software\Avast\aswCommChannel.dll - ok
10:08:39.0768 2532 [ F585DC92DCCA1BCE7B776BA9610D410F ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
10:08:39.0768 2532 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
10:08:39.0768 2532 [ EE8A997A8D8490039568DDB419A270EF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
10:08:39.0768 2532 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
10:08:39.0768 2532 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
10:08:39.0768 2532 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
10:08:39.0784 2532 [ 8AAEEE8E59A70F37579993D118A34EE0 ] C:\WINDOWS\System32\d3d9.dll
10:08:39.0784 2532 C:\WINDOWS\System32\d3d9.dll - ok
10:08:39.0784 2532 [ CA2B39D914614F584813BE68E80F7E04 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
10:08:39.0784 2532 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
10:08:39.0799 2532 [ CDADF961272033E04D9C0B8EB075F840 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
10:08:39.0799 2532 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
10:08:39.0799 2532 [ 188B2746E1F436B9524BF38806CEF7D0 ] C:\Program Files\AVAST Software\Avast\libeay32.dll
10:08:39.0799 2532 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
10:08:39.0799 2532 [ B4ECEEADF439A8DD27B953B0F3C2E202 ] C:\WINDOWS\System32\atiumdag.dll
10:08:39.0799 2532 C:\WINDOWS\System32\atiumdag.dll - ok
10:08:39.0815 2532 [ CD6DA5770CAE9D5E6E86722E17B442E0 ] C:\WINDOWS\System32\d3d8thk.dll
10:08:39.0815 2532 C:\WINDOWS\System32\d3d8thk.dll - ok
10:08:39.0815 2532 [ 89F4F2C30953AEADDF882D1B4F5F7BA2 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
10:08:39.0815 2532 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
10:08:39.0815 2532 [ 790A7E2A5359DC666CEE8EC48628E62F ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
10:08:39.0815 2532 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
10:08:39.0830 2532 [ A0334F56B12235B18A68EFCC00245B15 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
10:08:39.0830 2532 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
10:08:39.0830 2532 [ 167AC31450C0C53A01FA1491E94D7678 ] C:\WINDOWS\System32\shdocvw.dll
10:08:39.0830 2532 C:\WINDOWS\System32\shdocvw.dll - ok
10:08:39.0846 2532 [ 9273A7F57BFD3B0C1EF0EAB00EC603C3 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
10:08:39.0846 2532 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
10:08:39.0846 2532 [ A5D5A868E117A9AAB8583CD1840100F8 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
10:08:39.0846 2532 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
10:08:39.0846 2532 [ AD8DD3FA042A2E18220180AA1DBDFB7A ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
10:08:39.0846 2532 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
10:08:39.0862 2532 [ 73FE2E5FA55088A241AA2732F5D387D6 ] C:\WINDOWS\System32\wiarpc.dll
10:08:39.0862 2532 C:\WINDOWS\System32\wiarpc.dll - ok
10:08:39.0862 2532 [ CDEF792E46281D32BE6ADD6E4D4FAC05 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
10:08:39.0862 2532 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
10:08:39.0862 2532 [ 093F5D01D0E7158FA8A5BC8A87EC1D27 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
10:08:39.0862 2532 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
10:08:39.0877 2532 [ 05898609BFA8D2F62DA4A7D109CFF905 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
10:08:39.0877 2532 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
10:08:39.0877 2532 [ 4504819D18FAC09B6108D8728467E5B2 ] C:\WINDOWS\System32\browseui.dll
10:08:39.0877 2532 C:\WINDOWS\System32\browseui.dll - ok
10:08:39.0893 2532 [ 49F3EC253EAD25256BFCB0AE71DF12F5 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
10:08:39.0893 2532 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
10:08:39.0893 2532 [ 4D3DA02268FADE3D2BC611F96347E0C6 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
10:08:39.0893 2532 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
10:08:39.0893 2532 [ 5E0E3F5BAD6F6C81A01390D3AE5C6F9E ] C:\WINDOWS\System32\atiumdva.dll
10:08:39.0893 2532 C:\WINDOWS\System32\atiumdva.dll - ok
10:08:39.0908 2532 [ CA0B849566776A17F35F0339BE17DFD9 ] C:\WINDOWS\System32\ktmw32.dll
10:08:39.0908 2532 C:\WINDOWS\System32\ktmw32.dll - ok
10:08:39.0908 2532 [ A0F4852A5DB9754BEC06F84B400AE743 ] C:\WINDOWS\System32\wscapi.dll
10:08:39.0908 2532 C:\WINDOWS\System32\wscapi.dll - ok
10:08:39.0924 2532 [ D0A95E567224B4C347CBDD6541E5D928 ] C:\WINDOWS\System32\wscisvif.dll
10:08:39.0924 2532 C:\WINDOWS\System32\wscisvif.dll - ok
10:08:39.0924 2532 [ 2A6A2C09ECC2CB495628E45F1379ECE8 ] C:\WINDOWS\System32\taskcomp.dll
10:08:39.0924 2532 C:\WINDOWS\System32\taskcomp.dll - ok
10:08:39.0924 2532 [ F870AA3E254628EBEAFE754108D664DE ] C:\WINDOWS\System32\drivers\http.sys
10:08:39.0924 2532 C:\WINDOWS\System32\drivers\http.sys - ok
10:08:39.0940 2532 [ 3D50C4B10352367D5CB20ED1F50F8DA2 ] C:\WINDOWS\System32\taskeng.exe
10:08:39.0940 2532 C:\WINDOWS\System32\taskeng.exe - ok
10:08:39.0940 2532 [ E79FDA8D320147FDC347C504B3487F87 ] C:\WINDOWS\System32\spoolss.dll
10:08:39.0940 2532 C:\WINDOWS\System32\spoolss.dll - ok
10:08:39.0940 2532 [ 7605C0E1D01A08F3ECD743F38B834A44 ] C:\WINDOWS\System32\drivers\srvnet.sys
10:08:39.0940 2532 C:\WINDOWS\System32\drivers\srvnet.sys - ok
10:08:39.0955 2532 [ EE16F3E01C4A6C77383F1BBBD10AD6C2 ] C:\WINDOWS\System32\FWPUCLNT.DLL
10:08:39.0955 2532 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
10:08:39.0955 2532 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files\Google\Update\GoogleUpdate.exe
10:08:39.0955 2532 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
10:08:39.0955 2532 [ B11FDCA4410D6252964EF97F9A47DE74 ] C:\WINDOWS\System32\TSChannel.dll
10:08:39.0955 2532 C:\WINDOWS\System32\TSChannel.dll - ok
10:08:39.0971 2532 [ A7495E342A2EE0160812AC856C11F6CF ] C:\Program Files\Google\Update\1.3.22.3\goopdate.dll
10:08:39.0971 2532 C:\Program Files\Google\Update\1.3.22.3\goopdate.dll - ok
10:08:39.0971 2532 [ 17C0E094BEE5BC03CF491972F71AA6EF ] C:\WINDOWS\System32\wlanapi.dll
10:08:39.0971 2532 C:\WINDOWS\System32\wlanapi.dll - ok
10:08:39.0971 2532 [ 401DFFDBBBD3F07C747ED1AE2BB88106 ] C:\WINDOWS\System32\msi.dll
10:08:39.0971 2532 C:\WINDOWS\System32\msi.dll - ok
10:08:39.0986 2532 [ 35F376253F687BDE63976CCB3F2108CA ] C:\WINDOWS\System32\drivers\bowser.sys
10:08:39.0986 2532 C:\WINDOWS\System32\drivers\bowser.sys - ok
10:08:39.0986 2532 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] C:\WINDOWS\System32\drivers\mpsdrv.sys
10:08:39.0986 2532 C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
10:08:40.0002 2532 [ 82CEA0395524AACFEB58BA1448E8325C ] C:\WINDOWS\System32\drivers\mrxdav.sys
10:08:40.0002 2532 C:\WINDOWS\System32\drivers\mrxdav.sys - ok
10:08:40.0002 2532 [ 782C8019C89920A77B1907AD3B4C8FF9 ] C:\WINDOWS\System32\HotStartUserAgent.dll
10:08:40.0002 2532 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
10:08:40.0002 2532 [ 5DE62C6E9108F14F6794060A9BDECAEC ] C:\WINDOWS\System32\MPSSVC.dll
10:08:40.0002 2532 C:\WINDOWS\System32\MPSSVC.dll - ok
10:08:40.0002 2532 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] C:\WINDOWS\System32\drivers\mrxsmb.sys
10:08:40.0002 2532 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
10:08:40.0018 2532 [ 4FCCB34D793B116423209C0F8B7A3B03 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
10:08:40.0018 2532 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
10:08:40.0018 2532 [ 6BC5FCEF351E4CB5A269C1E84B5A06DA ] C:\WINDOWS\System32\netcfgx.dll
10:08:40.0018 2532 C:\WINDOWS\System32\netcfgx.dll - ok
10:08:40.0033 2532 [ 57125869A7B9638A5D11DD685AA65EB4 ] C:\WINDOWS\System32\PlaySndSrv.dll
10:08:40.0033 2532 C:\WINDOWS\System32\PlaySndSrv.dll - ok
10:08:40.0033 2532 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
10:08:40.0033 2532 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
10:08:40.0033 2532 [ FF33AFF99564B1AA534F58868CBE41EF ] C:\WINDOWS\System32\drivers\srv2.sys
10:08:40.0033 2532 C:\WINDOWS\System32\drivers\srv2.sys - ok
10:08:40.0049 2532 [ 41987F9FC0E61ADF54F581E15029AD91 ] C:\WINDOWS\System32\drivers\srv.sys
10:08:40.0049 2532 C:\WINDOWS\System32\drivers\srv.sys - ok
10:08:40.0049 2532 [ D333058925CE305E39DE8D5AD2B52A46 ] C:\WINDOWS\System32\clusapi.dll
10:08:40.0049 2532 C:\WINDOWS\System32\clusapi.dll - ok
10:08:40.0049 2532 [ A324D72A06C110152E7607745F39BFA1 ] C:\WINDOWS\System32\netmsg.dll
10:08:40.0049 2532 C:\WINDOWS\System32\netmsg.dll - ok
10:08:40.0064 2532 [ 452341E471D2D961229DFE0842957272 ] C:\WINDOWS\System32\sscore.dll
10:08:40.0064 2532 C:\WINDOWS\System32\sscore.dll - ok
10:08:40.0064 2532 [ 0745D6EAD386710110817FBEC03F5161 ] C:\WINDOWS\System32\wfapigp.dll
10:08:40.0064 2532 C:\WINDOWS\System32\wfapigp.dll - ok
10:08:40.0080 2532 [ 5F1DEC3824E566457F53F24F493FEF08 ] C:\WINDOWS\System32\mscms.dll
10:08:40.0080 2532 C:\WINDOWS\System32\mscms.dll - ok
10:08:40.0080 2532 [ 6468C3FF6D0C7874FA8C619AF3E23B22 ] C:\WINDOWS\System32\activeds.dll
10:08:40.0080 2532 C:\WINDOWS\System32\activeds.dll - ok
10:08:40.0080 2532 [ E9B9C1B98C8D6D48407E1C1203EAC659 ] C:\WINDOWS\System32\adsldpc.dll
10:08:40.0080 2532 C:\WINDOWS\System32\adsldpc.dll - ok
10:08:40.0096 2532 [ 1311171CF8F6D2954441EF2A42693035 ] C:\WINDOWS\System32\WsmRes.dll
10:08:40.0096 2532 C:\WINDOWS\System32\WsmRes.dll - ok
10:08:40.0096 2532 [ E230F3776F373F4C5E788794B53101E4 ] C:\WINDOWS\System32\plasrv.exe
10:08:40.0096 2532 C:\WINDOWS\System32\plasrv.exe - ok
10:08:40.0096 2532 [ 93E317D7AD783D8EAEE2E3500BFE889D ] C:\WINDOWS\System32\credui.dll
10:08:40.0096 2532 C:\WINDOWS\System32\credui.dll - ok
10:08:40.0111 2532 [ 293C5CCD99D332ECC94637FEDA38D1F2 ] C:\WINDOWS\System32\TMM.dll
10:08:40.0111 2532 C:\WINDOWS\System32\TMM.dll - ok
10:08:40.0111 2532 [ B9F3FF52B84FD9E3CAFB29B8EE385E5B ] C:\WINDOWS\System32\resutils.dll
10:08:40.0111 2532 C:\WINDOWS\System32\resutils.dll - ok
10:08:40.0127 2532 [ EF1142512BEC12F1C2C87735DA1755BE ] C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
10:08:40.0127 2532 C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe - ok
10:08:40.0127 2532 [ 0FA9B5055484649D63C303FE404E5F4D ] C:\WINDOWS\System32\drivers\parport.sys
10:08:40.0127 2532 C:\WINDOWS\System32\drivers\parport.sys - ok
10:08:40.0127 2532 [ 52E129522C1775DBB8CC252E7A0655C7 ] C:\WINDOWS\System32\taskschd.dll
10:08:40.0127 2532 C:\WINDOWS\System32\taskschd.dll - ok
10:08:40.0142 2532 [ 17FC3EDA0162F513E858B8C8FA7FA6E0 ] C:\WINDOWS\System32\vssapi.dll
10:08:40.0142 2532 C:\WINDOWS\System32\vssapi.dll - ok
10:08:40.0142 2532 [ E7D0F91E44D9D3B2116FA549BDCDB756 ] C:\WINDOWS\System32\wdscore.dll
10:08:40.0142 2532 C:\WINDOWS\System32\wdscore.dll - ok
10:08:40.0158 2532 [ AD48183027CAFCEBC322CB9CAC60F9B8 ] C:\WINDOWS\System32\WSDApi.dll
10:08:40.0158 2532 C:\WINDOWS\System32\WSDApi.dll - ok
10:08:40.0158 2532 [ 974A1F783ED34588B45FAD6375077BA6 ] C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
10:08:40.0158 2532 C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe - ok
10:08:40.0158 2532 [ 1DFC366D2154EF2B381A7F2CB165C7F4 ] C:\WINDOWS\System32\diagperf.dll
10:08:40.0158 2532 C:\WINDOWS\System32\diagperf.dll - ok
10:08:40.0174 2532 [ 128DD9AF8640DBCC711940903C8B554F ] C:\WINDOWS\System32\mscoree.dll
10:08:40.0174 2532 C:\WINDOWS\System32\mscoree.dll - ok
10:08:40.0174 2532 [ F86293D93760C70ADF4F19E66E3FA5E8 ] C:\WINDOWS\System32\httpapi.dll
10:08:40.0174 2532 C:\WINDOWS\System32\httpapi.dll - ok
10:08:40.0189 2532 [ 4EDA94333BDB75B1BC0A7610BED34F00 ] C:\WINDOWS\System32\fundisc.dll
10:08:40.0189 2532 C:\WINDOWS\System32\fundisc.dll - ok
10:08:40.0189 2532 [ 6ABD253226770EAE1292B4C945ED4B4B ] C:\WINDOWS\System32\msxml3.dll
10:08:40.0189 2532 C:\WINDOWS\System32\msxml3.dll - ok
10:08:40.0205 2532 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
10:08:40.0205 2532 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
10:08:40.0205 2532 [ E58796B5088EDD61E5EF03D693EA0D67 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
10:08:40.0205 2532 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
10:08:40.0205 2532 [ 21322832C99E8DE85BD047689A2A69DB ] C:\WINDOWS\System32\pnpts.dll
10:08:40.0205 2532 C:\WINDOWS\System32\pnpts.dll - ok
10:08:40.0220 2532 [ 71B479749F0F52C4FEC726C6FFA2CE1C ] C:\WINDOWS\System32\cryptnet.dll
10:08:40.0220 2532 C:\WINDOWS\System32\cryptnet.dll - ok
10:08:40.0220 2532 [ DC3AE9F1554DCD97F90983DDBDACD83D ] C:\WINDOWS\System32\vsstrace.dll
10:08:40.0220 2532 C:\WINDOWS\System32\vsstrace.dll - ok
10:08:40.0220 2532 [ EC760B0B76A4353DE49D66520EB2141F ] C:\WINDOWS\System32\SensApi.dll
10:08:40.0220 2532 C:\WINDOWS\System32\SensApi.dll - ok
10:08:40.0236 2532 [ D922592AB65C5D9B88B30B4510A3464E ] C:\WINDOWS\System32\cscapi.dll
10:08:40.0236 2532 C:\WINDOWS\System32\cscapi.dll - ok
10:08:40.0236 2532 [ 4934241CD20AC87D78121352E3BA8318 ] C:\WINDOWS\System32\dbghelp.dll
10:08:40.0236 2532 C:\WINDOWS\System32\dbghelp.dll - ok
10:08:40.0252 2532 [ 7A623F6B4C51F6F2BC1A31D5787FC0A7 ] C:\WINDOWS\System32\uDWM.dll
10:08:40.0252 2532 C:\WINDOWS\System32\uDWM.dll - ok
10:08:40.0252 2532 [ AC8A859A77D93C4F73DFBD756D9CE2DA ] C:\Program Files\AVAST Software\Avast\ashShell.dll
10:08:40.0252 2532 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
10:08:40.0252 2532 [ 14E4470BF8ACA69A85D741BA99F75F96 ] C:\WINDOWS\System32\EhStorShell.dll
10:08:40.0252 2532 C:\WINDOWS\System32\EhStorShell.dll - ok
10:08:40.0267 2532 [ D1F438E9DFD869B33D1EDB635764C892 ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
10:08:40.0267 2532 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok
10:08:40.0267 2532 [ 465680BDE344CE4FF6646626AA3A9125 ] C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe
10:08:40.0267 2532 C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe - ok
10:08:40.0267 2532 [ 73FD66B14D3C4252F7A524B8836A4359 ] C:\WINDOWS\System32\mstask.dll
10:08:40.0267 2532 C:\WINDOWS\System32\mstask.dll - ok
10:08:40.0283 2532 [ 55704DFFD2DC14E0C942FDFEBDBBA96C ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswEngin.dll
10:08:40.0283 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswEngin.dll - ok
10:08:40.0283 2532 [ 5F92C7B9CA03F41F0C2A883C8D7E1873 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnIS.dll
10:08:40.0283 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnIS.dll - ok
10:08:40.0283 2532 [ BDD6CA8BB4679B50EFEE94D366EE95B9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnOS.dll
10:08:40.0283 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnOS.dll - ok
10:08:40.0298 2532 [ D2BE55588F048124F26C5CF439AB6EAF ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnBS.dll
10:08:40.0298 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswCmnBS.dll - ok
10:08:40.0298 2532 [ 221096588BE187D3F56ED03EF91B83F5 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswScan.dll
10:08:40.0298 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswScan.dll - ok
10:08:40.0314 2532 [ 08ACE4629632221B2BC9D2374DCDA1C9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswRep.dll
10:08:40.0314 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswRep.dll - ok
10:08:40.0314 2532 [ 0277F74B245D07FEEB02B616AA71BB08 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswFiDb.dll
10:08:40.0314 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswFiDb.dll - ok
10:08:40.0330 2532 [ FF9DAAACD47C04387A4208888AF90EFE ] C:\Program Files\AVAST Software\Avast\defs\14010501\algo.dll
10:08:40.0330 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\algo.dll - ok
10:08:40.0330 2532 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:08:40.0330 2532 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:08:40.0330 2532 [ BDE89AB6F15F0093A2A7861D1FC413ED ] C:\WINDOWS\System32\QAGENT.DLL
10:08:40.0330 2532 C:\WINDOWS\System32\QAGENT.DLL - ok
10:08:40.0345 2532 [ 769D027B977CED05658C85E698D3C5B1 ] C:\WINDOWS\System32\QUTIL.DLL
10:08:40.0345 2532 C:\WINDOWS\System32\QUTIL.DLL - ok
10:08:40.0345 2532 [ AB569F241A3E9D6374C4C90BBE4C9662 ] C:\WINDOWS\System32\atitmmxx.dll
10:08:40.0345 2532 C:\WINDOWS\System32\atitmmxx.dll - ok
10:08:40.0361 2532 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:08:40.0361 2532 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:08:40.0361 2532 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:08:40.0361 2532 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:08:40.0361 2532 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
10:08:40.0361 2532 C:\WINDOWS\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
10:08:40.0376 2532 [ 883D87AA9D3C15C3D57B11BABC180B4E ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
10:08:40.0376 2532 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
10:08:40.0376 2532 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
10:08:40.0376 2532 C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
10:08:40.0376 2532 [ 111C47816F39A91EAAA18DA0A54E8E63 ] C:\WINDOWS\System32\imageres.dll
10:08:40.0376 2532 C:\WINDOWS\System32\imageres.dll - ok
10:08:40.0392 2532 [ 08578F3CA5365F896D90CE2BF97FD000 ] C:\WINDOWS\System32\IconCodecService.dll
10:08:40.0392 2532 C:\WINDOWS\System32\IconCodecService.dll - ok
10:08:40.0392 2532 [ 9A6A653ADF28D9D69670B48F535E6B90 ] C:\WINDOWS\System32\runonce.exe
10:08:40.0392 2532 C:\WINDOWS\System32\runonce.exe - ok
10:08:40.0408 2532 [ DD79A6B15C2F28DE98DF4852AAF6B13B ] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
10:08:40.0408 2532 C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe - ok
10:08:40.0408 2532 [ A9542FF2E9A82CF100E5729EC79068F0 ] C:\WINDOWS\System32\fltLib.dll
10:08:40.0408 2532 C:\WINDOWS\System32\fltLib.dll - ok
10:08:40.0408 2532 [ EFA80360111D8D179E39E314A49C9ED4 ] C:\WINDOWS\System32\wshbth.dll
10:08:40.0408 2532 C:\WINDOWS\System32\wshbth.dll - ok
10:08:40.0423 2532 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
10:08:40.0423 2532 C:\Program Files\Bonjour\mdnsNSP.dll - ok
10:08:40.0423 2532 [ A7D525E5C0D91C8C1D84C6BCD25AD77D ] C:\WINDOWS\System32\rasadhlp.dll
10:08:40.0423 2532 C:\WINDOWS\System32\rasadhlp.dll - ok
10:08:40.0423 2532 [ C411C80F90D6732380352B98B37BBD53 ] C:\WINDOWS\System32\winrnr.dll
10:08:40.0423 2532 C:\WINDOWS\System32\winrnr.dll - ok
10:08:40.0439 2532 [ 031ECB959CB3525CEB558CE6A278C199 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
10:08:40.0439 2532 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
10:08:40.0439 2532 [ 092155AEDE41225E0AA938ADB5D9BA64 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
10:08:40.0439 2532 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
10:08:40.0454 2532 [ 0E0C055123932FF2210A86C01D36A28E ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
10:08:40.0454 2532 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
10:08:40.0454 2532 [ 2FD048C0668645BAF20FD75A3AE80AE1 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
10:08:40.0454 2532 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
10:08:40.0454 2532 [ E98E402067978DB38282158F9E8609CA ] C:\WINDOWS\System32\netshell.dll
10:08:40.0454 2532 C:\WINDOWS\System32\netshell.dll - ok
10:08:40.0470 2532 [ 5CB36179AC1072C64A2CD55E5C1A211A ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
10:08:40.0470 2532 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
10:08:40.0486 2532 [ 90EB173A54E28CA09B89D4AFDEBC2F1A ] C:\Program Files\AVAST Software\Avast\defs\14010501\exts.dll
10:08:40.0486 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\exts.dll - ok
10:08:40.0486 2532 [ C1D99BEC2E232AD268C2A5BE62ACD3F1 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
10:08:40.0486 2532 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
10:08:40.0501 2532 [ 0A990AFB9F2726323D61C8ECB8B70B17 ] C:\WINDOWS\System32\security.dll
10:08:40.0501 2532 C:\WINDOWS\System32\security.dll - ok
10:08:40.0501 2532 [ 86DCB6213F35C04ED5EF663614D8EEB4 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
10:08:40.0501 2532 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
10:08:40.0501 2532 [ C6A94D4E2DD6E1C61818AC2186857AA8 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
10:08:40.0501 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll - ok
10:08:40.0517 2532 [ A6FA5D45ACF2E855F890FAC505EFEDB2 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
10:08:40.0517 2532 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
10:08:40.0517 2532 [ 0CFCDE5D9D074D96B78D1F1CBF1AAB1D ] C:\WINDOWS\System32\riched20.dll
10:08:40.0517 2532 C:\WINDOWS\System32\riched20.dll - ok
10:08:40.0532 2532 [ 5CAAE5333EF36DB4A8D294418AB37E80 ] C:\WINDOWS\System32\p2pcollab.dll
10:08:40.0532 2532 C:\WINDOWS\System32\p2pcollab.dll - ok
10:08:40.0532 2532 [ A8E2F76F136A0E664B68A48028D4AF93 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
10:08:40.0532 2532 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
10:08:40.0532 2532 [ 81B4A8947E497A28B96A2426033FE66B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
10:08:40.0532 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll - ok
10:08:40.0548 2532 [ 4E50C77A7558367FCDD79F24C34FA4AB ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
10:08:40.0548 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll - ok
10:08:40.0548 2532 [ 8ED5212422CC84B14C898E89F7F41B8B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll
10:08:40.0548 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5974034f0f53755b11bde4c9698261cb\System.ServiceProcess.ni.dll - ok
10:08:40.0564 2532 [ 996047633A94D54149C0968185673AB9 ] C:\Program Files\HP\Common\log4net.dll
10:08:40.0564 2532 C:\Program Files\HP\Common\log4net.dll - ok
10:08:40.0564 2532 [ 707BE9ACC449CDFEF8E3C435B633AECA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
10:08:40.0564 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll - ok
10:08:40.0564 2532 [ 97289924D704B061D9D38FFFF7A4AF8E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
10:08:40.0564 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll - ok
10:08:40.0579 2532 [ 91DD75A62D5F1F63E08660001FE7AF13 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
10:08:40.0579 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll - ok
10:08:40.0579 2532 [ FC9E7590842E9573B82F72C30A2436AA ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll
10:08:40.0579 2532 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\ab40b51ac49fbee9a48b5b74ff78d5d6\System.Core.ni.dll - ok
10:08:40.0595 2532 [ 6349F6ED9C623B44B52EA3C63C831A92 ] C:\WINDOWS\System32\drivers\PEAuth.sys
10:08:40.0595 2532 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
10:08:40.0595 2532 [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B ] C:\WINDOWS\System32\ncsi.dll
10:08:40.0595 2532 C:\WINDOWS\System32\ncsi.dll - ok
10:08:40.0610 2532 [ D0494460421A03CD5225CCA0059AA146 ] C:\WINDOWS\System32\IPSECSVC.DLL
10:08:40.0610 2532 C:\WINDOWS\System32\IPSECSVC.DLL - ok
10:08:40.0610 2532 [ 01BCD91CC2B0EFDA4890F547010750BD ] C:\WINDOWS\System32\ssdpapi.dll
10:08:40.0610 2532 C:\WINDOWS\System32\ssdpapi.dll - ok
10:08:40.0610 2532 [ 42608AE9AF2641EE473A1797C25CFFC2 ] C:\WINDOWS\System32\FwRemoteSvr.dll
10:08:40.0610 2532 C:\WINDOWS\System32\FwRemoteSvr.dll - ok
10:08:40.0626 2532 [ 74F26FC01B180D4A99A168ED69C30A53 ] C:\WINDOWS\System32\cmd.exe
10:08:40.0626 2532 C:\WINDOWS\System32\cmd.exe - ok
10:08:40.0626 2532 [ B231416DD7569B5C16F2DD2D2D64BB5A ] C:\WINDOWS\System32\ieframe.dll
10:08:40.0626 2532 C:\WINDOWS\System32\ieframe.dll - ok
10:08:40.0626 2532 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Chris\AppData\Local\Temp\0E4F3FE0-BCE3-4DDD-894C-2C9F1716BDEC.exe
10:08:40.0626 2532 C:\Users\Chris\AppData\Local\Temp\0E4F3FE0-BCE3-4DDD-894C-2C9F1716BDEC.exe - ok
10:08:40.0642 2532 [ 1BA47BDD47A62F6E6B56BE4ECF221BE3 ] C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
10:08:40.0642 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe - ok
10:08:40.0642 2532 [ 4B7A038F7859C60A1207EFE51A21FEAD ] C:\Program Files\Pervasive Software\PSQL\bin\pscore3.dll
10:08:40.0642 2532 C:\Program Files\Pervasive Software\PSQL\bin\pscore3.dll - ok
10:08:40.0657 2532 [ BA51FC55F0D39CB8EF6FCFEFE68EAD50 ] C:\Program Files\AVAST Software\Avast\aswJSScan.dll
10:08:40.0657 2532 C:\Program Files\AVAST Software\Avast\aswJSScan.dll - ok
10:08:40.0657 2532 [ A7D519361CB323A355D870B3B8A91D1E ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
10:08:40.0657 2532 C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
10:08:40.0657 2532 [ 20F6C253C05F7DE5E2A1D1EF0FF9141F ] C:\Program Files\Pervasive Software\PSQL\bin\pscl3.dll
10:08:40.0657 2532 C:\Program Files\Pervasive Software\PSQL\bin\pscl3.dll - ok
10:08:40.0673 2532 [ 7454D1F12F754ADEA11B890FE34C2402 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
10:08:40.0673 2532 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
10:08:40.0673 2532 [ E4945031D0286F3DA8D0844D2F6BEEBE ] C:\Program Files\AVAST Software\Avast\defs\14010501\swhealthex.dll
10:08:40.0673 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\swhealthex.dll - ok
10:08:40.0688 2532 [ 762F752F29DA7922671CF3CCA2567987 ] C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.dll
10:08:40.0688 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3sqlmgr.dll - ok
10:08:40.0688 2532 [ 6803B69C14696CC4907C5F77FBB04A14 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
10:08:40.0688 2532 C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe - ok
10:08:40.0704 2532 [ 95A0B86B9F1D27B613830864341A8252 ] C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
10:08:40.0704 2532 C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe - ok
10:08:40.0704 2532 [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC ] C:\WINDOWS\System32\shfolder.dll
10:08:40.0704 2532 C:\WINDOWS\System32\shfolder.dll - ok
10:08:40.0704 2532 [ BE551442445B13E114EB67F0E2216F89 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
10:08:40.0704 2532 C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll - ok
10:08:40.0735 2532 [ B9570481A1BABCC4A9E941C553596077 ] C:\WINDOWS\SMINST\BLService.exe
10:08:40.0735 2532 C:\WINDOWS\SMINST\BLService.exe - ok
10:08:40.0735 2532 [ 443AC12BCAC09A14DD5D665A2278565F ] C:\WINDOWS\SMINST\STDisks.dll
10:08:40.0735 2532 C:\WINDOWS\SMINST\STDisks.dll - ok
10:08:40.0735 2532 [ EF24642D5FB52A1EEF56DE9E47CBB993 ] C:\WINDOWS\System32\mfc42.dll
10:08:40.0735 2532 C:\WINDOWS\System32\mfc42.dll - ok
10:08:40.0751 2532 [ C45E8D6B795AA8D1DAA889ECFD83708E ] C:\WINDOWS\SMINST\CSTError.dll
10:08:40.0751 2532 C:\WINDOWS\SMINST\CSTError.dll - ok
10:08:40.0751 2532 [ A80F29D1DB2321C937D65DCA0EE4E032 ] C:\WINDOWS\SMINST\STString.dll
10:08:40.0751 2532 C:\WINDOWS\SMINST\STString.dll - ok
10:08:40.0751 2532 [ 2DB36351DD6C6C6297A4B5B90F88D3E1 ] C:\Program Files\Pervasive Software\PSQL\bin\w3odbcei.dll
10:08:40.0751 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3odbcei.dll - ok
10:08:40.0766 2532 [ 487611EF7C7D4D31BFE18B890F4DFF85 ] C:\WINDOWS\SMINST\STVdsDisks.dll
10:08:40.0766 2532 C:\WINDOWS\SMINST\STVdsDisks.dll - ok
10:08:40.0766 2532 [ 20D73C965595C636BBA3867FD1EB8DA3 ] C:\Program Files\Pervasive Software\PSQL\bin\w3mif190.dll
10:08:40.0766 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3mif190.dll - ok
10:08:40.0782 2532 [ E98444D0CB6459A750FB594B31194F7C ] C:\WINDOWS\SMINST\STSystems.dll
10:08:40.0782 2532 C:\WINDOWS\SMINST\STSystems.dll - ok
10:08:40.0782 2532 [ CB93D3C6B8C76710332AE57DCDF8A2C6 ] C:\Program Files\Pervasive Software\PSQL\bin\clientrb.dll
10:08:40.0782 2532 C:\Program Files\Pervasive Software\PSQL\bin\clientrb.dll - ok
10:08:40.0798 2532 [ F2DC53CF413BF5AE7491C4D2A188D022 ] C:\WINDOWS\SMINST\STWmiM.dll
10:08:40.0798 2532 C:\WINDOWS\SMINST\STWmiM.dll - ok
10:08:40.0798 2532 [ 5EC8FB83F31AA2D6F421F02C3F4F4475 ] C:\WINDOWS\System32\winspool.drv
10:08:40.0798 2532 C:\WINDOWS\System32\winspool.drv - ok
10:08:40.0798 2532 [ 80BD4B26E2CBC0D65445D0463DFF6FC2 ] C:\WINDOWS\System32\oledlg.dll
10:08:40.0798 2532 C:\WINDOWS\System32\oledlg.dll - ok
10:08:40.0813 2532 [ C3AE9A9AD584A9DE1083E1BD85D89FBE ] C:\Program Files\Pervasive Software\PSQL\bin\w3mkde.dll
10:08:40.0813 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3mkde.dll - ok
10:08:40.0813 2532 [ 2310A32BB0164552A311BFA02102A3D6 ] C:\WINDOWS\System32\msvcp60.dll
10:08:40.0813 2532 C:\WINDOWS\System32\msvcp60.dll - ok
10:08:40.0813 2532 [ BA3DE6760CC3C158666C23631203456A ] C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll
10:08:40.0813 2532 C:\Program Files\HP\QuickPlay\Kernel\TV\PCMRRec4.dll - ok
10:08:40.0829 2532 [ 6EE9235E3BAC544798FCC6AF746DE7DC ] C:\Program Files\Pervasive Software\PSQL\bin\enginelm.dll
10:08:40.0829 2532 C:\Program Files\Pervasive Software\PSQL\bin\enginelm.dll - ok
10:08:40.0829 2532 [ 38BD86DA5D7B389D82E92B6A2605E878 ] C:\Program Files\Pervasive Software\PSQL\bin\mkderb.dll
10:08:40.0829 2532 C:\Program Files\Pervasive Software\PSQL\bin\mkderb.dll - ok
10:08:40.0844 2532 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:08:40.0844 2532 C:\Program Files\CyberLink\Shared Files\RichVideo.exe - ok
10:08:40.0844 2532 [ 810ABF8AF680E7B55955847A47F9819C ] C:\Program Files\Pervasive Software\PSQL\bin\w3nsl260.dll
10:08:40.0844 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3nsl260.dll - ok
10:08:40.0844 2532 [ B8AEFF80ABD57E6ABC6A46EAC7F4515F ] C:\WINDOWS\System32\msdmo.dll
10:08:40.0844 2532 C:\WINDOWS\System32\msdmo.dll - ok
10:08:40.0860 2532 [ 39D71E143CD9D9E25D5DBC03A7C04BF9 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswAR.dll
10:08:40.0860 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswAR.dll - ok
10:08:40.0860 2532 [ 6950BBCEB21F9C3CB3B52E90960109C3 ] C:\WINDOWS\System32\devenum.dll
10:08:40.0860 2532 C:\WINDOWS\System32\devenum.dll - ok
10:08:40.0860 2532 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\System32\drivers\secdrv.sys
10:08:40.0860 2532 C:\WINDOWS\System32\drivers\secdrv.sys - ok
10:08:40.0876 2532 [ 928C90E02E05244D2290C1551DF732C8 ] C:\WINDOWS\System32\avicap32.dll
10:08:40.0876 2532 C:\WINDOWS\System32\avicap32.dll - ok
10:08:40.0876 2532 [ EACACA0F2FF4CC54A909E3C5721FCDE8 ] C:\WINDOWS\System32\msvfw32.dll
10:08:40.0876 2532 C:\WINDOWS\System32\msvfw32.dll - ok
10:08:40.0876 2532 [ 608C345A255D82A6289C2D468EB41FD7 ] C:\WINDOWS\System32\drivers\tcpipreg.sys
10:08:40.0876 2532 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
10:08:40.0891 2532 [ 65C092EF598DCCA1D665D52F06829512 ] C:\WINDOWS\System32\vfwwdm32.dll
10:08:40.0891 2532 C:\WINDOWS\System32\vfwwdm32.dll - ok
10:08:40.0891 2532 [ 4E9C3A3C660A76ECF37E4942877EA6FE ] C:\Program Files\Pervasive Software\PSQL\bin\w3csm100.dll
10:08:40.0891 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3csm100.dll - ok
10:08:40.0907 2532 [ 351FA1DF82CFFDEDA801604246E63E95 ] C:\WINDOWS\System32\icaapi.dll
10:08:40.0907 2532 C:\WINDOWS\System32\icaapi.dll - ok
10:08:40.0907 2532 [ 428FF21418ADCD6FAD6189CD9520A67B ] C:\WINDOWS\System32\wiatrace.dll
10:08:40.0907 2532 C:\WINDOWS\System32\wiatrace.dll - ok
10:08:40.0907 2532 [ DEB9D08750423069647C3A066CEC7A1B ] C:\WINDOWS\System32\tquery.dll
10:08:40.0907 2532 C:\WINDOWS\System32\tquery.dll - ok
10:08:40.0922 2532 [ 74B8C2EA72D43727142D12397D5A49F9 ] C:\WINDOWS\System32\wbemcomn.dll
10:08:40.0922 2532 C:\WINDOWS\System32\wbemcomn.dll - ok
10:08:40.0922 2532 [ 41D9F439D5A95FC7D65A9C94CE66AADF ] C:\Program Files\Pervasive Software\PSQL\bin\w3csp100.dll
10:08:40.0922 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3csp100.dll - ok
10:08:40.0922 2532 [ 4DBA143F06BAD1DF935CB9603140CF2A ] C:\WINDOWS\System32\wsdchngr.dll
10:08:40.0922 2532 C:\WINDOWS\System32\wsdchngr.dll - ok
10:08:40.0938 2532 [ 218B73EA8341EA9FDF018D43052E790A ] C:\WINDOWS\System32\mssrch.dll
10:08:40.0938 2532 C:\WINDOWS\System32\mssrch.dll - ok
10:08:40.0938 2532 [ 9270E4C81A95E372CD0B90CA1D326E71 ] C:\Program Files\Pervasive Software\PSQL\bin\w3exp010.dll
10:08:40.0938 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3exp010.dll - ok
10:08:40.0938 2532 [ 4436588C55BBCA0D617A82DDE767B792 ] C:\WINDOWS\System32\vdsldr.exe
10:08:40.0938 2532 C:\WINDOWS\System32\vdsldr.exe - ok
10:08:40.0954 2532 [ 09CF59E216C665C5306B143DD12376C2 ] C:\Program Files\Pervasive Software\PSQL\bin\dbcsipxy.dll
10:08:40.0954 2532 C:\Program Files\Pervasive Software\PSQL\bin\dbcsipxy.dll - ok
10:08:40.0954 2532 [ 7DE4CD241C47D52EFD2206D26ABD00C9 ] C:\Program Files\Pervasive Software\PSQL\bin\w3csi100.dll
10:08:40.0969 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3csi100.dll - ok
10:08:40.0969 2532 [ 2205A220A264E8C8B86492BF3D112907 ] C:\WINDOWS\System32\PortableDeviceApi.dll
10:08:40.0969 2532 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
10:08:40.0969 2532 [ FE7742C93F6904A9B08BC6749C039CE9 ] C:\WINDOWS\System32\vdsutil.dll
10:08:40.0969 2532 C:\WINDOWS\System32\vdsutil.dll - ok
10:08:40.0985 2532 [ 1F18B9EA1BBFF033413414C3BEA13AD6 ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
10:08:40.0985 2532 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
10:08:40.0985 2532 [ A5994C4FFD85BFCF2D8496E8B530C1E0 ] C:\Program Files\Pervasive Software\PSQL\bin\w3dcm100.dll
10:08:40.0985 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3dcm100.dll - ok
10:08:40.0985 2532 [ 0752E49C9A4311C9C04CC1D4E571B025 ] C:\Program Files\AVAST Software\Avast\defs\14010501\aswRawFS.dll
10:08:40.0985 2532 C:\Program Files\AVAST Software\Avast\defs\14010501\aswRawFS.dll - ok
10:08:41.0000 2532 [ 1D6B95871DC006190964B04E5657E35F ] C:\WINDOWS\System32\rastapi.dll
10:08:41.0000 2532 C:\WINDOWS\System32\rastapi.dll - ok
10:08:41.0000 2532 [ AAB5FEAABF4CB6F76D794203831C8D94 ] C:\WINDOWS\System32\msidle.dll
10:08:41.0000 2532 C:\WINDOWS\System32\msidle.dll - ok
10:08:41.0000 2532 [ BF7E4D6F60A6D9E866432855C6F8C262 ] C:\WINDOWS\System32\sqmapi.dll
10:08:41.0000 2532 C:\WINDOWS\System32\sqmapi.dll - ok
10:08:41.0016 2532 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] C:\WINDOWS\System32\netprofm.dll
10:08:41.0016 2532 C:\WINDOWS\System32\netprofm.dll - ok
10:08:41.0016 2532 [ B53BD9E63867CD9FD853F666CA172713 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
10:08:41.0016 2532 C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
10:08:41.0016 2532 [ A952D0DED445F26AEFCF593A935AB300 ] C:\WINDOWS\System32\hnetcfg.dll
10:08:41.0016 2532 C:\WINDOWS\System32\hnetcfg.dll - ok
10:08:41.0032 2532 [ 30F0DC266B46118E9FBCF5B2A30EB1DB ] C:\WINDOWS\System32\wbem\wbemprox.dll
10:08:41.0032 2532 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
10:08:41.0032 2532 [ B96B60EC821F86D445C9739A0F3DED59 ] C:\WINDOWS\System32\unimdm.tsp
10:08:41.0032 2532 C:\WINDOWS\System32\unimdm.tsp - ok
10:08:41.0047 2532 [ DFCAB29E8FD38F95650CC1E203E8D318 ] C:\WINDOWS\System32\npmproxy.dll
10:08:41.0047 2532 C:\WINDOWS\System32\npmproxy.dll - ok
10:08:41.0047 2532 [ DFBAADF1B624DC71E88D34D86B3595BE ] C:\WINDOWS\System32\uniplat.dll
10:08:41.0047 2532 C:\WINDOWS\System32\uniplat.dll - ok
10:08:41.0047 2532 [ 0A584EAAF70A171E919D8CE592407E94 ] C:\WINDOWS\System32\vds_ps.dll
10:08:41.0047 2532 C:\WINDOWS\System32\vds_ps.dll - ok
10:08:41.0063 2532 [ B458B58F7BB97C48D01AC3CF5805AAAC ] C:\WINDOWS\System32\Query.dll
10:08:41.0063 2532 C:\WINDOWS\System32\Query.dll - ok
10:08:41.0063 2532 [ B32F2D95281376697792B9E6A4C18E86 ] C:\Program Files\Pervasive Software\PSQL\bin\w3comsrv.dll
10:08:41.0063 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3comsrv.dll - ok
10:08:41.0063 2532 [ 953193A9DEA40348C1086D171F6440AE ] C:\WINDOWS\System32\kmddsp.tsp
10:08:41.0063 2532 C:\WINDOWS\System32\kmddsp.tsp - ok
10:08:41.0078 2532 [ B4B59AC042EE3733A862F26CBC0B17FC ] C:\WINDOWS\System32\hidphone.tsp
10:08:41.0078 2532 C:\WINDOWS\System32\hidphone.tsp - ok
10:08:41.0078 2532 [ 2F6776ACEFE41EE889C464EA407918F2 ] C:\WINDOWS\System32\ndptsp.tsp
10:08:41.0078 2532 C:\WINDOWS\System32\ndptsp.tsp - ok
10:08:41.0078 2532 [ FC1EEE57EB9CD57279D70BA2A9131C38 ] C:\WINDOWS\System32\wbem\wbemcore.dll
10:08:41.0078 2532 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
10:08:41.0094 2532 [ C10E13721B0AAEBEB5EBA914F1D18181 ] C:\WINDOWS\System32\wbem\esscli.dll
10:08:41.0094 2532 C:\WINDOWS\System32\wbem\esscli.dll - ok
10:08:41.0094 2532 [ FE2F3B2B2F189C345870F1AB307BD6C9 ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
10:08:41.0094 2532 C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
10:08:41.0094 2532 [ BC5A34B6A14C93BF04E3F4E8EA57090A ] C:\WINDOWS\System32\wbem\fastprox.dll
10:08:41.0094 2532 C:\WINDOWS\System32\wbem\fastprox.dll - ok
10:08:41.0110 2532 [ DB0F37DBA4C245C61E5936DDBDE62438 ] C:\WINDOWS\System32\wbem\wbemsvc.dll
10:08:41.0110 2532 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
10:08:41.0110 2532 [ 834933F16EA839AC5AC7CBF88638DF27 ] C:\WINDOWS\System32\wbem\repdrvfs.dll
10:08:41.0110 2532 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
10:08:41.0110 2532 [ 2C3B09E586BDA2CC49A292BE7BADC589 ] C:\WINDOWS\System32\wbem\wmiutils.dll
10:08:41.0110 2532 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
10:08:41.0125 2532 [ 8B645890A93F1FBBC7DA3E07CC72D762 ] C:\WINDOWS\System32\rasppp.dll
10:08:41.0125 2532 C:\WINDOWS\System32\rasppp.dll - ok
10:08:41.0125 2532 [ B8A21907FE2F1A113F3487D9AB60BEF9 ] C:\WINDOWS\System32\en-US\tquery.dll.mui
10:08:41.0125 2532 C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
10:08:41.0125 2532 [ 56E315ACFB08A177B4D01E42B9044DB5 ] C:\WINDOWS\System32\mprapi.dll
10:08:41.0125 2532 C:\WINDOWS\System32\mprapi.dll - ok
10:08:41.0141 2532 [ 88225070DD2F7B0B2ED51E7935078641 ] C:\WINDOWS\System32\rasqec.dll
10:08:41.0141 2532 C:\WINDOWS\System32\rasqec.dll - ok
10:08:41.0141 2532 [ 248A1F31ABB58DDDDC01490EF0BDC777 ] C:\WINDOWS\System32\cryptui.dll
10:08:41.0141 2532 C:\WINDOWS\System32\cryptui.dll - ok
10:08:41.0156 2532 [ C6FD3425B1ADD739B95DC4D661FF4DD3 ] C:\WINDOWS\System32\PresentationSettings.exe
10:08:41.0156 2532 C:\WINDOWS\System32\PresentationSettings.exe - ok
10:08:41.0156 2532 [ 85642CD0E10F017A41B3C21E01ED1E6F ] C:\Program Files\Pervasive Software\PSQL\bin\w3mgrres.dll
10:08:41.0156 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3mgrres.dll - ok
10:08:41.0156 2532 [ BBEC4230D915F8DE6249D8AD8856D9CD ] C:\Program Files\Pervasive Software\PSQL\bin\w3mgrrsx.dll
10:08:41.0156 2532 C:\Program Files\Pervasive Software\PSQL\bin\w3mgrrsx.dll - ok
10:08:41.0172 2532 [ 22DC784B32BEE306A99F50D6DC2460BC ] C:\WINDOWS\System32\esent.dll
10:08:41.0172 2532 C:\WINDOWS\System32\esent.dll - ok
10:08:41.0172 2532 [ F85134BF76CB335A39F8D7BC4173D4FB ] C:\WINDOWS\System32\msscb.dll
10:08:41.0172 2532 C:\WINDOWS\System32\msscb.dll - ok
10:08:41.0172 2532 [ C2C6C014B96581EC8BF0C8604DE1743E ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
10:08:41.0172 2532 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
10:08:41.0188 2532 [ A609A192E98934A8D352704C99AB8577 ] C:\WINDOWS\System32\wbem\wbemess.dll
10:08:41.0188 2532 C:\WINDOWS\System32\wbem\wbemess.dll - ok
10:08:41.0188 2532 [ 9495FCC01D7AB7B60E5B8BA7AEFE9E3D ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
10:08:41.0188 2532 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
10:08:41.0203 2532 [ 5FA382106B145A920E2A4F7087AF1B90 ] C:\WINDOWS\System32\wbem\wmipcima.dll
10:08:41.0203 2532 C:\WINDOWS\System32\wbem\wmipcima.dll - ok
10:08:41.0203 2532 [ 67BB7141F7F5F37411F796943B3418B6 ] C:\WINDOWS\System32\framedynos.dll
10:08:41.0203 2532 C:\WINDOWS\System32\framedynos.dll - ok
10:08:41.0203 2532 [ F4E1AA5D59C849A4AB47E895DC76B9C8 ] C:\WINDOWS\System32\sfc.dll
10:08:41.0203 2532 C:\WINDOWS\System32\sfc.dll - ok
10:08:41.0219 2532 [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105 ] C:\WINDOWS\System32\sfc_os.dll
10:08:41.0219 2532 C:\WINDOWS\System32\sfc_os.dll - ok
10:08:41.0219 2532 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\WINDOWS\System32\ie4uinit.exe
10:08:41.0219 2532 C:\WINDOWS\System32\ie4uinit.exe - ok
10:08:41.0219 2532 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\WINDOWS\System32\iedkcs32.dll
10:08:41.0219 2532 C:\WINDOWS\System32\iedkcs32.dll - ok
10:08:41.0234 2532 [ 4B19A9A4191353007E9819A832B81186 ] C:\WINDOWS\System32\timedate.cpl
10:08:41.0234 2532 C:\WINDOWS\System32\timedate.cpl - ok
10:08:41.0234 2532 [ 8D78BA30DB4AE040A52EDEE725782715 ] C:\WINDOWS\System32\actxprxy.dll
10:08:41.0234 2532 C:\WINDOWS\System32\actxprxy.dll - ok
10:08:41.0234 2532 [ FF41E1AC301F51E16F61AD7C0F45467C ] C:\WINDOWS\System32\msshsq.dll
10:08:41.0234 2532 C:\WINDOWS\System32\msshsq.dll - ok
10:08:41.0250 2532 [ 1CE4A2790EB4A96F4ED1E4264866AFE6 ] C:\WINDOWS\System32\NaturalLanguage6.dll
10:08:41.0250 2532 C:\WINDOWS\System32\NaturalLanguage6.dll - ok
10:08:41.0250 2532 [ AA111488C03C58A2BF66509ABB4FDE60 ] C:\WINDOWS\System32\NlsData0009.dll
10:08:41.0250 2532 C:\WINDOWS\System32\NlsData0009.dll - ok
10:08:41.0281 2532 [ 8629B71343F61E1140243581C63BC0C7 ] C:\WINDOWS\System32\NlsLexicons0009.dll
10:08:41.0281 2532 C:\WINDOWS\System32\NlsLexicons0009.dll - ok
10:08:41.0281 2532 [ C43DECDAC58C0A43E0376A216590F40A ] C:\WINDOWS\System32\quartz.dll
10:08:41.0281 2532 C:\WINDOWS\System32\quartz.dll - ok
10:08:41.0281 2532 [ 04044BF8E6989BE45FA718C24407CA28 ] C:\WINDOWS\System32\networkexplorer.dll
10:08:41.0281 2532 C:\WINDOWS\System32\networkexplorer.dll - ok
10:08:41.0297 2532 [ EFD278F8129EE12F1D4AE0250494B791 ] C:\WINDOWS\System32\dxva2.dll
10:08:41.0297 2532 C:\WINDOWS\System32\dxva2.dll - ok
10:08:41.0297 2532 [ DE7F813217EC88C0A6D4D8F2F39D7949 ] C:\WINDOWS\System32\msiltcfg.dll
10:08:41.0297 2532 C:\WINDOWS\System32\msiltcfg.dll - ok
10:08:41.0297 2532 [ 24F90AEFEBE601D427CB4511E74CDCB6 ] C:\WINDOWS\System32\linkinfo.dll
10:08:41.0297 2532 C:\WINDOWS\System32\linkinfo.dll - ok
10:08:41.0312 2532 [ 861797D3C83A6EBA05FB2C63B1A45E82 ] C:\WINDOWS\System32\ksproxy.ax
10:08:41.0312 2532 C:\WINDOWS\System32\ksproxy.ax - ok
10:08:41.0312 2532 [ A14F25F62E84C6B4A178A1CFD9B47222 ] C:\WINDOWS\System32\qcap.dll
10:08:41.0312 2532 C:\WINDOWS\System32\qcap.dll - ok
10:08:41.0312 2532 [ FD44B4D9129EDD68BBD0A26683024EF9 ] C:\WINDOWS\System32\Kswdmcap.ax
10:08:41.0312 2532 C:\WINDOWS\System32\Kswdmcap.ax - ok
10:08:41.0328 2532 [ 012E22681A63D2BF405E6F15EF80BFD3 ] C:\WINDOWS\System32\vidcap.ax
10:08:41.0328 2532 C:\WINDOWS\System32\vidcap.ax - ok
10:08:41.0328 2532 [ EA4F2D7F6C01B5E581F4BAFFDFAA45C7 ] C:\Program Files\iTunes\iTunes.exe
10:08:41.0328 2532 C:\Program Files\iTunes\iTunes.exe - ok
10:08:41.0328 2532 [ B572DA05BF4E098D4BBA3A4734FB505B ] C:\WINDOWS\System32\drivers\mspqm.sys
10:08:41.0328 2532 C:\WINDOWS\System32\drivers\mspqm.sys - ok
10:08:41.0344 2532 [ 0576C771DC0A20C49C3BA08D9013AB61 ] C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
10:08:41.0344 2532 C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll - ok
10:08:41.0344 2532 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\System32\drivers\09247347.sys
10:08:41.0344 2532 C:\WINDOWS\System32\drivers\09247347.sys - ok
10:08:41.0344 2532 [ 5016B8FC59AD616F03813FBE63295081 ] C:\WINDOWS\System32\thumbcache.dll
10:08:41.0344 2532 C:\WINDOWS\System32\thumbcache.dll - ok
10:08:41.0359 2532 [ BADC359C9A0D9C217B7E8DA17BF3F5BB ] C:\WINDOWS\System32\ntshrui.dll
10:08:41.0359 2532 C:\WINDOWS\System32\ntshrui.dll - ok
10:08:41.0359 2532 [ 1EEA6C1B35191DC177EA83672B9C3FC0 ] C:\Program Files\Mozilla Firefox\firefox.exe
10:08:41.0359 2532 C:\Program Files\Mozilla Firefox\firefox.exe - ok
10:08:41.0359 2532 [ 61216539E55DDF2F78E421E7EF140650 ] C:\WINDOWS\System32\ExplorerFrame.dll
10:08:41.0359 2532 C:\WINDOWS\System32\ExplorerFrame.dll - ok
10:08:41.0375 2532 [ 027E5E14C9CFF810377701BDEAD8210F ] C:\WINDOWS\System32\control.exe
10:08:41.0375 2532 C:\WINDOWS\System32\control.exe - ok
10:08:41.0375 2532 [ DF7530BDDF2E6669F714138FE6B121FA ] C:\Program Files\AVAST Software\Avast\snxhk.dll
10:08:41.0375 2532 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
10:08:41.0390 2532 [ 19D93154C82FE39A99B269CED1056A92 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
10:08:41.0390 2532 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
10:08:41.0390 2532 [ 3EB6D30D82F0E300FCFBAD0498F654FD ] C:\WINDOWS\System32\mlang.dll
10:08:41.0390 2532 C:\WINDOWS\System32\mlang.dll - ok
10:08:41.0390 2532 [ DCE0705B5D3861BFF813DB2A8160FBF0 ] C:\WINDOWS\System32\SynCOM.dll
10:08:41.0390 2532 C:\WINDOWS\System32\SynCOM.dll - ok
10:08:41.0406 2532 [ 9EF5CD37551AC5381FC2CA763DC1CEE8 ] C:\WINDOWS\System32\SynTPAPI.dll
10:08:41.0406 2532 C:\WINDOWS\System32\SynTPAPI.dll - ok
10:08:41.0406 2532 [ C45D74C22D4EFC3F86C9CABF9D98611F ] C:\Program Files\Online Services\quickenfc\WizLink.exe
10:08:41.0406 2532 C:\Program Files\Online Services\quickenfc\WizLink.exe - ok
10:08:41.0406 2532 [ 401334D01976E029250265022D2DBF42 ] C:\Program Files\HP\QuickPlay\QP.exe
10:08:41.0406 2532 C:\Program Files\HP\QuickPlay\QP.exe - ok
10:08:41.0422 2532 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
10:08:41.0422 2532 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
10:08:41.0422 2532 [ A67F3268E37FC54A2C5AD321A20829F9 ] C:\Program Files\IDT\WDM\sttray.exe
10:08:41.0422 2532 C:\Program Files\IDT\WDM\sttray.exe - ok
10:08:41.0422 2532 [ B0B576926100EB0E176952BD18749571 ] C:\Program Files\HP\QuickPlay\QPManager.exe
10:08:41.0422 2532 C:\Program Files\HP\QuickPlay\QPManager.exe - ok
10:08:41.0437 2532 [ 2A87549B881FAFF5A329D4BEFB26DAAF ] C:\Program Files\IDT\WDM\stlang.dll
10:08:41.0437 2532 C:\Program Files\IDT\WDM\stlang.dll - ok
10:08:41.0437 2532 [ AFEBF9E0B223FF04709F747C172D3540 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:08:41.0437 2532 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
10:08:41.0453 2532 [ 790222D6CCFC576F0D07D418E6115D85 ] C:\Program Files\Windows Calendar\WinCal.exe
10:08:41.0453 2532 C:\Program Files\Windows Calendar\WinCal.exe - ok
10:08:41.0453 2532 [ CC1959AB3929997F4198AA69C854086F ] C:\WINDOWS\System32\regsvr32.exe
10:08:41.0453 2532 C:\WINDOWS\System32\regsvr32.exe - ok
10:08:41.0453 2532 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
10:08:41.0453 2532 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
10:08:41.0468 2532 [ AB7EBFD1D7FE626612D1E815FE4E6DF4 ] C:\Program Files\Mozilla Firefox\mozglue.dll
10:08:41.0468 2532 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
10:08:41.0468 2532 [ 06164026C38AA5366E4D127E2E36FDE8 ] C:\Program Files\Windows Mail\wab.exe
10:08:41.0468 2532 C:\Program Files\Windows Mail\wab.exe - ok
10:08:41.0468 2532 [ FD647CA82ACF232DBE5F20345647B948 ] C:\WINDOWS\AppPatch\AcGenral.dll
10:08:41.0468 2532 C:\WINDOWS\AppPatch\AcGenral.dll - ok
10:08:41.0484 2532 [ 2545F8FA1BA4417308DF63B952D66FA1 ] C:\Program Files\Mozilla Firefox\nss3.dll
10:08:41.0484 2532 C:\Program Files\Mozilla Firefox\nss3.dll - ok
10:08:41.0484 2532 [ 395335431AD55C167CFDBBAB8420DA73 ] C:\Program Files\Movie Maker\DVDMaker.exe
10:08:41.0484 2532 C:\Program Files\Movie Maker\DVDMaker.exe - ok
10:08:41.0500 2532 [ 2C8AB779971C1FBE09213784CF18D878 ] C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll
10:08:41.0500 2532 C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll - ok
10:08:41.0500 2532 [ 43E6F2A7FB182F2D7CB0CE5B8F1005CF ] C:\Program Files\Internet Explorer\iexplore.exe
10:08:41.0500 2532 C:\Program Files\Internet Explorer\iexplore.exe - ok
10:08:41.0500 2532 [ B5950DF243837D8217F4E597919B224A ] C:\WINDOWS\System32\stobject.dll
10:08:41.0500 2532 C:\WINDOWS\System32\stobject.dll - ok
10:08:41.0515 2532 [ EC69B16644C613F41A57169F8D068F1D ] C:\WINDOWS\System32\batmeter.dll
10:08:41.0515 2532 C:\WINDOWS\System32\batmeter.dll - ok
10:08:41.0515 2532 [ B7ED332A57FC78CA29E40D3619550225 ] C:\WINDOWS\ehome\ehshell.exe
10:08:41.0515 2532 C:\WINDOWS\ehome\ehshell.exe - ok
10:08:41.0515 2532 [ 52BC119E49F88F2A5D1466230B1275C7 ] C:\Program Files\Windows Collaboration\WinCollab.exe
10:08:41.0515 2532 C:\Program Files\Windows Collaboration\WinCollab.exe - ok
10:08:41.0531 2532 [ 8A6087B231B529EF6186CD0179B16032 ] C:\Program Files\Mozilla Firefox\mozjs.dll
10:08:41.0531 2532 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
10:08:41.0531 2532 [ FFB0F36CD8C00940108FB9921534246A ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
10:08:41.0531 2532 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
10:08:41.0546 2532 [ C4AB08459CD7B59B410ACFC04D90E87B ] C:\Program Files\Movie Maker\MOVIEMK.exe
10:08:41.0546 2532 C:\Program Files\Movie Maker\MOVIEMK.exe - ok
10:08:41.0546 2532 [ C03AC1FBCD625F93D2C245D97E06F270 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
10:08:41.0546 2532 C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
10:08:41.0546 2532 [ 069385484EA57B663D688894C88975C5 ] C:\WINDOWS\System32\wuapp.exe
10:08:41.0546 2532 C:\WINDOWS\System32\wuapp.exe - ok
10:08:41.0562 2532 [ 30F02D9C55053367E26A11482F51E255 ] C:\WINDOWS\System32\SndVolSSO.dll
10:08:41.0562 2532 C:\WINDOWS\System32\SndVolSSO.dll - ok
10:08:41.0562 2532 [ 454830B2FF549241E4B09CD291F4B59D ] C:\Program Files\Mozilla Firefox\mozalloc.dll
10:08:41.0562 2532 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
10:08:41.0562 2532 [ 313B30189557A2E2793F845DE0F0A4D5 ] C:\WINDOWS\ehome\ehSSO.dll
10:08:41.0578 2532 C:\WINDOWS\ehome\ehSSO.dll - ok
10:08:41.0578 2532 [ 75AD59B9B12EB194486BE8D97B062994 ] C:\WINDOWS\System32\pnidui.dll
10:08:41.0578 2532 C:\WINDOWS\System32\pnidui.dll - ok
10:08:41.0578 2532 [ 1FD37AEC631EEF547FF6C93151C21A5B ] C:\Program Files\Mozilla Firefox\gkmedias.dll
10:08:41.0578 2532 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
10:08:41.0593 2532 [ 2DD6AF8E97F59C9D39329BBC2A81F13F ] C:\WINDOWS\System32\rasdlg.dll
10:08:41.0593 2532 C:\WINDOWS\System32\rasdlg.dll - ok
10:08:41.0593 2532 [ 4A839160ED1963F9A1526DDA2D1233B2 ] C:\WINDOWS\System32\AltTab.dll
10:08:41.0593 2532 C:\WINDOWS\System32\AltTab.dll - ok
10:08:41.0593 2532 [ 6B5C53E0932C510606D700B7A896EF73 ] C:\WINDOWS\System32\WPDShServiceObj.dll
10:08:41.0593 2532 C:\WINDOWS\System32\WPDShServiceObj.dll - ok
10:08:41.0609 2532 [ 883D02AB5D350BC45E0F60E8CFA97FDC ] C:\WINDOWS\System32\PortableDeviceTypes.dll
10:08:41.0609 2532 C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
10:08:41.0609 2532 [ FEA6D21F78922D641A0C9346D885133B ] C:\WINDOWS\System32\mssprxy.dll
10:08:41.0609 2532 C:\WINDOWS\System32\mssprxy.dll - ok
10:08:41.0609 2532 [ 744F08CF9ACFFB1C715191D04DEEE907 ] C:\WINDOWS\System32\srchadmin.dll
10:08:41.0609 2532 C:\WINDOWS\System32\srchadmin.dll - ok
10:08:41.0624 2532 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\WINDOWS\System32\webcheck.dll
10:08:41.0624 2532 C:\WINDOWS\System32\webcheck.dll - ok
10:08:41.0624 2532 [ 1B2A798F65C9E7104A28878638DD34EF ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
10:08:41.0624 2532 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
10:08:41.0624 2532 [ B8DE851298E99A005BFD34AA906B3FE8 ] C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
10:08:41.0624 2532 C:\WINDOWS\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll - ok
10:08:41.0640 2532 [ 4ACEA0C4BB15ACE55E3AE5EC4E88DD55 ] C:\WINDOWS\System32\SyncCenter.dll
10:08:41.0640 2532 C:\WINDOWS\System32\SyncCenter.dll - ok
10:08:41.0640 2532 [ DE2345B8CBCC6366E20848EC22278CB6 ] C:\Program Files\Mozilla Firefox\xul.dll
10:08:41.0640 2532 C:\Program Files\Mozilla Firefox\xul.dll - ok
10:08:41.0656 2532 [ 7ADD03E75BEB9E6DD102C3081D29840A ] C:\WINDOWS\System32\drivers\cdfs.sys
10:08:41.0656 2532 C:\WINDOWS\System32\drivers\cdfs.sys - ok
10:08:41.0656 2532 ============================================================
10:08:41.0656 2532 Scan finished
10:08:41.0656 2532 ============================================================
10:08:41.0656 1372 Detected object count: 3
10:08:41.0656 1372 Actual detected object count: 3
10:09:58.0762 1372 c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - copied to quarantine
10:09:58.0965 1372 HKLM\SYSTEM\ControlSet001\services\HP Health Check Service - will be deleted on reboot
10:09:59.0090 1372 HKLM\SYSTEM\ControlSet002\services\HP Health Check Service - will be deleted on reboot
10:09:59.0199 1372 c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe - will be deleted on reboot
10:09:59.0199 1372 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:09:59.0293 1372 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - copied to quarantine
10:09:59.0402 1372 HKLM\SYSTEM\ControlSet001\services\IDriverT - will be deleted on reboot
10:09:59.0402 1372 HKLM\SYSTEM\ControlSet002\services\IDriverT - will be deleted on reboot
10:09:59.0402 1372 C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe - will be deleted on reboot
10:09:59.0402 1372 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Delete
10:09:59.0511 1372 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
10:09:59.0511 1372 \Device\Harddisk0\DR0\TDLFS - deleted
10:09:59.0511 1372 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
10:10:11.0539 3676 Deinitialize success
  • 0

#68
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
How's your system running now? Let me have a closer look at the log and I'll be back with your next set of instructions momentarily. We're not out of the woods just yet!
  • 0

#69
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Ok, CZ2761,

Please provide a fresh OTL and Extras log:

  • Double click on the Posted Image to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox
    and
  • Check the option for All under the Extra Registry section
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic
  • OTL.txt <-- Will be opened, maximized
  • Extras.txt <-- Will be minimized on task bar.
Please post the contents of both OTL.txt and Extras.txt files in your next reply.
  • 0

#70
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
The system is running great! I'm not getting anymore warnings from Avast either.

Here are the OTL logs:

OTL logfile created on: 1/6/2014 11:56:26 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 55.55% Memory free
6.19 Gb Paging File | 4.85 Gb Available in Paging File | 78.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 106.45 Gb Free Space | 47.85% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.62% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/02 10:26:54 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/02 10:26:53 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2013/12/12 10:36:13 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/12/11 11:14:51 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
PRC - [2013/11/27 18:57:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\Chris\Downloads\OTL (1).exe
PRC - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/15 13:17:24 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () -- C:\WINDOWS\SMINST\BLService.exe
PRC - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe
PRC - [2006/11/02 04:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\regsvr32.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/02 10:27:00 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/12/21 16:13:33 | 000,020,480 | ---- | M] () -- C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll
MOD - [2013/12/12 10:36:12 | 003,559,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/12/11 11:14:49 | 016,242,056 | ---- | M] () -- C:\WINDOWS\System32\Macromed\Flash\NPSWF32_11_9_900_170.dll
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2009/02/08 19:47:56 | 000,159,744 | ---- | M] () -- C:\WINDOWS\System32\atitmmxx.dll


========== Services (SafeList) ==========

SRV - [2014/01/02 10:26:53 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2013/12/12 10:36:12 | 000,119,408 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/11 14:40:36 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/11 11:14:54 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/18 13:47:00 | 002,370,448 | ---- | M] (WIBU-SYSTEMS AG) [Disabled | Stopped] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
SRV - [2011/11/16 11:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011/10/31 10:00:15 | 000,435,528 | ---- | M] (Pervasive Software Inc.) [Auto | Running] -- C:\Program Files\Pervasive Software\PSQL\bin\w3dbsmgr.exe -- (psqlWGE)
SRV - [2011/10/25 11:51:56 | 000,043,848 | R--- | M] (Sage Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Sage\Peachtree\SmartPostingService2011.exe -- (Peachtree SmartPosting 2011)
SRV - [2008/04/15 13:18:38 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Stopped] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\stacsv.exe -- (STacSV)
SRV - [2008/03/26 17:26:56 | 000,341,328 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/02/12 15:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\System32\DriverStore\FileRepository\stwrt.inf_030ac640\AEstSrv.exe -- (AESTFilters)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (agc3n5g4)
DRV - [2014/01/02 10:27:01 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/02 10:27:01 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/02 10:27:01 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/02 10:27:01 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/02 10:27:01 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/01/02 10:27:01 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/01/02 10:27:01 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/05/19 21:52:37 | 000,466,008 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sptd.sys -- (sptd)
DRV - [2012/12/13 04:28:44 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/12/13 04:26:38 | 000,058,320 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsmux.sys -- (acsmux)
DRV - [2012/12/13 04:26:38 | 000,039,888 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\acsint.sys -- (acsint)
DRV - [2009/02/08 21:06:20 | 004,172,800 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/11/17 14:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/09/04 01:47:00 | 000,054,784 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\enecir.sys -- (enecir)
DRV - [2008/05/13 21:09:00 | 007,443,872 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/05/13 21:09:00 | 000,043,552 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/05/06 15:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/04/15 13:19:54 | 000,378,368 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008/04/15 05:05:08 | 000,118,784 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/04/11 12:55:04 | 000,084,240 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\jmcr.sys -- (JMCR)
DRV - [2008/03/27 15:12:12 | 000,024,424 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\hpdskflt.sys -- (hpdskflt)
DRV - [2008/03/27 15:11:34 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2007/07/11 12:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 19:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 02:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\nvm60x32.sys -- (NVENETFD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://bing.com/
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache =
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..\SearchScopes\{1DF32FC6-D3C9-4AD9-9396-544BB4A47CDC}: "URL" = http://www.google.co...1I7AVND_enUS569
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "bing.com"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2011.70
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Chris\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2008/06/10 08:37:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/02 10:27:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/11/08 18:54:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Extensions
[2014/01/02 10:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\wpufm3lp.default\extensions
[2013/09/06 21:15:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/11/27 17:24:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/12 10:36:18 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/01/02 10:27:04 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\18.2_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mogcbkkjhojimpkmhbpndncicbcfigid\1.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic\2.0_0\
CHR - Extension: No name found = C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2014/01/04 10:27:48 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000..\Run: [URmedia] C:\Windows\System32\regsvr32.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-1961090724-942705277-1128008459-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0819543E-146D-4416-8CDE-A68597624A77}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C8DA66C-C24A-49EF-B3BB-7F784FC0114A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B72DD6A-D65E-4A6A-A9E0-50489A711B2A}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/06/10 08:11:44 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/06 01:00:16 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/01/04 14:09:16 | 000,000,000 | ---D | C] -- C:\Users\Chris\Desktop\Vietnamese
[2014/01/04 10:28:51 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/04 10:21:02 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/04 09:46:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/04 09:46:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/04 09:46:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/04 09:45:44 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/04 09:45:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/04 09:44:11 | 005,160,001 | R--- | C] (Swearware) -- C:\Users\Chris\Desktop\ComboFix.exe
[2014/01/04 00:34:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/03 00:40:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\Google
[2014/01/02 10:29:32 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\AVAST Software
[2014/01/02 10:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/02 10:28:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2014/01/02 10:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2014/01/02 10:27:45 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/02 10:27:43 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/02 10:27:42 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/02 10:27:41 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/02 10:27:40 | 000,054,832 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/02 10:27:07 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/02 10:27:00 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/02 10:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/02 10:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/02 10:19:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2014/01/01 17:00:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/01 09:47:05 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/12/31 22:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2013/12/21 23:50:57 | 000,000,000 | ---D | C] -- C:\Windows\System32\directx
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\WarThunder
[2013/12/21 23:48:45 | 000,000,000 | ---D | C] -- C:\ProgramData\WarThunder
[2013/12/21 16:13:22 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Local\URmedia
[2013/12/14 17:09:59 | 000,000,000 | ---D | C] -- C:\Users\Chris\AppData\Roaming\CyberLink
[2013/12/12 10:36:52 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/12/12 10:36:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/12/12 10:36:47 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/12/12 10:36:46 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/12/12 10:36:46 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/12/12 10:36:44 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/12/12 10:36:44 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/12/12 10:36:41 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/12/11 14:06:27 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/12/11 14:06:25 | 000,335,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2013/12/11 14:06:25 | 000,167,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2013/12/11 14:06:25 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2013/12/11 14:06:22 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cscript.exe
[2013/12/11 14:06:22 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wshcon.dll
[2013/12/07 21:25:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Auslogics
[2013/12/07 21:25:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2013/12/07 21:25:21 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
[2013/12/07 20:55:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/06 11:57:46 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/06 11:52:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/06 11:51:52 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000UA.job
[2014/01/06 11:51:45 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/01/06 11:51:42 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1961090724-942705277-1128008459-1000Core.job
[2014/01/06 11:51:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/06 10:11:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/06 10:11:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/06 10:10:57 | 3218,280,448 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/05 16:47:57 | 000,000,851 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/01/04 14:08:13 | 464,356,888 | ---- | M] () -- C:\Users\Chris\Desktop\FSI_Basic-Vietnamese.zip
[2014/01/04 10:27:48 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/04 09:44:42 | 005,160,001 | R--- | M] (Swearware) -- C:\Users\Chris\Desktop\ComboFix.exe
[2014/01/02 10:29:25 | 000,001,833 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/02 10:27:01 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/02 10:27:01 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/02 10:27:01 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/02 10:27:01 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/02 10:27:01 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2014/01/02 10:27:01 | 000,054,832 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2014/01/02 10:27:01 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/02 10:27:00 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/02 10:27:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/01 21:39:21 | 000,008,944 | ---- | M] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2014/01/01 10:17:17 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2014/01/01 07:08:00 | 000,000,104 | ---- | M] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/22 14:19:31 | 000,008,516 | ---- | M] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/21 19:31:57 | 000,608,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/12/21 19:31:57 | 000,105,842 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/12/14 17:09:58 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\Users\Public\Documents\DVD.exe
[2013/12/13 19:30:36 | 000,018,195 | ---- | M] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/12 11:01:32 | 000,430,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/12/11 11:14:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/12/11 11:14:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013/12/08 18:52:21 | 269,701,115 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/12/07 21:25:23 | 000,000,922 | ---- | M] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/04 13:25:34 | 464,356,888 | ---- | C] () -- C:\Users\Chris\Desktop\FSI_Basic-Vietnamese.zip
[2014/01/04 09:46:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/04 09:46:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/04 09:46:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/04 09:46:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/04 09:46:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/04 00:26:16 | 3218,280,448 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/02 10:29:25 | 000,001,833 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/02 10:28:10 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/02 10:28:04 | 000,000,880 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/02 10:27:44 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/02 10:27:42 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/02 10:21:11 | 000,000,857 | ---- | C] () -- C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2014/01/02 10:21:11 | 000,000,851 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Search.lnk
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2014/01/01 10:58:18 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2014/01/01 07:08:00 | 000,000,104 | ---- | C] () -- C:\Users\Chris\Application Data\Microsoft\Internet Explorer\Quick Launch\Computer - Shortcut.lnk
[2013/12/22 14:19:30 | 000,008,516 | ---- | C] () -- C:\Users\Chris\chilipepper.jpg
[2013/12/13 19:11:43 | 000,018,195 | ---- | C] () -- C:\Users\Chris\Desktop\Wines.odt
[2013/12/07 21:25:23 | 000,000,922 | ---- | C] () -- C:\Users\Chris\Desktop\Auslogics DiskDefrag.lnk
[2013/11/30 07:02:39 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/11/27 12:28:13 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/11/25 01:23:39 | 000,000,552 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d8caps.dat
[2013/11/24 14:11:42 | 000,006,656 | ---- | C] () -- C:\Windows\System32\bcmwlrc.dll
[2013/09/29 16:38:11 | 000,000,495 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/05/19 22:15:01 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2013/04/18 17:25:16 | 000,188,468 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2012/05/25 18:17:09 | 000,034,814 | ---- | C] () -- C:\Users\Chris\AppData\Local\dt.dat
[2012/01/28 11:19:31 | 000,008,944 | ---- | C] () -- C:\Users\Chris\AppData\Local\d3d9caps.dat
[2011/11/14 00:28:17 | 000,071,168 | ---- | C] () -- C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/08 10:09:37 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011/11/08 10:09:32 | 000,249,739 | ---- | C] () -- C:\ProgramData\nvModes.dat

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


And the extras:
OTL Extras logfile created on: 1/6/2014 11:56:26 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\Chris\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.66 Gb Available Physical Memory | 55.55% Memory free
6.19 Gb Paging File | 4.85 Gb Available in Paging File | 78.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.46 Gb Total Space | 106.45 Gb Free Space | 47.85% Space Free | Partition Type: NTFS
Drive D: | 10.42 Gb Total Space | 1.73 Gb Free Space | 16.62% Space Free | Partition Type: NTFS

Computer Name: CHRIS-PC | User Name: Chris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2B86FA71-254F-497F-9722-A25C49D28E11}" = rport=137 | protocol=17 | dir=out | app=system |
"{43688AB0-5026-4109-BD35-C9F94C453FB2}" = lport=138 | protocol=17 | dir=in | app=system |
"{4D463317-8AA1-42EB-AAAA-46FB45DC961D}" = lport=3351 | protocol=6 | dir=in | name=pervasive dbengine |
"{5A4CB45D-0259-4C82-9946-CA1380D42EB2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{866D77D3-8AA2-4318-9874-31E4C1A231B7}" = lport=137 | protocol=17 | dir=in | app=system |
"{8A048E29-75EC-4132-B07E-A99D60547B10}" = lport=445 | protocol=6 | dir=in | app=system |
"{8E599228-5F36-4B01-9782-CDAF7A7DF85D}" = lport=1583 | protocol=6 | dir=in | name=pervasive dbengine |
"{9F3C8C1B-6DA2-4F0D-A981-57594F0D6604}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{BFF9B835-B75B-4BE6-9705-0C23AE776AE0}" = lport=139 | protocol=6 | dir=in | app=system |
"{E3BE076D-61DD-4A6A-80A5-333CF65D0B6A}" = rport=445 | protocol=6 | dir=out | app=system |
"{E50F9893-D461-4BE7-A960-869C3F1DB807}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EA01412C-D37A-4237-8C2E-247030DB62A5}" = rport=139 | protocol=6 | dir=out | app=system |
"{EFF98E92-7B6F-4782-BDDF-F331AEFABB92}" = rport=138 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0263DABF-EF77-48CB-B81B-61C269F641F2}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{086EBDD0-D2A4-4115-9E7D-D5620F6F92C0}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{0EE63860-31B4-4363-9C13-37DDF7128868}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{11ADFC12-38B0-4667-82AC-93306FE52F0B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{16ACDFE2-0220-4AFE-B2BD-324C0E801201}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{28F749D7-7D30-42DC-B172-A82150B263EA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{2B901E9E-38BB-4139-827E-A9A773D1BD74}" = protocol=58 | dir=out | [email protected],-28546 |
"{350756F3-25FB-4811-AA84-2CE1D3349BAF}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{3C1CE542-FA9F-407A-8EF9-3C008766CBC5}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4077636B-AD4F-4DC4-A72C-F678C34CA0A7}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{4360F3DF-8D98-4686-B86A-828DED02CAE7}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{43B98980-EB95-4614-A4D6-99AFE53ADBC4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{4FD1363D-CFA8-4B8C-824B-D93F3EB9B515}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50B3F0CC-9A59-4C98-BAAD-3C25B1DA0F65}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{50E9D66C-209C-4C4A-B27B-BC36B3ED0E16}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{51EE844F-74E0-45C8-84FB-73AC69CE33C9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{5D2C68F0-030E-4C92-9B6E-C1204C19C9F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5DF1C42E-E752-4E4E-A0C0-C68872DD16D5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{67DDD819-4658-46C6-8051-CA0937EE2D06}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6FC9820B-9A1F-4F8A-958D-C95885E390BE}" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3y.exe |
"{7345A150-1395-4A82-BB80-146E30A17F40}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{777C8CC4-F17C-4A6D-8F55-DCE99749F8F4}" = protocol=6 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{7FBFF7C6-7B40-4F7D-8D01-5BD55DA6C83F}" = protocol=17 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{81B48244-E124-41CB-A0DF-885063DC350D}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{84688B25-7D8D-4393-9CBC-D87794CAC412}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{877F6D89-DE63-41DE-9296-C17D2197C6E9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{8AB0B066-2698-4A91-B5FE-31B1E791F208}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"{91FB66D6-4CCC-4096-8685-5862BC7E4385}" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires iii\age3.exe |
"{93092660-9A0C-4FD5-8676-C8D07A169EA6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\launcher.exe |
"{97E906B3-2FF3-4D20-AFC3-DC3D17F13F53}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{B0EDE9EB-A8AC-4ABF-81D9-B42F20C3FB5F}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{BEEA257F-30E6-4739-9C7F-4663398B59F5}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe |
"{C72728E7-4B98-4F7C-AA7E-6B0E88A99CA5}" = protocol=1 | dir=out | [email protected],-28544 |
"{CAC52DD3-2A0A-4526-863D-3CF90F8A3295}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D07DB96B-7551-4F3B-A6F5-B47BA7AAD6B1}" = protocol=6 | dir=in | app=c:\program files\codemeter\runtime\bin\codemeter.exe |
"{D2F34EAA-121E-4F0F-BF1E-9D3C7EDE4428}" = protocol=6 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{D6AF57C8-6443-4C2D-82DB-629C14CE0156}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{D7788BDD-2654-4E24-9453-68119D2E3AE2}" = protocol=58 | dir=in | [email protected],-28545 |
"{DCCA4B59-4F01-4826-9089-935BE4339170}" = protocol=1 | dir=in | [email protected],-28543 |
"{E0FE72CF-E914-4B70-AD17-8AEEBF7948EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\age2hd\launcher.exe |
"{E124605C-BD1D-416C-A87C-AEB0E0FF81FC}" = protocol=17 | dir=in | app=c:\program files\pervasive software\psql\bin\w3dbsmgr.exe |
"{E6140F30-5818-4775-BEE4-85A093C259F4}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe |
"{ECB83D74-BFDB-47E0-B5BE-F43AA0957F30}" = protocol=17 | dir=in | app=c:\program files\avg\avg2013\avgemcx.exe |
"{F694C544-F243-4383-83AB-7A89256CB6D8}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\team fortress 2\hl2.exe |
"TCP Query User{8127EB56-444C-4340-9EB1-1DFF3E3DF79A}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{8CCD8902-F275-4BAC-A60C-91886DB6D8C3}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"TCP Query User{D707EFCC-9309-44B4-A8EC-DF46AA6A3406}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |
"TCP Query User{D7AC601B-8D94-49D2-8350-FF61539E730B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{05D726A8-536F-4D2E-A4B1-CC1A0AB24701}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{45F3E2A8-5D77-43D8-AD1A-9A19BEDC61E1}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{6967F8AB-F2CF-4FA6-BFEE-000CE2281739}C:\program files\steam\steamapps\common\war thunder\aces.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\war thunder\aces.exe |
"UDP Query User{7D6D596E-3F40-4A30-B75D-56E7B3D4B305}C:\program files\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files\hp\common\hpdevicedetection3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}" = Apple Mobile Device Support
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1CC677FA-C65A-0767-9AE4-370A233D8366}" = ATI Catalyst Install Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F579925-2652-6934-2E6C-EE652CD807E3}" = Catalyst Control Center Core Implementation
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23CCE784-A812-4647-AEFF-1DCCD4E57478}" = HP Support Solutions Framework
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{264A668E-A999-031C-9779-50A56C83ADF2}" = Catalyst Control Center Graphics Full Existing
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{28C3E5E6-5ACA-408D-9A46-089C5334EC97}" = HP Help and Support
"{30DAA715-5032-40F9-A0AE-95C9AEBB3E3F}" = HP QuickTouch 1.00 D2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D3
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{380357CA-29F4-4B3C-B401-32C057E6B59B}" = HP Smart Web Printing
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}" = OpenOffice 4.0.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CB16960-2A17-C313-5C52-00D5612627AB}" = ccc-core-static
"{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"{5A4D9E13-4E96-5CD5-FC03-8431277A97F6}" = Catalyst Control Center Graphics Full New
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66F0EA94-483A-82CB-B9FC-38329A3014F2}" = Catalyst Control Center Graphics Previews Vista
"{6798DD4E-BD16-4735-87EB-D712637CCB8C}" = Sage Message Center
"{6EBF4CF2-651F-C168-6C4F-F86BF000E55B}" = Catalyst Control Center InstallProxy
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}" = Snagit 11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8BCB844B-0814-4354-A413-1063DB4618E9}" = PeachTree Signature Ready Forms
"{8EBAB2D3-C17D-1070-015A-800180C303E8}" = Skins
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9AA9FEE7-9F99-4E69-947A-49F7DA0DDA3A}" = Cisco AnyConnect Secure Mobility Client
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2CCD5E-1990-4EF2-9B61-32F0BBACC29B}" = HP Active Support Library
"{9F78DBE6-95C1-ADEC-796A-E76DD4CDB4E8}" = Catalyst Control Center Graphics Light
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAD72731-807A-4B79-AE05-9190B7002B7B}" = ProtectSmart Hard Drive Protection
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B8169E45-8E23-430B-91D1-EC64540C8ED0}" = HP User Guides 0103
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C25E9B95-8000-8985-EF20-9FF4DCEA41BA}" = CCC Help English
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C484CC8D-03CF-4022-89C4-DB4F02E8A15B}" = Crystal Reports 2008 Runtime SP1
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics DiskDefrag
"{DF9C119C-7F26-45B9-93D4-7C372CBBBA11}" = iTunes
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{E8C3CF7A-9E8F-4C5D-8EC7-FF5A495E178C}" = VitalSource Bookshelf
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F3FCB08B-E752-444D-86A0-0634A4F3B23D}" = System Requirements Lab CYRI
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FA44DB7C-5158-A2DE-8672-D7C7E13E10A3}" = Catalyst Control Center Graphics Previews Common
"{FD6FAE16-DD20-EDBF-AB50-FAC87EB197D1}" = ccc-utility
"7DE39862CC26DCE2446838AAF7CD5C163F835A57" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avast" = avast! Free Antivirus
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{54E4EECE-61B9-4D85-9B3C-99686A9ED6A1}" = Peachtree Accounting 2011
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Integration Services" = Sage Integration Services
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 26.0 (x86 en-US)" = Mozilla Firefox 26.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Pervasive PSQL v10 SP2 Workgroup (32-bit)" = Pervasive PSQL v10 SP2 Workgroup (32-bit)
"QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1" = Age of Empires II HD © Microsoft Studios version 1
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Steam" = Steam
"Steam App 221380" = Age of Empires II: HD Edition
"Steam App 236390" = War Thunder
"Steam App 440" = Team Fortress 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.1.11
"WinRAR archiver" = WinRAR 4.01 (32-bit)
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1961090724-942705277-1128008459-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{481d491f-4f01-46d4-8b43-0187ae71ad0c}" = Snap.Do Engine
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/4/2014 4:29:11 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application QPSched.exe, version 5.0.0.2817, time stamp 0x4806c4b4,
faulting module QPSched.exe, version 5.0.0.2817, time stamp 0x4806c4b4, exception
code 0xc0000005, fault offset 0x000075b3, process id 0x930, application start time
0x01cf096169044f98.

Error - 1/5/2014 8:05:34 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/5/2014 5:28:29 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/5/2014 6:10:21 PM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/5/2014 7:31:15 PM | Computer Name = Chris-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 1/5/2014 7:31:16 PM | Computer Name = Chris-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =

Error - 1/5/2014 8:19:05 PM | Computer Name = Chris-PC | Source = Application Error | ID = 1000
Description = Faulting application QPSched.exe, version 5.0.0.2817, time stamp 0x4806c4b4,
faulting module QPSched.exe, version 5.0.0.2817, time stamp 0x4806c4b4, exception
code 0xc0000005, fault offset 0x000075b3, process id 0xcac, application start time
0x01cf0a62c8ad9d30.

Error - 1/6/2014 1:52:42 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/6/2014 2:03:12 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/6/2014 10:52:31 AM | Computer Name = Chris-PC | Source = WinMgmt | ID = 10
Description =

[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 6:10:10 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

Error - 11/27/2013 7:40:38 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.

Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: XmlParser::invokeParser File: .\Xml\XmlParser.cpp Line: 182
Invoked
Function: ISAXXMLReader::parse Return Code: -2146697210 (0x800C0006) Description:
WINDOWS_ERROR_CODE

Error - 11/27/2013 7:45:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::LoadSettingsFromXmlFile File: ..\PhoneHomeAgent.cpp
Line:
603 Invoked Function: XmlParser::parseFile Return Code: -33554423 (0xFE000009) Description:
GLOBAL_ERROR_UNEXPECTED

Error - 11/27/2013 7:45:41 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108866
Description = Function: CThread::invokeRun File: .\Utility\Thread.cpp Line: 435 Invoked
Function: IRunnable::Run Return Code: -32112629 (0xFE16000B) Description: BROWSERPROXY_ERROR_NO_PROXY_FILE


Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
274 m_pIServicePlugin is NULL

Error - 11/27/2013 7:50:25 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
311 m_pITelemetryPlugin is NULL

Error - 11/27/2013 8:31:01 PM | Computer Name = Chris-PC | Source = acvpnagent | ID = 67110873
Description = Termination reason code 9: Client PC is shutting down.

[ System Events ]
Error - 1/6/2014 11:05:49 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/6/2014 11:05:49 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/6/2014 11:06:36 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/6/2014 11:11:21 AM | Computer Name = Chris-PC | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description =

Error - 1/6/2014 11:12:43 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/6/2014 11:12:43 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/6/2014 11:13:03 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 1/6/2014 11:22:58 AM | Computer Name = Chris-PC | Source = Service Control Manager | ID = 7034
Description =

Error - 1/6/2014 12:52:47 PM | Computer Name = Chris-PC | Source = VDS Dynamic Provider | ID = 16908298
Description =

Error - 1/6/2014 1:01:40 PM | Computer Name = Chris-PC | Source = bowser | ID = 8003
Description =


< End of report >
  • 0

Advertisements


#71
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Hi CZ2761,

Sorry for the delay in responding.

Just a WARNING:

One or more of the identified infections was a backdoor trojan/rootkit.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

If the infected computer was used for online banking, has credit card information or other sensitive data on it, you should immediately change ALL passwords to include those used for banking, email, eBay, paypal and any online forums. You should consider them to be compromised. You should change each password by using a clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you will need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified as soon as possible due to the possibility of the security breach.

Though the trojan was killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS.

I must also warn you that P2P Programs can invite spyware, viruses, Trojan horses, or worms into your computer. When the files are downloaded, your computer becomes infected. If you share these files with others, their computer becomes infected as well. You also invite the possibilities of others stealing your personal information such as passwords, online banking accounts, personal files, etc.

Please read the following link for more information:

P2P File-Sharing: Evaluate the Risks


The recent OTL logs look good. Before I have you uninstall OTL I'd like for you run the following scans. The first is to check for outdated software. The 2nd is to make sure no other malicious files are found that I may need to remove with OTL:


1st:

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document in your next reply.


2nd:

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the Posted Image icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Posted Image
    (Selecting Uninstall application on close if you so wish)

In your next post, please provide the following log:

checkup.txt
C:\Program Files\ESET\EsetOnlineScanner\log.txt


Thank you,
Donna :)
  • 0

#72
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Oh dear, that's terrifying. I can't think of any passwords that I have saved, would that ensure that I'm protected from someone accessing my information?

All of the P2P stuff on here is from when brother had this laptop. I haven't used any of it and am going to remove it.

I'll post those logs in just a bit.

Thanks!
  • 0

#73
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Yes. It would certainly ensure that your personal data/information is secure. It is a good practice to use a variety of passwords though can be daunting when trying to remember them all. You may want to read about password managers. There are several free ones that may benefit your needs.

All of the P2P stuff on here is from when brother had this laptop. I haven't used any of it and am going to remove it

That's a very wise decision. Since this laptop is a hand me down, you may also want to consider restoring to factory condition. That way you can personalize it for you.

It appears that you do have a D: recovery partition. That may also ensure that all previous infections are removed. If you have recovery discs that is even better. If you are not sure that your brother ever created the recovery discs from the hidden partition you may try clicking on Start > All Programs and look for a folder labeled Recovery Manager.

The ESET scan may take some time to complete, so if you would like go ahead and scan with Security Check, post the log, then continue with the ESET scan, that would be fine!

:thumbsup:
  • 0

#74
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Uh oh, I think we might be in trouble. It looks like there's another virus on here :help:

Here is the Security Check log:
Results of screen317's Security Check version 0.99.78
Windows Vista Service Pack 2 x86 (UAC is disabled!)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 45
Adobe Flash Player 11.9.900.170
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox (26.0)
Google Chrome 31.0.1650.57
Google Chrome 31.0.1650.63
````````Process Check: objlist.exe by Laurent````````
ESET ESET Online Scanner OnlineScannerApp.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````


Annnnd the ESET log:
[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=901b604c5520ab469d756edeca80d5e5
# engine=16541
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-01-07 05:09:50
# local_time=2014-01-07 12:09:50 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 71 76 0 0 0 0
# compatibility_mode=5892 16776574 100 95 49982887 225678918 0 0
# scanned=220632
# found=2
# cleaned=0
# scan_time=8001
sh=D151E7414F4F1235618C07597C2FBD7BF6A085FC ft=1 fh=1f1121e252168752 vn="a variant of Win32/Sefnit.CV trojan" ac=I fn="C:\Users\Chris\AppData\Local\URmedia\iTunesMod.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="multiple threats" ac=I fn="${Memory}"
  • 0

#75
DonnaB

DonnaB

    Miss Congeniality

  • GeekU Moderator
  • 7,493 posts
Not to worry. That's not too bad and can be taken care of by ESET. Let's run another scan. Please pay close attention to the instructions below since they have been changed a bit which I highlighted in green:

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

  • Please go >>HERE<< then click on: Posted Image

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the Posted Image icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow the Add-On/Active X to install.
  • This time around place a checkmark in Remove found threats, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic.
  • Now click on: Posted Image
    (Selecting Uninstall application on close if you so wish)

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP