Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop is infected and opening IE or Windows explorer taks forever [So

Started by newbee2001 , Oct 07 2012 02:33 PM

  • This topic is locked This topic is locked

#1
newbee2001
Posted 07 October 2012 - 02:33 PM

newbee2001

    Member

  • Member
  • PipPip
  • 45 posts
Hello,

Looks like my laptop is infected. Last Malware bytes scan showed infections such as 'Trojan.Dropper.BCMiner', 'Rootkit.OAccess' and 'Rootkit.OAccess.64'. I've chosen to quarantine and delete the infected files but it didn't completely removed the virus. Opening any program such as 'IE', Windows Explorer, Malware Bytes takes very long time. I tried to run Malware bytes several times (even in safe mode) but it shows that there are no infections. Please help.

Thanks.
  • 0

Advertisements

#2
newbee2001
Posted 07 October 2012 - 08:35 PM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hello,

Here is the OTL log:

I can't even open IE and windows explorer takes more than 5 mins to come up.

Also I've uninstalled AVG2011 but for some reason it still shows in the control panel--> programs but when I click on the uninstall it gives error that the program doesnt exists. But I still the AVG icon in the bottom right hand corner and when i click on it, it opens the AVG antivirus. I am totally clueless what's going on. I appreciate all your help.

*******************************
OTL logfile created on: 10/7/2012 7:07:21 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Virus Fix
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 4.38 Gb Available Physical Memory | 74.23% Memory free
11.81 Gb Paging File | 10.17 Gb Available in Paging File | 86.12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.80 Gb Total Space | 250.12 Gb Free Space | 55.24% Space Free | Partition Type: NTFS
Drive D: | 12.76 Gb Total Space | 2.13 Gb Free Space | 16.70% Space Free | Partition Type: NTFS
Drive F: | 7.52 Gb Total Space | 7.34 Gb Free Space | 97.64% Space Free | Partition Type: FAT32

Computer Name: HOME | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/07 18:58:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Virus Fix\OTL.exe
PRC - [2012/09/03 10:57:08 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/03 10:57:06 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2009/07/24 18:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/07/23 20:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 11:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/03 10:57:10 | 000,564,832 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/03 10:57:09 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/03 10:57:06 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009/07/24 18:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/07/24 18:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/07/24 18:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/07/23 11:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/06/17 11:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/17 11:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/17 11:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009/07/30 17:42:34 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/21 18:33:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/02 14:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
SRV - [2012/09/03 10:57:08 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/21 18:33:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 14:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/03 10:57:09 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/27 19:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/25 01:41:45 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/21 18:33:00 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/07/14 16:16:00 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/13 15:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 14:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/07/01 13:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 13:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 13:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 05:13:00 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/04/07 16:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE:64bit: - HKLM\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE - HKLM\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 83 0B F8 01 BA BE 5F 43 95 6B 8E B5 17 19 7D 40 [binary data]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2011-12-13 09:38:37&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/08/14 23:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/10/05 18:43:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/09/03 10:57:19 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - Extension: No name found = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: No name found = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: No name found = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ws26.abc.com...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B4C121B-5383-4643-8F20-194967262BE9}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/07 19:06:32 | 000,000,000 | ---D | C] -- C:\Virus Fix
[2012/10/07 18:26:53 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\AVG10
[2012/10/05 20:46:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/10/05 10:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/10/05 09:43:04 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\desktop-10052012
[2012/10/04 22:55:41 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\wpics
[2012/10/04 15:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/10/04 15:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/10/03 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\Mozilla
[2012/10/02 11:05:19 | 000,000,000 | -HSD | C] -- C:\Users\A\Documents\cache
[2012/10/02 11:05:07 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\webex
[2012/10/02 11:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx
[2012/09/19 19:10:18 | 000,000,000 | ---D | C] -- C:\premat

========== Files - Modified Within 30 Days ==========

[2012/10/07 19:06:20 | 000,726,270 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/07 19:06:20 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/07 19:06:20 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/07 18:58:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/07 18:58:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/07 18:50:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/07 18:50:35 | 460,734,463 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/07 17:49:09 | 362,903,961 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/07 17:47:23 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001UA.job
[2012/10/07 12:50:20 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001Core.job
[2012/10/06 08:26:25 | 096,750,624 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/10/05 18:43:32 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2012/10/05 11:30:35 | 000,324,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/05 09:32:47 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForA.job
[2012/10/05 09:16:08 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/04 15:13:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 21:53:24 | 000,000,483 | ---- | M] () -- C:\Users\A\Documents\ChatLog Meet Now 2012_10_03 21_53.rtf
[2012/09/28 08:49:39 | 000,002,479 | ---- | M] () -- C:\Users\A\Desktop\Google Chrome.lnk
[2012/09/26 17:43:29 | 000,000,728 | ---- | M] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_26 17_43.rtf
[2012/09/25 18:21:42 | 000,402,624 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/09/20 15:13:02 | 000,060,304 | ---- | M] () -- C:\Users\A\g2mdlhlpx.exe
[2012/09/10 18:16:26 | 000,000,474 | ---- | M] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_10 18_16.rtf

========== Files Created - No Company Name ==========

[2012/10/05 20:46:29 | 362,903,961 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/10/04 15:08:13 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/04 15:08:11 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 21:53:24 | 000,000,483 | ---- | C] () -- C:\Users\A\Documents\ChatLog Meet Now 2012_10_03 21_53.rtf
[2012/09/26 17:43:29 | 000,000,728 | ---- | C] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_26 17_43.rtf
[2012/09/10 18:16:26 | 000,000,474 | ---- | C] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_10 18_16.rtf
[2012/08/09 18:58:04 | 000,060,304 | ---- | C] () -- C:\Users\A\g2mdlhlpx.exe
[2012/02/18 19:54:40 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/03/24 06:18:17 | 000,001,396 | -HS- | C] () -- C:\Users\A\AppData\Local\65aq61c6c3s52lt2cc
[2011/03/24 06:18:17 | 000,001,396 | -HS- | C] () -- C:\ProgramData\65aq61c6c3s52lt2cc
[2010/09/20 23:07:06 | 004,364,773 | ---- | C] () -- C:\Users\A\AppData\Local\tmpDSC02425.JPG

========== ZeroAccess Check ==========

[2011/11/17 00:14:10 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\@
[2012/08/11 18:22:15 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L
[2012/10/05 20:23:56 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U
[2012/08/11 21:50:47 | 000,000,804 | ---- | M] () -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L\00000004.@
[2012/08/11 18:10:37 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U\00000004.@
[2012/08/11 18:51:04 | 000,002,048 | -HS- | M] () -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\@
[2011/11/17 00:14:10 | 000,000,000 | -HSD | M] -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L
[2011/11/17 00:14:10 | 000,000,000 | -HSD | M] -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2012/08/11 21:50:46 | 000,005,120 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2012/08/11 21:50:46 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\n.

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/08/18 01:51:24 | 000,000,000 | -HSD | M] -- C:\Users\A\AppData\Roaming\.#
[2011/11/18 10:46:59 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\427AA
[2012/10/07 18:26:53 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\AVG10
[2010/08/10 03:43:21 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\AVG9
[2010/08/14 05:27:17 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Gamelab
[2010/08/14 02:02:29 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\iWin
[2012/06/29 21:25:11 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Juniper Networks
[2012/10/02 11:05:19 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\webex
[2012/06/17 20:36:56 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\WildTangent
[2011/08/20 15:38:54 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >

*******************************
  • 0

#3
maliprog
Posted 08 October 2012 - 12:04 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hello newbee2001 and welcome to my office here at G2G! Posted Image

My nick is maliprog and I'll be your technical support on this issue. Before we start please read my notes carefully:

NOTES:
  • Malware removal is NOT instantaneous, most infections require several courses of action to completely eradicate.
  • Absence of symptoms does not always mean the computer is clean
  • Kindly follow my instructions in the order posted. Order is crucial in cleaning process.
  • Please DO NOT run any scans or fix on your own without my direction.
  • Please read all of my response through at least once before attempting to follow the procedures described.
  • If there's anything you don't understand or isn't totally clear, please come back to me for clarification.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste it to include the log in your reply.
  • You must reply within 3 days or your topic will be closed

Step 1

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Please make sure you include the combo fix log in your next reply

Step 2

Run OTL again

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator"). Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan/Fixes box paste this in

    netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
services.exe
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.txt. This file is also saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

Step 3

Please don't forget to include these items in your reply:

  • Combofix log
  • OTL fix log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

#4
newbee2001
Posted 08 October 2012 - 12:37 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hi,

I have uninstalled AVG2011 earlier but the AVG icon still shows in the system tray. When I right click on the icon I don't see 'Quit Control Center.'. I see the options 1) Open AVG User Interface 2) Scan 3) Run PC Analyzer 4) Update Now and 5) Help.

Is it safe to continue with the steps you suggested without closing AVG2011? Please advice.

Thanks.
  • 0

#5
maliprog
Posted 08 October 2012 - 12:39 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Let's remove AVG from your system completely. Please download AVG Remover and run it in order to remove AVG. After we finish cleaning of your system you can install AVG again.

After this you can continue with scans.
  • 0

#6
newbee2001
Posted 08 October 2012 - 01:01 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hi,

The AVG remover gave me this message '2012-10-08 06:59:26,766 ERROR Wrong application platform. Use corresponding application version for 32bit or 64bit systems'. Please advise.


Thanks.
  • 0

#7
maliprog
Posted 08 October 2012 - 01:07 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
OK then. Run Combofix and accept scan even with AVG turned on. Post log after the scan.
  • 0

#8
newbee2001
Posted 08 October 2012 - 02:30 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hi,

Here is the Combofix log:

*********************************
ComboFix 12-10-08.01 - A 10/08/2012 0:15.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6047.4410 [GMT -7:00]
Running from: c:\users\A\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\A\AppData\Roaming\.#
c:\users\A\g2mdlhlpx.exe
c:\windows\assembly\GAC_32\Desktop.ini
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\@
c:\windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L\00000004.@
c:\windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L\201d3dde
c:\windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U\00000004.@
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\0e70f9b5098f188a.fb
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\2c53092c95605355.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\391e29a028a841e8.fb
c:\windows\SysWow64\Cache\55da78af0be1367b.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\63535137c5ef2c1a.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\a8556537add6dfc5.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\c7eb69debd18615a.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\e0de16f883bea794.fb
c:\windows\SysWow64\Cache\f6e54f9748773f9a.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
.
.
((((((((((((((((((((((((( Files Created from 2012-09-08 to 2012-10-08 )))))))))))))))))))))))))))))))
.
.
2012-10-08 07:31 . 2012-10-08 07:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2012-10-08 07:31 . 2012-10-08 07:31 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-08 07:31 . 2012-10-08 07:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-08 02:06 . 2012-10-08 07:32 -------- d-----w- C:\Virus Fix
2012-10-08 01:26 . 2012-10-08 01:26 -------- d-----w- c:\users\A\AppData\Roaming\AVG10
2012-10-04 22:08 . 2012-10-04 22:08 -------- d-----w- c:\program files (x86)\Google
2012-10-02 18:05 . 2012-10-02 18:05 -------- d-----w- c:\users\A\AppData\Roaming\webex
2012-10-02 18:04 . 2012-10-02 18:04 -------- d-----w- c:\programdata\WebEx
2012-09-20 02:10 . 2012-09-25 19:34 -------- d-----w- C:\premathcount-coaching beg
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-08 00:04 . 2011-02-13 21:25 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-03 17:57 . 2012-09-03 17:57 31080 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2012-08-12 01:14 . 2012-08-12 01:14 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-12 01:14 . 2011-09-30 03:12 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 20:48 . 2009-12-19 08:29 59701280 ----a-w- c:\windows\system32\MRT.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-09-03 17:57 1734240 ----a-w- c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll" [2012-09-03 1734240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-06-24 320056]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2012-08-01 2345592]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-09-03 947808]
"ROC_roc_dec12"="c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe" [2012-01-18 928096]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"ROC_ROC_JULY_P1"="c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" [2012-09-03 1022048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/w...&ver=10.0.1427" [?]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-01-31 7391072]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-08 195336]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-07-13 233472]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-02-18 51712]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-31 1255736]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [2011-02-22 26704]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2011-03-16 37456]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2011-01-07 304720]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-03-01 41552]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2011-04-05 377936]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-09-03 31080]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe [2009-03-02 89600]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG10\avgwdsvc.exe [2011-02-08 269520]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-16 249648]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-26 13672]
S2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-09-03 722528]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-05-28 118864]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-02-10 29264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 138752]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-04 22:08]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-04 22:08]
.
2012-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001Core.job
- c:\users\A\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-27 06:34]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001UA.job
- c:\users\A\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-27 06:34]
.
2012-10-05 c:\windows\Tasks\HPCeeScheduleForA.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-08-15 21:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-07-22 450048]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.254
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{ABD3B5E1-B268-407B-A150-2641DAB8D898}"=hex:51,66,7a,6c,4c,1d,38,12,8f,b6,c0,
af,5a,fc,15,05,de,46,65,01,df,e6,9c,8c
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:d6,eb,92,71,3d,26,cd,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
.
**************************************************************************
.
Completion time: 2012-10-08 01:00:22 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-08 08:00
.
Pre-Run: 267,657,715,712 bytes free
Post-Run: 269,531,504,640 bytes free
.
- - End Of File - - 6F2C7FDDA95D80AADA1E44DC3D66F390

*********************************
  • 0

#9
newbee2001
Posted 08 October 2012 - 02:31 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Here is the OTL fix log:

************************************
OTL logfile created on: 10/8/2012 1:11:02 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Virus Fix
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 4.17 Gb Available Physical Memory | 70.64% Memory free
11.81 Gb Paging File | 10.00 Gb Available in Paging File | 84.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.80 Gb Total Space | 251.10 Gb Free Space | 55.46% Space Free | Partition Type: NTFS
Drive D: | 12.76 Gb Total Space | 2.13 Gb Free Space | 16.70% Space Free | Partition Type: NTFS

Computer Name: HOME | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/07 18:58:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Virus Fix\OTL.exe
PRC - [2012/09/03 10:57:08 | 000,722,528 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012/09/03 10:57:06 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/08/01 04:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
PRC - [2009/07/30 17:42:34 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009/07/24 18:24:02 | 000,427,304 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
PRC - [2009/07/23 20:45:52 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/07/23 11:37:16 | 000,206,120 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/03 10:57:10 | 000,564,832 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012/09/03 10:57:09 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012/09/03 10:57:06 | 000,947,808 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/06/01 10:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2009/07/24 18:24:16 | 000,275,848 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
MOD - [2009/07/24 18:24:16 | 000,124,288 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
MOD - [2009/07/24 18:24:14 | 000,349,480 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
MOD - [2009/07/23 11:37:14 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
MOD - [2009/06/17 11:40:16 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2009/06/17 11:40:16 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2009/06/17 11:40:16 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2009/07/30 17:42:34 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/07/21 18:33:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/08 13:49:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2009/03/02 14:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
SRV - [2012/09/03 10:57:08 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012/01/31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/07/21 18:33:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe -- (STacSV)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/03/02 14:42:00 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe -- (AESTFilters)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/09/03 10:57:09 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/02/29 23:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/27 19:05:26 | 000,118,864 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/03/10 23:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/02/22 08:12:46 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/02/18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/02/10 07:53:34 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/25 01:41:45 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/07/21 18:33:00 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/07/14 16:16:00 | 000,273,456 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 16:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/13 15:31:00 | 000,233,472 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 14:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/07/08 13:49:08 | 000,030,008 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2009/07/08 13:48:50 | 000,041,272 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2009/07/01 13:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/07/01 13:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/07/01 13:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/06/29 11:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2009/06/10 14:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 14:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 14:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 13:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 13:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 05:13:00 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 08:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/04/07 16:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE:64bit: - HKLM\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE - HKLM\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 83 0B F8 01 BA BE 5F 43 95 6B 8E B5 17 19 7D 40 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg....fr&d=2011-12-13 09:38:37&v=12.2.5.32&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{9870378C-AA89-4F81-AE53-91459C6075B1}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{FCF5DB96-A51C-4438-BD0D-285F6D51D4ED}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/08/14 23:38:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/10/05 18:43:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.5.32\ [2012/09/03 10:57:19 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\A\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.140.8 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U17 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\\npsitesafety.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\A\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: AVG Safe Search = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: AVG Secure Search = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.2.5.32_0\

O1 HOSTS File: ([2012/10/08 00:34:37 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HPCam_Menu] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [ROC_ROC_JULY_P1] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe ()
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://ws26.abc.gov...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B4C121B-5383-4643-8F20-194967262BE9}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/10/08 01:00:46 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/10/08 00:34:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/10/08 00:11:20 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/08 00:11:20 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/08 00:11:19 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/07 23:54:51 | 004,762,763 | R--- | C] (Swearware) -- C:\Users\A\Desktop\ComboFix.exe
[2012/10/07 23:54:51 | 001,090,912 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Users\A\Desktop\avg_remover_stf_x86_2011_1184.exe
[2012/10/07 19:06:32 | 000,000,000 | ---D | C] -- C:\Virus Fix
[2012/10/07 18:26:53 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\AVG10
[2012/10/05 20:46:36 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/10/05 10:05:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012/10/05 09:43:04 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\desktop-10052012
[2012/10/04 22:55:41 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\wpics
[2012/10/04 15:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012/10/04 15:08:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/10/03 12:47:18 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\Mozilla
[2012/10/02 11:05:19 | 000,000,000 | -HSD | C] -- C:\Users\A\Documents\cache
[2012/10/02 11:05:07 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\webex
[2012/10/02 11:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\WebEx
[2012/09/19 19:10:18 | 000,000,000 | ---D | C] -- C:\pbeg

========== Files - Modified Within 30 Days ==========

[2012/10/08 00:47:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001UA.job
[2012/10/08 00:42:42 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 00:42:41 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/08 00:34:37 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/10/08 00:33:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/08 00:33:23 | 460,734,463 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/08 00:10:25 | 004,762,763 | R--- | M] (Swearware) -- C:\Users\A\Desktop\ComboFix.exe
[2012/10/07 23:50:56 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/10/07 23:50:34 | 000,726,270 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/10/07 23:50:34 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/10/07 23:46:10 | 001,090,912 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Users\A\Desktop\avg_remover_stf_x86_2011_1184.exe
[2012/10/07 17:49:09 | 362,903,961 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/10/07 12:50:20 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-159737879-1126576835-258178889-1001Core.job
[2012/10/06 08:26:25 | 096,750,624 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/10/05 18:43:32 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2012/10/05 11:30:35 | 000,324,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/10/05 09:32:47 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForA.job
[2012/10/05 09:16:08 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/04 15:13:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 21:53:24 | 000,000,483 | ---- | M] () -- C:\Users\A\Documents\ChatLog Meet Now 2012_10_03 21_53.rtf
[2012/09/28 08:49:39 | 000,002,479 | ---- | M] () -- C:\Users\A\Desktop\Google Chrome.lnk
[2012/09/26 17:43:29 | 000,000,728 | ---- | M] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_26 17_43.rtf
[2012/09/25 18:21:42 | 000,402,624 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/09/10 18:16:26 | 000,000,474 | ---- | M] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_10 18_16.rtf

========== Files Created - No Company Name ==========

[2012/10/08 00:11:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/08 00:11:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/08 00:11:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/08 00:11:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/08 00:11:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/05 20:46:29 | 362,903,961 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/10/04 15:08:13 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/04 15:08:11 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 21:53:24 | 000,000,483 | ---- | C] () -- C:\Users\A\Documents\ChatLog Meet Now 2012_10_03 21_53.rtf
[2012/09/26 17:43:29 | 000,000,728 | ---- | C] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_26 17_43.rtf
[2012/09/10 18:16:26 | 000,000,474 | ---- | C] () -- C:\Users\A\Documents\ChatLog New Meeting 2012_09_10 18_16.rtf
[2012/02/18 19:54:40 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/03/24 06:18:17 | 000,001,396 | -HS- | C] () -- C:\Users\A\AppData\Local\65aq61c6c3s52lt2cc
[2011/03/24 06:18:17 | 000,001,396 | -HS- | C] () -- C:\ProgramData\65aq61c6c3s52lt2cc
[2010/09/20 23:07:06 | 004,364,773 | ---- | C] () -- C:\Users\A\AppData\Local\tmpDSC02425.JPG

========== ZeroAccess Check ==========

[2012/10/08 00:10:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L
[2012/10/08 00:10:59 | 000,000,000 | ---D | M] -- C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U
[2012/08/11 18:51:04 | 000,002,048 | -HS- | M] () -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\@
[2011/11/17 00:14:10 | 000,000,000 | -HSD | M] -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L
[2011/11/17 00:14:10 | 000,000,000 | -HSD | M] -- C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2009/08/25 02:31:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\ERDNT\cache86\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011/02/25 23:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/25 22:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 18:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/25 22:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/30 22:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 22:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/24 23:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/25 23:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 05:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/25 02:31:41 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009/08/02 23:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/24 22:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/30 23:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/02 22:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 06:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/30 23:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/02 22:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 18:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/30 23:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/25 02:31:41 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011/02/25 23:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/02 23:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009/08/25 02:31:41 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe

< MD5 for: SERVICES.EXE >
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\ERDNT\cache64\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009/07/13 18:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache86\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/13 18:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\ERDNT\cache64\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009/07/13 18:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 05:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\ERDNT\cache86\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/13 18:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\ERDNT\cache64\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009/07/13 18:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 06:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010/11/20 06:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 18:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012/09/07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/10/28 00:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009/10/27 23:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< %systemroot%\*. /mp /s >

< End of report >

************************************
  • 0

#10
maliprog
Posted 08 October 2012 - 05:37 AM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Nice. Let's continue...

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Files
    C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}
    C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}

    :Commands
    [purity]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles
Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

Advertisements

#11
newbee2001
Posted 08 October 2012 - 09:31 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Here is the OTL fix log:

****************************************
========== OTL ==========
========== FILES ==========
C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U folder moved successfully.
C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L folder moved successfully.
C:\Windows\Installer\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb} folder moved successfully.
C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\U folder moved successfully.
C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb}\L folder moved successfully.
C:\Users\A\AppData\Local\{25f6ecc7-01c1-b3df-d40b-cc9c1ccf10bb} folder moved successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 10082012_075950
****************************************
  • 0

#12
newbee2001
Posted 08 October 2012 - 09:37 AM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Here are the TDSSKILLER logs: (I noticed that there are 2 logs created, so I am posting both the logs)

Log1:
*************************************
08:19:04.0107 2196 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:19:04.0712 2196 ============================================================
08:19:04.0713 2196 Current date / time: 2012/10/08 08:19:04.0712
08:19:04.0713 2196 SystemInfo:
08:19:04.0713 2196
08:19:04.0713 2196 OS Version: 6.1.7600 ServicePack: 0.0
08:19:04.0713 2196 Product type: Workstation
08:19:04.0713 2196 ComputerName: HOME
08:19:04.0713 2196 UserName: A
08:19:04.0713 2196 Windows directory: C:\Windows
08:19:04.0713 2196 System windows directory: C:\Windows
08:19:04.0713 2196 Running under WOW64
08:19:04.0713 2196 Processor architecture: Intel x64
08:19:04.0713 2196 Number of processors: 2
08:19:04.0713 2196 Page size: 0x1000
08:19:04.0713 2196 Boot type: Normal boot
08:19:04.0713 2196 ============================================================
08:19:06.0646 2196 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:19:06.0655 2196 ============================================================
08:19:06.0655 2196 \Device\Harddisk0\DR0:
08:19:06.0655 2196 MBR partitions:
08:19:06.0655 2196 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:19:06.0655 2196 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3899B000
08:19:06.0655 2196 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x389FF000, BlocksNum 0x1986800
08:19:06.0655 2196 ============================================================
08:19:06.0671 2196 C: <-> \Device\Harddisk0\DR0\Partition2
08:19:06.0711 2196 D: <-> \Device\Harddisk0\DR0\Partition3
08:19:06.0712 2196 ============================================================
08:19:06.0712 2196 Initialize success
08:19:06.0712 2196 ============================================================
08:19:50.0734 0884 Deinitialize success

*************************************

Log2:
*************************************
08:22:24.0505 3496 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:22:25.0176 3496 ============================================================
08:22:25.0176 3496 Current date / time: 2012/10/08 08:22:25.0176
08:22:25.0176 3496 SystemInfo:
08:22:25.0176 3496
08:22:25.0176 3496 OS Version: 6.1.7600 ServicePack: 0.0
08:22:25.0176 3496 Product type: Workstation
08:22:25.0176 3496 ComputerName: HOME
08:22:25.0176 3496 UserName: A
08:22:25.0176 3496 Windows directory: C:\Windows
08:22:25.0176 3496 System windows directory: C:\Windows
08:22:25.0176 3496 Running under WOW64
08:22:25.0176 3496 Processor architecture: Intel x64
08:22:25.0176 3496 Number of processors: 2
08:22:25.0176 3496 Page size: 0x1000
08:22:25.0176 3496 Boot type: Normal boot
08:22:25.0176 3496 ============================================================
08:22:37.0411 3496 BG loaded
08:22:44.0540 3496 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:22:44.0602 3496 ============================================================
08:22:44.0602 3496 \Device\Harddisk0\DR0:
08:22:44.0618 3496 MBR partitions:
08:22:44.0618 3496 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
08:22:44.0618 3496 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3899B000
08:22:44.0618 3496 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x389FF000, BlocksNum 0x1986800
08:22:44.0618 3496 ============================================================
08:22:44.0743 3496 C: <-> \Device\Harddisk0\DR0\Partition2
08:22:44.0992 3496 D: <-> \Device\Harddisk0\DR0\Partition3
08:22:44.0992 3496 ============================================================
08:22:44.0992 3496 Initialize success
08:22:44.0992 3496 ============================================================
08:25:37.0808 3408 ============================================================
08:25:37.0808 3408 Scan started
08:25:37.0808 3408 Mode: Manual; SigCheck; TDLFS;
08:25:37.0808 3408 ============================================================
08:25:38.0811 3408 ================ Scan services =============================
08:25:38.0937 3408 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
08:25:39.0096 3408 1394ohci - ok
08:25:39.0127 3408 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
08:25:39.0154 3408 Accelerometer - ok
08:25:39.0177 3408 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
08:25:39.0196 3408 ACPI - ok
08:25:39.0222 3408 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
08:25:39.0310 3408 AcpiPmi - ok
08:25:39.0340 3408 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:25:39.0371 3408 adp94xx - ok
08:25:39.0396 3408 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:25:39.0428 3408 adpahci - ok
08:25:39.0461 3408 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:25:39.0490 3408 adpu320 - ok
08:25:39.0534 3408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:25:39.0672 3408 AeLookupSvc - ok
08:25:39.0760 3408 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
08:25:39.0888 3408 AESTFilters - ok
08:25:39.0978 3408 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
08:25:40.0059 3408 AFD - ok
08:25:40.0184 3408 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
08:25:40.0262 3408 AgereSoftModem - ok
08:25:40.0294 3408 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
08:25:40.0333 3408 agp440 - ok
08:25:40.0368 3408 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:25:40.0419 3408 ALG - ok
08:25:40.0459 3408 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
08:25:40.0481 3408 aliide - ok
08:25:40.0490 3408 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
08:25:40.0512 3408 amdide - ok
08:25:40.0542 3408 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:25:40.0601 3408 AmdK8 - ok
08:25:40.0634 3408 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:25:40.0693 3408 AmdPPM - ok
08:25:40.0758 3408 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:25:40.0795 3408 amdsata - ok
08:25:40.0806 3408 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:25:40.0834 3408 amdsbs - ok
08:25:40.0849 3408 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:25:40.0872 3408 amdxata - ok
08:25:40.0916 3408 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
08:25:40.0985 3408 AppID - ok
08:25:41.0016 3408 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:25:41.0079 3408 AppIDSvc - ok
08:25:41.0103 3408 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
08:25:41.0173 3408 Appinfo - ok
08:25:41.0301 3408 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:25:41.0339 3408 Apple Mobile Device - ok
08:25:41.0390 3408 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:25:41.0414 3408 arc - ok
08:25:41.0438 3408 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:25:41.0463 3408 arcsas - ok
08:25:41.0483 3408 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:25:41.0548 3408 AsyncMac - ok
08:25:41.0572 3408 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
08:25:41.0586 3408 atapi - ok
08:25:41.0703 3408 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
08:25:41.0852 3408 atikmdag - ok
08:25:41.0914 3408 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:25:41.0976 3408 AudioEndpointBuilder - ok
08:25:41.0987 3408 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:25:42.0030 3408 AudioSrv - ok
08:25:42.0090 3408 AVG Security Toolbar Service - ok
08:25:42.0268 3408 [ 7A0F6A3E0E41425B9BA54616B482668A ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
08:25:42.0402 3408 AVGIDSAgent - ok
08:25:42.0513 3408 [ E6671E90D38C88764412E07C9D9B3D63 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
08:25:42.0546 3408 AVGIDSDriver - ok
08:25:42.0598 3408 [ 1553B388E0F0462C25AD8F30C3C29E83 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
08:25:42.0627 3408 AVGIDSEH - ok
08:25:42.0663 3408 [ DCA426A66739E75F51A72160DFB945AD ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
08:25:42.0682 3408 AVGIDSFilter - ok
08:25:42.0697 3408 [ FF7383388A7D2283DAE5831ABC2B0720 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
08:25:42.0720 3408 Avgldx64 - ok
08:25:42.0732 3408 [ 997D002827D3E3DCBBB25BF46DB161AB ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
08:25:42.0751 3408 Avgmfx64 - ok
08:25:42.0777 3408 [ BCCFE3374C887075CDE2AC8FDB1CB2F8 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
08:25:42.0797 3408 Avgrkx64 - ok
08:25:42.0817 3408 [ 0D49ADCEBE243B79366EA523B647519A ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
08:25:42.0842 3408 Avgtdia - ok
08:25:42.0915 3408 [ A313C4AE276E3C975A1BC27170AA23C6 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
08:25:42.0949 3408 avgtp - ok
08:25:42.0992 3408 [ FC2BC51120A945F7C70376495E4E7737 ] avgwd C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
08:25:43.0006 3408 avgwd - ok
08:25:43.0033 3408 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:25:43.0143 3408 AxInstSV - ok
08:25:43.0180 3408 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:25:43.0235 3408 b06bdrv - ok
08:25:43.0286 3408 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:25:43.0335 3408 b57nd60a - ok
08:25:43.0411 3408 [ 2ED050291BC1D7F9E322E328DB3AAECF ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
08:25:43.0462 3408 BBSvc - ok
08:25:43.0511 3408 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:25:43.0574 3408 BBUpdate - ok
08:25:43.0645 3408 [ F99C7AE4BB91BD1506B3572F944307BB ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
08:25:43.0696 3408 BCM43XX - ok
08:25:43.0726 3408 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:25:43.0770 3408 BDESVC - ok
08:25:43.0815 3408 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:25:43.0859 3408 Beep - ok
08:25:43.0899 3408 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
08:25:43.0967 3408 BFE - ok
08:25:44.0038 3408 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
08:25:44.0114 3408 BITS - ok
08:25:44.0150 3408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:25:44.0200 3408 blbdrive - ok
08:25:44.0324 3408 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:25:44.0372 3408 Bonjour Service - ok
08:25:44.0422 3408 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:25:44.0488 3408 bowser - ok
08:25:44.0516 3408 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:25:44.0575 3408 BrFiltLo - ok
08:25:44.0594 3408 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:25:44.0626 3408 BrFiltUp - ok
08:25:44.0667 3408 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:25:44.0736 3408 BridgeMP - ok
08:25:44.0768 3408 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
08:25:44.0807 3408 Browser - ok
08:25:44.0831 3408 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:25:44.0881 3408 Brserid - ok
08:25:44.0906 3408 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:25:44.0946 3408 BrSerWdm - ok
08:25:44.0985 3408 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:25:45.0030 3408 BrUsbMdm - ok
08:25:45.0067 3408 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:25:45.0104 3408 BrUsbSer - ok
08:25:45.0137 3408 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
08:25:45.0178 3408 BthEnum - ok
08:25:45.0213 3408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:25:45.0254 3408 BTHMODEM - ok
08:25:45.0286 3408 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:25:45.0323 3408 BthPan - ok
08:25:45.0364 3408 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
08:25:45.0415 3408 BTHPORT - ok
08:25:45.0457 3408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:25:45.0525 3408 bthserv - ok
08:25:45.0555 3408 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
08:25:45.0623 3408 BTHUSB - ok
08:25:45.0661 3408 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:25:45.0687 3408 btwaudio - ok
08:25:45.0710 3408 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
08:25:45.0730 3408 btwavdt - ok
08:25:45.0775 3408 [ 17DA11C703B8E86AC3DF8F796A118AEF ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:25:45.0815 3408 btwdins - ok
08:25:45.0827 3408 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:25:45.0845 3408 btwl2cap - ok
08:25:45.0858 3408 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:25:45.0879 3408 btwrchid - ok
08:25:45.0892 3408 catchme - ok
08:25:45.0925 3408 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:25:45.0987 3408 cdfs - ok
08:25:46.0032 3408 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:25:46.0055 3408 cdrom - ok
08:25:46.0082 3408 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
08:25:46.0155 3408 CertPropSvc - ok
08:25:46.0196 3408 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:25:46.0248 3408 circlass - ok
08:25:46.0277 3408 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:25:46.0314 3408 CLFS - ok
08:25:46.0377 3408 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:25:46.0426 3408 clr_optimization_v2.0.50727_32 - ok
08:25:46.0462 3408 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:25:46.0504 3408 clr_optimization_v2.0.50727_64 - ok
08:25:46.0559 3408 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:25:46.0608 3408 clr_optimization_v4.0.30319_32 - ok
08:25:46.0633 3408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:25:46.0652 3408 clr_optimization_v4.0.30319_64 - ok
08:25:46.0679 3408 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:25:46.0728 3408 CmBatt - ok
08:25:46.0752 3408 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
08:25:46.0782 3408 cmdide - ok
08:25:46.0827 3408 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
08:25:46.0883 3408 CNG - ok
08:25:46.0939 3408 [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
08:25:46.0973 3408 Com4QLBEx - ok
08:25:47.0006 3408 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:25:47.0035 3408 Compbatt - ok
08:25:47.0062 3408 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
08:25:47.0117 3408 CompositeBus - ok
08:25:47.0140 3408 COMSysApp - ok
08:25:47.0157 3408 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:25:47.0187 3408 crcdisk - ok
08:25:47.0243 3408 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:25:47.0327 3408 CryptSvc - ok
08:25:47.0362 3408 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:25:47.0427 3408 DcomLaunch - ok
08:25:47.0469 3408 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:25:47.0545 3408 defragsvc - ok
08:25:47.0601 3408 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:25:47.0666 3408 DfsC - ok
08:25:47.0703 3408 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
08:25:47.0817 3408 Dhcp - ok
08:25:47.0847 3408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:25:47.0926 3408 discache - ok
08:25:47.0968 3408 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:25:48.0004 3408 Disk - ok
08:25:48.0051 3408 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:25:48.0095 3408 Dnscache - ok
08:25:48.0117 3408 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
08:25:48.0193 3408 dot3svc - ok
08:25:48.0220 3408 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
08:25:48.0297 3408 DPS - ok
08:25:48.0339 3408 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:25:48.0417 3408 drmkaud - ok
08:25:48.0467 3408 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:25:48.0510 3408 DXGKrnl - ok
08:25:48.0543 3408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:25:48.0618 3408 EapHost - ok
08:25:48.0700 3408 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:25:48.0807 3408 ebdrv - ok
08:25:48.0841 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
08:25:48.0901 3408 EFS - ok
08:25:48.0984 3408 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:25:49.0053 3408 ehRecvr - ok
08:25:49.0083 3408 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:25:49.0147 3408 ehSched - ok
08:25:49.0191 3408 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:25:49.0237 3408 elxstor - ok
08:25:49.0271 3408 [ 524C79054636D2E5751169005006460B ] enecir C:\Windows\system32\DRIVERS\enecir.sys
08:25:49.0344 3408 enecir - ok
08:25:49.0367 3408 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
08:25:49.0437 3408 ErrDev - ok
08:25:49.0494 3408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:25:49.0573 3408 EventSystem - ok
08:25:49.0605 3408 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:25:49.0677 3408 exfat - ok
08:25:49.0700 3408 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:25:49.0756 3408 fastfat - ok
08:25:49.0790 3408 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
08:25:49.0833 3408 Fax - ok
08:25:49.0858 3408 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:25:49.0904 3408 fdc - ok
08:25:49.0938 3408 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:25:49.0990 3408 fdPHost - ok
08:25:50.0003 3408 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:25:50.0070 3408 FDResPub - ok
08:25:50.0101 3408 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:25:50.0132 3408 FileInfo - ok
08:25:50.0140 3408 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:25:50.0212 3408 Filetrace - ok
08:25:50.0237 3408 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:25:50.0290 3408 flpydisk - ok
08:25:50.0316 3408 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:25:50.0351 3408 FltMgr - ok
08:25:50.0389 3408 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
08:25:50.0440 3408 FontCache - ok
08:25:50.0482 3408 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:25:50.0529 3408 FontCache3.0.0.0 - ok
08:25:50.0541 3408 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:25:50.0572 3408 FsDepends - ok
08:25:50.0601 3408 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:25:50.0629 3408 Fs_Rec - ok
08:25:50.0682 3408 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:25:50.0720 3408 fvevol - ok
08:25:50.0750 3408 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:25:50.0781 3408 gagp30kx - ok
08:25:50.0865 3408 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:25:50.0929 3408 GamesAppService - ok
08:25:50.0974 3408 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:25:51.0011 3408 GEARAspiWDM - ok
08:25:51.0045 3408 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
08:25:51.0109 3408 gpsvc - ok
08:25:51.0144 3408 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:25:51.0199 3408 hcw85cir - ok
08:25:51.0230 3408 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:25:51.0285 3408 HdAudAddService - ok
08:25:51.0320 3408 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:25:51.0363 3408 HDAudBus - ok
08:25:51.0382 3408 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:25:51.0429 3408 HidBatt - ok
08:25:51.0463 3408 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:25:51.0517 3408 HidBth - ok
08:25:51.0562 3408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:25:51.0614 3408 HidIr - ok
08:25:51.0648 3408 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:25:51.0723 3408 hidserv - ok
08:25:51.0760 3408 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:25:51.0790 3408 HidUsb - ok
08:25:51.0806 3408 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:25:51.0881 3408 hkmsvc - ok
08:25:51.0904 3408 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:25:51.0956 3408 HomeGroupListener - ok
08:25:51.0988 3408 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:25:52.0010 3408 HomeGroupProvider - ok
08:25:52.0068 3408 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
08:25:52.0101 3408 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning
08:25:52.0101 3408 HP Health Check Service - detected UnsignedFile.Multi.Generic (1)
08:25:52.0133 3408 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
08:25:52.0168 3408 hpdskflt - ok
08:25:52.0185 3408 [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
08:25:52.0249 3408 HpqKbFiltr - ok
08:25:52.0277 3408 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
08:25:52.0296 3408 hpqwmiex - ok
08:25:52.0336 3408 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
08:25:52.0363 3408 HpSAMD - ok
08:25:52.0387 3408 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\Windows\system32\Hpservice.exe
08:25:52.0415 3408 hpsrv - ok
08:25:52.0457 3408 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:25:52.0532 3408 HTTP - ok
08:25:52.0558 3408 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:25:52.0588 3408 hwpolicy - ok
08:25:52.0624 3408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:25:52.0654 3408 i8042prt - ok
08:25:52.0684 3408 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:25:52.0722 3408 iaStorV - ok
08:25:52.0762 3408 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:25:52.0817 3408 idsvc - ok
08:25:53.0032 3408 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:25:53.0212 3408 igfx - ok
08:25:53.0255 3408 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:25:53.0284 3408 iirsp - ok
08:25:53.0329 3408 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
08:25:53.0408 3408 IKEEXT - ok
08:25:53.0456 3408 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
08:25:53.0541 3408 IntcHdmiAddService - ok
08:25:53.0556 3408 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
08:25:53.0594 3408 intelide - ok
08:25:53.0630 3408 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:25:53.0673 3408 intelppm - ok
08:25:53.0749 3408 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:25:53.0778 3408 IntuitUpdateServiceV4 - ok
08:25:53.0802 3408 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:25:53.0877 3408 IPBusEnum - ok
08:25:53.0913 3408 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:25:53.0967 3408 IpFilterDriver - ok
08:25:54.0003 3408 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:25:54.0071 3408 iphlpsvc - ok
08:25:54.0096 3408 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
08:25:54.0144 3408 IPMIDRV - ok
08:25:54.0193 3408 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:25:54.0269 3408 IPNAT - ok
08:25:54.0333 3408 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:25:54.0378 3408 iPod Service - ok
08:25:54.0403 3408 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:25:54.0437 3408 IRENUM - ok
08:25:54.0471 3408 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
08:25:54.0513 3408 isapnp - ok
08:25:54.0530 3408 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:25:54.0561 3408 iScsiPrt - ok
08:25:54.0591 3408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:25:54.0620 3408 kbdclass - ok
08:25:54.0646 3408 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:25:54.0695 3408 kbdhid - ok
08:25:54.0716 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
08:25:54.0737 3408 KeyIso - ok
08:25:54.0776 3408 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:25:54.0814 3408 KSecDD - ok
08:25:54.0833 3408 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:25:54.0866 3408 KSecPkg - ok
08:25:54.0888 3408 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:25:54.0959 3408 ksthunk - ok
08:25:55.0006 3408 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:25:55.0065 3408 KtmRm - ok
08:25:55.0117 3408 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:25:55.0179 3408 LanmanServer - ok
08:25:55.0220 3408 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:25:55.0292 3408 LanmanWorkstation - ok
08:25:55.0351 3408 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:25:55.0406 3408 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
08:25:55.0406 3408 LightScribeService - detected UnsignedFile.Multi.Generic (1)
08:25:55.0439 3408 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:25:55.0491 3408 lltdio - ok
08:25:55.0520 3408 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:25:55.0596 3408 lltdsvc - ok
08:25:55.0617 3408 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:25:55.0671 3408 lmhosts - ok
08:25:55.0706 3408 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:25:55.0737 3408 LSI_FC - ok
08:25:55.0746 3408 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:25:55.0779 3408 LSI_SAS - ok
08:25:55.0793 3408 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:25:55.0823 3408 LSI_SAS2 - ok
08:25:55.0856 3408 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:25:55.0887 3408 LSI_SCSI - ok
08:25:55.0923 3408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:25:55.0986 3408 luafv - ok
08:25:56.0032 3408 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:25:56.0082 3408 Mcx2Svc - ok
08:25:56.0108 3408 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:25:56.0137 3408 megasas - ok
08:25:56.0162 3408 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:25:56.0196 3408 MegaSR - ok
08:25:56.0224 3408 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:25:56.0298 3408 MMCSS - ok
08:25:56.0318 3408 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:25:56.0384 3408 Modem - ok
08:25:56.0409 3408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:25:56.0448 3408 monitor - ok
08:25:56.0471 3408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:25:56.0501 3408 mouclass - ok
08:25:56.0520 3408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:25:56.0570 3408 mouhid - ok
08:25:56.0611 3408 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:25:56.0656 3408 mountmgr - ok
08:25:56.0683 3408 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
08:25:56.0716 3408 mpio - ok
08:25:56.0732 3408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:25:56.0780 3408 mpsdrv - ok
08:25:56.0841 3408 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:25:56.0927 3408 MpsSvc - ok
08:25:56.0951 3408 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:25:57.0007 3408 MRxDAV - ok
08:25:57.0039 3408 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:25:57.0109 3408 mrxsmb - ok
08:25:57.0149 3408 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:25:57.0192 3408 mrxsmb10 - ok
08:25:57.0207 3408 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:25:57.0237 3408 mrxsmb20 - ok
08:25:57.0248 3408 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
08:25:57.0277 3408 msahci - ok
08:25:57.0297 3408 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
08:25:57.0325 3408 msdsm - ok
08:25:57.0340 3408 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:25:57.0395 3408 MSDTC - ok
08:25:57.0429 3408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:25:57.0480 3408 Msfs - ok
08:25:57.0500 3408 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:25:57.0572 3408 mshidkmdf - ok
08:25:57.0591 3408 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
08:25:57.0614 3408 msisadrv - ok
08:25:57.0638 3408 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:25:57.0708 3408 MSiSCSI - ok
08:25:57.0712 3408 msiserver - ok
08:25:57.0745 3408 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:25:57.0809 3408 MSKSSRV - ok
08:25:57.0833 3408 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:25:57.0892 3408 MSPCLOCK - ok
08:25:57.0912 3408 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:25:57.0975 3408 MSPQM - ok
08:25:58.0002 3408 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:25:58.0032 3408 MsRPC - ok
08:25:58.0058 3408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:25:58.0071 3408 mssmbios - ok
08:25:58.0092 3408 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:25:58.0153 3408 MSTEE - ok
08:25:58.0172 3408 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
08:25:58.0211 3408 MTConfig - ok
08:25:58.0244 3408 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:25:58.0267 3408 Mup - ok
08:25:58.0298 3408 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
08:25:58.0360 3408 napagent - ok
08:25:58.0409 3408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:25:58.0466 3408 NativeWifiP - ok
08:25:58.0514 3408 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
08:25:58.0544 3408 NDIS - ok
08:25:58.0557 3408 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:25:58.0603 3408 NdisCap - ok
08:25:58.0627 3408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:25:58.0672 3408 NdisTapi - ok
08:25:58.0681 3408 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:25:58.0749 3408 Ndisuio - ok
08:25:58.0773 3408 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:25:58.0820 3408 NdisWan - ok
08:25:58.0832 3408 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:25:58.0899 3408 NDProxy - ok
08:25:58.0935 3408 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:25:58.0994 3408 NetBIOS - ok
08:25:59.0025 3408 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:25:59.0095 3408 NetBT - ok
08:25:59.0116 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
08:25:59.0129 3408 Netlogon - ok
08:25:59.0164 3408 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:25:59.0232 3408 Netman - ok
08:25:59.0267 3408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:25:59.0325 3408 netprofm - ok
08:25:59.0357 3408 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:25:59.0385 3408 NetTcpPortSharing - ok
08:25:59.0519 3408 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
08:25:59.0645 3408 netw5v64 - ok
08:25:59.0675 3408 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
08:25:59.0699 3408 nfrd960 - ok
08:25:59.0732 3408 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:25:59.0781 3408 NlaSvc - ok
08:25:59.0806 3408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:25:59.0870 3408 Npfs - ok
08:25:59.0892 3408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:25:59.0957 3408 nsi - ok
08:25:59.0977 3408 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:26:00.0037 3408 nsiproxy - ok
08:26:00.0097 3408 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:26:00.0153 3408 Ntfs - ok
08:26:00.0164 3408 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:26:00.0222 3408 Null - ok
08:26:00.0286 3408 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:26:00.0311 3408 nvraid - ok
08:26:00.0330 3408 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:26:00.0355 3408 nvstor - ok
08:26:00.0374 3408 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
08:26:00.0399 3408 nv_agp - ok
08:26:00.0475 3408 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:26:00.0548 3408 odserv - ok
08:26:00.0573 3408 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:26:00.0615 3408 ohci1394 - ok
08:26:00.0641 3408 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:26:00.0676 3408 ose - ok
08:26:00.0705 3408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:26:00.0740 3408 p2pimsvc - ok
08:26:00.0769 3408 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:26:00.0816 3408 p2psvc - ok
08:26:00.0842 3408 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
08:26:00.0866 3408 Parport - ok
08:26:00.0906 3408 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:26:00.0930 3408 partmgr - ok
08:26:00.0947 3408 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:26:00.0994 3408 PcaSvc - ok
08:26:01.0023 3408 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
08:26:01.0049 3408 pci - ok
08:26:01.0060 3408 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
08:26:01.0082 3408 pciide - ok
08:26:01.0107 3408 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:26:01.0134 3408 pcmcia - ok
08:26:01.0155 3408 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:26:01.0178 3408 pcw - ok
08:26:01.0196 3408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:26:01.0248 3408 PEAUTH - ok
08:26:01.0304 3408 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:26:01.0346 3408 PerfHost - ok
08:26:01.0415 3408 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
08:26:01.0517 3408 pla - ok
08:26:01.0585 3408 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:26:01.0640 3408 PlugPlay - ok
08:26:01.0667 3408 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:26:01.0710 3408 PNRPAutoReg - ok
08:26:01.0739 3408 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:26:01.0755 3408 PNRPsvc - ok
08:26:01.0792 3408 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:26:01.0854 3408 PolicyAgent - ok
08:26:01.0879 3408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:26:01.0941 3408 Power - ok
08:26:01.0981 3408 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:26:02.0045 3408 PptpMiniport - ok
08:26:02.0068 3408 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
08:26:02.0111 3408 Processor - ok
08:26:02.0148 3408 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
08:26:02.0173 3408 ProfSvc - ok
08:26:02.0184 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:26:02.0200 3408 ProtectedStorage - ok
08:26:02.0229 3408 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:26:02.0266 3408 Psched - ok
08:26:02.0303 3408 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
08:26:02.0354 3408 ql2300 - ok
08:26:02.0366 3408 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
08:26:02.0391 3408 ql40xx - ok
08:26:02.0418 3408 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:26:02.0450 3408 QWAVE - ok
08:26:02.0472 3408 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:26:02.0515 3408 QWAVEdrv - ok
08:26:02.0536 3408 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:26:02.0597 3408 RasAcd - ok
08:26:02.0640 3408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:26:02.0703 3408 RasAgileVpn - ok
08:26:02.0714 3408 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:26:02.0779 3408 RasAuto - ok
08:26:02.0809 3408 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:26:02.0875 3408 Rasl2tp - ok
08:26:02.0902 3408 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
08:26:02.0970 3408 RasMan - ok
08:26:02.0993 3408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:26:03.0059 3408 RasPppoe - ok
08:26:03.0083 3408 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:26:03.0128 3408 RasSstp - ok
08:26:03.0151 3408 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:26:03.0216 3408 rdbss - ok
08:26:03.0241 3408 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
08:26:03.0282 3408 rdpbus - ok
08:26:03.0307 3408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:26:03.0351 3408 RDPCDD - ok
08:26:03.0365 3408 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:26:03.0429 3408 RDPENCDD - ok
08:26:03.0455 3408 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:26:03.0499 3408 RDPREFMP - ok
08:26:03.0544 3408 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:26:03.0603 3408 RDPWD - ok
08:26:03.0641 3408 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:26:03.0672 3408 rdyboost - ok
08:26:03.0702 3408 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:26:03.0769 3408 RemoteAccess - ok
08:26:03.0799 3408 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:26:03.0884 3408 RemoteRegistry - ok
08:26:03.0923 3408 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:26:03.0971 3408 RFCOMM - ok
08:26:04.0036 3408 [ 498EB62A160674E793FA40FD65390625 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
08:26:04.0084 3408 RichVideo - ok
08:26:04.0094 3408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:26:04.0157 3408 RpcEptMapper - ok
08:26:04.0183 3408 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:26:04.0222 3408 RpcLocator - ok
08:26:04.0256 3408 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\System32\rpcss.dll
08:26:04.0300 3408 RpcSs - ok
08:26:04.0331 3408 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:26:04.0399 3408 rspndr - ok
08:26:04.0421 3408 RSUSBSTOR - ok
08:26:04.0448 3408 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:26:04.0481 3408 RTL8167 - ok
08:26:04.0486 3408 RtsUIR - ok
08:26:04.0501 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
08:26:04.0514 3408 SamSs - ok
08:26:04.0535 3408 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
08:26:04.0559 3408 sbp2port - ok
08:26:04.0588 3408 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:26:04.0637 3408 SCardSvr - ok
08:26:04.0658 3408 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:26:04.0720 3408 scfilter - ok
08:26:04.0775 3408 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
08:26:04.0840 3408 Schedule - ok
08:26:04.0875 3408 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:26:04.0911 3408 SCPolicySvc - ok
08:26:04.0944 3408 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
08:26:05.0006 3408 sdbus - ok
08:26:05.0045 3408 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:26:05.0088 3408 SDRSVC - ok
08:26:05.0112 3408 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:26:05.0171 3408 secdrv - ok
08:26:05.0195 3408 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
08:26:05.0261 3408 seclogon - ok
08:26:05.0285 3408 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
08:26:05.0333 3408 SENS - ok
08:26:05.0353 3408 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:26:05.0376 3408 SensrSvc - ok
08:26:05.0389 3408 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
08:26:05.0429 3408 Serenum - ok
08:26:05.0454 3408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
08:26:05.0477 3408 Serial - ok
08:26:05.0494 3408 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
08:26:05.0534 3408 sermouse - ok
08:26:05.0581 3408 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
08:26:05.0637 3408 SessionEnv - ok
08:26:05.0662 3408 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
08:26:05.0709 3408 sffdisk - ok
08:26:05.0735 3408 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
08:26:05.0777 3408 sffp_mmc - ok
08:26:05.0782 3408 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
08:26:05.0807 3408 sffp_sd - ok
08:26:05.0829 3408 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
08:26:05.0851 3408 sfloppy - ok
08:26:05.0898 3408 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:26:05.0948 3408 SharedAccess - ok
08:26:05.0968 3408 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:26:06.0017 3408 ShellHWDetection - ok
08:26:06.0041 3408 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:26:06.0064 3408 SiSRaid2 - ok
08:26:06.0082 3408 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
08:26:06.0106 3408 SiSRaid4 - ok
08:26:06.0130 3408 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:26:06.0177 3408 Smb - ok
08:26:06.0199 3408 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:26:06.0245 3408 SNMPTRAP - ok
08:26:06.0264 3408 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:26:06.0290 3408 spldr - ok
08:26:06.0323 3408 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
08:26:06.0374 3408 Spooler - ok
08:26:06.0467 3408 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
08:26:06.0538 3408 sppsvc - ok
08:26:06.0561 3408 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:26:06.0629 3408 sppuinotify - ok
08:26:06.0677 3408 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:26:06.0750 3408 srv - ok
08:26:06.0778 3408 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:26:06.0828 3408 srv2 - ok
08:26:06.0867 3408 [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL6.SYS
08:26:06.0910 3408 SrvHsfHDA - ok
08:26:06.0952 3408 [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV6.SYS
08:26:07.0013 3408 SrvHsfV92 - ok
08:26:07.0051 3408 [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
08:26:07.0085 3408 SrvHsfWinac - ok
08:26:07.0125 3408 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:26:07.0168 3408 srvnet - ok
08:26:07.0214 3408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:26:07.0275 3408 SSDPSRV - ok
08:26:07.0303 3408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:26:07.0366 3408 SstpSvc - ok
08:26:07.0465 3408 [ 810199DCC3BDC38304D7D649992EA7BC ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
08:26:07.0527 3408 STacSV - ok
08:26:07.0565 3408 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
08:26:07.0587 3408 stexstor - ok
08:26:07.0625 3408 [ ED1722F43CE61409EF68340402D6267D ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:26:07.0650 3408 STHDA - ok
08:26:07.0683 3408 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
08:26:07.0741 3408 stisvc - ok
08:26:07.0766 3408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:26:07.0787 3408 swenum - ok
08:26:07.0818 3408 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:26:07.0893 3408 swprv - ok
08:26:07.0927 3408 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:26:07.0950 3408 SynTP - ok
08:26:07.0989 3408 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
08:26:08.0055 3408 SysMain - ok
08:26:08.0091 3408 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:26:08.0121 3408 TabletInputService - ok
08:26:08.0165 3408 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
08:26:08.0260 3408 TapiSrv - ok
08:26:08.0287 3408 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:26:08.0327 3408 TBS - ok
08:26:08.0409 3408 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:26:08.0475 3408 Tcpip - ok
08:26:08.0510 3408 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:26:08.0550 3408 TCPIP6 - ok
08:26:08.0577 3408 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:26:08.0621 3408 tcpipreg - ok
08:26:08.0642 3408 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:26:08.0678 3408 TDPIPE - ok
08:26:08.0712 3408 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:26:08.0750 3408 TDTCP - ok
08:26:08.0777 3408 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:26:08.0841 3408 tdx - ok
08:26:08.0846 3408 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:26:08.0870 3408 TermDD - ok
08:26:08.0916 3408 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
08:26:09.0012 3408 TermService - ok
08:26:09.0036 3408 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:26:09.0081 3408 Themes - ok
08:26:09.0109 3408 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:26:09.0146 3408 THREADORDER - ok
08:26:09.0159 3408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:26:09.0225 3408 TrkWks - ok
08:26:09.0283 3408 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:26:09.0325 3408 TrustedInstaller - ok
08:26:09.0341 3408 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:26:09.0387 3408 tssecsrv - ok
08:26:09.0407 3408 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:26:09.0465 3408 tunnel - ok
08:26:09.0501 3408 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
08:26:09.0525 3408 uagp35 - ok
08:26:09.0543 3408 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:26:09.0612 3408 udfs - ok
08:26:09.0650 3408 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:26:09.0688 3408 UI0Detect - ok
08:26:09.0699 3408 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
08:26:09.0722 3408 uliagpkx - ok
08:26:09.0749 3408 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:26:09.0787 3408 umbus - ok
08:26:09.0811 3408 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
08:26:09.0855 3408 UmPass - ok
08:26:09.0884 3408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:26:09.0945 3408 upnphost - ok
08:26:09.0979 3408 [ 54D4B48D443E7228BF64CF7CDC3118AC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
08:26:10.0009 3408 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
08:26:10.0009 3408 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
08:26:10.0045 3408 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:26:10.0093 3408 usbccgp - ok
08:26:10.0097 3408 USBCCID - ok
08:26:10.0141 3408 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
08:26:10.0195 3408 usbcir - ok
08:26:10.0222 3408 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:26:10.0243 3408 usbehci - ok
08:26:10.0292 3408 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:26:10.0339 3408 usbhub - ok
08:26:10.0373 3408 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:26:10.0427 3408 usbohci - ok
08:26:10.0451 3408 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:26:10.0477 3408 usbprint - ok
08:26:10.0518 3408 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:26:10.0563 3408 USBSTOR - ok
08:26:10.0601 3408 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:26:10.0621 3408 usbuhci - ok
08:26:10.0649 3408 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:26:10.0718 3408 usbvideo - ok
08:26:10.0743 3408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:26:10.0805 3408 UxSms - ok
08:26:10.0826 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
08:26:10.0840 3408 VaultSvc - ok
08:26:10.0865 3408 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
08:26:10.0888 3408 vdrvroot - ok
08:26:10.0911 3408 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
08:26:10.0963 3408 vds - ok
08:26:10.0988 3408 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:26:11.0013 3408 vga - ok
08:26:11.0027 3408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:26:11.0086 3408 VgaSave - ok
08:26:11.0128 3408 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
08:26:11.0171 3408 vhdmp - ok
08:26:11.0190 3408 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
08:26:11.0214 3408 viaide - ok
08:26:11.0229 3408 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
08:26:11.0253 3408 volmgr - ok
08:26:11.0269 3408 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:26:11.0299 3408 volmgrx - ok
08:26:11.0314 3408 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
08:26:11.0343 3408 volsnap - ok
08:26:11.0362 3408 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
08:26:11.0387 3408 vsmraid - ok
08:26:11.0443 3408 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
08:26:11.0518 3408 VSS - ok
08:26:11.0663 3408 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
08:26:11.0713 3408 vToolbarUpdater12.2.6 - ok
08:26:11.0732 3408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
08:26:11.0779 3408 vwifibus - ok
08:26:11.0813 3408 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
08:26:11.0860 3408 vwififlt - ok
08:26:11.0895 3408 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:26:11.0950 3408 W32Time - ok
08:26:11.0979 3408 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
08:26:12.0016 3408 WacomPen - ok
08:26:12.0051 3408 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:26:12.0115 3408 WANARP - ok
08:26:12.0120 3408 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:26:12.0158 3408 Wanarpv6 - ok
08:26:12.0225 3408 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:26:12.0406 3408 WatAdminSvc - ok
08:26:12.0459 3408 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
08:26:12.0538 3408 wbengine - ok
08:26:12.0563 3408 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:26:12.0595 3408 WbioSrvc - ok
08:26:12.0625 3408 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:26:12.0670 3408 wcncsvc - ok
08:26:12.0706 3408 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:26:12.0746 3408 WcsPlugInService - ok
08:26:12.0785 3408 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
08:26:12.0807 3408 Wd - ok
08:26:12.0841 3408 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:26:12.0876 3408 Wdf01000 - ok
08:26:12.0885 3408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:26:12.0937 3408 WdiServiceHost - ok
08:26:12.0941 3408 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:26:12.0961 3408 WdiSystemHost - ok
08:26:12.0999 3408 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
08:26:13.0044 3408 WebClient - ok
08:26:13.0076 3408 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:26:13.0154 3408 Wecsvc - ok
08:26:13.0175 3408 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:26:13.0231 3408 wercplsupport - ok
08:26:13.0246 3408 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:26:13.0323 3408 WerSvc - ok
08:26:13.0372 3408 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:26:13.0420 3408 WfpLwf - ok
08:26:13.0438 3408 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:26:13.0467 3408 WIMMount - ok
08:26:13.0487 3408 WinDefend - ok
08:26:13.0494 3408 WinHttpAutoProxySvc - ok
08:26:13.0545 3408 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:26:13.0620 3408 Winmgmt - ok
08:26:13.0677 3408 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
08:26:13.0779 3408 WinRM - ok
08:26:13.0846 3408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:26:13.0911 3408 Wlansvc - ok
08:26:13.0941 3408 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
08:26:13.0961 3408 WmiAcpi - ok
08:26:13.0990 3408 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:26:14.0044 3408 wmiApSrv - ok
08:26:14.0076 3408 WMPNetworkSvc - ok
08:26:14.0102 3408 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:26:14.0132 3408 WPCSvc - ok
08:26:14.0145 3408 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:26:14.0194 3408 WPDBusEnum - ok
08:26:14.0228 3408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:26:14.0279 3408 ws2ifsl - ok
08:26:14.0323 3408 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
08:26:14.0340 3408 wscsvc - ok
08:26:14.0345 3408 WSearch - ok
08:26:14.0462 3408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:26:14.0526 3408 wuauserv - ok
08:26:14.0544 3408 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:26:14.0618 3408 WudfPf - ok
08:26:14.0654 3408 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:26:14.0709 3408 WUDFRd - ok
08:26:14.0732 3408 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:26:14.0807 3408 wudfsvc - ok
08:26:14.0829 3408 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:26:14.0884 3408 WwanSvc - ok
08:26:14.0971 3408 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:26:15.0063 3408 YahooAUService - ok
08:26:15.0096 3408 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
08:26:15.0149 3408 yukonw7 - ok
08:26:15.0183 3408 ================ Scan global ===============================
08:26:15.0206 3408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:26:15.0255 3408 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:26:15.0277 3408 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
08:26:15.0302 3408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:26:15.0329 3408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:26:15.0343 3408 [Global] - ok
08:26:15.0344 3408 ================ Scan MBR ==================================
08:26:15.0356 3408 [ 775BA290D665A2E7E22923D1AF9171FA ] \Device\Harddisk0\DR0
08:26:15.0565 3408 \Device\Harddisk0\DR0 - ok
08:26:15.0566 3408 ================ Scan VBR ==================================
08:26:15.0570 3408 [ C61CB61D1D6EF53643850C261D869EFB ] \Device\Harddisk0\DR0\Partition1
08:26:15.0572 3408 \Device\Harddisk0\DR0\Partition1 - ok
08:26:15.0604 3408 [ 27EC516A07DF4B75615EBB2C43E04DE5 ] \Device\Harddisk0\DR0\Partition2
08:26:15.0607 3408 \Device\Harddisk0\DR0\Partition2 - ok
08:26:15.0634 3408 [ 684F243E9247318DBA5227AB4B9C0774 ] \Device\Harddisk0\DR0\Partition3
08:26:15.0636 3408 \Device\Harddisk0\DR0\Partition3 - ok
08:26:15.0636 3408 ================ Scan active images ========================
08:26:15.0640 3408 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
08:26:15.0640 3408 C:\Windows\System32\drivers\crashdmp.sys - ok
08:26:15.0650 3408 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
08:26:15.0650 3408 C:\Windows\System32\drivers\Dumpata.sys - ok
08:26:15.0657 3408 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
08:26:15.0657 3408 C:\Windows\System32\drivers\dumpfve.sys - ok
08:26:15.0663 3408 [ 5C37497276E3B3A5488B23A326A754B7 ] C:\Windows\System32\drivers\msahci.sys
08:26:15.0663 3408 C:\Windows\System32\drivers\msahci.sys - ok
08:26:15.0671 3408 [ 997D002827D3E3DCBBB25BF46DB161AB ] C:\Windows\System32\drivers\avgmfx64.sys
08:26:15.0671 3408 C:\Windows\System32\drivers\avgmfx64.sys - ok
08:26:15.0677 3408 [ A313C4AE276E3C975A1BC27170AA23C6 ] C:\Windows\System32\drivers\avgtpx64.sys
08:26:15.0678 3408 C:\Windows\System32\drivers\avgtpx64.sys - ok
08:26:15.0686 3408 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
08:26:15.0686 3408 C:\Windows\System32\drivers\beep.sys - ok
08:26:15.0692 3408 [ 83D2D75E1EFB81B3450C18131443F7DB ] C:\Windows\System32\drivers\cdrom.sys
08:26:15.0692 3408 C:\Windows\System32\drivers\cdrom.sys - ok
08:26:15.0698 3408 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
08:26:15.0698 3408 C:\Windows\System32\drivers\null.sys - ok
08:26:15.0704 3408 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
08:26:15.0704 3408 C:\Windows\System32\drivers\videoprt.sys - ok
08:26:15.0710 3408 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
08:26:15.0710 3408 C:\Windows\System32\drivers\watchdog.sys - ok
08:26:15.0716 3408 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
08:26:15.0716 3408 C:\Windows\System32\drivers\RDPCDD.sys - ok
08:26:15.0722 3408 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
08:26:15.0722 3408 C:\Windows\System32\drivers\RDPENCDD.sys - ok
08:26:15.0728 3408 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
08:26:15.0728 3408 C:\Windows\System32\drivers\RDPREFMP.sys - ok
08:26:15.0734 3408 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
08:26:15.0734 3408 C:\Windows\System32\drivers\vga.sys - ok
08:26:15.0740 3408 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
08:26:15.0740 3408 C:\Windows\System32\drivers\msfs.sys - ok
08:26:15.0746 3408 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
08:26:15.0746 3408 C:\Windows\System32\drivers\npfs.sys - ok
08:26:15.0752 3408 [ 0CA6FE26ACC7FFEE1BD0463F40835F32 ] C:\Windows\System32\drivers\tdi.sys
08:26:15.0752 3408 C:\Windows\System32\drivers\tdi.sys - ok
08:26:15.0757 3408 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] C:\Windows\System32\drivers\tdx.sys
08:26:15.0757 3408 C:\Windows\System32\drivers\tdx.sys - ok
08:26:15.0763 3408 [ DB9D6C6B2CD95A9CA414D045B627422E ] C:\Windows\System32\drivers\afd.sys
08:26:15.0763 3408 C:\Windows\System32\drivers\afd.sys - ok
08:26:15.0769 3408 [ 0D49ADCEBE243B79366EA523B647519A ] C:\Windows\System32\drivers\avgtdia.sys
08:26:15.0769 3408 C:\Windows\System32\drivers\avgtdia.sys - ok
08:26:15.0775 3408 [ 9162B273A44AB9DCE5B44362731D062A ] C:\Windows\System32\drivers\netbt.sys
08:26:15.0775 3408 C:\Windows\System32\drivers\netbt.sys - ok
08:26:15.0778 3408 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
08:26:15.0779 3408 C:\Windows\System32\drivers\netbios.sys - ok
08:26:15.0785 3408 [ EE992183BD8EAEFD9973F352E587A299 ] C:\Windows\System32\drivers\pacer.sys
08:26:15.0785 3408 C:\Windows\System32\drivers\pacer.sys - ok
08:26:15.0790 3408 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
08:26:15.0790 3408 C:\Windows\System32\drivers\vwififlt.sys - ok
08:26:15.0796 3408 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
08:26:15.0796 3408 C:\Windows\System32\drivers\wfplwf.sys - ok
08:26:15.0802 3408 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
08:26:15.0802 3408 C:\Windows\System32\drivers\ws2ifsl.sys - ok
08:26:15.0808 3408 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
08:26:15.0808 3408 C:\Windows\System32\drivers\serial.sys - ok
08:26:15.0814 3408 [ 47CA49400643EFFD3F1C9A27E1D69324 ] C:\Windows\System32\drivers\wanarp.sys
08:26:15.0814 3408 C:\Windows\System32\drivers\wanarp.sys - ok
08:26:15.0820 3408 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
08:26:15.0820 3408 C:\Windows\System32\drivers\discache.sys - ok
08:26:15.0827 3408 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
08:26:15.0827 3408 C:\Windows\System32\drivers\mssmbios.sys - ok
08:26:15.0832 3408 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
08:26:15.0832 3408 C:\Windows\System32\drivers\nsiproxy.sys - ok
08:26:15.0839 3408 [ 3BAC8142102C15D59A87757C1D41DCE5 ] C:\Windows\System32\drivers\rdbss.sys
08:26:15.0839 3408 C:\Windows\System32\drivers\rdbss.sys - ok
08:26:15.0844 3408 [ C448651339196C0E869A355171875522 ] C:\Windows\System32\drivers\termdd.sys
08:26:15.0844 3408 C:\Windows\System32\drivers\termdd.sys - ok
08:26:15.0850 3408 [ FF7383388A7D2283DAE5831ABC2B0720 ] C:\Windows\System32\drivers\avgldx64.sys
08:26:15.0850 3408 C:\Windows\System32\drivers\avgldx64.sys - ok
08:26:15.0856 3408 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
08:26:15.0856 3408 C:\Windows\System32\drivers\blbdrive.sys - ok
08:26:15.0862 3408 [ 9C253CE7311CA60FC11C774692A13208 ] C:\Windows\System32\drivers\dfsc.sys
08:26:15.0862 3408 C:\Windows\System32\drivers\dfsc.sys - ok
08:26:15.0868 3408 [ 3836171A2CDF3AF8EF10856DB9835A70 ] C:\Windows\System32\drivers\tunnel.sys
08:26:15.0868 3408 C:\Windows\System32\drivers\tunnel.sys - ok
08:26:15.0873 3408 [ 68DB778AC4FD7896CE2F153353BA15C8 ] C:\Windows\System32\ntdll.dll
08:26:15.0874 3408 C:\Windows\System32\ntdll.dll - ok
08:26:15.0879 3408 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
08:26:15.0879 3408 C:\Windows\System32\smss.exe - ok
08:26:15.0885 3408 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
08:26:15.0885 3408 C:\Windows\System32\drivers\intelppm.sys - ok
08:26:15.0892 3408 [ 8B7F8E882A649D81CEA1EDE9BBB68FFF ] C:\Windows\System32\autochk.exe
08:26:15.0892 3408 C:\Windows\System32\autochk.exe - ok
08:26:15.0897 3408 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
08:26:15.0897 3408 C:\Windows\System32\drivers\CmBatt.sys - ok
08:26:15.0903 3408 [ E5CBF5F8623BBD1DB7B8148A66F6EBA4 ] C:\Windows\System32\Wldap32.dll
08:26:15.0903 3408 C:\Windows\System32\Wldap32.dll - ok
08:26:15.0908 3408 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
08:26:15.0909 3408 C:\Windows\System32\normaliz.dll - ok
08:26:15.0915 3408 [ 15A54626213EBF003F7D4C9D8380A656 ] C:\Windows\System32\imagehlp.dll
08:26:15.0915 3408 C:\Windows\System32\imagehlp.dll - ok
08:26:15.0920 3408 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
08:26:15.0920 3408 C:\Windows\System32\difxapi.dll - ok
08:26:15.0926 3408 [ 579F6AFC6A6561951FA2202EFC3FE485 ] C:\Windows\System32\msvcrt.dll
08:26:15.0926 3408 C:\Windows\System32\msvcrt.dll - ok
08:26:15.0932 3408 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
08:26:15.0932 3408 C:\Windows\System32\imm32.dll - ok
08:26:15.0937 3408 [ AC8F79017C5C1FB316930EDEAD0AF517 ] C:\Windows\System32\ole32.dll
08:26:15.0937 3408 C:\Windows\System32\ole32.dll - ok
08:26:15.0944 3408 [ 677AA5991026A65ADA128C4B59CF2BAD ] C:\Windows\System32\drivers\igdkmd64.sys
08:26:15.0944 3408 C:\Windows\System32\drivers\igdkmd64.sys - ok
08:26:15.0949 3408 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
08:26:15.0949 3408 C:\Windows\System32\nsi.dll - ok
08:26:15.0955 3408 [ 7083F463788CB34FCC42F565D56F89E8 ] C:\Windows\System32\ws2_32.dll
08:26:15.0955 3408 C:\Windows\System32\ws2_32.dll - ok
08:26:15.0961 3408 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
08:26:15.0961 3408 C:\Windows\System32\iertutil.dll - ok
08:26:15.0967 3408 [ 1633B9ABF52784A1331476397A48CBEF ] C:\Windows\System32\drivers\dxgkrnl.sys
08:26:15.0967 3408 C:\Windows\System32\drivers\dxgkrnl.sys - ok
08:26:15.0973 3408 [ 3238B9078E0766AB5E62DC737A809ADB ] C:\Windows\System32\drivers\dxgmms1.sys
08:26:15.0973 3408 C:\Windows\System32\drivers\dxgmms1.sys - ok
08:26:15.0978 3408 [ 15BDC173EB5FA4F92B67D9FFB269A6EA ] C:\Windows\System32\shlwapi.dll
08:26:15.0979 3408 C:\Windows\System32\shlwapi.dll - ok
08:26:15.0984 3408 [ 48CC125A6AB6C72A13E3D3E9C39AD9D9 ] C:\Windows\System32\shell32.dll
08:26:15.0984 3408 C:\Windows\System32\shell32.dll - ok
08:26:15.0990 3408 [ BBF36EB7117F6B976975C9D8D877DF18 ] C:\Windows\System32\drivers\usbport.sys
08:26:15.0990 3408 C:\Windows\System32\drivers\usbport.sys - ok
08:26:15.0996 3408 [ BC3070350A491D84B518D7CCA9ABD36F ] C:\Windows\System32\drivers\usbuhci.sys
08:26:15.0996 3408 C:\Windows\System32\drivers\usbuhci.sys - ok
08:26:16.0002 3408 [ 92969BA5AC44E229C55A332864F79677 ] C:\Windows\System32\drivers\usbehci.sys
08:26:16.0002 3408 C:\Windows\System32\drivers\usbehci.sys - ok
08:26:16.0008 3408 [ 0A49913402747A0B67DE940FB42CBDBB ] C:\Windows\System32\drivers\hdaudbus.sys
08:26:16.0008 3408 C:\Windows\System32\drivers\hdaudbus.sys - ok
08:26:16.0014 3408 [ F99C7AE4BB91BD1506B3572F944307BB ] C:\Windows\System32\drivers\BCMWL664.SYS
08:26:16.0014 3408 C:\Windows\System32\drivers\BCMWL664.SYS - ok
08:26:16.0020 3408 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
08:26:16.0020 3408 C:\Windows\System32\drivers\vwifibus.sys - ok
08:26:16.0027 3408 [ 91296F0B2653281B2F11E0FCE56AA427 ] C:\Windows\System32\drivers\Rt64win7.sys
08:26:16.0027 3408 C:\Windows\System32\drivers\Rt64win7.sys - ok
08:26:16.0031 3408 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
08:26:16.0031 3408 C:\Windows\System32\drivers\i8042prt.sys - ok
08:26:16.0038 3408 [ 9AF482D058BE59CC28BCE52E7C4B747C ] C:\Windows\System32\drivers\HpqKbFiltr.sys
08:26:16.0039 3408 C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
08:26:16.0043 3408 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
08:26:16.0043 3408 C:\Windows\System32\drivers\kbdclass.sys - ok
08:26:16.0049 3408 [ 929C9FA0B18AD2EBC8340591C4BF00FF ] C:\Windows\System32\drivers\SynTP.sys
08:26:16.0049 3408 C:\Windows\System32\drivers\SynTP.sys - ok
08:26:16.0055 3408 [ 70B5A5A7E0DDD5EBAF6E35B7257A6B9D ] C:\Windows\System32\drivers\usbd.sys
08:26:16.0055 3408 C:\Windows\System32\drivers\usbd.sys - ok
08:26:16.0061 3408 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
08:26:16.0061 3408 C:\Windows\System32\drivers\mouclass.sys - ok
08:26:16.0069 3408 [ 524C79054636D2E5751169005006460B ] C:\Windows\System32\drivers\enecir.sys
08:26:16.0069 3408 C:\Windows\System32\drivers\enecir.sys - ok
08:26:16.0075 3408 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
08:26:16.0075 3408 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
08:26:16.0080 3408 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
08:26:16.0080 3408 C:\Windows\System32\drivers\wmiacpi.sys - ok
08:26:16.0087 3408 [ 1CFFE9C06E66A57DAE1452E449A58240 ] C:\Windows\System32\drivers\Accelerometer.sys
08:26:16.0087 3408 C:\Windows\System32\drivers\Accelerometer.sys - ok
08:26:16.0092 3408 [ F26B3A86F6FA87CA360B879581AB4123 ] C:\Windows\System32\drivers\CompositeBus.sys
08:26:16.0092 3408 C:\Windows\System32\drivers\CompositeBus.sys - ok
08:26:16.0098 3408 [ F94B8644F3AFE040EC6E1B6FBC9EFAA9 ] C:\Windows\System32\comdlg32.dll
08:26:16.0098 3408 C:\Windows\System32\comdlg32.dll - ok
08:26:16.0104 3408 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
08:26:16.0104 3408 C:\Windows\System32\drivers\agilevpn.sys - ok
08:26:16.0110 3408 [ 87A6E852A22991580D6D39ADC4790463 ] C:\Windows\System32\drivers\rasl2tp.sys
08:26:16.0110 3408 C:\Windows\System32\drivers\rasl2tp.sys - ok
08:26:16.0116 3408 [ DDBD24DC04DA5FD0EDF45CF72B7C01E2 ] C:\Windows\System32\kernel32.dll
08:26:16.0116 3408 C:\Windows\System32\kernel32.dll - ok
08:26:16.0122 3408 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
08:26:16.0122 3408 C:\Windows\System32\drivers\ndistapi.sys - ok
08:26:16.0128 3408 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] C:\Windows\System32\drivers\ndiswan.sys
08:26:16.0128 3408 C:\Windows\System32\drivers\ndiswan.sys - ok
08:26:16.0133 3408 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
08:26:16.0133 3408 C:\Windows\System32\drivers\raspppoe.sys - ok
08:26:16.0139 3408 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
08:26:16.0140 3408 C:\Windows\System32\wininet.dll - ok
08:26:16.0145 3408 [ 27CC19E81BA5E3403C48302127BDA717 ] C:\Windows\System32\drivers\raspptp.sys
08:26:16.0145 3408 C:\Windows\System32\drivers\raspptp.sys - ok
08:26:16.0151 3408 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
08:26:16.0151 3408 C:\Windows\System32\drivers\rassstp.sys - ok
08:26:16.0157 3408 [ 6A4EA4C29FBF78112AE20013FB71E9C1 ] C:\Windows\System32\setupapi.dll
08:26:16.0157 3408 C:\Windows\System32\setupapi.dll - ok
08:26:16.0163 3408 [ 5C7AF4A20F5BF67042B2E613D123D111 ] C:\Windows\System32\drivers\ks.sys
08:26:16.0163 3408 C:\Windows\System32\drivers\ks.sys - ok
08:26:16.0169 3408 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
08:26:16.0169 3408 C:\Windows\System32\drivers\swenum.sys - ok
08:26:16.0175 3408 [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
08:26:16.0175 3408 C:\Windows\System32\drivers\circlass.sys - ok
08:26:16.0180 3408 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] C:\Windows\System32\drivers\umbus.sys
08:26:16.0180 3408 C:\Windows\System32\drivers\umbus.sys - ok
08:26:16.0187 3408 [ 5F2BDCA5FA0F20A6F452CF0EE2A2B18C ] C:\Windows\System32\usp10.dll
08:26:16.0187 3408 C:\Windows\System32\usp10.dll - ok
08:26:16.0192 3408 [ 72D7B3EA16946E8F0CF7458150031CC6 ] C:\Windows\System32\user32.dll
08:26:16.0192 3408 C:\Windows\System32\user32.dll - ok
08:26:16.0198 3408 [ 2A46451EE42BCD2C842D8AA4923FAC16 ] C:\Windows\System32\oleaut32.dll
08:26:16.0198 3408 C:\Windows\System32\oleaut32.dll - ok
08:26:16.0204 3408 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] C:\Windows\System32\drivers\usbhub.sys
08:26:16.0204 3408 C:\Windows\System32\drivers\usbhub.sys - ok
08:26:16.0210 3408 [ E1B1255D3A4B3367FE4E9C71E62E3B5A ] C:\Windows\System32\gdi32.dll
08:26:16.0210 3408 C:\Windows\System32\gdi32.dll - ok
08:26:16.0218 3408 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
08:26:16.0218 3408 C:\Windows\System32\advapi32.dll - ok
08:26:16.0223 3408 [ 48C903068B6BDAB5EF650B9CBEE85295 ] C:\Windows\System32\rpcrt4.dll
08:26:16.0223 3408 C:\Windows\System32\rpcrt4.dll - ok
08:26:16.0228 3408 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
08:26:16.0229 3408 C:\Windows\System32\urlmon.dll - ok
08:26:16.0234 3408 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
08:26:16.0234 3408 C:\Windows\System32\clbcatq.dll - ok
08:26:16.0240 3408 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
08:26:16.0240 3408 C:\Windows\System32\psapi.dll - ok
08:26:16.0246 3408 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
08:26:16.0246 3408 C:\Windows\System32\sechost.dll - ok
08:26:16.0252 3408 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
08:26:16.0252 3408 C:\Windows\System32\msctf.dll - ok
08:26:16.0258 3408 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
08:26:16.0258 3408 C:\Windows\System32\lpk.dll - ok
08:26:16.0264 3408 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
08:26:16.0264 3408 C:\Windows\System32\devobj.dll - ok
08:26:16.0270 3408 [ B0B310037A3A9151735E9952D4395C76 ] C:\Windows\System32\crypt32.dll
08:26:16.0270 3408 C:\Windows\System32\crypt32.dll - ok
08:26:16.0275 3408 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\System32\comctl32.dll
08:26:16.0275 3408 C:\Windows\System32\comctl32.dll - ok
08:26:16.0279 3408 [ 08B1BDCDF896D38C6E820B9B155E7A17 ] C:\Windows\System32\KernelBase.dll
08:26:16.0279 3408 C:\Windows\System32\KernelBase.dll - ok
08:26:16.0285 3408 [ FEC6244873AB7981326CAEEC5B5FFF11 ] C:\Windows\System32\wintrust.dll
08:26:16.0285 3408 C:\Windows\System32\wintrust.dll - ok
08:26:16.0291 3408 [ D05E03C1B2824236531F5E37334B6A8A ] C:\Windows\System32\cfgmgr32.dll
08:26:16.0291 3408 C:\Windows\System32\cfgmgr32.dll - ok
08:26:16.0297 3408 [ 98FB7DD3B28A92E3C0E5B4BD9D63EF01 ] C:\Windows\System32\msasn1.dll
08:26:16.0297 3408 C:\Windows\System32\msasn1.dll - ok
08:26:16.0303 3408 [ 659B74FB74B86228D6338D643CD3E3CF ] C:\Windows\System32\drivers\ndproxy.sys
08:26:16.0303 3408 C:\Windows\System32\drivers\ndproxy.sys - ok
08:26:16.0308 3408 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
08:26:16.0308 3408 C:\Windows\System32\drivers\drmk.sys - ok
08:26:16.0315 3408 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
08:26:16.0316 3408 C:\Windows\System32\drivers\portcls.sys - ok
08:26:16.0321 3408 [ ED1722F43CE61409EF68340402D6267D ] C:\Windows\System32\drivers\stwrt64.sys
08:26:16.0321 3408 C:\Windows\System32\drivers\stwrt64.sys - ok
08:26:16.0327 3408 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
08:26:16.0327 3408 C:\Windows\SysWOW64\normaliz.dll - ok
08:26:16.0333 3408 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
08:26:16.0333 3408 C:\Windows\System32\drivers\ksthunk.sys - ok
08:26:16.0343 3408 [ D485D3BD3E2179AA86853A182F70699F ] C:\Windows\System32\drivers\IntcHdmi.sys
08:26:16.0343 3408 C:\Windows\System32\drivers\IntcHdmi.sys - ok
08:26:16.0347 3408 [ 685FEC2407FC121EB937CB658B3C0F35 ] C:\Windows\System32\drivers\hidclass.sys
08:26:16.0347 3408 C:\Windows\System32\drivers\hidclass.sys - ok
08:26:16.0353 3408 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
08:26:16.0353 3408 C:\Windows\System32\drivers\hidparse.sys - ok
08:26:16.0359 3408 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
08:26:16.0359 3408 C:\Windows\System32\drivers\hidir.sys - ok
08:26:16.0365 3408 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] C:\Windows\System32\drivers\kbdhid.sys
08:26:16.0365 3408 C:\Windows\System32\drivers\kbdhid.sys - ok
08:26:16.0371 3408 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
08:26:16.0371 3408 C:\Windows\System32\drivers\mouhid.sys - ok
08:26:16.0377 3408 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] C:\Windows\System32\drivers\usbccgp.sys
08:26:16.0377 3408 C:\Windows\System32\drivers\usbccgp.sys - ok
08:26:16.0383 3408 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] C:\Windows\System32\drivers\usbvideo.sys
08:26:16.0383 3408 C:\Windows\System32\drivers\usbvideo.sys - ok
08:26:16.0389 3408 [ D59773C7FDD3D795D6FE402EEEA8D71E ] C:\Windows\System32\drivers\bthport.sys
08:26:16.0389 3408 C:\Windows\System32\drivers\bthport.sys - ok
08:26:16.0395 3408 [ 8504842634DD144C075B6B0C982CCEC4 ] C:\Windows\System32\drivers\BTHUSB.SYS
08:26:16.0395 3408 C:\Windows\System32\drivers\BTHUSB.SYS - ok
08:26:16.0403 3408 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
08:26:16.0403 3408 C:\Windows\System32\drivers\dxapi.sys - ok
08:26:16.0407 3408 [ E37C71EA972AD883E7841D07BC6D5F1C ] C:\Windows\System32\win32k.sys
08:26:16.0407 3408 C:\Windows\System32\win32k.sys - ok
08:26:16.0412 3408 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
08:26:16.0412 3408 C:\Windows\System32\csrss.exe - ok
08:26:16.0418 3408 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
08:26:16.0419 3408 C:\Windows\System32\drivers\rfcomm.sys - ok
08:26:16.0424 3408 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
08:26:16.0424 3408 C:\Windows\System32\drivers\bthenum.sys - ok
08:26:16.0431 3408 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
08:26:16.0431 3408 C:\Windows\System32\drivers\bthpan.sys - ok
08:26:16.0436 3408 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] C:\Windows\System32\drivers\bthmodem.sys
08:26:16.0437 3408 C:\Windows\System32\drivers\bthmodem.sys - ok
08:26:16.0443 3408 [ E730EADB8F176DB06A378435BEB2E823 ] C:\Windows\System32\csrsrv.dll
08:26:16.0443 3408 C:\Windows\System32\csrsrv.dll - ok
08:26:16.0448 3408 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
08:26:16.0448 3408 C:\Windows\System32\drivers\modem.sys - ok
08:26:16.0454 3408 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] C:\Windows\System32\drivers\btwavdt.sys
08:26:16.0454 3408 C:\Windows\System32\drivers\btwavdt.sys - ok
08:26:16.0460 3408 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] C:\Windows\System32\drivers\btwaudio.sys
08:26:16.0460 3408 C:\Windows\System32\drivers\btwaudio.sys - ok
08:26:16.0466 3408 [ 6149301DC3F81D6F9667A3FBAC410975 ] C:\Windows\System32\drivers\btwl2cap.sys
08:26:16.0466 3408 C:\Windows\System32\drivers\btwl2cap.sys - ok
08:26:16.0472 3408 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
08:26:16.0472 3408 C:\Windows\System32\basesrv.dll - ok
08:26:16.0478 3408 [ 28E105AD3B79F440BF94780F507BF66A ] C:\Windows\System32\drivers\btwrchid.sys
08:26:16.0478 3408 C:\Windows\System32\drivers\btwrchid.sys - ok
08:26:16.0484 3408 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\System32\winsrv.dll
08:26:16.0484 3408 C:\Windows\System32\winsrv.dll - ok
08:26:16.0489 3408 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
08:26:16.0490 3408 C:\Windows\System32\drivers\monitor.sys - ok
08:26:16.0496 3408 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
08:26:16.0496 3408 C:\Windows\System32\tsddd.dll - ok
08:26:16.0501 3408 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
08:26:16.0501 3408 C:\Windows\System32\sxssrv.dll - ok
08:26:16.0508 3408 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
08:26:16.0508 3408 C:\Windows\System32\wininit.exe - ok
08:26:16.0513 3408 [ B9A047D231D32FDF5AF2F281E4326A9D ] C:\Windows\System32\KBDUS.DLL
08:26:16.0513 3408 C:\Windows\System32\KBDUS.DLL - ok
08:26:16.0519 3408 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
08:26:16.0519 3408 C:\Windows\System32\profapi.dll - ok
08:26:16.0525 3408 [ F4389DA7DBDA2E7D292D360CF8E400C7 ] C:\Windows\System32\RpcRtRemote.dll
08:26:16.0525 3408 C:\Windows\System32\RpcRtRemote.dll - ok
08:26:16.0528 3408 [ 100BDF2F89D6056CEE900BB6156DA737 ] C:\Windows\System32\cdd.dll
08:26:16.0529 3408 C:\Windows\System32\cdd.dll - ok
08:26:16.0534 3408 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
08:26:16.0534 3408 C:\Windows\System32\WlS0WndH.dll - ok
08:26:16.0541 3408 [ 456C92A9D8DB51B9938A6234BBC65FC9 ] C:\Windows\System32\sxs.dll
08:26:16.0541 3408 C:\Windows\System32\sxs.dll - ok
08:26:16.0546 3408 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
08:26:16.0546 3408 C:\Windows\System32\cryptbase.dll - ok
08:26:16.0552 3408 [ 01A465AC251BCCF6037DF2EF28AA4292 ] C:\Windows\System32\apphelp.dll
08:26:16.0552 3408 C:\Windows\System32\apphelp.dll - ok
08:26:16.0558 3408 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
08:26:16.0558 3408 C:\Windows\System32\services.exe - ok
08:26:16.0564 3408 [ BFA69408620587AFDEC2E8C12CA60492 ] C:\Windows\System32\lsasrv.dll
08:26:16.0564 3408 C:\Windows\System32\lsasrv.dll - ok
08:26:16.0569 3408 [ 156F6159457D0AA7E59B62681B56EB90 ] C:\Windows\System32\lsass.exe
08:26:16.0569 3408 C:\Windows\System32\lsass.exe - ok
08:26:16.0575 3408 [ 04FCA22B77A2E37332CC8226187AF87B ] C:\Windows\System32\lsm.exe
08:26:16.0576 3408 C:\Windows\System32\lsm.exe - ok
08:26:16.0581 3408 [ 1F582C6C84D5243692F9C3E04D0A663F ] C:\Windows\System32\sspicli.dll
08:26:16.0581 3408 C:\Windows\System32\sspicli.dll - ok
08:26:16.0587 3408 [ 68EA2513CA68AD8F741FF4F5B8D8590C ] C:\Windows\System32\sspisrv.dll
08:26:16.0587 3408 C:\Windows\System32\sspisrv.dll - ok
08:26:16.0593 3408 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
08:26:16.0593 3408 C:\Windows\System32\scext.dll - ok
08:26:16.0599 3408 [ B160ADAEFC76031D92C4FBAC0918B033 ] C:\Windows\System32\samsrv.dll
08:26:16.0599 3408 C:\Windows\System32\samsrv.dll - ok
08:26:16.0605 3408 [ 941AF3C8B0DE1B359BE22DD3288A8C8E ] C:\Windows\System32\scesrv.dll
08:26:16.0605 3408 C:\Windows\System32\scesrv.dll - ok
08:26:16.0610 3408 [ 74A0871810BF0F2AA3EB6681E9BECDD3 ] C:\Windows\System32\secur32.dll
08:26:16.0610 3408 C:\Windows\System32\secur32.dll - ok
08:26:16.0616 3408 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
08:26:16.0616 3408 C:\Windows\System32\sysntfy.dll - ok
08:26:16.0622 3408 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
08:26:16.0622 3408 C:\Windows\System32\wmsgapi.dll - ok
08:26:16.0628 3408 [ D23371AB9607651937C7641A38CD52BC ] C:\Windows\System32\srvcli.dll
08:26:16.0628 3408 C:\Windows\System32\srvcli.dll - ok
08:26:16.0634 3408 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
08:26:16.0634 3408 C:\Windows\System32\cryptdll.dll - ok
08:26:16.0640 3408 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
08:26:16.0640 3408 C:\Windows\System32\wevtapi.dll - ok
08:26:16.0645 3408 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
08:26:16.0646 3408 C:\Windows\System32\authz.dll - ok
08:26:16.0651 3408 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
08:26:16.0651 3408 C:\Windows\System32\cngaudit.dll - ok
08:26:16.0657 3408 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
08:26:16.0657 3408 C:\Windows\System32\bcrypt.dll - ok
08:26:16.0663 3408 [ E08926B4E52F92FF8852BECC0E2F358A ] C:\Windows\System32\ncrypt.dll
08:26:16.0663 3408 C:\Windows\System32\ncrypt.dll - ok
08:26:16.0670 3408 [ DA3E2A6FA9660CC75B471530CE88453A ] C:\Windows\System32\winlogon.exe
08:26:16.0670 3408 C:\Windows\System32\winlogon.exe - ok
08:26:16.0675 3408 [ D8C88512BA9544AE1CC2034F50ECFA12 ] C:\Windows\System32\winsta.dll
08:26:16.0675 3408 C:\Windows\System32\winsta.dll - ok
08:26:16.0680 3408 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
08:26:16.0680 3408 C:\Windows\System32\msprivs.dll - ok
08:26:16.0686 3408 [ B561B451320B0B40908A8BFD81705262 ] C:\Windows\System32\netjoin.dll
08:26:16.0686 3408 C:\Windows\System32\netjoin.dll - ok
08:26:16.0692 3408 [ EFC5353E4F513DEF55ED7B7872363957 ] C:\Windows\System32\atmfd.dll
08:26:16.0692 3408 C:\Windows\System32\atmfd.dll - ok
08:26:16.0698 3408 [ 96772B584BD0E667CD7741EF96284ACB ] C:\Windows\System32\kerberos.dll
08:26:16.0698 3408 C:\Windows\System32\kerberos.dll - ok
08:26:16.0704 3408 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
08:26:16.0704 3408 C:\Windows\System32\negoexts.dll - ok
08:26:16.0710 3408 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
08:26:16.0710 3408 C:\Windows\System32\cryptsp.dll - ok
08:26:16.0716 3408 [ FC76FE3C1E1FDB761244D4F74EF560FD ] C:\Windows\System32\mswsock.dll
08:26:16.0716 3408 C:\Windows\System32\mswsock.dll - ok
08:26:16.0723 3408 [ FA4DB05923DDDEDE3196ABD09AE0F1E9 ] C:\Windows\System32\msv1_0.dll
08:26:16.0723 3408 C:\Windows\System32\msv1_0.dll - ok
08:26:16.0728 3408 [ 956D030D375F207B22FB111E06EF9C35 ] C:\Windows\System32\netlogon.dll
08:26:16.0728 3408 C:\Windows\System32\netlogon.dll - ok
08:26:16.0735 3408 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
08:26:16.0735 3408 C:\Windows\System32\wship6.dll - ok
08:26:16.0740 3408 [ E247E7DEB20C0CF0801A8AC39E9CE1DF ] C:\Windows\System32\dnsapi.dll
08:26:16.0740 3408 C:\Windows\System32\dnsapi.dll - ok
08:26:16.0745 3408 [ 8CE22E63F08613036DF8C7B00FBDF36B ] C:\Windows\System32\logoncli.dll
08:26:16.0745 3408 C:\Windows\System32\logoncli.dll - ok
08:26:16.0751 3408 [ 90B780886BD813882CB382FF3E90E092 ] C:\Windows\System32\schannel.dll
08:26:16.0751 3408 C:\Windows\System32\schannel.dll - ok
08:26:16.0757 3408 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
08:26:16.0757 3408 C:\Windows\System32\wdigest.dll - ok
08:26:16.0763 3408 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
08:26:16.0763 3408 C:\Windows\System32\pku2u.dll - ok
08:26:16.0768 3408 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
08:26:16.0768 3408 C:\Windows\System32\rsaenh.dll - ok
08:26:16.0774 3408 [ 0DEFD5FBF801DD8F83BC0ED09861A8EC ] C:\Windows\System32\TSpkg.dll
08:26:16.0774 3408 C:\Windows\System32\TSpkg.dll - ok
08:26:16.0780 3408 [ DA090E97E57DCB48888015B5D3C749CD ] C:\Windows\System32\bcryptprimitives.dll
08:26:16.0780 3408 C:\Windows\System32\bcryptprimitives.dll - ok
08:26:16.0784 3408 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
08:26:16.0784 3408 C:\Windows\System32\efslsaext.dll - ok
08:26:16.0789 3408 [ 9301B8810B2DA4EB6AD55DB75FC1E339 ] C:\Windows\System32\credssp.dll
08:26:16.0789 3408 C:\Windows\System32\credssp.dll - ok
08:26:16.0795 3408 [ 398712DDDAEFB85EDF61DF6A07B65C79 ] C:\Windows\System32\scecli.dll
08:26:16.0795 3408 C:\Windows\System32\scecli.dll - ok
08:26:16.0801 3408 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
08:26:16.0801 3408 C:\Windows\System32\ubpm.dll - ok
08:26:16.0807 3408 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
08:26:16.0807 3408 C:\Windows\System32\svchost.exe - ok
08:26:16.0812 3408 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
08:26:16.0812 3408 C:\Windows\System32\SPInf.dll - ok
08:26:16.0819 3408 [ 98B1721B8718164293B9701B98C52D77 ] C:\Windows\System32\umpnpmgr.dll
08:26:16.0819 3408 C:\Windows\System32\umpnpmgr.dll - ok
08:26:16.0824 3408 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
08:26:16.0824 3408 C:\Windows\System32\devrtl.dll - ok
08:26:16.0830 3408 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
08:26:16.0830 3408 C:\Windows\System32\gpapi.dll - ok
08:26:16.0836 3408 [ 0776CF79590BDEF0A2728B0B9A813B96 ] C:\Windows\System32\userenv.dll
08:26:16.0836 3408 C:\Windows\System32\userenv.dll - ok
08:26:16.0841 3408 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
08:26:16.0841 3408 C:\Windows\System32\umpo.dll - ok
08:26:16.0849 3408 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
08:26:16.0849 3408 C:\Windows\System32\pcwum.dll - ok
08:26:16.0853 3408 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
08:26:16.0853 3408 C:\Windows\System32\powrprof.dll - ok
08:26:16.0859 3408 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
08:26:16.0859 3408 C:\Windows\System32\drivers\luafv.sys - ok
08:26:16.0865 3408 [ 7CADC74271DD6461C452C271B30BD378 ] C:\Windows\System32\drivers\WUDFPf.sys
08:26:16.0865 3408 C:\Windows\System32\drivers\WUDFPf.sys - ok
08:26:16.0871 3408 [ 7266972E86890E2B30C0C322E906B027 ] C:\Windows\System32\rpcss.dll
08:26:16.0871 3408 C:\Windows\System32\rpcss.dll - ok
08:26:16.0877 3408 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
08:26:16.0877 3408 C:\Windows\System32\RpcEpMap.dll - ok
08:26:16.0883 3408 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
08:26:16.0883 3408 C:\Windows\System32\wshqos.dll - ok
08:26:16.0889 3408 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
08:26:16.0889 3408 C:\Windows\System32\WSHTCPIP.DLL - ok
08:26:16.0895 3408 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
08:26:16.0895 3408 C:\Windows\System32\FirewallAPI.dll - ok
08:26:16.0901 3408 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
08:26:16.0901 3408 C:\Windows\System32\version.dll - ok
08:26:16.0907 3408 [ 99ABDA9C92EC76CBAF52F00239D909C9 ] C:\Windows\System32\wevtsvc.dll
08:26:16.0907 3408 C:\Windows\System32\wevtsvc.dll - ok
08:26:16.0914 3408 [ 93E6A39B1DB898F7C949FA5567E774CF ] C:\Windows\System32\LogonUI.exe
08:26:16.0914 3408 C:\Windows\System32\LogonUI.exe - ok
08:26:16.0919 3408 [ BCF0A980D21711E47D0803BDB0E99CAD ] C:\Windows\System32\authui.dll
08:26:16.0919 3408 C:\Windows\System32\authui.dll - ok
08:26:16.0925 3408 [ 07721A77180EDD4D39CCB865BF63C7FD ] C:\Windows\System32\audiosrv.dll
08:26:16.0925 3408 C:\Windows\System32\audiosrv.dll - ok
08:26:16.0930 3408 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
08:26:16.0930 3408 C:\Windows\System32\mmcss.dll - ok
08:26:16.0936 3408 [ 97293447431311C06703368AD0F6C4BE ] C:\Windows\System32\profsvc.dll
08:26:16.0936 3408 C:\Windows\System32\profsvc.dll - ok
08:26:16.0942 3408 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
08:26:16.0942 3408 C:\Windows\System32\avrt.dll - ok
08:26:16.0948 3408 [ 810199DCC3BDC38304D7D649992EA7BC ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe
08:26:16.0948 3408 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\stacsv64.exe - ok
08:26:16.0954 3408 [ DBA90306A721FB922FDACED9E9728C28 ] C:\Windows\System32\cryptui.dll
08:26:16.0954 3408 C:\Windows\System32\cryptui.dll - ok
08:26:16.0960 3408 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
08:26:16.0960 3408 C:\Windows\System32\adtschema.dll - ok
08:26:16.0965 3408 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
08:26:16.0966 3408 C:\Windows\System32\dsound.dll - ok
08:26:16.0971 3408 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
08:26:16.0971 3408 C:\Windows\System32\MMDevAPI.dll - ok
08:26:16.0978 3408 [ B27EA141A7E748B607600A8551A44D5A ] C:\Windows\System32\propsys.dll
08:26:16.0978 3408 C:\Windows\System32\propsys.dll - ok
08:26:16.0983 3408 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
08:26:16.0983 3408 C:\Windows\System32\wlansvc.dll - ok
08:26:16.0989 3408 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
08:26:16.0989 3408 C:\Windows\System32\winmm.dll - ok
08:26:16.0995 3408 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
08:26:16.0995 3408 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
08:26:17.0001 3408 [ 06CA6CB594D4F56EA23311DD3C86E551 ] C:\Windows\System32\stapi64.dll
08:26:17.0001 3408 C:\Windows\System32\stapi64.dll - ok
08:26:17.0007 3408 [ 113921FC4A80A3DDF646852998B836D0 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll
08:26:17.0007 3408 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7\comctl32.dll - ok
08:26:17.0013 3408 [ 81D64E8D70E5FBF9F7ABF2D41154F54D ] C:\Windows\System32\AudioSes.dll
08:26:17.0013 3408 C:\Windows\System32\AudioSes.dll - ok
08:26:17.0019 3408 [ D152EBC32A23069F8AA1D1F24B15E3F9 ] C:\Windows\System32\audiodg.exe
08:26:17.0019 3408 C:\Windows\System32\audiodg.exe - ok
08:26:17.0025 3408 [ F5C26453CC452B5A3CB561195BDE4CF8 ] C:\Windows\System32\stapo64.dll
08:26:17.0025 3408 C:\Windows\System32\stapo64.dll - ok
08:26:17.0031 3408 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
08:26:17.0031 3408 C:\Windows\System32\ntmarta.dll - ok
08:26:17.0035 3408 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
08:26:17.0035 3408 C:\Windows\System32\AudioEng.dll - ok
08:26:17.0040 3408 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
08:26:17.0040 3408 C:\Windows\System32\WMALFXGFXDSP.dll - ok
08:26:17.0046 3408 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
08:26:17.0046 3408 C:\Windows\System32\mfplat.dll - ok
08:26:17.0052 3408 [ FE5AB4525BC2EC68B9119A6E5D40128B ] C:\Windows\System32\gpsvc.dll
08:26:17.0052 3408 C:\Windows\System32\gpsvc.dll - ok
08:26:17.0058 3408 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
08:26:17.0058 3408 C:\Windows\System32\atl.dll - ok
08:26:17.0064 3408 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
08:26:17.0064 3408 C:\Windows\System32\dsrole.dll - ok
08:26:17.0069 3408 [ 86E3822A34D454032D8E88C72AE8CF2D ] C:\Windows\System32\nlaapi.dll
08:26:17.0070 3408 C:\Windows\System32\nlaapi.dll - ok
08:26:17.0076 3408 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
08:26:17.0077 3408 C:\Windows\System32\themeservice.dll - ok
08:26:17.0082 3408 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
08:26:17.0082 3408 C:\Windows\System32\es.dll - ok
08:26:17.0088 3408 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
08:26:17.0088 3408 C:\Windows\System32\slc.dll - ok
08:26:17.0093 3408 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
08:26:17.0094 3408 C:\Windows\System32\comres.dll - ok
08:26:17.0100 3408 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] C:\Windows\System32\hpservice.exe
08:26:17.0100 3408 C:\Windows\System32\hpservice.exe - ok
08:26:17.0105 3408 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
08:26:17.0105 3408 C:\Windows\System32\Sens.dll - ok
08:26:17.0112 3408 [ 0ABCA5A037A8B4D744991544B286D847 ] C:\Windows\System32\mfc42u.dll
08:26:17.0112 3408 C:\Windows\System32\mfc42u.dll - ok
08:26:17.0117 3408 [ DFF4993094A11275601E7ADBF1D1BD25 ] C:\Windows\System32\odbc32.dll
08:26:17.0117 3408 C:\Windows\System32\odbc32.dll - ok
08:26:17.0124 3408 [ E4534381D36D42EBF3A5E9B17DEBC707 ] C:\Windows\System32\accelerometerdll.DLL
08:26:17.0124 3408 C:\Windows\System32\accelerometerdll.DLL - ok
08:26:17.0129 3408 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
08:26:17.0129 3408 C:\Windows\System32\odbcint.dll - ok
08:26:17.0135 3408 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
08:26:17.0135 3408 C:\Windows\System32\wtsapi32.dll - ok
08:26:17.0140 3408 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
08:26:17.0141 3408 C:\Windows\System32\uxsms.dll - ok
08:26:17.0146 3408 [ B551D6637AA0E132C18AC6E504F7B79B ] C:\Windows\System32\WUDFSvc.dll
08:26:17.0146 3408 C:\Windows\System32\WUDFSvc.dll - ok
08:26:17.0152 3408 [ 37B68E458C0BC255DF2FB7454D0798D3 ] C:\Windows\System32\WUDFPlatform.dll
08:26:17.0152 3408 C:\Windows\System32\WUDFPlatform.dll - ok
08:26:17.0158 3408 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
08:26:17.0158 3408 C:\Windows\System32\drivers\lltdio.sys - ok
08:26:17.0164 3408 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
08:26:17.0164 3408 C:\Windows\System32\samlib.dll - ok
08:26:17.0170 3408 [ 84F8C8B9FB1F12532999D25F5DD7E77C ] C:\Windows\System32\shacct.dll
08:26:17.0170 3408 C:\Windows\System32\shacct.dll - ok
08:26:17.0176 3408 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] C:\Windows\System32\drivers\ndisuio.sys
08:26:17.0176 3408 C:\Windows\System32\drivers\ndisuio.sys - ok
08:26:17.0181 3408 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
08:26:17.0182 3408 C:\Windows\System32\drivers\nwifi.sys - ok
08:26:17.0187 3408 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
08:26:17.0187 3408 C:\Windows\System32\drivers\rspndr.sys - ok
08:26:17.0194 3408 [ 57FE2CFC2F25C200499D5D934EA24EB5 ] C:\Windows\System32\IPHLPAPI.DLL
08:26:17.0194 3408 C:\Windows\System32\IPHLPAPI.DLL - ok
08:26:17.0199 3408 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
08:26:17.0199 3408 C:\Windows\System32\lmhsvc.dll - ok
08:26:17.0206 3408 [ FD5BA198F7190DFE9BE1947EB8710396 ] C:\Windows\System32\nrpsrv.dll
08:26:17.0206 3408 C:\Windows\System32\nrpsrv.dll - ok
08:26:17.0211 3408 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
08:26:17.0211 3408 C:\Windows\System32\nsisvc.dll - ok
08:26:17.0217 3408 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
08:26:17.0217 3408 C:\Windows\System32\winnsi.dll - ok
08:26:17.0222 3408 [ 85CF424C74A1D5EC33533E1DBFF9920A ] C:\Windows\System32\dnsrslvr.dll
08:26:17.0222 3408 C:\Windows\System32\dnsrslvr.dll - ok
08:26:17.0228 3408 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
08:26:17.0228 3408 C:\Windows\System32\eapsvc.dll - ok
08:26:17.0234 3408 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
08:26:17.0234 3408 C:\Windows\System32\keyiso.dll - ok
08:26:17.0240 3408 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
08:26:17.0240 3408 C:\Windows\System32\FWPUCLNT.DLL - ok
08:26:17.0246 3408 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
08:26:17.0246 3408 C:\Windows\System32\dhcpcsvc.dll - ok
08:26:17.0252 3408 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
08:26:17.0252 3408 C:\Windows\System32\dhcpcsvc6.dll - ok
08:26:17.0258 3408 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
08:26:17.0258 3408 C:\Windows\System32\dnsext.dll - ok
08:26:17.0264 3408 [ F7866AF72ABBAF84B1FA5AA195378C59 ] C:\Windows\System32\drivers\fltMgr.sys
08:26:17.0264 3408 C:\Windows\System32\drivers\fltMgr.sys - ok
08:26:17.0270 3408 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
08:26:17.0270 3408 C:\Windows\System32\uxtheme.dll - ok
08:26:17.0277 3408 [ DD0701DE0AAA010E6EBD0F53B672DCEE ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_2b47185a719d6182\GdiPlus.dll
08:26:17.0277 3408 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_2b47185a719d6182\GdiPlus.dll - ok
08:26:17.0283 3408 [ 982F5395AD181179320083A4FA7E7CA8 ] C:\Windows\System32\eapphost.dll
08:26:17.0283 3408 C:\Windows\System32\eapphost.dll - ok
08:26:17.0287 3408 [ CE3B9562D997F69B330D181A8875960F ] C:\Windows\System32\dhcpcore.dll
08:26:17.0287 3408 C:\Windows\System32\dhcpcore.dll - ok
08:26:17.0293 3408 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
08:26:17.0293 3408 C:\Windows\System32\dhcpcore6.dll - ok
08:26:17.0298 3408 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
08:26:17.0298 3408 C:\Windows\System32\PSHED.DLL - ok
08:26:17.0304 3408 [ 2017BFE87CAB3D7EF632CFD2AA08D3F0 ] C:\Windows\System32\umb.dll
08:26:17.0304 3408 C:\Windows\System32\umb.dll - ok
08:26:17.0310 3408 [ 48A31B7CF046702059A86836DC21D786 ] C:\Windows\System32\wlanmsm.dll
08:26:17.0310 3408 C:\Windows\System32\wlanmsm.dll - ok
08:26:17.0316 3408 [ D2B0D1C2BE5ECA80387F7CB8626DCAFE ] C:\Windows\System32\onex.dll
08:26:17.0316 3408 C:\Windows\System32\onex.dll - ok
08:26:17.0321 3408 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
08:26:17.0322 3408 C:\Windows\System32\wlansec.dll - ok
08:26:17.0327 3408 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
08:26:17.0327 3408 C:\Windows\System32\eappcfg.dll - ok
08:26:17.0333 3408 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
08:26:17.0333 3408 C:\Windows\System32\eappprxy.dll - ok
08:26:17.0339 3408 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
08:26:17.0339 3408 C:\Windows\System32\l2gpstore.dll - ok
08:26:17.0345 3408 [ 22E7431E7DAE8463AF94A79A054276E5 ] C:\Windows\System32\WinSCard.dll
08:26:17.0345 3408 C:\Windows\System32\WinSCard.dll - ok
08:26:17.0351 3408 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
08:26:17.0351 3408 C:\Windows\System32\wlanutil.dll - ok
08:26:17.0357 3408 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
08:26:17.0357 3408 C:\Windows\System32\wlgpclnt.dll - ok
08:26:17.0362 3408 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
08:26:17.0363 3408 C:\Windows\System32\dui70.dll - ok
08:26:17.0368 3408 [ 30F9BACA07F8251D7DD1805A9E919CE0 ] C:\Windows\System32\wdmaud.drv
08:26:17.0368 3408 C:\Windows\System32\wdmaud.drv - ok
08:26:17.0374 3408 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
08:26:17.0374 3408 C:\Windows\System32\duser.dll - ok
08:26:17.0380 3408 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
08:26:17.0380 3408 C:\Windows\System32\ksuser.dll - ok
08:26:17.0386 3408 [ B2E3D4BB3389817FB5E4CD9378BC8791 ] C:\Windows\System32\SndVolSSO.dll
08:26:17.0386 3408 C:\Windows\System32\SndVolSSO.dll - ok
08:26:17.0391 3408 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
08:26:17.0391 3408 C:\Windows\System32\dwmapi.dll - ok
08:26:17.0397 3408 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
08:26:17.0397 3408 C:\Windows\System32\hid.dll - ok
08:26:17.0403 3408 [ 39F91A948E6017B732C4A0B3086A8E32 ] C:\Windows\System32\xmllite.dll
08:26:17.0403 3408 C:\Windows\System32\xmllite.dll - ok
08:26:17.0409 3408 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
08:26:17.0409 3408 C:\Windows\System32\msacm32.dll - ok
08:26:17.0414 3408 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
08:26:17.0414 3408 C:\Windows\System32\msacm32.drv - ok
08:26:17.0420 3408 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
08:26:17.0420 3408 C:\Windows\System32\midimap.dll - ok
08:26:17.0426 3408 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
08:26:17.0426 3408 C:\Windows\System32\AUDIOKSE.dll - ok
08:26:17.0432 3408 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
08:26:17.0432 3408 C:\Windows\System32\AESTAR64.dll - ok
08:26:17.0438 3408 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
08:26:17.0438 3408 C:\Windows\System32\netprofm.dll - ok
08:26:17.0444 3408 [ 3D9FC44CA93001B423F89876369F1348 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
08:26:17.0444 3408 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
08:26:17.0452 3408 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
08:26:17.0452 3408 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
08:26:17.0458 3408 [ B6F0676FC23D543452FE81D8B71D24E7 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
08:26:17.0458 3408 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
08:26:17.0466 3408 [ F7BA79CEFBD9DF4AF781E00356FBF48E ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
08:26:17.0466 3408 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
08:26:17.0471 3408 [ 79E25E0628A2FF7A74356EAEF5011C26 ] C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
08:26:17.0471 3408 C:\Windows\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
08:26:17.0477 3408 [ AECAB449567D1846DAD63ECE49E893E3 ] C:\Windows\System32\MPSSVC.dll
08:26:17.0477 3408 C:\Windows\System32\MPSSVC.dll - ok
08:26:17.0483 3408 [ 72D3D64526765C34DBFC7D895B4FBDF6 ] C:\Windows\System32\msxml6.dll
08:26:17.0483 3408 C:\Windows\System32\msxml6.dll - ok
08:26:17.0489 3408 [ EA99F234843BBDDA1ABD2767111ADE25 ] C:\Windows\System32\WindowsCodecs.dll
08:26:17.0489 3408 C:\Windows\System32\WindowsCodecs.dll - ok
08:26:17.0495 3408 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
08:26:17.0495 3408 C:\Windows\System32\winbrand.dll - ok
08:26:17.0501 3408 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] C:\Windows\System32\shsvcs.dll
08:26:17.0501 3408 C:\Windows\System32\shsvcs.dll - ok
08:26:17.0504 3408 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
08:26:17.0504 3408 C:\Windows\System32\wlanext.exe - ok
08:26:17.0510 3408 [ F0D1646162FB07476CCCF62EDB034B8B ] C:\Windows\System32\conhost.exe
08:26:17.0510 3408 C:\Windows\System32\conhost.exe - ok
08:26:17.0517 3408 [ 624D0F5FF99428BB90A5B8A4123E918E ] C:\Windows\System32\schedsvc.dll
08:26:17.0517 3408 C:\Windows\System32\schedsvc.dll - ok
08:26:17.0520 3408 [ CA9D70EC7139D20C6A53F820F27A8BAF ] C:\Windows\System32\bcmihvsrv64.dll
08:26:17.0520 3408 C:\Windows\System32\bcmihvsrv64.dll - ok
08:26:17.0526 3408 [ 3C27B50BC43D5FED43081A784DD17190 ] C:\Windows\System32\netapi32.dll
08:26:17.0526 3408 C:\Windows\System32\netapi32.dll - ok
08:26:17.0532 3408 [ 4C8C2F987FC397DCE98874D6C9C0736A ] C:\Windows\System32\netutils.dll
08:26:17.0532 3408 C:\Windows\System32\netutils.dll - ok
08:26:17.0535 3408 [ B33CBD1A8C2A33121321D0FEBD7DD870 ] C:\Windows\System32\wkscli.dll
08:26:17.0535 3408 C:\Windows\System32\wkscli.dll - ok
08:26:17.0539 3408 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
08:26:17.0539 3408 C:\Windows\System32\ktmw32.dll - ok
08:26:17.0546 3408 [ 1B38A0F123FCF1546FACEAF1EFAFAA00 ] C:\Windows\System32\fveapi.dll
08:26:17.0546 3408 C:\Windows\System32\fveapi.dll - ok
08:26:17.0551 3408 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
08:26:17.0551 3408 C:\Windows\System32\fvecerts.dll - ok
08:26:17.0554 3408 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
08:26:17.0554 3408 C:\Windows\System32\tbs.dll - ok
08:26:17.0560 3408 [ 1B547066D0A6CD40EB3BAAC6A9C7E7A9 ] C:\Windows\System32\taskcomp.dll
08:26:17.0560 3408 C:\Windows\System32\taskcomp.dll - ok
08:26:17.0566 3408 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
08:26:17.0566 3408 C:\Windows\System32\wiarpc.dll - ok
08:26:17.0569 3408 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] C:\Windows\System32\drivers\http.sys
08:26:17.0570 3408 C:\Windows\System32\drivers\http.sys - ok
08:26:17.0576 3408 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
08:26:17.0576 3408 C:\Windows\System32\VaultCredProvider.dll - ok
08:26:17.0579 3408 [ 553A399961D1C2C7D6B7E5DC8D3E8C12 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
08:26:17.0579 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
08:26:17.0585 3408 [ 02CDEB5D8B3DD5F6770DEFFBBC0CFAD0 ] C:\Windows\System32\winspool.drv
08:26:17.0585 3408 C:\Windows\System32\winspool.drv - ok
08:26:17.0589 3408 [ 92AAF75C3EB344A098DC026BC9DDF42A ] C:\Windows\System32\bthprops.cpl
08:26:17.0589 3408 C:\Windows\System32\bthprops.cpl - ok
08:26:17.0595 3408 [ 2A381A9740165D7A1405148B6DFB3E38 ] C:\Windows\System32\SmartcardCredentialProvider.dll
08:26:17.0595 3408 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
08:26:17.0598 3408 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
08:26:17.0598 3408 C:\Windows\System32\BioCredProv.dll - ok
08:26:17.0604 3408 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
08:26:17.0604 3408 C:\Windows\System32\winbio.dll - ok
08:26:17.0611 3408 [ 97D38371502AA797DB14EB1FA5FCE4CD ] C:\Windows\System32\credui.dll
08:26:17.0611 3408 C:\Windows\System32\credui.dll - ok
08:26:17.0614 3408 [ A87205FE194B239D8D96E4972B779CC1 ] C:\Windows\System32\samcli.dll
08:26:17.0614 3408 C:\Windows\System32\samcli.dll - ok
08:26:17.0620 3408 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
08:26:17.0620 3408 C:\Windows\System32\vaultcli.dll - ok
08:26:17.0627 3408 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
08:26:17.0627 3408 C:\Windows\System32\certCredProvider.dll - ok
08:26:17.0632 3408 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
08:26:17.0632 3408 C:\Windows\System32\rasplap.dll - ok
08:26:17.0636 3408 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
08:26:17.0636 3408 C:\Windows\System32\rasapi32.dll - ok
08:26:17.0644 3408 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
08:26:17.0644 3408 C:\Windows\System32\rasman.dll - ok
08:26:17.0648 3408 [ F5A61F0A0030C80DF319B0C14A4C8885 ] C:\Windows\System32\rtutils.dll
08:26:17.0648 3408 C:\Windows\System32\rtutils.dll - ok
08:26:17.0654 3408 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
08:26:17.0654 3408 C:\Windows\System32\wlanapi.dll - ok
08:26:17.0660 3408 [ 8F6D9A20F1FB06F0602A7D5A82840DBF ] C:\Windows\System32\netcfgx.dll
08:26:17.0660 3408 C:\Windows\System32\netcfgx.dll - ok
08:26:17.0665 3408 [ 567977DC43CC13C4C35ED7084C0B84D5 ] C:\Windows\System32\spoolsv.exe
08:26:17.0665 3408 C:\Windows\System32\spoolsv.exe - ok
08:26:17.0670 3408 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
08:26:17.0670 3408 C:\Windows\System32\UXInit.dll - ok
08:26:17.0676 3408 [ 4992C609A6315671463E30F6512BC022 ] C:\Windows\System32\BFE.DLL
08:26:17.0676 3408 C:\Windows\System32\BFE.DLL - ok
08:26:17.0682 3408 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] C:\Windows\System32\drivers\srvnet.sys
08:26:17.0682 3408 C:\Windows\System32\drivers\srvnet.sys - ok
08:26:17.0688 3408 [ D1330C0A1856186A6D2AECD30D9C90F3 ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
08:26:17.0688 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
08:26:17.0695 3408 [ 19D20159708E152267E53B66677A4995 ] C:\Windows\System32\drivers\bowser.sys
08:26:17.0695 3408 C:\Windows\System32\drivers\bowser.sys - ok
08:26:17.0701 3408 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
08:26:17.0701 3408 C:\Windows\System32\drivers\mpsdrv.sys - ok
08:26:17.0708 3408 [ 040D62A9D8AD28922632137ACDD984F2 ] C:\Windows\System32\drivers\mrxsmb.sys
08:26:17.0708 3408 C:\Windows\System32\drivers\mrxsmb.sys - ok
08:26:17.0713 3408 [ F0067552F8F9B33D7C59403AB808A3CB ] C:\Windows\System32\drivers\mrxsmb10.sys
08:26:17.0713 3408 C:\Windows\System32\drivers\mrxsmb10.sys - ok
08:26:17.0719 3408 [ 3C142D31DE9F2F193218A53FE2632051 ] C:\Windows\System32\drivers\mrxsmb20.sys
08:26:17.0719 3408 C:\Windows\System32\drivers\mrxsmb20.sys - ok
08:26:17.0725 3408 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] C:\Windows\System32\drivers\srv2.sys
08:26:17.0725 3408 C:\Windows\System32\drivers\srv2.sys - ok
08:26:17.0731 3408 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] C:\Windows\System32\drivers\srv.sys
08:26:17.0731 3408 C:\Windows\System32\drivers\srv.sys - ok
08:26:17.0737 3408 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] C:\Windows\System32\wkssvc.dll
08:26:17.0737 3408 C:\Windows\System32\wkssvc.dll - ok
08:26:17.0743 3408 [ 6B054C67AAA87843504E8E3C09102009 ] C:\Windows\System32\browser.dll
08:26:17.0743 3408 C:\Windows\System32\browser.dll - ok
08:26:17.0749 3408 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
08:26:17.0749 3408 C:\Windows\System32\netmsg.dll - ok
08:26:17.0755 3408 [ 81F1D04D4D0E433099365127375FD501 ] C:\Windows\System32\srvsvc.dll
08:26:17.0755 3408 C:\Windows\System32\srvsvc.dll - ok
08:26:17.0761 3408 [ 4EAE37133B78A26A84EA1649D9B21A1E ] C:\Windows\System32\clusapi.dll
08:26:17.0761 3408 C:\Windows\System32\clusapi.dll - ok
08:26:17.0767 3408 [ 836892094209E5D9CF403B4CF2829B5C ] C:\Windows\System32\sscore.dll
08:26:17.0767 3408 C:\Windows\System32\sscore.dll - ok
08:26:17.0773 3408 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
08:26:17.0773 3408 C:\Windows\System32\wfapigp.dll - ok
08:26:17.0778 3408 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
08:26:17.0778 3408 C:\Windows\System32\resutils.dll - ok
08:26:17.0784 3408 [ 961036B3C6282C646B9ADBC8BB32C983 ] C:\Windows\System32\mscms.dll
08:26:17.0784 3408 C:\Windows\System32\mscms.dll - ok
08:26:17.0789 3408 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
08:26:17.0789 3408 C:\Windows\System32\pcasvc.dll - ok
08:26:17.0794 3408 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
08:26:17.0794 3408 C:\Windows\System32\snmptrap.exe - ok
08:26:17.0800 3408 [ 06A7422224D9865A5613710A089987DF ] C:\Windows\System32\provsvc.dll
08:26:17.0800 3408 C:\Windows\System32\provsvc.dll - ok
08:26:17.0806 3408 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
08:26:17.0806 3408 C:\Program Files\Bonjour\mdnsNSP.dll - ok
08:26:17.0812 3408 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe
08:26:17.0812 3408 C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\AESTSr64.exe - ok
08:26:17.0818 3408 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
08:26:17.0818 3408 C:\Windows\System32\rasadhlp.dll - ok
08:26:17.0825 3408 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
08:26:17.0825 3408 C:\Windows\System32\sstpsvc.dll - ok
08:26:17.0831 3408 [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:26:17.0831 3408 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
08:26:17.0838 3408 [ DB6DD54A93522CA3572D04B56C5DB890 ] C:\Windows\SysWOW64\ntdll.dll
08:26:17.0838 3408 C:\Windows\SysWOW64\ntdll.dll - ok
08:26:17.0843 3408 [ ADFDF57DC62AE66FE47D5AD1C838131B ] C:\Windows\System32\wow64.dll
08:26:17.0843 3408 C:\Windows\System32\wow64.dll - ok
08:26:17.0849 3408 [ E9727C5B096B0722BEBEE269ED841F37 ] C:\Windows\System32\wow64win.dll
08:26:17.0849 3408 C:\Windows\System32\wow64win.dll - ok
08:26:17.0855 3408 [ C0A718C7421975E8D25FF78271A8F54A ] C:\Windows\System32\wow64cpu.dll
08:26:17.0855 3408 C:\Windows\System32\wow64cpu.dll - ok
08:26:17.0861 3408 [ 4EA99F1644627B1EBAD99D0B93CDEE1C ] C:\Windows\SysWOW64\kernel32.dll
08:26:17.0861 3408 C:\Windows\SysWOW64\kernel32.dll - ok
08:26:17.0866 3408 [ 0C65FA8214D6F8378D1D3BA1CA46AF0A ] C:\Windows\SysWOW64\advapi32.dll
08:26:17.0866 3408 C:\Windows\SysWOW64\advapi32.dll - ok
08:26:17.0873 3408 [ 2BF12696F4AC8AFCFC06EAD6F8D2DB4C ] C:\Windows\SysWOW64\KernelBase.dll
08:26:17.0873 3408 C:\Windows\SysWOW64\KernelBase.dll - ok
08:26:17.0878 3408 [ F8A61B2E713309B4616D107919BDAB6E ] C:\Windows\SysWOW64\msvcrt.dll
08:26:17.0879 3408 C:\Windows\SysWOW64\msvcrt.dll - ok
08:26:17.0884 3408 [ 90385551B6B3793E949DF310A11D64E7 ] C:\Windows\SysWOW64\rpcrt4.dll
08:26:17.0884 3408 C:\Windows\SysWOW64\rpcrt4.dll - ok
08:26:17.0890 3408 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
08:26:17.0891 3408 C:\Windows\SysWOW64\sechost.dll - ok
08:26:17.0896 3408 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
08:26:17.0896 3408 C:\Windows\SysWOW64\cryptbase.dll - ok
08:26:17.0902 3408 [ 351F62085F1D007533B4BB159C9EFDE3 ] C:\Windows\SysWOW64\sspicli.dll
08:26:17.0902 3408 C:\Windows\SysWOW64\sspicli.dll - ok
08:26:17.0908 3408 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
08:26:17.0908 3408 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
08:26:17.0915 3408 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
08:26:17.0915 3408 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
08:26:17.0921 3408 [ FBE1E0B9EF53B5BB7C36763AA6A685CF ] C:\Windows\SysWOW64\gdi32.dll
08:26:17.0921 3408 C:\Windows\SysWOW64\gdi32.dll - ok
08:26:17.0927 3408 [ F037DB14CF6165C62F4A64D12A25B07C ] C:\Windows\SysWOW64\shlwapi.dll
08:26:17.0927 3408 C:\Windows\SysWOW64\shlwapi.dll - ok
08:26:17.0933 3408 [ E8B0FFC209E504CB7E79FC24E6C085F0 ] C:\Windows\SysWOW64\user32.dll
08:26:17.0933 3408 C:\Windows\SysWOW64\user32.dll - ok
08:26:17.0939 3408 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
08:26:17.0939 3408 C:\Windows\SysWOW64\lpk.dll - ok
08:26:17.0945 3408 [ 0BA19F3198C40AC4E8CC66EE02EDA6C6 ] C:\Windows\SysWOW64\usp10.dll
08:26:17.0945 3408 C:\Windows\SysWOW64\usp10.dll - ok
08:26:17.0951 3408 [ 0DE3069D6E09BA262856EF31C941BEFE ] C:\Windows\SysWOW64\imm32.dll
08:26:17.0951 3408 C:\Windows\SysWOW64\imm32.dll - ok
08:26:17.0957 3408 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
08:26:17.0957 3408 C:\Windows\SysWOW64\msctf.dll - ok
08:26:17.0963 3408 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
08:26:17.0963 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
08:26:17.0969 3408 [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
08:26:17.0969 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
08:26:17.0975 3408 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
08:26:17.0975 3408 C:\Windows\SysWOW64\version.dll - ok
08:26:17.0981 3408 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
08:26:17.0982 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
08:26:17.0988 3408 [ 2CBC35E872BA9B46474890135B56DD66 ] C:\Windows\SysWOW64\shell32.dll
08:26:17.0988 3408 C:\Windows\SysWOW64\shell32.dll - ok
08:26:17.0994 3408 [ 9173F70AF60C0A864EECDFB3342DC789 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll
08:26:17.0994 3408 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80.dll - ok
08:26:18.0000 3408 [ 7B8F7848D3C65DD9589A4898CFF3757D ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll
08:26:18.0000 3408 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcr80.dll - ok
08:26:18.0007 3408 [ 9935F595C9B80BC40723042B43086549 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll
08:26:18.0007 3408 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_fc42961a63b5a82b\mfc80ENU.dll - ok
08:26:18.0014 3408 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
08:26:18.0014 3408 C:\Windows\System32\imageres.dll - ok
08:26:18.0020 3408 [ DAAE8A9B8C0ACC7F858454132553C30D ] C:\Windows\SysWOW64\ws2_32.dll
08:26:18.0021 3408 C:\Windows\SysWOW64\ws2_32.dll - ok
08:26:18.0027 3408 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
08:26:18.0027 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
08:26:18.0033 3408 [ 152F8772D5A5CD7883305C3B8D28470E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
08:26:18.0033 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
08:26:18.0039 3408 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
08:26:18.0039 3408 C:\Windows\SysWOW64\nsi.dll - ok
08:26:18.0043 3408 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
08:26:18.0043 3408 C:\Windows\SysWOW64\wsock32.dll - ok
08:26:18.0049 3408 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
08:26:18.0049 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
08:26:18.0056 3408 [ 26A634B2E0FD87F23541AD13A503CA72 ] C:\Windows\SysWOW64\winmm.dll
08:26:18.0056 3408 C:\Windows\SysWOW64\winmm.dll - ok
08:26:18.0062 3408 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
08:26:18.0062 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
08:26:18.0069 3408 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
08:26:18.0069 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
08:26:18.0075 3408 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
08:26:18.0075 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
08:26:18.0081 3408 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
08:26:18.0081 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
08:26:18.0087 3408 [ E2C2D8C982316C8ABF800C6CE3F28FAB ] C:\Windows\SysWOW64\ole32.dll
08:26:18.0087 3408 C:\Windows\SysWOW64\ole32.dll - ok
08:26:18.0093 3408 [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
08:26:18.0093 3408 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
08:26:18.0100 3408 [ 41323AB614A2B66AD77B1121D24AC895 ] C:\Windows\SysWOW64\setupapi.dll
08:26:18.0100 3408 C:\Windows\SysWOW64\setupapi.dll - ok
08:26:18.0106 3408 [ E702ED19C332C1F12C1403D100E2F4F3 ] C:\Windows\SysWOW64\cfgmgr32.dll
08:26:18.0106 3408 C:\Windows\SysWOW64\cfgmgr32.dll - ok
08:26:18.0112 3408 [ 705C210EFC5564BE49EB026BD7AFF27A ] C:\Windows\SysWOW64\oleaut32.dll
08:26:18.0112 3408 C:\Windows\SysWOW64\oleaut32.dll - ok
08:26:18.0118 3408 [ 6C9C05D5344B9AB80E9180FC859BC45A ] C:\Windows\SysWOW64\devobj.dll
08:26:18.0118 3408 C:\Windows\SysWOW64\devobj.dll - ok
08:26:18.0123 3408 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
08:26:18.0123 3408 C:\Windows\SysWOW64\dnssd.dll - ok
08:26:18.0129 3408 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
08:26:18.0129 3408 C:\Windows\SysWOW64\profapi.dll - ok
08:26:18.0135 3408 [ 9C0DC1DAAD14D443DD5A0D1EE78D775E ] C:\Windows\SysWOW64\userenv.dll
08:26:18.0135 3408 C:\Windows\SysWOW64\userenv.dll - ok
08:26:18.0141 3408 [ E30E5BB0DBA49EFE5BBBAFEA440CFBD9 ] C:\Windows\SysWOW64\wtsapi32.dll
08:26:18.0141 3408 C:\Windows\SysWOW64\wtsapi32.dll - ok
08:26:18.0147 3408 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
08:26:18.0147 3408 C:\Windows\SysWOW64\ntmarta.dll - ok
08:26:18.0153 3408 [ BFA70A99AD1434263F2DFBBA103BDEF8 ] C:\Windows\SysWOW64\Wldap32.dll
08:26:18.0153 3408 C:\Windows\SysWOW64\Wldap32.dll - ok
08:26:18.0159 3408 [ DCA426A66739E75F51A72160DFB945AD ] C:\Windows\System32\drivers\AVGIDSFilter.sys
08:26:18.0159 3408 C:\Windows\System32\drivers\AVGIDSFilter.sys - ok
08:26:18.0165 3408 [ 11A41F17527ED75D6B758FDD7F4FD00D ] C:\Windows\SysWOW64\mswsock.dll
08:26:18.0165 3408 C:\Windows\SysWOW64\mswsock.dll - ok
08:26:18.0171 3408 [ FC2BC51120A945F7C70376495E4E7737 ] C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
08:26:18.0171 3408 C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe - ok
08:26:18.0178 3408 [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
08:26:18.0178 3408 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
08:26:18.0183 3408 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
08:26:18.0183 3408 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
08:26:18.0189 3408 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
08:26:18.0189 3408 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
08:26:18.0195 3408 [ 3FA61EF87E49FFACE4ED58C4F1A98EB1 ] C:\Program Files (x86)\AVG\AVG10\avglogx.dll
08:26:18.0195 3408 C:\Program Files (x86)\AVG\AVG10\avglogx.dll - ok
08:26:18.0202 3408 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
08:26:18.0202 3408 C:\Windows\SysWOW64\wininet.dll - ok
08:26:18.0208 3408 [ 785DE7ABDA13309D6065305542829E76 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
08:26:18.0210 3408 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
08:26:18.0215 3408 [ CC9BBCFC715FBEDF7AE476106FE653E9 ] C:\Windows\SysWOW64\winhttp.dll
08:26:18.0215 3408 C:\Windows\SysWOW64\winhttp.dll - ok
08:26:18.0221 3408 [ A86A1C5DF1C662D1C75815BF4794F16D ] C:\Windows\SysWOW64\webio.dll
08:26:18.0221 3408 C:\Windows\SysWOW64\webio.dll - ok
08:26:18.0227 3408 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
08:26:18.0227 3408 C:\Windows\SysWOW64\SensApi.dll - ok
08:26:18.0233 3408 [ 6380BE4AB7AFA48BAEF321E8CA980ADD ] C:\Windows\SysWOW64\wintrust.dll
08:26:18.0233 3408 C:\Windows\SysWOW64\wintrust.dll - ok
08:26:18.0240 3408 [ 5923DB041C82BD93FE6C54114470CE17 ] C:\Windows\SysWOW64\crypt32.dll
08:26:18.0240 3408 C:\Windows\SysWOW64\crypt32.dll - ok
08:26:18.0246 3408 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
08:26:18.0246 3408 C:\Windows\SysWOW64\iertutil.dll - ok
08:26:18.0252 3408 [ 4C04900AA8C323F5D4C316A89E976849 ] C:\Windows\SysWOW64\msasn1.dll
08:26:18.0252 3408 C:\Windows\SysWOW64\msasn1.dll - ok
08:26:18.0257 3408 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
08:26:18.0257 3408 C:\Windows\SysWOW64\clbcatq.dll - ok
08:26:18.0263 3408 [ 4DBC81CEFE9DB36856880BFB3491C100 ] C:\Windows\SysWOW64\msxml6.dll
08:26:18.0264 3408 C:\Windows\SysWOW64\msxml6.dll - ok
08:26:18.0269 3408 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
08:26:18.0269 3408 C:\Windows\SysWOW64\urlmon.dll - ok
08:26:18.0276 3408 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
08:26:18.0276 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
08:26:18.0282 3408 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
08:26:18.0282 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
08:26:18.0288 3408 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
08:26:18.0288 3408 C:\Program Files\Bonjour\mDNSResponder.exe - ok
08:26:18.0294 3408 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
08:26:18.0294 3408 C:\Windows\SysWOW64\cryptsp.dll - ok
08:26:18.0297 3408 [ 6C0BD9D59C7E97DEE2FB3407D17BF697 ] C:\Windows\SysWOW64\RpcRtRemote.dll
08:26:18.0297 3408 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
08:26:18.0303 3408 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
08:26:18.0303 3408 C:\Windows\SysWOW64\rsaenh.dll - ok
08:26:18.0309 3408 [ 17DA11C703B8E86AC3DF8F796A118AEF ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:26:18.0309 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
08:26:18.0315 3408 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
08:26:18.0315 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
08:26:18.0321 3408 [ 6095266CAAF5E75F394CFD4844CC4C25 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
08:26:18.0321 3408 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
08:26:18.0327 3408 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
08:26:18.0327 3408 C:\Windows\SysWOW64\winnsi.dll - ok
08:26:18.0333 3408 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
08:26:18.0333 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
08:26:18.0339 3408 [ F02786B66375292E58C8777082D4396D ] C:\Windows\System32\cryptsvc.dll
08:26:18.0339 3408 C:\Windows\System32\cryptsvc.dll - ok
08:26:18.0346 3408 [ C6D332ED6A3BD6060C0F0F5A18C1A3C0 ] C:\Windows\System32\cryptnet.dll
08:26:18.0346 3408 C:\Windows\System32\cryptnet.dll - ok
08:26:18.0357 3408 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] C:\Windows\System32\dps.dll
08:26:18.0357 3408 C:\Windows\System32\dps.dll - ok
08:26:18.0360 3408 [ A261AD1FDC6D6A658A82B81AF81B215F ] C:\Windows\System32\vssapi.dll
08:26:18.0360 3408 C:\Windows\System32\vssapi.dll - ok
08:26:18.0366 3408 [ 9106F54C60CE7A83EA988C6D3D16965C ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
08:26:18.0366 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
08:26:18.0373 3408 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:26:18.0374 3408 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
08:26:18.0378 3408 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
08:26:18.0378 3408 C:\Windows\System32\FDResPub.dll - ok
08:26:18.0384 3408 [ C5B4683680DF085B57BC53E5EF34861F ] C:\Windows\System32\IKEEXT.DLL
08:26:18.0384 3408 C:\Windows\System32\IKEEXT.DLL - ok
08:26:18.0390 3408 [ 05FE4A30177E858B51F5E1E970FE9925 ] C:\Windows\System32\WSDApi.dll
08:26:18.0390 3408 C:\Windows\System32\WSDApi.dll - ok
08:26:18.0396 3408 [ 6C57BA95C820865BCFB96C53CE7C2C68 ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
08:26:18.0396 3408 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
08:26:18.0402 3408 [ DC57BAF15064ECB79F6D2CCF352E1D88 ] C:\Windows\System32\taskschd.dll
08:26:18.0402 3408 C:\Windows\System32\taskschd.dll - ok
08:26:18.0408 3408 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
08:26:18.0408 3408 C:\Windows\SysWOW64\psapi.dll - ok
08:26:18.0414 3408 [ A3EA403D2B74C5F71B7E8B3DAE92DE1E ] C:\Windows\System32\webservices.dll
08:26:18.0414 3408 C:\Windows\System32\webservices.dll - ok
08:26:18.0420 3408 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
08:26:18.0420 3408 C:\Windows\System32\fundisc.dll - ok
08:26:18.0426 3408 [ 599EBE6C7EA52B5FF9603F203E8EC080 ] C:\Windows\System32\msi.dll
08:26:18.0426 3408 C:\Windows\System32\msi.dll - ok
08:26:18.0432 3408 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
08:26:18.0432 3408 C:\Windows\System32\vsstrace.dll - ok
08:26:18.0438 3408 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
08:26:18.0438 3408 C:\Windows\System32\tapi32.dll - ok
08:26:18.0444 3408 [ 1E96138B281CF087C9EBB496DBB5C17E ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
08:26:18.0444 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
08:26:18.0450 3408 [ CE62652689462E14ED8C5D87FA34A28B ] C:\Program Files (x86)\AVG\AVG10\avgwd.dll
08:26:18.0450 3408 C:\Program Files (x86)\AVG\AVG10\avgwd.dll - ok
08:26:18.0456 3408 [ 2F12417827653994C8D5A335DA438787 ] C:\Program Files (x86)\AVG\AVG10\avgcfgx.dll
08:26:18.0456 3408 C:\Program Files (x86)\AVG\AVG10\avgcfgx.dll - ok
08:26:18.0462 3408 [ F1317678AC2FBA9F640279290B2E2988 ] C:\Windows\SysWOW64\msi.dll
08:26:18.0462 3408 C:\Windows\SysWOW64\msi.dll - ok
08:26:18.0468 3408 [ 8B7997B0C843AE353C7AD4FC520DBE47 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
08:26:18.0468 3408 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
08:26:18.0474 3408 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
08:26:18.0474 3408 C:\Windows\System32\drivers\PEAuth.sys - ok
08:26:18.0480 3408 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] C:\Windows\System32\IPSECSVC.DLL
08:26:18.0480 3408 C:\Windows\System32\IPSECSVC.DLL - ok
08:26:18.0487 3408 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
08:26:18.0487 3408 C:\Windows\System32\FwRemoteSvr.dll - ok
08:26:18.0492 3408 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] C:\Windows\System32\nlasvc.dll
08:26:18.0492 3408 C:\Windows\System32\nlasvc.dll - ok
08:26:18.0498 3408 [ 498EB62A160674E793FA40FD65390625 ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
08:26:18.0498 3408 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
08:26:18.0504 3408 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
08:26:18.0504 3408 C:\Windows\System32\drivers\secdrv.sys - ok
08:26:18.0510 3408 [ 463B386EBC70F98DA5DFF85F7E654346 ] C:\Windows\System32\seclogon.dll
08:26:18.0510 3408 C:\Windows\System32\seclogon.dll - ok
08:26:18.0515 3408 [ 76D078AF6F587B162D50210F761EB9ED ] C:\Windows\System32\drivers\tcpipreg.sys
08:26:18.0516 3408 C:\Windows\System32\drivers\tcpipreg.sys - ok
08:26:18.0522 3408 [ 4509387963DF66A6401752A0C631F6E8 ] C:\Windows\System32\httpapi.dll
08:26:18.0522 3408 C:\Windows\System32\httpapi.dll - ok
08:26:18.0528 3408 [ CBA3F6EF1E70167DB376B4013F71A62B ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
08:26:18.0528 3408 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe - ok
08:26:18.0534 3408 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
08:26:18.0534 3408 C:\Windows\System32\wbem\WMIsvc.dll - ok
08:26:18.0540 3408 [ 107F279517E2A04DB4AC1B1FAF1D573B ] C:\Windows\System32\ncsi.dll
08:26:18.0540 3408 C:\Windows\System32\ncsi.dll - ok
08:26:18.0546 3408 [ 2196CDBFA4B99BEEDAE300FA21DFE718 ] C:\Windows\System32\webio.dll
08:26:18.0546 3408 C:\Windows\System32\webio.dll - ok
08:26:18.0549 3408 [ 6D7FEA5353AE646167E91152F1D9BE89 ] C:\Program Files (x86)\AVG\AVG10\avgcslx.dll
08:26:18.0549 3408 C:\Program Files (x86)\AVG\AVG10\avgcslx.dll - ok
08:26:18.0556 3408 [ 5DE691884C240227B733CC18BBFCA3D8 ] C:\Windows\SysWOW64\netapi32.dll
08:26:18.0556 3408 C:\Windows\SysWOW64\netapi32.dll - ok
08:26:18.0561 3408 [ C6BB27D9A8AC13D4A44486F528B5C884 ] C:\Windows\SysWOW64\netutils.dll
08:26:18.0561 3408 C:\Windows\SysWOW64\netutils.dll - ok
08:26:18.0568 3408 [ 89D840773C9C4358A5031DCC860449EC ] C:\Windows\SysWOW64\srvcli.dll
08:26:18.0568 3408 C:\Windows\SysWOW64\srvcli.dll - ok
08:26:18.0573 3408 [ 7AD12703039056D2A0815F85960E1FA1 ] C:\Windows\SysWOW64\wkscli.dll
08:26:18.0573 3408 C:\Windows\SysWOW64\wkscli.dll - ok
08:26:18.0579 3408 [ 884264AC597B690C5707C89723BB8E7B ] C:\Windows\System32\tapisrv.dll
08:26:18.0579 3408 C:\Windows\System32\tapisrv.dll - ok
08:26:18.0585 3408 [ 0BF0C2A72F2CB0BA4382C392D3E331AF ] C:\Windows\System32\winhttp.dll
08:26:18.0585 3408 C:\Windows\System32\winhttp.dll - ok
08:26:18.0591 3408 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
08:26:18.0591 3408 C:\Windows\System32\ssdpapi.dll - ok
08:26:18.0597 3408 [ FAF9BA81FB0543CB4B7EFFD24CFA815F ] C:\Windows\System32\wbemcomn.dll
08:26:18.0597 3408 C:\Windows\System32\wbemcomn.dll - ok
08:26:18.0604 3408 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
08:26:18.0604 3408 C:\Windows\System32\wbem\WinMgmtR.dll - ok
08:26:18.0610 3408 [ A7582A70802D5B9F28ED3940F6A3E9ED ] C:\Windows\System32\wbem\WmiDcPrv.dll
08:26:18.0610 3408 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
08:26:18.0617 3408 [ F71ECAB18972467500609A8FA4E98F33 ] C:\Program Files (x86)\AVG\AVG10\avgclitx.dll
08:26:18.0617 3408 C:\Program Files (x86)\AVG\AVG10\avgclitx.dll - ok
08:26:18.0622 3408 [ 6CC10D9FD128069DBFE476222F097616 ] C:\Windows\SysWOW64\secur32.dll
08:26:18.0622 3408 C:\Windows\SysWOW64\secur32.dll - ok
08:26:18.0628 3408 [ CA4912C91BAD92DD2AFCF282039740EC ] C:\Program Files (x86)\AVG\AVG10\avgcorex.dll
08:26:18.0628 3408 C:\Program Files (x86)\AVG\AVG10\avgcorex.dll - ok
08:26:18.0634 3408 [ DE81240BD5476BB8AA2261349AB32FF8 ] C:\Program Files (x86)\AVG\AVG10\avgamnot.dll
08:26:18.0634 3408 C:\Program Files (x86)\AVG\AVG10\avgamnot.dll - ok
08:26:18.0640 3408 [ 8F2E5F841DF279C41FA011E8F2E945BC ] C:\Program Files (x86)\AVG\AVG10\avgidpsdkx.dll
08:26:18.0640 3408 C:\Program Files (x86)\AVG\AVG10\avgidpsdkx.dll - ok
08:26:18.0646 3408 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
08:26:18.0646 3408 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
08:26:18.0653 3408 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
08:26:18.0653 3408 C:\Windows\System32\netman.dll - ok
08:26:18.0658 3408 [ 3C1284516A62078FB68F768DE4F1A7BE ] C:\Windows\System32\sysmain.dll
08:26:18.0658 3408 C:\Windows\System32\sysmain.dll - ok
08:26:18.0667 3408 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
08:26:18.0667 3408 C:\Windows\System32\aepic.dll - ok
08:26:18.0670 3408 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
08:26:18.0671 3408 C:\Windows\System32\sfc.dll - ok
08:26:18.0676 3408 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
08:26:18.0676 3408 C:\Windows\System32\sfc_os.dll - ok
08:26:18.0682 3408 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
08:26:18.0682 3408 C:\Windows\System32\trkwks.dll - ok
08:26:18.0688 3408 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
08:26:18.0688 3408 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe - ok
08:26:18.0695 3408 [ 97CCB4D737B426B200E5EF90C877DF32 ] C:\Windows\SysWOW64\imagehlp.dll
08:26:18.0695 3408 C:\Windows\SysWOW64\imagehlp.dll - ok
08:26:18.0702 3408 [ C02E3CE20E7776C922B5C8938350B5F1 ] C:\Windows\SysWOW64\apphelp.dll
08:26:18.0702 3408 C:\Windows\SysWOW64\apphelp.dll - ok
08:26:18.0709 3408 [ 079FC5AAA9963057548DF29F069EC406 ] C:\Windows\AppPatch\AcGenral.dll
08:26:18.0709 3408 C:\Windows\AppPatch\AcGenral.dll - ok
08:26:18.0715 3408 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
08:26:18.0715 3408 C:\Windows\SysWOW64\uxtheme.dll - ok
08:26:18.0721 3408 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
08:26:18.0721 3408 C:\Windows\SysWOW64\dwmapi.dll - ok
08:26:18.0727 3408 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
08:26:18.0727 3408 C:\Windows\SysWOW64\msacm32.dll - ok
08:26:18.0733 3408 [ 742AA02BD9FA3492C9E525BBD427D87D ] C:\Windows\SysWOW64\samcli.dll
08:26:18.0733 3408 C:\Windows\SysWOW64\samcli.dll - ok
08:26:18.0739 3408 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
08:26:18.0739 3408 C:\Windows\SysWOW64\sfc.dll - ok
08:26:18.0744 3408 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
08:26:18.0744 3408 C:\Windows\SysWOW64\sfc_os.dll - ok
08:26:18.0751 3408 [ E6671E90D38C88764412E07C9D9B3D63 ] C:\Windows\System32\drivers\AVGIDSDriver.sys
08:26:18.0751 3408 C:\Windows\System32\drivers\AVGIDSDriver.sys - ok
08:26:18.0756 3408 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
08:26:18.0756 3408 C:\Windows\SysWOW64\mpr.dll - ok
08:26:18.0763 3408 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] C:\Windows\System32\wiaservc.dll
08:26:18.0763 3408 C:\Windows\System32\wiaservc.dll - ok
08:26:18.0768 3408 [ F8E058D17363EC580E4B7232778B6CB5 ] C:\Windows\System32\iphlpsvc.dll
08:26:18.0768 3408 C:\Windows\System32\iphlpsvc.dll - ok
08:26:18.0774 3408 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
08:26:18.0774 3408 C:\Windows\System32\wiatrace.dll - ok
08:26:18.0780 3408 [ 48A6CA43A5C921C465F70D9B42B3EF1A ] C:\Windows\System32\sqmapi.dll
08:26:18.0780 3408 C:\Windows\System32\sqmapi.dll - ok
08:26:18.0786 3408 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
08:26:18.0786 3408 C:\Windows\System32\wdscore.dll - ok
08:26:18.0793 3408 [ 47394ED3D16D053F5906EFE5AB51CC83 ] C:\Windows\System32\rasmans.dll
08:26:18.0793 3408 C:\Windows\System32\rasmans.dll - ok
08:26:18.0799 3408 [ 7A0F6A3E0E41425B9BA54616B482668A ] C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
08:26:18.0799 3408 C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe - ok
08:26:18.0805 3408 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
08:26:18.0805 3408 C:\Windows\System32\rastapi.dll - ok
08:26:18.0811 3408 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
08:26:18.0811 3408 C:\Windows\System32\hnetcfg.dll - ok
08:26:18.0818 3408 [ EE25B470C39126B08055A7CB71A67A58 ] C:\Windows\System32\unimdm.tsp
08:26:18.0818 3408 C:\Windows\System32\unimdm.tsp - ok
08:26:18.0823 3408 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
08:26:18.0824 3408 C:\Windows\System32\uniplat.dll - ok
08:26:18.0830 3408 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
08:26:18.0830 3408 C:\Windows\System32\wbem\wbemprox.dll - ok
08:26:18.0835 3408 [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
08:26:18.0836 3408 C:\Windows\System32\modemui.dll - ok
08:26:18.0841 3408 [ 38B48AE24A3AD640FB220D71F3AA8F7C ] C:\Windows\System32\unimdmat.dll
08:26:18.0841 3408 C:\Windows\System32\unimdmat.dll - ok
08:26:18.0847 3408 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
08:26:18.0847 3408 C:\Windows\System32\hidphone.tsp - ok
08:26:18.0853 3408 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
08:26:18.0853 3408 C:\Windows\System32\kmddsp.tsp - ok
08:26:18.0860 3408 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
08:26:18.0860 3408 C:\Windows\System32\ndptsp.tsp - ok
08:26:18.0865 3408 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
08:26:18.0865 3408 C:\Windows\System32\wbem\fastprox.dll - ok
08:26:18.0871 3408 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
08:26:18.0871 3408 C:\Windows\System32\ntdsapi.dll - ok
08:26:18.0877 3408 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
08:26:18.0877 3408 C:\Windows\System32\dllhost.exe - ok
08:26:18.0883 3408 [ BC052EFAD10ACA1AD69545B629F50D99 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll
08:26:18.0883 3408 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_a44e1fc257f685f6\comctl32.dll - ok
08:26:18.0889 3408 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
08:26:18.0889 3408 C:\Windows\System32\aeevts.dll - ok
08:26:18.0895 3408 [ 3B9665D4B8C587A6014B9B8DFF5974A0 ] C:\Windows\System32\wbem\wbemcore.dll
08:26:18.0895 3408 C:\Windows\System32\wbem\wbemcore.dll - ok
08:26:18.0902 3408 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
08:26:18.0902 3408 C:\Windows\System32\wbem\esscli.dll - ok
08:26:18.0909 3408 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
08:26:18.0909 3408 C:\Windows\System32\wbem\wbemsvc.dll - ok
08:26:18.0914 3408 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
08:26:18.0914 3408 C:\Windows\System32\wbem\wmiutils.dll - ok
08:26:18.0920 3408 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
08:26:18.0920 3408 C:\Windows\System32\IDStore.dll - ok
08:26:18.0926 3408 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
08:26:18.0926 3408 C:\Windows\System32\wbem\repdrvfs.dll - ok
08:26:18.0931 3408 [ DF627325D25191236BABA895D5A51EF6 ] C:\Windows\System32\rasppp.dll
08:26:18.0931 3408 C:\Windows\System32\rasppp.dll - ok
08:26:18.0937 3408 [ 3EEFB971D61EF9638FD21F14C703CA11 ] C:\Windows\System32\taskhost.exe
08:26:18.0937 3408 C:\Windows\System32\taskhost.exe - ok
08:26:18.0943 3408 [ AE5FF948400A51B040F999BF04290373 ] C:\Windows\SysWOW64\winsta.dll
08:26:18.0943 3408 C:\Windows\SysWOW64\winsta.dll - ok
08:26:18.0949 3408 [ E3DA135D4DD0D34512D4FEBCB6ED760E ] C:\Windows\System32\vpnike.dll
08:26:18.0949 3408 C:\Windows\System32\vpnike.dll - ok
08:26:18.0955 3408 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
08:26:18.0955 3408 C:\Windows\System32\AtBroker.exe - ok
08:26:18.0961 3408 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
08:26:18.0961 3408 C:\Windows\System32\MsCtfMonitor.dll - ok
08:26:18.0967 3408 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
08:26:18.0967 3408 C:\Windows\System32\msutb.dll - ok
08:26:18.0974 3408 [ 1482CC99F7E2DA2FECF59C6A774FED0A ] C:\Windows\System32\raschap.dll
08:26:18.0974 3408 C:\Windows\System32\raschap.dll - ok
08:26:18.0979 3408 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
08:26:18.0979 3408 C:\Windows\System32\mpr.dll - ok
08:26:18.0985 3408 [ 6F8F1376A13114CC10C0E69274F5A4DE ] C:\Windows\System32\userinit.exe
08:26:18.0985 3408 C:\Windows\System32\userinit.exe - ok
08:26:18.0991 3408 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
08:26:18.0991 3408 C:\Windows\System32\ipnathlp.dll - ok
08:26:18.0997 3408 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
08:26:18.0997 3408 C:\Windows\System32\dwm.exe - ok
08:26:19.0002 3408 [ EF184066A851E7838D5BF8C8FAE66CC4 ] C:\Windows\System32\dwmredir.dll
08:26:19.0002 3408 C:\Windows\System32\dwmredir.dll - ok
08:26:19.0009 3408 [ 7F37322A489E285CFBCC02F6A53B3F1B ] C:\Windows\System32\HotStartUserAgent.dll
08:26:19.0009 3408 C:\Windows\System32\HotStartUserAgent.dll - ok
08:26:19.0014 3408 [ 114429A77D935053E13A9BF98A8B8CA1 ] C:\Windows\System32\mprapi.dll
08:26:19.0014 3408 C:\Windows\System32\mprapi.dll - ok
08:26:19.0020 3408 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
08:26:19.0020 3408 C:\Windows\System32\PlaySndSrv.dll - ok
08:26:19.0026 3408 [ 9D8AB964CE511AF81207DF0E1205184C ] C:\Windows\System32\dwmcore.dll
08:26:19.0027 3408 C:\Windows\System32\dwmcore.dll - ok
08:26:19.0032 3408 [ 58A0C212ED2ABE462B3A9626F5B96261 ] C:\Windows\System32\d3d10_1.dll
08:26:19.0033 3408 C:\Windows\System32\d3d10_1.dll - ok
08:26:19.0038 3408 [ AFBBC34687FA48A4928B99AF097C1EC0 ] C:\Windows\System32\d3d10_1core.dll
08:26:19.0038 3408 C:\Windows\System32\d3d10_1core.dll - ok
08:26:19.0044 3408 [ D95DB5C915C001F78709C17285109BDC ] C:\Windows\System32\dxgi.dll
08:26:19.0044 3408 C:\Windows\System32\dxgi.dll - ok
08:26:19.0050 3408 [ D8F0E941B1E35DEEE3EDF6DF45517607 ] C:\Windows\System32\igd10umd64.dll
08:26:19.0050 3408 C:\Windows\System32\igd10umd64.dll - ok
08:26:19.0055 3408 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
08:26:19.0055 3408 C:\Windows\System32\uDWM.dll - ok
08:26:19.0060 3408 [ 4B8DD8541C0E26602005DD0137333615 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
08:26:19.0060 3408 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll - ok
08:26:19.0066 3408 [ 00D1F89836927C0F2E37321E6B441FCE ] C:\Windows\SysWOW64\msxml3.dll
08:26:19.0066 3408 C:\Windows\SysWOW64\msxml3.dll - ok
08:26:19.0072 3408 [ 0FFF051E4327DF1508CBF9EE098DEAB6 ] C:\Program Files (x86)\AVG\AVG10\avgemca.exe
08:26:19.0072 3408 C:\Program Files (x86)\AVG\AVG10\avgemca.exe - ok
08:26:19.0078 3408 [ 7A7A90C3FF65DD7E970229BF98A27D41 ] C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
08:26:19.0078 3408 C:\Program Files (x86)\AVG\AVG10\avgnsa.exe - ok
08:26:19.0084 3408 [ 96EC140D8EC76556A3651987B7102F92 ] C:\Program Files (x86)\AVG\AVG10\avgsched.dll
08:26:19.0084 3408 C:\Program Files (x86)\AVG\AVG10\avgsched.dll - ok
08:26:19.0091 3408 [ 5FF7D057E48DA861BDBB47D314B6DA7D ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll
08:26:19.0091 3408 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll - ok
08:26:19.0097 3408 [ 865A55BC96244466A0A094AEB5D3D0E9 ] C:\Program Files (x86)\AVG\AVG10\avgloga.dll
08:26:19.0098 3408 C:\Program Files (x86)\AVG\AVG10\avgloga.dll - ok
08:26:19.0104 3408 [ FAE6E67B7C221659037D2485D05DF123 ] C:\Program Files (x86)\AVG\AVG10\avgcfga.dll
08:26:19.0104 3408 C:\Program Files (x86)\AVG\AVG10\avgcfga.dll - ok
08:26:19.0110 3408 [ 98A243951E968F19B27CD6CDB7EAA436 ] C:\Program Files (x86)\AVG\AVG10\avgclita.dll
08:26:19.0110 3408 C:\Program Files (x86)\AVG\AVG10\avgclita.dll - ok
08:26:19.0115 3408 [ 66920354B984D4A3848A84B4E66745EA ] C:\Windows\System32\netshell.dll
08:26:19.0115 3408 C:\Windows\System32\netshell.dll - ok
08:26:19.0121 3408 [ 80AEC7987F4F315DC8B65FA1A42FF554 ] C:\Program Files (x86)\AVG\AVG10\avgwdwsc.dll
08:26:19.0121 3408 C:\Program Files (x86)\AVG\AVG10\avgwdwsc.dll - ok
08:26:19.0127 3408 [ 8CFACC72081C21519676BF4AAA1A88A9 ] C:\Windows\System32\localspl.dll
08:26:19.0127 3408 C:\Windows\System32\localspl.dll - ok
08:26:19.0133 3408 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
08:26:19.0133 3408 C:\Windows\System32\spoolss.dll - ok
08:26:19.0139 3408 [ 20BEB8C403C6E28C9B13644787F5177D ] C:\Windows\System32\FXSMON.dll
08:26:19.0139 3408 C:\Windows\System32\FXSMON.dll - ok
08:26:19.0145 3408 [ 33CC7FFA41F6157592E1578BD253F30E ] C:\Windows\System32\PrintIsolationProxy.dll
08:26:19.0145 3408 C:\Windows\System32\PrintIsolationProxy.dll - ok
08:26:19.0152 3408 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
08:26:19.0152 3408 C:\Windows\System32\tcpmon.dll - ok
08:26:19.0156 3408 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
08:26:19.0156 3408 C:\Windows\System32\snmpapi.dll - ok
08:26:19.0162 3408 [ AD7C70077D4C81558E909D34EF6B995E ] C:\Windows\System32\wsnmp32.dll
08:26:19.0162 3408 C:\Windows\System32\wsnmp32.dll - ok
08:26:19.0168 3408 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
08:26:19.0168 3408 C:\Windows\System32\fdPnp.dll - ok
08:26:19.0174 3408 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
08:26:19.0174 3408 C:\Windows\System32\usbmon.dll - ok
08:26:19.0179 3408 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
08:26:19.0179 3408 C:\Windows\System32\WSDMon.dll - ok
08:26:19.0185 3408 [ 7EDB2BF840ECB14D6E6B11C035708719 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
08:26:19.0185 3408 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
08:26:19.0191 3408 [ 2332BACC2AB09119A14637DE0CB30147 ] C:\Windows\System32\win32spl.dll
08:26:19.0191 3408 C:\Windows\System32\win32spl.dll - ok
08:26:19.0197 3408 [ 17EAB1AEA937EFFCD107EFBA94FEDB34 ] C:\Windows\System32\inetpp.dll
08:26:19.0197 3408 C:\Windows\System32\inetpp.dll - ok
08:26:19.0203 3408 [ BFEBE1E4B301F44CEA7C1B4021BD0264 ] C:\Windows\System32\cscapi.dll
08:26:19.0203 3408 C:\Windows\System32\cscapi.dll - ok
08:26:19.0209 3408 [ 0862495E0C825893DB75EF44FAEA8E93 ] C:\Windows\explorer.exe
08:26:19.0209 3408 C:\Windows\explorer.exe - ok
08:26:19.0214 3408 [ 1C27E145EC99F20BC1B13FD98165A83F ] C:\Windows\System32\ExplorerFrame.dll
08:26:19.0214 3408 C:\Windows\System32\ExplorerFrame.dll - ok
08:26:19.0220 3408 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
08:26:19.0221 3408 C:\Windows\System32\EhStorShell.dll - ok
08:26:19.0226 3408 [ 5F917AEEEA363B8A5DC8624795CB1D60 ] C:\Windows\System32\ntshrui.dll
08:26:19.0226 3408 C:\Windows\System32\ntshrui.dll - ok
08:26:19.0233 3408 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
08:26:19.0233 3408 C:\Windows\System32\IconCodecService.dll - ok
08:26:19.0238 3408 [ 82BC97E5793DEF69691AAD5AB953A200 ] C:\Windows\System32\wbem\WmiPrvSD.dll
08:26:19.0238 3408 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
08:26:19.0244 3408 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
08:26:19.0244 3408 C:\Windows\System32\ncobjapi.dll - ok
08:26:19.0250 3408 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
08:26:19.0250 3408 C:\Windows\System32\wbem\wbemess.dll - ok
08:26:19.0256 3408 [ D065BE66822847B7F127D1F90158376E ] C:\Windows\System32\appinfo.dll
08:26:19.0256 3408 C:\Windows\System32\appinfo.dll - ok
08:26:19.0261 3408 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
08:26:19.0261 3408 C:\Windows\System32\wdi.dll - ok
08:26:19.0267 3408 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
08:26:19.0267 3408 C:\Windows\System32\npmproxy.dll - ok
08:26:19.0273 3408 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
08:26:19.0273 3408 C:\Windows\System32\bthserv.dll - ok
08:26:19.0279 3408 [ D891293880F2F00AB7BA959910300EF7 ] C:\Windows\System32\diagperf.dll
08:26:19.0279 3408 C:\Windows\System32\diagperf.dll - ok
08:26:19.0285 3408 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
08:26:19.0285 3408 C:\Windows\System32\hidserv.dll - ok
08:26:19.0291 3408 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
08:26:19.0291 3408 C:\Windows\System32\perftrack.dll - ok
08:26:19.0299 3408 [ 2E57DDF2880A7E52E76F41C7E96D327B ] C:\Windows\System32\wpdbusenum.dll
08:26:19.0299 3408 C:\Windows\System32\wpdbusenum.dll - ok
08:26:19.0301 3408 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
08:26:19.0301 3408 C:\Windows\System32\shfolder.dll - ok
08:26:19.0307 3408 [ 5DA7D8934F7AB0884A6A8FC02E8B2AA7 ] C:\Windows\System32\PortableDeviceApi.dll
08:26:19.0307 3408 C:\Windows\System32\PortableDeviceApi.dll - ok
08:26:19.0314 3408 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
08:26:19.0314 3408 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
08:26:19.0319 3408 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
08:26:19.0319 3408 C:\Windows\System32\wer.dll - ok
08:26:19.0324 3408 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
08:26:19.0324 3408 C:\Windows\System32\Apphlpdm.dll - ok
08:26:19.0330 3408 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
08:26:19.0330 3408 C:\Windows\System32\pnpts.dll - ok
08:26:19.0336 3408 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
08:26:19.0336 3408 C:\Windows\System32\radardt.dll - ok
08:26:19.0342 3408 [ 65AF044B5570D355124DCD1E099AA98F ] C:\Windows\System32\wdiasqmmodule.dll
08:26:19.0342 3408 C:\Windows\System32\wdiasqmmodule.dll - ok
08:26:19.0348 3408 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
08:26:19.0348 3408 C:\Windows\System32\ndiscapCfg.dll - ok
08:26:19.0353 3408 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
08:26:19.0353 3408 C:\Windows\System32\rascfg.dll - ok
08:26:19.0359 3408 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
08:26:19.0359 3408 C:\Windows\System32\mprmsg.dll - ok
08:26:19.0365 3408 [ 1FCD619D8542A248D4E1FF72FFB0E56B ] C:\Windows\System32\tcpipcfg.dll
08:26:19.0365 3408 C:\Windows\System32\tcpipcfg.dll - ok
08:26:19.0371 3408 [ 6AB6D4DF10EC784CF4A66CBFAF417A11 ] C:\Windows\System32\runonce.exe
08:26:19.0371 3408 C:\Windows\System32\runonce.exe - ok
08:26:19.0377 3408 [ 169F916EFEAA44487E65305B7D2D754B ] C:\Windows\SysWOW64\runonce.exe
08:26:19.0377 3408 C:\Windows\SysWOW64\runonce.exe - ok
08:26:19.0383 3408 [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
08:26:19.0383 3408 C:\Windows\System32\newdev.dll - ok
08:26:19.0388 3408 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
08:26:19.0388 3408 C:\Windows\System32\dimsjob.dll - ok
08:26:19.0395 3408 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
08:26:19.0395 3408 C:\Windows\System32\pautoenr.dll - ok
08:26:19.0400 3408 [ 26EAEE08CAF82AA7F03C5020F51DA541 ] C:\Windows\SysWOW64\propsys.dll
08:26:19.0400 3408 C:\Windows\SysWOW64\propsys.dll - ok
08:26:19.0406 3408 [ AAA6D0DF7356BBA706BD67385A103AAB ] C:\Windows\System32\certcli.dll
08:26:19.0406 3408 C:\Windows\System32\certcli.dll - ok
08:26:19.0412 3408 [ 522BD073F617060AFCB9CC5707778DB1 ] C:\Windows\System32\CertEnroll.dll
08:26:19.0412 3408 C:\Windows\System32\CertEnroll.dll - ok
08:26:19.0418 3408 [ E3E2E9A96E6BA95D0CF0F026C7B18654 ] C:\Windows\System32\wshbth.dll
08:26:19.0418 3408 C:\Windows\System32\wshbth.dll - ok
08:26:19.0423 3408 [ 6E03C9E362389A768E6C240933352D11 ] C:\Windows\System32\nci.dll
08:26:19.0423 3408 C:\Windows\System32\nci.dll - ok
08:26:19.0429 3408 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
08:26:19.0429 3408 C:\Windows\System32\wlaninst.dll - ok
08:26:19.0435 3408 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
08:26:19.0435 3408 C:\Windows\System32\wwaninst.dll - ok
08:26:19.0441 3408 [ 8AE6DD9A6D246004DA047F704F0CC487 ] C:\Windows\SysWOW64\cmd.exe
08:26:19.0441 3408 C:\Windows\SysWOW64\cmd.exe - ok
08:26:19.0447 3408 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
08:26:19.0447 3408 C:\Windows\SysWOW64\winbrand.dll - ok
08:26:19.0453 3408 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
08:26:19.0453 3408 C:\Windows\SysWOW64\ieframe.dll - ok
08:26:19.0460 3408 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
08:26:19.0460 3408 C:\Windows\System32\NapiNSP.dll - ok
08:26:19.0465 3408 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
08:26:19.0465 3408 C:\Windows\System32\winrnr.dll - ok
08:26:19.0471 3408 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
08:26:19.0471 3408 C:\Windows\System32\pnrpnsp.dll - ok
08:26:19.0477 3408 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
08:26:19.0477 3408 C:\Windows\System32\rundll32.exe - ok
08:26:19.0483 3408 [ 1E4BDDBD5A63059A97063339B4F8986F ] C:\Windows\System32\actxprxy.dll
08:26:19.0483 3408 C:\Windows\System32\actxprxy.dll - ok
08:26:19.0488 3408 [ 4D59A5B6EF0AF6F9FDF3D157534380AF ] C:\Windows\SysWOW64\oleacc.dll
08:26:19.0488 3408 C:\Windows\SysWOW64\oleacc.dll - ok
08:26:19.0494 3408 [ B737DB264CB1B5FFA2A886E3B940434A ] C:\Program Files (x86)\AVG\AVG10\avgchsva.exe
08:26:19.0494 3408 C:\Program Files (x86)\AVG\AVG10\avgchsva.exe - ok
08:26:19.0500 3408 [ BB63418C7269D1327ED2B95D13F76B4C ] C:\Program Files (x86)\AVG\AVG10\avgchjwa.dll
08:26:19.0500 3408 C:\Program Files (x86)\AVG\AVG10\avgchjwa.dll - ok
08:26:19.0506 3408 [ 8948D4B24E6415896960776B28E7BFFD ] C:\Program Files (x86)\AVG\AVG10\avgrsa.exe
08:26:19.0506 3408 C:\Program Files (x86)\AVG\AVG10\avgrsa.exe - ok
08:26:19.0512 3408 [ 2E6F4C1F13031C7B2AC1F3A75DB59A96 ] C:\Program Files (x86)\AVG\AVG10\avgcclia.dll
08:26:19.0512 3408 C:\Program Files (x86)\AVG\AVG10\avgcclia.dll - ok
08:26:19.0518 3408 [ 2CDA4753B39225BA3F71A0F915280ACB ] C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
08:26:19.0518 3408 C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe - ok
08:26:19.0525 3408 [ FC7BEA10A59ABEA8C225BD6C55B09B7F ] C:\Program Files (x86)\AVG\AVG10\avgcorea.dll
08:26:19.0525 3408 C:\Program Files (x86)\AVG\AVG10\avgcorea.dll - ok
08:26:19.0530 3408 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
08:26:19.0530 3408 C:\Windows\System32\aelupsvc.dll - ok
08:26:19.0536 3408 [ E842BEEE8B100CE128C1EC70B462E078 ] C:\Program Files (x86)\AVG\AVG10\avgcerta.dll
08:26:19.0536 3408 C:\Program Files (x86)\AVG\AVG10\avgcerta.dll - ok
08:26:19.0542 3408 [ E07B77C3BDC82A024E294FB67ABFEDA0 ] C:\Windows\SysWOW64\shdocvw.dll
08:26:19.0542 3408 C:\Windows\SysWOW64\shdocvw.dll - ok
08:26:19.0548 3408 [ 33BAC6BB9AE471B8F1CB54337BE6D03D ] C:\Program Files (x86)\AVG\AVG10\avgchcla.dll
08:26:19.0548 3408 C:\Program Files (x86)\AVG\AVG10\avgchcla.dll - ok
08:26:19.0551 3408 [ 9ED9F21D73F9D71E30EAB71835E656EB ] C:\Users\A\AppData\Local\Temp\007FD115-238E-4B31-AE74-97C7935CBC89.exe
08:26:19.0551 3408 C:\Users\A\AppData\Local\Temp\007FD115-238E-4B31-AE74-97C7935CBC89.exe - ok
08:26:19.0558 3408 [ 3989BB6998C32753FDD5493879C1835A ] C:\Windows\SysWOW64\ncrypt.dll
08:26:19.0558 3408 C:\Windows\SysWOW64\ncrypt.dll - ok
08:26:19.0563 3408 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
08:26:19.0563 3408 C:\Windows\SysWOW64\bcrypt.dll - ok
08:26:19.0569 3408 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
08:26:19.0569 3408 C:\Windows\System32\spfileq.dll - ok
08:26:19.0575 3408 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
08:26:19.0575 3408 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
08:26:19.0581 3408 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
08:26:19.0581 3408 C:\Windows\SysWOW64\gpapi.dll - ok
08:26:19.0586 3408 [ 506C4E1324ABE11CEC172569F5DDAB06 ] C:\Windows\SysWOW64\cryptnet.dll
08:26:19.0586 3408 C:\Windows\SysWOW64\cryptnet.dll - ok
08:26:19.0592 3408 [ BF591B5C2CC38314518467E883AE37C5 ] C:\Windows\SysWOW64\credssp.dll
08:26:19.0593 3408 C:\Windows\SysWOW64\credssp.dll - ok
08:26:19.0598 3408 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
08:26:19.0598 3408 C:\Windows\SysWOW64\wship6.dll - ok
08:26:19.0604 3408 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
08:26:19.0604 3408 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
08:26:19.0610 3408 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
08:26:19.0610 3408 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
08:26:19.0616 3408 [ 62390F4ACE9E2B63E3CA26B7F7497897 ] C:\Windows\SysWOW64\dnsapi.dll
08:26:19.0616 3408 C:\Windows\SysWOW64\dnsapi.dll - ok
08:26:19.0622 3408 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
08:26:19.0622 3408 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
08:26:19.0628 3408 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
08:26:19.0628 3408 C:\Windows\SysWOW64\rasadhlp.dll - ok
08:26:19.0633 3408 [ 158117F3CF278F01C6F24E89E2141E81 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
08:26:19.0633 3408 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
08:26:19.0639 3408 [ 82644C53DFBB72191F598EB22442EF97 ] C:\Program Files (x86)\AVG\AVG10\avgxpla.dll
08:26:19.0639 3408 C:\Program Files (x86)\AVG\AVG10\avgxpla.dll - ok
08:26:19.0646 3408 [ 3A387E0E973D45469A08A703407F2E6F ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll
08:26:19.0646 3408 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll - ok
08:26:19.0652 3408 [ 691C8DFB208227F0CBB5C0897C742ACE ] C:\Windows\SysWOW64\WindowsCodecs.dll
08:26:19.0652 3408 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
08:26:19.0658 3408 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
08:26:19.0658 3408 C:\Windows\SysWOW64\EhStorShell.dll - ok
08:26:19.0667 3408 [ 9141FE8D904CE682A3BDCFAE96BB04EF ] C:\Windows\SysWOW64\ntshrui.dll
08:26:19.0667 3408 C:\Windows\SysWOW64\ntshrui.dll - ok
08:26:19.0672 3408 [ ADD9D33D685DFADDFAD5AFB42CF31A70 ] C:\Windows\SysWOW64\cscapi.dll
08:26:19.0672 3408 C:\Windows\SysWOW64\cscapi.dll - ok
08:26:19.0677 3408 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
08:26:19.0677 3408 C:\Windows\SysWOW64\slc.dll - ok
08:26:19.0682 3408 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
08:26:19.0682 3408 C:\Windows\SysWOW64\imageres.dll - ok
08:26:19.0688 3408 [ 60CAE1FA4888ED41B41AEE91C774E4A2 ] C:\Windows\System32\taskeng.exe
08:26:19.0688 3408 C:\Windows\System32\taskeng.exe - ok
08:26:19.0694 3408 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
08:26:19.0694 3408 C:\Windows\System32\TSChannel.dll - ok
08:26:19.0700 3408 [ C65B115A03DB0260895DE96681E88221 ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
08:26:19.0700 3408 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe - ok
08:26:19.0707 3408 [ 682A19CEA431A29D0B5A931332ADBC2A ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
08:26:19.0707 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe - ok
08:26:19.0713 3408 [ B508A4EE516D905730458BB50B79979B ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
08:26:19.0713 3408 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
08:26:19.0719 3408 [ 0470997A5ADC2FCDDCB3461D92073FAA ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\GdiPlus.dll
08:26:19.0719 3408 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.17007_none_72f44f3186198a88\GdiPlus.dll - ok
08:26:19.0727 3408 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
08:26:19.0727 3408 C:\Windows\SysWOW64\ddraw.dll - ok
08:26:19.0731 3408 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
08:26:19.0731 3408 C:\Windows\SysWOW64\dciman32.dll - ok
08:26:19.0737 3408 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
08:26:19.0737 3408 C:\Windows\SysWOW64\msvcp71.dll - ok
08:26:19.0743 3408 [ 7459301D21C2E21468823F73042D9F87 ] C:\Windows\SysWOW64\d3d9.dll
08:26:19.0743 3408 C:\Windows\SysWOW64\d3d9.dll - ok
08:26:19.0748 3408 [ 7B93C623333F121DC9E689CCB1B7A733 ] C:\Windows\SysWOW64\MFC71u.dll
08:26:19.0749 3408 C:\Windows\SysWOW64\MFC71u.dll - ok
08:26:19.0755 3408 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
08:26:19.0755 3408 C:\Windows\SysWOW64\msvcr71.dll - ok
08:26:19.0760 3408 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
08:26:19.0760 3408 C:\Windows\SysWOW64\d3d8thk.dll - ok
08:26:19.0766 3408 [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\SysWOW64\MFC71.dll
08:26:19.0766 3408 C:\Windows\SysWOW64\MFC71.dll - ok
08:26:19.0772 3408 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
08:26:19.0772 3408 C:\Windows\SysWOW64\shfolder.dll - ok
08:26:19.0778 3408 [ 552109D914C92269FECBB3AE7EC1B20D ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
08:26:19.0778 3408 C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
08:26:19.0784 3408 [ 7CAB8079DA80480477435FC57F5C8F38 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll
08:26:19.0785 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll - ok
08:26:19.0790 3408 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
08:26:19.0791 3408 C:\Windows\SysWOW64\drprov.dll - ok
08:26:19.0796 3408 [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
08:26:19.0796 3408 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
08:26:19.0802 3408 [ 06018B349666595970E15397E78A0D77 ] C:\Windows\SysWOW64\ntlanman.dll
08:26:19.0803 3408 C:\Windows\SysWOW64\ntlanman.dll - ok
08:26:19.0806 3408 [ 7FB5696EBCB8131AD2E2DEFE5F19C4B5 ] C:\Windows\SysWOW64\davclnt.dll
08:26:19.0806 3408 C:\Windows\SysWOW64\davclnt.dll - ok
08:26:19.0812 3408 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
08:26:19.0812 3408 C:\Windows\SysWOW64\davhlpr.dll - ok
08:26:19.0818 3408 [ BA38C50F523DC053488AC3F9EF99AA0B ] C:\Windows\SysWOW64\igdumdx32.dll
08:26:19.0818 3408 C:\Windows\SysWOW64\igdumdx32.dll - ok
08:26:19.0824 3408 [ 10AB9C9ADB89816BEFB077E72659D029 ] C:\Windows\SysWOW64\igdumd32.dll
08:26:19.0824 3408 C:\Windows\SysWOW64\igdumd32.dll - ok
08:26:19.0829 3408 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
08:26:19.0829 3408 C:\Windows\SysWOW64\powrprof.dll - ok
08:26:19.0836 3408 [ 3F126756F43B4EE74A4831145D99B9BA ] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll
08:26:19.0836 3408 C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\Common\CLRCEngine3.dll - ok
08:26:19.0842 3408 [ E4CF00BD38B2F3E5A2473690B94B1785 ] C:\Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Common\CLRCEngine3.dll
08:26:19.0842 3408 C:\Program Files (x86)\Hewlett-Packard\Media\iTV\Kernel\Common\CLRCEngine3.dll - ok
08:26:19.0849 3408 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
08:26:19.0849 3408 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
08:26:19.0855 3408 [ 96F3F676B4D0DF4DA9C4081358C4662F ] C:\Windows\SysWOW64\wbemcomn.dll
08:26:19.0855 3408 C:\Windows\SysWOW64\wbemcomn.dll - ok
08:26:19.0861 3408 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
08:26:19.0861 3408 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
08:26:19.0867 3408 [ 1CEDFE91F527858CACA1B08B04666BC0 ] C:\Windows\SysWOW64\wbem\fastprox.dll
08:26:19.0867 3408 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
08:26:19.0873 3408 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
08:26:19.0873 3408 C:\Windows\SysWOW64\ntdsapi.dll - ok
08:26:19.0879 3408 [ 64D757051B5B273E55C93E4503EA4F3E ] C:\Windows\System32\wbem\WmiPrvSE.exe
08:26:19.0879 3408 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
08:26:19.0885 3408 [ EE24C42561D40F7AD7C2A7A460287090 ] C:\Windows\System32\wbem\cimwin32.dll
08:26:19.0885 3408 C:\Windows\System32\wbem\cimwin32.dll - ok
08:26:19.0891 3408 [ 5D89D063A4CB036C258685C8E057E768 ] C:\Windows\System32\framedynos.dll
08:26:19.0891 3408 C:\Windows\System32\framedynos.dll - ok
08:26:19.0897 3408 [ 76DC9F4FE66BC3867615F142766B4C50 ] C:\Windows\System32\wmi.dll
08:26:19.0897 3408 C:\Windows\System32\wmi.dll - ok
08:26:19.0902 3408 [ 14C6A59904D397C6D85DADA9ACBB6FAB ] C:\Windows\System32\browcli.dll
08:26:19.0902 3408 C:\Windows\System32\browcli.dll - ok
08:26:19.0908 3408 [ 28142AAF1565736CE0E5D7EFCE3CC0F8 ] C:\Windows\System32\schedcli.dll
08:26:19.0908 3408 C:\Windows\System32\schedcli.dll - ok
08:26:19.0914 3408 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
08:26:19.0914 3408 C:\Windows\SysWOW64\mlang.dll - ok
08:26:19.0920 3408 [ 06C14CE6EE41C0498027D8ED7BC895AE ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll
08:26:19.0920 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapX.dll - ok
08:26:19.0926 3408 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
08:26:19.0926 3408 C:\Windows\SysWOW64\dsound.dll - ok
08:26:19.0931 3408 [ 74C76BB54B26CE50C4BC755F92687C63 ] C:\Windows\SysWOW64\mfc42.dll
08:26:19.0932 3408 C:\Windows\SysWOW64\mfc42.dll - ok
08:26:19.0937 3408 [ 5764C381949147EBCFB9A7134E2ABF06 ] C:\Windows\SysWOW64\odbc32.dll
08:26:19.0937 3408 C:\Windows\SysWOW64\odbc32.dll - ok
08:26:19.0943 3408 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
08:26:19.0943 3408 C:\Windows\SysWOW64\msvcp60.dll - ok
08:26:19.0949 3408 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
08:26:19.0949 3408 C:\Windows\SysWOW64\odbcint.dll - ok
08:26:19.0955 3408 [ A03BE0BEDD773F73A79E0AFBEAA26DE2 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll
08:26:19.0955 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLAuMixer.dll - ok
08:26:19.0962 3408 [ 260D941246F52B6F456765D24F7D5A6B ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll
08:26:19.0962 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLSchMgr.dll - ok
08:26:19.0967 3408 [ 88FBE86112DB7E4FEB77A4A15C95EBEF ] C:\Windows\SysWOW64\mfc42u.dll
08:26:19.0967 3408 C:\Windows\SysWOW64\mfc42u.dll - ok
08:26:19.0973 3408 [ A3C8D7B34E1262B9B9060876FEB691D8 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll
08:26:19.0973 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLCapEngine.dll - ok
08:26:19.0979 3408 [ AE923380F5ABB8917A5A8B774541064A ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\PCMRRec4.dll
08:26:19.0979 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\PCMRRec4.dll - ok
08:26:19.0986 3408 [ A223CF703E28CBD7E9E7982141FA403C ] C:\Windows\SysWOW64\comdlg32.dll
08:26:19.0986 3408 C:\Windows\SysWOW64\comdlg32.dll - ok
08:26:19.0992 3408 [ D3EAD1CF16BA729A7F7C9A5D94AA7C05 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll
08:26:19.0992 3408 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7600.16661_none_ebfb56996c72aefc\comctl32.dll - ok
08:26:19.0998 3408 [ 70F03B29A62194E69911952B3640D9D2 ] C:\Windows\SysWOW64\msdmo.dll
08:26:19.0998 3408 C:\Windows\SysWOW64\msdmo.dll - ok
08:26:20.0004 3408 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
08:26:20.0004 3408 C:\Windows\SysWOW64\devenum.dll - ok
08:26:20.0011 3408 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
08:26:20.0011 3408 C:\Windows\SysWOW64\avicap32.dll - ok
08:26:20.0016 3408 [ 2DEEB96A0957BD058753FF250E85EF49 ] C:\Windows\SysWOW64\msvfw32.dll
08:26:20.0016 3408 C:\Windows\SysWOW64\msvfw32.dll - ok
08:26:20.0021 3408 [ E32B288B38C3182D9F890F45B067A5DB ] C:\Windows\SysWOW64\vfwwdm32.dll
08:26:20.0022 3408 C:\Windows\SysWOW64\vfwwdm32.dll - ok
08:26:20.0027 3408 [ 8C680C0E6B3D6711B2B88AC82FE1804E ] C:\Windows\SysWOW64\MMDevAPI.dll
08:26:20.0027 3408 C:\Windows\SysWOW64\MMDevAPI.dll - ok
08:26:20.0033 3408 [ B24ABFAB2D541996A38905369D511953 ] C:\Windows\SysWOW64\wdmaud.drv
08:26:20.0033 3408 C:\Windows\SysWOW64\wdmaud.drv - ok
08:26:20.0040 3408 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
08:26:20.0040 3408 C:\Windows\SysWOW64\ksuser.dll - ok
08:26:20.0045 3408 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
08:26:20.0045 3408 C:\Windows\SysWOW64\avrt.dll - ok
08:26:20.0051 3408 [ AFBB5060A2DAD431A2EAEB2C86CFFE81 ] C:\Windows\SysWOW64\AudioSes.dll
08:26:20.0051 3408 C:\Windows\SysWOW64\AudioSes.dll - ok
08:26:20.0055 3408 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
08:26:20.0055 3408 C:\Windows\SysWOW64\msacm32.drv - ok
08:26:20.0061 3408 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
08:26:20.0061 3408 C:\Windows\SysWOW64\midimap.dll - ok
08:26:20.0067 3408 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
08:26:20.0067 3408 C:\Windows\System32\wbem\wmipcima.dll - ok
08:26:20.0073 3408 [ A4D34A0ACCF461C0F2D5D67FDE87F92E ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll
08:26:20.0073 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CLTinyDB.dll - ok
08:26:20.0080 3408 [ 11CDF138552BFEC115B60ED6DC3ACEB6 ] C:\Windows\SysWOW64\devrtl.dll
08:26:20.0080 3408 C:\Windows\SysWOW64\devrtl.dll - ok
08:26:20.0085 3408 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
08:26:20.0085 3408 C:\Windows\System32\ie4uinit.exe - ok
08:26:20.0092 3408 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
08:26:20.0092 3408 C:\Windows\System32\iedkcs32.dll - ok
08:26:20.0097 3408 [ 18245DC72B65D488A8B2D75A8FE088EA ] C:\Windows\System32\timedate.cpl
08:26:20.0097 3408 C:\Windows\System32\timedate.cpl - ok
08:26:20.0103 3408 [ FBE8EBF528DC49B3DEB186CA9545D97E ] C:\Windows\System32\shdocvw.dll
08:26:20.0103 3408 C:\Windows\System32\shdocvw.dll - ok
08:26:20.0108 3408 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
08:26:20.0108 3408 C:\Windows\System32\linkinfo.dll - ok
08:26:20.0114 3408 [ 46EDD0A6B42BA5D2044FA0909BE4BE95 ] C:\Windows\System32\msftedit.dll
08:26:20.0115 3408 C:\Windows\System32\msftedit.dll - ok
08:26:20.0120 3408 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
08:26:20.0120 3408 C:\Windows\System32\msls31.dll - ok
08:26:20.0126 3408 [ 14F5C0DB4B2C47874D6C937A5A1B367C ] C:\Windows\System32\gameux.dll
08:26:20.0126 3408 C:\Windows\System32\gameux.dll - ok
08:26:20.0132 3408 [ F468C806267D46B68DB7EB32FBF0A103 ] C:\Windows\System32\thumbcache.dll
08:26:20.0132 3408 C:\Windows\System32\thumbcache.dll - ok
08:26:20.0137 3408 [ DD76912E8D165C68659D9875256710A3 ] C:\Windows\System32\DeviceCenter.dll
08:26:20.0138 3408 C:\Windows\System32\DeviceCenter.dll - ok
08:26:20.0144 3408 [ 435AFCEBC01BE92CF988F86A64DE5B4E ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:26:20.0144 3408 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
08:26:20.0149 3408 [ 8BC7AE7E16458355508ECF5EC3A04E72 ] C:\Windows\System32\networkexplorer.dll
08:26:20.0149 3408 C:\Windows\System32\networkexplorer.dll - ok
08:26:20.0155 3408 [ 4C590463E5B60310DBE660686C6CCF7B ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
08:26:20.0155 3408 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
08:26:20.0161 3408 [ 7A2C26459B599A2D6D5401F73ACA1981 ] C:\Program Files\IDT\WDM\sttray64.exe
08:26:20.0162 3408 C:\Program Files\IDT\WDM\sttray64.exe - ok
08:26:20.0167 3408 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
08:26:20.0167 3408 C:\Windows\System32\msiltcfg.dll - ok
08:26:20.0173 3408 [ 7FA5CA36B613A000F3A37E6B5170A195 ] C:\Windows\System32\d2d1.dll
08:26:20.0173 3408 C:\Windows\System32\d2d1.dll - ok
08:26:20.0179 3408 [ E9FD4DA5188391ECD30E6C29213EABF0 ] C:\Windows\System32\DWrite.dll
08:26:20.0179 3408 C:\Windows\System32\DWrite.dll - ok
08:26:20.0185 3408 [ A0DD3037E2DC702A7BED6C3CC2DB8FA6 ] C:\Program Files\Java\jre6\bin\jusched.exe
08:26:20.0185 3408 C:\Program Files\Java\jre6\bin\jusched.exe - ok
08:26:20.0191 3408 [ 0BBFE08ECCE8A209D07C3B68D63FC293 ] C:\Windows\System32\igfxtray.exe
08:26:20.0191 3408 C:\Windows\System32\igfxtray.exe - ok
08:26:20.0196 3408 [ 05EA520BFB1D3085CB12A4355598081D ] C:\Windows\System32\hccutils.dll
08:26:20.0197 3408 C:\Windows\System32\hccutils.dll - ok
08:26:20.0202 3408 [ 8CCAC20D08D0B5B3717F211D12C38D35 ] C:\Program Files\IDT\WDM\stlang64.dll
08:26:20.0202 3408 C:\Program Files\IDT\WDM\stlang64.dll - ok
08:26:20.0208 3408 [ D50B225D4B6462994A898D1F53346DDD ] C:\Windows\System32\SynCOM.dll
08:26:20.0209 3408 C:\Windows\System32\SynCOM.dll - ok
08:26:20.0214 3408 [ 2F16207A65B62001FC73E6798D0B8F2A ] C:\Windows\System32\hkcmd.exe
08:26:20.0214 3408 C:\Windows\System32\hkcmd.exe - ok
08:26:20.0220 3408 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
08:26:20.0220 3408 C:\Windows\System32\wbem\NCProv.dll - ok
08:26:20.0226 3408 [ B69A01794D44C769C2575AE75E2EB31F ] C:\Windows\System32\igfxpers.exe
08:26:20.0226 3408 C:\Windows\System32\igfxpers.exe - ok
08:26:20.0232 3408 [ CCF2234A35077CA217A61C9CACC48198 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
08:26:20.0232 3408 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe - ok
08:26:20.0239 3408 [ 579FAC74640BE728403021975AD73C89 ] C:\Windows\System32\SynTPAPI.dll
08:26:20.0239 3408 C:\Windows\System32\SynTPAPI.dll - ok
08:26:20.0245 3408 [ C0D12E6C85FC6DD7FF1DBB04F2DC933B ] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
08:26:20.0245 3408 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe - ok
08:26:20.0251 3408 [ 2C64AF297F12582BD95D7D94C18E464C ] C:\Windows\System32\esent.dll
08:26:20.0251 3408 C:\Windows\System32\esent.dll - ok
08:26:20.0257 3408 [ E0E15F209360E4A97ABCC21A486B4AEE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
08:26:20.0257 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe - ok
08:26:20.0263 3408 [ 9AB3620C0A97366E1565967BD78BF64C ] C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
08:26:20.0263 3408 C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll - ok
08:26:20.0270 3408 [ 83519035DBEEA9A6C87DE6D6967BCAB2 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
08:26:20.0270 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
08:26:20.0275 3408 [ D890EDDD0528E04049C9D524FBA1C506 ] C:\Windows\System32\igfxsrvc.exe
08:26:20.0275 3408 C:\Windows\System32\igfxsrvc.exe - ok
08:26:20.0281 3408 [ 31FF084BFAA35307DBAB4FA60CF7DBB7 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
08:26:20.0281 3408 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
08:26:20.0287 3408 [ 3C6BA75D9D1ACAE9F14B883280D8F702 ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
08:26:20.0287 3408 C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
08:26:20.0293 3408 [ 7DA4F72284D2C927927DFC0E12AFAB85 ] C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
08:26:20.0293 3408 C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll - ok
08:26:20.0299 3408 [ D32EE82DA63D39D337D5AEEA2928B1DE ] C:\Windows\System32\consent.exe
08:26:20.0299 3408 C:\Windows\System32\consent.exe - ok
08:26:20.0305 3408 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
08:26:20.0305 3408 C:\Windows\System32\msimg32.dll - ok
08:26:20.0309 3408 [ A28AE60EDCC216347AB3297DF74630E6 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
08:26:20.0309 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
08:26:20.0315 3408 [ 8632932F46C4B254351994E74ACC7A0C ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
08:26:20.0315 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
08:26:20.0321 3408 [ 82D73D171BF119B5AAE68BFEFADFE9FE ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll
08:26:20.0321 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd_main.dll - ok
08:26:20.0327 3408 [ CD1E74BC24CB1D1544406741F46F4D61 ] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
08:26:20.0327 3408 C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe - ok
08:26:20.0333 3408 [ 31A6D4B8803CCBA44271F05E08C4955A ] C:\Windows\System32\igfxsrvc.dll
08:26:20.0333 3408 C:\Windows\System32\igfxsrvc.dll - ok
08:26:20.0340 3408 [ 0771A5C3B78967F9F83C1C429334AD2A ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
08:26:20.0340 3408 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe - ok
08:26:20.0345 3408 [ 61E02CC3184B63FAFE0B83EAC8B3B8EF ] C:\Windows\SysWOW64\winspool.drv
08:26:20.0346 3408 C:\Windows\SysWOW64\winspool.drv - ok
08:26:20.0351 3408 [ F51059EE3C543CB364A069CAFB252031 ] C:\Windows\System32\igfxdev.dll
08:26:20.0351 3408 C:\Windows\System32\igfxdev.dll - ok
08:26:20.0357 3408 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
08:26:20.0357 3408 C:\Windows\SysWOW64\hid.dll - ok
08:26:20.0368 3408 [ 352C7C2470C03AFD41889236D849D75C ] C:\Windows\System32\igfxrenu.lrc
08:26:20.0368 3408 C:\Windows\System32\igfxrenu.lrc - ok
08:26:20.0372 3408 [ E8F915D5140A75ABFF036BBF9D0941AD ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
08:26:20.0372 3408 C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe - ok
08:26:20.0378 3408 [ C7F22545C0C424265E57AA1D220090C6 ] C:\Windows\System32\igfxress.dll
08:26:20.0378 3408 C:\Windows\System32\igfxress.dll - ok
08:26:20.0384 3408 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
08:26:20.0384 3408 C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe - ok
08:26:20.0390 3408 [ 48A8CCC60521AD437CAF2DDEBEF6E9E4 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll
08:26:20.0390 3408 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll - ok
08:26:20.0396 3408 [ 21EE912784A013DC44071ECC4F932388 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll
08:26:20.0396 3408 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\mfc80u.dll - ok
08:26:20.0403 3408 [ 33E5A8FC8EB0EE42478F8538D0215D8F ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
08:26:20.0403 3408 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe - ok
08:26:20.0408 3408 [ BAF10E9C4A0A20BBCE6DE4B5A1417351 ] C:\Windows\SysWOW64\wpdshext.dll
08:26:20.0408 3408 C:\Windows\SysWOW64\wpdshext.dll - ok
08:26:20.0414 3408 [ 5516C26A6AF8EB4E2CAB48EC98A74398 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
08:26:20.0414 3408 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
08:26:20.0421 3408 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
08:26:20.0421 3408 C:\Windows\System32\ieframe.dll - ok
08:26:20.0427 3408 [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
08:26:20.0427 3408 C:\Windows\System32\irprops.cpl - ok
08:26:20.0433 3408 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
08:26:20.0433 3408 C:\Windows\System32\wsock32.dll - ok
08:26:20.0439 3408 [ C16C054F1E07EE69090B03B5E053BA36 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll
08:26:20.0439 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\GenerationalStorage.dll - ok
08:26:20.0445 3408 [ F81F14DC4DD866552DD37398E68FE23F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll
08:26:20.0445 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\ChunkingLibrary.dll - ok
08:26:20.0452 3408 [ EFFB8EC0A41B0E74AD1555248F5EB0D6 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcp80.dll
08:26:20.0452 3408 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_88dce9872fb18caf\msvcp80.dll - ok
08:26:20.0458 3408 [ E166B98DE88E207E2F0CEF8BDCF0CD73 ] C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll
08:26:20.0458 3408 C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll - ok
08:26:20.0465 3408 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
08:26:20.0465 3408 C:\Windows\System32\SensApi.dll - ok
08:26:20.0470 3408 [ 39DA9B01E6A88EEC314137DDED6CC288 ] C:\Program Files (x86)\Yahoo!\Messenger\ylog.dll
08:26:20.0470 3408 C:\Program Files (x86)\Yahoo!\Messenger\ylog.dll - ok
08:26:20.0476 3408 [ CA1633BDB9D879263266BCE82F326789 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll
08:26:20.0476 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\AOSKit.dll - ok
08:26:20.0482 3408 [ DA4ED31DD43ABB0AF99888E236FFDB91 ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
08:26:20.0482 3408 C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe - ok
08:26:20.0488 3408 [ 6EC594AB7EFA45EACDE65FD4040F53D9 ] C:\Windows\SysWOW64\riched20.dll
08:26:20.0488 3408 C:\Windows\SysWOW64\riched20.dll - ok
08:26:20.0494 3408 [ DC3FF4E57BB9E0AD3B62ADC5B47274CC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll
08:26:20.0494 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\Foundation.dll - ok
08:26:20.0500 3408 [ 72AB6633E9B39EC7FEBEDF083A9061E5 ] C:\Windows\System32\mscoree.dll
08:26:20.0500 3408 C:\Windows\System32\mscoree.dll - ok
08:26:20.0506 3408 [ 691F4EFDB85F66D6A78EDE260FDA5C6D ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
08:26:20.0506 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
08:26:20.0512 3408 [ 3103FE27C967675B019E880AA6DA3D6D ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:26:20.0512 3408 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
08:26:20.0518 3408 [ CCB32AEEEA47C89CDF072A1253091DCC ] C:\Program Files (x86)\Yahoo!\Messenger\YCPFoundation.dll
08:26:20.0518 3408 C:\Program Files (x86)\Yahoo!\Messenger\YCPFoundation.dll - ok
08:26:20.0524 3408 [ BA2655001D1F017EDFD9132D5C07E941 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe
08:26:20.0524 3408 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\hiddata.exe - ok
08:26:20.0530 3408 [ 3A0647BDED81DBE0BCBB51D70B22C9E0 ] C:\Program Files (x86)\Java\jre6\bin\jusched.exe
08:26:20.0531 3408 C:\Program Files (x86)\Java\jre6\bin\jusched.exe - ok
08:26:20.0537 3408 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
08:26:20.0537 3408 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
08:26:20.0543 3408 [ C11B8BC9BEA34B69ACF1F35849B75E27 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
08:26:20.0543 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
08:26:20.0549 3408 [ 3220206475B06008E8C2A1476EE3C1BE ] C:\Program Files (x86)\Yahoo!\Messenger\nspr4.dll
08:26:20.0549 3408 C:\Program Files (x86)\Yahoo!\Messenger\nspr4.dll - ok
08:26:20.0555 3408 [ 06105D08927E3498B3D380CBF0688E78 ] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
08:26:20.0555 3408 C:\Program Files (x86)\AVG\AVG10\avgtray.exe - ok
08:26:20.0558 3408 [ A3981755FBF4CA6ED591E716855ED58F ] C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
08:26:20.0558 3408 C:\Program Files (x86)\Yahoo!\Messenger\yui.dll - ok
08:26:20.0565 3408 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
08:26:20.0565 3408 C:\Windows\SysWOW64\oledlg.dll - ok
08:26:20.0570 3408 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] C:\Windows\System32\FntCache.dll
08:26:20.0570 3408 C:\Windows\System32\FntCache.dll - ok
08:26:20.0576 3408 [ 3CA4ADDA47D97DDF412893F1D03EA6F6 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
08:26:20.0576 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
08:26:20.0583 3408 [ 20C80EAC0C01BE17E4B9C6128CF621D3 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
08:26:20.0583 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe - ok
08:26:20.0588 3408 [ 70CF4129C12FC061F0D4F9AEAE7DCAAE ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
08:26:20.0589 3408 C:\Program Files (x86)\AVG Secure Search\vprot.exe - ok
08:26:20.0595 3408 [ D29046DC1D22561F3CE08DAC22BBB17B ] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe
08:26:20.0595 3408 C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe - ok
08:26:20.0600 3408 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
08:26:20.0600 3408 C:\Windows\SysWOW64\msimg32.dll - ok
08:26:20.0606 3408 [ 7AE55DFD1BBCF8A6C6DDB2E92A5BE5F8 ] C:\Program Files (x86)\Yahoo!\Messenger\ymsglite.dll
08:26:20.0606 3408 C:\Program Files (x86)\Yahoo!\Messenger\ymsglite.dll - ok
08:26:20.0612 3408 [ 8760760326B0CE221149C961D3F72BD9 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
08:26:20.0612 3408 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe - ok
08:26:20.0619 3408 [ B45F2C4076ACFD9714037B7C69D90167 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
08:26:20.0619 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
08:26:20.0625 3408 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
08:26:20.0625 3408 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
08:26:20.0631 3408 [ E0CD5872CA4552056C4C705361A6BB5A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
08:26:20.0632 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
08:26:20.0638 3408 [ 60CC15392FF14DCB9C29C69B3233741B ] C:\Windows\System32\stobject.dll
08:26:20.0638 3408 C:\Windows\System32\stobject.dll - ok
08:26:20.0644 3408 [ 86B6AC0FD2881B3D20B80F51C7152AE0 ] C:\Windows\System32\batmeter.dll
08:26:20.0644 3408 C:\Windows\System32\batmeter.dll - ok
08:26:20.0650 3408 [ 34086F1DBB4065047EA3671CB70505CC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
08:26:20.0650 3408 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
08:26:20.0656 3408 [ 7E72B82A67212BC07E23CC96D966B1CF ] C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
08:26:20.0656 3408 C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe - ok
08:26:20.0662 3408 [ B1CA4AA760FF0DDFA1C38E95D19CFEFB ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
08:26:20.0662 3408 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
08:26:20.0668 3408 [ 0654195051D1024C005E7BE135A6FEE7 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
08:26:20.0668 3408 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
08:26:20.0676 3408 [ E7FE89F69C3CC65CAD3D1ADC5D6A9F41 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
08:26:20.0676 3408 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
08:26:20.0681 3408 [ 1EBF4A9F2500A6A932B59838646EF0A0 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll
08:26:20.0681 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll - ok
08:26:20.0687 3408 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] C:\Windows\System32\qmgr.dll
08:26:20.0687 3408 C:\Windows\System32\qmgr.dll - ok
08:26:20.0692 3408 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
08:26:20.0693 3408 C:\Windows\System32\bitsigd.dll - ok
08:26:20.0698 3408 [ 4E75477E8BFA55C6F1F2688FB553F0C5 ] C:\Windows\System32\bitsperf.dll
08:26:20.0698 3408 C:\Windows\System32\bitsperf.dll - ok
08:26:20.0704 3408 [ 9E29BC11A70165635CC10D42E64CFEE1 ] C:\Windows\System32\upnp.dll
08:26:20.0704 3408 C:\Windows\System32\upnp.dll - ok
08:26:20.0710 3408 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
08:26:20.0710 3408 C:\Windows\System32\ssdpsrv.dll - ok
08:26:20.0716 3408 [ D02F845EF350910B3424AD15BBB68E83 ] C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
08:26:20.0716 3408 C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok
08:26:20.0722 3408 [ 5FB2251AA879CDD0CECE6AD95C7B1584 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll
08:26:20.0722 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll - ok
08:26:20.0731 3408 [ E8F37BF269BA96C6D7F566A949ADB5E0 ] C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll
08:26:20.0731 3408 C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll - ok
08:26:20.0736 3408 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
08:26:20.0736 3408 C:\Windows\System32\qmgrprxy.dll - ok
08:26:20.0742 3408 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
08:26:20.0742 3408 C:\Windows\SysWOW64\qmgrprxy.dll - ok
08:26:20.0748 3408 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
08:26:20.0748 3408 C:\Windows\System32\UIAnimation.dll - ok
08:26:20.0754 3408 [ FDF273A845F1FFCCEADF363AAF47582F ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:26:20.0754 3408 C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
08:26:20.0760 3408 [ 0CCA9F023E7DC078D7CFBF024655AB7F ] C:\Windows\System32\d3d10warp.dll
08:26:20.0760 3408 C:\Windows\System32\d3d10warp.dll - ok
08:26:20.0767 3408 [ 9CB819197E6B2FD3DC0429E3DC1CCFDD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll
08:26:20.0767 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libtidy.dll - ok
08:26:20.0773 3408 [ AF8BA229989675949F7F0117C9FE4E4B ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll
08:26:20.0773 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll - ok
08:26:20.0779 3408 [ 971C7067694CAB9486A3860FD19F7F87 ] C:\Program Files (x86)\Yahoo!\Messenger\YHTTP.dll
08:26:20.0779 3408 C:\Program Files (x86)\Yahoo!\Messenger\YHTTP.dll - ok
08:26:20.0785 3408 [ D5369247B6C11EAE2C0650D8303E23B4 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
08:26:20.0785 3408 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
08:26:20.0791 3408 [ 913C2E4A03201644FC986EDEB5F8A390 ] C:\Windows\System32\DXP.dll
08:26:20.0791 3408 C:\Windows\System32\DXP.dll - ok
08:26:20.0797 3408 [ 618933C71F7750B932E84F0F040399A5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll
08:26:20.0797 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ApplePushService.dll - ok
08:26:20.0803 3408 [ AF28348ED585539C4A33A4341FF23696 ] C:\Windows\System32\oleacc.dll
08:26:20.0803 3408 C:\Windows\System32\oleacc.dll - ok
08:26:20.0806 3408 [ 2A556E2D703DED03186C596B90AC6869 ] C:\Windows\System32\mapi32.dll
08:26:20.0806 3408 C:\Windows\System32\mapi32.dll - ok
08:26:20.0813 3408 [ 651F169718CC46C8A9264880C538D5FF ] C:\Windows\System32\prnfldr.dll
08:26:20.0813 3408 C:\Windows\System32\prnfldr.dll - ok
08:26:20.0819 3408 [ 1B3A76271C10348D2B18644C19F8BC03 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll
08:26:20.0819 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll - ok
08:26:20.0825 3408 [ E94FEA490728CCEE37FD5168982D4A84 ] C:\Program Files (x86)\Yahoo!\Messenger\RGX.dll
08:26:20.0825 3408 C:\Program Files (x86)\Yahoo!\Messenger\RGX.dll - ok
08:26:20.0831 3408 [ ACCBA604D34842844133A731F8045B32 ] C:\Windows\SysWOW64\sxs.dll
08:26:20.0831 3408 C:\Windows\SysWOW64\sxs.dll - ok
08:26:20.0838 3408 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
08:26:20.0838 3408 C:\Windows\System32\AltTab.dll - ok
08:26:20.0843 3408 [ C753ED3DA24F3FE86F754E08A14E2460 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll
08:26:20.0843 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\Ubiquity.dll - ok
08:26:20.0849 3408 [ E63A7AABB533D0BAF69B2E2234864E4C ] C:\Program Files (x86)\Yahoo!\Messenger\YCPSSL.dll
08:26:20.0849 3408 C:\Program Files (x86)\Yahoo!\Messenger\YCPSSL.dll - ok
08:26:20.0855 3408 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
08:26:20.0855 3408 C:\Windows\System32\dssenh.dll - ok
08:26:20.0861 3408 [ 293096F7392F8C7035407CCFC73B813A ] C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
08:26:20.0861 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll - ok
08:26:20.0867 3408 [ 89084DD8C7A4C7FCDA50485B33C6C98D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll
08:26:20.0867 3408 C:\Program Files (x86)\Common Files\Apple\Internet Services\mmcs.dll - ok
08:26:20.0873 3408 [ 1D492902A20DE2DE188D7EDF00BC0BE3 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
08:26:20.0873 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
08:26:20.0879 3408 [ 1215326C3F11ED9874DE189F12D58AA6 ] C:\Program Files (x86)\Yahoo!\Messenger\yalertcenterM.dll
08:26:20.0879 3408 C:\Program Files (x86)\Yahoo!\Messenger\yalertcenterM.dll - ok
08:26:20.0886 3408 [ 05D9C84F8D236ADAA0372E4B74AFC9CB ] C:\Program Files (x86)\Yahoo!\Messenger\ymdm_audio.dll
08:26:20.0886 3408 C:\Program Files (x86)\Yahoo!\Messenger\ymdm_audio.dll - ok
08:26:20.0891 3408 [ C18B8EEADBC5E0FED8DED6FE2087312F ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll
08:26:20.0891 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll - ok
08:26:20.0897 3408 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\17319823.sys
08:26:20.0897 3408 C:\Windows\System32\drivers\17319823.sys - ok
08:26:20.0903 3408 [ 525137CAC21FCF94E5E2778E9335B40A ] C:\Program Files (x86)\Yahoo!\Messenger\rmc_audio.dll
08:26:20.0903 3408 C:\Program Files (x86)\Yahoo!\Messenger\rmc_audio.dll - ok
08:26:20.0909 3408 [ 76ADF8299BAEC9268AF6E202DE04211D ] C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll
08:26:20.0909 3408 C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll - ok
08:26:20.0915 3408 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
08:26:20.0915 3408 C:\Windows\System32\regsvr32.exe - ok
08:26:20.0921 3408 [ BB3A22F3EED85A12CFB2DD60D9F9B52F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
08:26:20.0921 3408 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe - ok
08:26:20.0928 3408 [ FD4F95ABDE5603478C929B6CB0BDCFFF ] C:\Windows\System32\pnidui.dll
08:26:20.0928 3408 C:\Windows\System32\pnidui.dll - ok
08:26:20.0936 3408 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
08:26:20.0936 3408 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
08:26:20.0940 3408 [ 031C6782F2D50336FC2C72F8D14A4C13 ] C:\Windows\System32\wbem\wmiprov.dll
08:26:20.0940 3408 C:\Windows\System32\wbem\wmiprov.dll - ok
08:26:20.0946 3408 [ 1846DC6A7D8BA2FA1AE55CAD8B814F21 ] C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
08:26:20.0946 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe - ok
08:26:20.0952 3408 [ BD03C64C4B1F34D1F330BF6C4AC8113D ] C:\Windows\System32\QUTIL.DLL
08:26:20.0952 3408 C:\Windows\System32\QUTIL.DLL - ok
08:26:20.0958 3408 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
08:26:20.0958 3408 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
08:26:20.0964 3408 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
08:26:20.0964 3408 C:\Windows\System32\Syncreg.dll - ok
08:26:20.0970 3408 [ 3963E5FFE9D20BDB9458E8511C85DA1E ] C:\Program Files (x86)\Yahoo!\Messenger\ymdm_video.dll
08:26:20.0970 3408 C:\Program Files (x86)\Yahoo!\Messenger\ymdm_video.dll - ok
08:26:20.0976 3408 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
08:26:20.0976 3408 C:\Windows\System32\FXSST.dll - ok
08:26:20.0982 3408 [ A9AB99EE7D39725EAFEC82732D2B3271 ] C:\Program Files\iPod\bin\iPodService.exe
08:26:20.0982 3408 C:\Program Files\iPod\bin\iPodService.exe - ok
08:26:20.0988 3408 [ 75838AB28CC1318345DA62B6C339068C ] C:\Windows\System32\GfxUI.exe
08:26:20.0988 3408 C:\Windows\System32\GfxUI.exe - ok
08:26:20.0993 3408 [ 3B9918933451EFE3CBB390C9592BB7A4 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll
08:26:20.0993 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll - ok
08:26:21.0000 3408 [ FF75659CBC7965C926C12C030443B3B4 ] C:\Program Files (x86)\Yahoo!\Messenger\core_video.dll
08:26:21.0000 3408 C:\Program Files (x86)\Yahoo!\Messenger\core_video.dll - ok
08:26:21.0006 3408 [ 5CB4174FB02E0BD4639B6EBDE31EC8E1 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
08:26:21.0006 3408 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
08:26:21.0012 3408 [ 34E6D8C67E7FD7C917BECFECA326B168 ] C:\Windows\System32\FXSAPI.dll
08:26:21.0012 3408 C:\Windows\System32\FXSAPI.dll - ok
08:26:21.0018 3408 [ BFC43967D25EA76082B9369B619AE5A7 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
08:26:21.0018 3408 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
08:26:21.0024 3408 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
08:26:21.0024 3408 C:\Windows\SysWOW64\winrnr.dll - ok
08:26:21.0029 3408 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
08:26:21.0030 3408 C:\Windows\SysWOW64\NapiNSP.dll - ok
08:26:21.0036 3408 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
08:26:21.0036 3408 C:\Windows\System32\FXSRESM.dll - ok
08:26:21.0041 3408 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
08:26:21.0041 3408 C:\Windows\SysWOW64\pnrpnsp.dll - ok
08:26:21.0047 3408 [ 3A2BB97D54A2189C9900A735C0531B59 ] C:\Windows\SysWOW64\wshbth.dll
08:26:21.0047 3408 C:\Windows\SysWOW64\wshbth.dll - ok
08:26:21.0053 3408 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
08:26:21.0053 3408 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
08:26:21.0057 3408 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
08:26:21.0057 3408 C:\Windows\ehome\ehSSO.dll - ok
08:26:21.0063 3408 [ 8AE42F1B8F104F78825DAEFD664D947D ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll
08:26:21.0063 3408 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\FnKyACTN.dll - ok
08:26:21.0069 3408 [ AB01C36BCC34CCFE5B0BB5FFB2605135 ] C:\Windows\System32\WPDShServiceObj.dll
08:26:21.0069 3408 C:\Windows\System32\WPDShServiceObj.dll - ok
08:26:21.0075 3408 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
08:26:21.0075 3408 C:\Windows\System32\PortableDeviceTypes.dll - ok
08:26:21.0081 3408 [ 199F9ADDB1C1E633169B9F6CB40D7724 ] C:\Program Files (x86)\AVG\AVG10\avglngx.dll
08:26:21.0081 3408 C:\Program Files (x86)\AVG\AVG10\avglngx.dll - ok
08:26:21.0087 3408 [ F9A79C5B27037821112C50A9C8FB367A ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
08:26:21.0087 3408 C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe - ok
08:26:21.0093 3408 [ 2C5B8A680A90E96B1EC0D6DA0505E685 ] C:\Windows\System32\srchadmin.dll
08:26:21.0093 3408 C:\Windows\System32\srchadmin.dll - ok
08:26:21.0099 3408 [ 8898C95862D03D16B2A06DB4DB6BB6B2 ] C:\Windows\SysWOW64\ExplorerFrame.dll
08:26:21.0099 3408 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
08:26:21.0105 3408 [ 9026515540C4A9B4F43ADB9CD73F0B39 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll
08:26:21.0105 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll - ok
08:26:21.0110 3408 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] C:\Windows\System32\FXSSVC.exe
08:26:21.0111 3408 C:\Windows\System32\FXSSVC.exe - ok
08:26:21.0117 3408 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
08:26:21.0117 3408 C:\Windows\System32\rasdlg.dll - ok
08:26:21.0123 3408 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
08:26:21.0123 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
08:26:21.0131 3408 [ 8CD2A697B18069A62A035E756E51E934 ] C:\Windows\System32\SearchIndexer.exe
08:26:21.0131 3408 C:\Windows\System32\SearchIndexer.exe - ok
08:26:21.0136 3408 [ 92B404BA9A60550DC6B6A00CDF324AD9 ] C:\Program Files (x86)\Yahoo!\Messenger\ConnectionWizard.dll
08:26:21.0136 3408 C:\Program Files (x86)\Yahoo!\Messenger\ConnectionWizard.dll - ok
08:26:21.0141 3408 [ 4FB1F2F9B02FA1138CACD2DEA3F5AEC8 ] C:\Windows\System32\riched20.dll
08:26:21.0141 3408 C:\Windows\System32\riched20.dll - ok
08:26:21.0147 3408 [ D3C8C6B6DB123B0E51ECFFF0F6DF145E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9a7b48ad2929bc93362ec42cd4573f87\mscorlib.ni.dll
08:26:21.0148 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9a7b48ad2929bc93362ec42cd4573f87\mscorlib.ni.dll - ok
08:26:21.0154 3408 [ 2E8B86936EAF591A50A35B0DE509FB9C ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
08:26:21.0154 3408 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
08:26:21.0160 3408 [ AF4DC6348884A5636F439FC6CE93A8DC ] C:\Program Files (x86)\AVG\AVG10\avgabout.dll
08:26:21.0160 3408 C:\Program Files (x86)\AVG\AVG10\avgabout.dll - ok
08:26:21.0166 3408 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
08:26:21.0166 3408 C:\Windows\SysWOW64\duser.dll - ok
08:26:21.0171 3408 [ F8F532C7509C3238C9827BAE861A48D7 ] C:\Windows\System32\tquery.dll
08:26:21.0172 3408 C:\Windows\System32\tquery.dll - ok
08:26:21.0178 3408 [ BB68579E181956E37EB11F9083C01CF3 ] C:\Windows\System32\dot3api.dll
08:26:21.0178 3408 C:\Windows\System32\dot3api.dll - ok
08:26:21.0183 3408 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
08:26:21.0183 3408 C:\Windows\System32\wlanhlp.dll - ok
08:26:21.0189 3408 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
08:26:21.0189 3408 C:\Windows\SysWOW64\dui70.dll - ok
08:26:21.0195 3408 [ 61B12427CCBF5512E3439664C00D5FCD ] C:\Program Files (x86)\AVG\AVG10\avguires.dll
08:26:21.0195 3408 C:\Program Files (x86)\AVG\AVG10\avguires.dll - ok
08:26:21.0200 3408 [ 21894CB605E416D26892DC445507408E ] C:\Windows\SysWOW64\pdh.dll
08:26:21.0201 3408 C:\Windows\SysWOW64\pdh.dll - ok
08:26:21.0206 3408 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
08:26:21.0206 3408 C:\Windows\System32\WWanAPI.dll - ok
08:26:21.0212 3408 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
08:26:21.0212 3408 C:\Windows\System32\wwapi.dll - ok
08:26:21.0218 3408 [ 0B9F7D42D745038437FAE70D97F9AD5A ] C:\Windows\System32\QAGENT.DLL
08:26:21.0218 3408 C:\Windows\System32\QAGENT.DLL - ok
08:26:21.0224 3408 [ 3A2F5C8666F08B31C61DBAE9C297551C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
08:26:21.0224 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
08:26:21.0230 3408 [ BA4A19DE93FBDFE6DB5F0EBC99732A06 ] C:\Windows\System32\mssrch.dll
08:26:21.0230 3408 C:\Windows\System32\mssrch.dll - ok
08:26:21.0236 3408 [ BE33E6A340B7C740226C28B177857948 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
08:26:21.0236 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
08:26:21.0241 3408 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
08:26:21.0242 3408 C:\Windows\System32\msidle.dll - ok
08:26:21.0248 3408 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
08:26:21.0248 3408 C:\Windows\System32\mssprxy.dll - ok
08:26:21.0253 3408 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
08:26:21.0253 3408 C:\Windows\System32\en-US\tquery.dll.mui - ok
08:26:21.0259 3408 [ C8FE465986FE1E242C92B6B76CDFEC6F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6ec488b702c100ad5d3e712db0e88554\System.ni.dll
08:26:21.0259 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\6ec488b702c100ad5d3e712db0e88554\System.ni.dll - ok
08:26:21.0265 3408 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
08:26:21.0265 3408 C:\Windows\SysWOW64\msisip.dll - ok
08:26:21.0271 3408 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
08:26:21.0271 3408 C:\Program Files\Internet Explorer\ieproxy.dll - ok
08:26:21.0277 3408 [ 6194CC4A71F51CF3E815252BB43AAC28 ] C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
08:26:21.0277 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe - ok
08:26:21.0284 3408 [ EFEA483CB72A27915FA97AF700FDA05C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6ea40f2da0e2321428a7bdd387e475fd\System.Drawing.ni.dll
08:26:21.0284 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6ea40f2da0e2321428a7bdd387e475fd\System.Drawing.ni.dll - ok
08:26:21.0290 3408 [ DD6C73502C5CE772ACA11BF1FE9389DB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\7cdb4f5d0ff25c672e52a333ee394bb8\WindowsBase.ni.dll
08:26:21.0290 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\7cdb4f5d0ff25c672e52a333ee394bb8\WindowsBase.ni.dll - ok
08:26:21.0296 3408 [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
08:26:21.0296 3408 C:\Windows\SysWOW64\perfproc.dll - ok
08:26:21.0302 3408 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
08:26:21.0302 3408 C:\Windows\SysWOW64\perfos.dll - ok
08:26:21.0308 3408 [ 75A08148812AE3C68EFFF719E357CB85 ] C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll
08:26:21.0308 3408 C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll - ok
08:26:21.0316 3408 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
08:26:21.0316 3408 C:\Windows\System32\security.dll - ok
08:26:21.0321 3408 [ 3F6095530D69F67314248C32798EA21E ] C:\Program Files (x86)\Yahoo!\Messenger\resources\en-US\res_msgr.dll
08:26:21.0321 3408 C:\Program Files (x86)\Yahoo!\Messenger\resources\en-US\res_msgr.dll - ok
08:26:21.0327 3408 [ 1E3084855D1DEFFB2A84B7E90A33CAB0 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\chrome.dll
08:26:21.0327 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\chrome.dll - ok
08:26:21.0333 3408 [ 79C7CFAEA6879A8C1A1E8B5FFE8983AA ] C:\Windows\SysWOW64\dbghelp.dll
08:26:21.0333 3408 C:\Windows\SysWOW64\dbghelp.dll - ok
08:26:21.0340 3408 [ 044CB0374E0DA180A29278901EB259E1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\ced1d3b0790804426463ad06a61f180e\System.Windows.Forms.ni.dll
08:26:21.0341 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\ced1d3b0790804426463ad06a61f180e\System.Windows.Forms.ni.dll - ok
08:26:21.0346 3408 [ F15B116852FCCC97EBDB6EFADC2AC2D5 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\icudt.dll
08:26:21.0346 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\icudt.dll - ok
08:26:21.0352 3408 [ D5EB3F151B8F28F0A5C8BBB7E13ECD6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\ea90a194614680a484a25b6ccc4df754\PresentationCore.ni.dll
08:26:21.0352 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\ea90a194614680a484a25b6ccc4df754\PresentationCore.ni.dll - ok
08:26:21.0358 3408 [ D927DC8FF1F49367B288EC8463F0025D ] C:\Windows\SysWOW64\shunimpl.dll
08:26:21.0359 3408 C:\Windows\SysWOW64\shunimpl.dll - ok
08:26:21.0364 3408 [ 4F2595A7F283A8DCC86007FB24B77AB9 ] C:\Windows\SysWOW64\KBDUS.DLL
08:26:21.0364 3408 C:\Windows\SysWOW64\KBDUS.DLL - ok
08:26:21.0370 3408 [ D03EE270D6D1A47C06845F04A80A413D ] C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe
08:26:21.0370 3408 C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe - ok
08:26:21.0376 3408 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
08:26:21.0376 3408 C:\Windows\System32\webcheck.dll - ok
08:26:21.0382 3408 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
08:26:21.0382 3408 C:\Windows\System32\mlang.dll - ok
08:26:21.0389 3408 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
08:26:21.0389 3408 C:\Windows\SysWOW64\mssprxy.dll - ok
08:26:21.0394 3408 [ 6A6B1DF229DB655EFDF83F936710D84C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\916af5e5c39e1226e0b87a80e3a979f2\PresentationFramework.ni.dll
08:26:21.0394 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\916af5e5c39e1226e0b87a80e3a979f2\PresentationFramework.ni.dll - ok
08:26:21.0400 3408 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
08:26:21.0400 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
08:26:21.0406 3408 [ 205B7034B64DE5A68DEB96B47B7E889B ] C:\Windows\SysWOW64\mscms.dll
08:26:21.0406 3408 C:\Windows\SysWOW64\mscms.dll - ok
08:26:21.0412 3408 [ E6F66F31422C44EDC00D9C9329E7DF60 ] C:\Windows\System32\SyncCenter.dll
08:26:21.0412 3408 C:\Windows\System32\SyncCenter.dll - ok
08:26:21.0417 3408 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
08:26:21.0418 3408 C:\Windows\SysWOW64\Wpc.dll - ok
08:26:21.0424 3408 [ 16AA294947C12F5B6D814F009622C581 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bc4eb71543857d07a7401eab3a93d412\System.Management.ni.dll
08:26:21.0424 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\bc4eb71543857d07a7401eab3a93d412\System.Management.ni.dll - ok
08:26:21.0429 3408 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
08:26:21.0430 3408 C:\Windows\SysWOW64\wevtapi.dll - ok
08:26:21.0435 3408 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
08:26:21.0435 3408 C:\Windows\SysWOW64\samlib.dll - ok
08:26:21.0441 3408 [ 8B886A0AC14EAA8599142887991A5A2E ] C:\Windows\System32\imapi2.dll
08:26:21.0441 3408 C:\Windows\System32\imapi2.dll - ok
08:26:21.0447 3408 [ F0AAB2A76A7AF04C70A818E96BAF3E64 ] C:\Windows\System32\hgcpl.dll
08:26:21.0447 3408 C:\Windows\System32\hgcpl.dll - ok
08:26:21.0453 3408 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
08:26:21.0453 3408 C:\Windows\SysWOW64\linkinfo.dll - ok
08:26:21.0459 3408 [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\d3dcompiler_43.dll
08:26:21.0459 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\d3dcompiler_43.dll - ok
08:26:21.0465 3408 [ 81E9339611B22ACE2E2D7B42F76C0F34 ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
08:26:21.0465 3408 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
08:26:21.0471 3408 [ E788B71D41695F6F103A199E2454757B ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll
08:26:21.0471 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\pdf.dll - ok
08:26:21.0478 3408 [ 94F58634B62D26F4891158E002DCD4E4 ] C:\Users\A\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
08:26:21.0478 3408 C:\Users\A\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll - ok
08:26:21.0484 3408 [ 8639237940994AAB9B8E8503F2A551A0 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
08:26:21.0484 3408 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
08:26:21.0490 3408 [ 86E39E9161C3D930D93822F1563C280D ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\d3dx9_43.dll
08:26:21.0490 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\d3dx9_43.dll - ok
08:26:21.0496 3408 [ 27AB587E5F0696590EF8B83A52952B7B ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
08:26:21.0496 3408 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
08:26:21.0503 3408 [ 0DE3C7622EC33126579B1742260F08C2 ] C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
08:26:21.0503 3408 C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe - ok
08:26:21.0510 3408 [ E50265E33D08A52C33A7A7E8D3676C9E ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
08:26:21.0510 3408 C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe - ok
08:26:21.0516 3408 [ 3835443095E4931B7ADC9FEEF76A03F3 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
08:26:21.0516 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\libglesv2.dll - ok
08:26:21.0522 3408 [ 17E1818933CA2FA00567A0AADEE51E4B ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
08:26:21.0522 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll - ok
08:26:21.0528 3408 [ 50B0CC2489397717B69841E8D200E1FE ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll
08:26:21.0528 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\libegl.dll - ok
08:26:21.0535 3408 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
08:26:21.0535 3408 C:\Windows\SysWOW64\dxva2.dll - ok
08:26:21.0541 3408 [ DE3782BE34F864220F5748F3015E4F75 ] C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
08:26:21.0541 3408 C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll - ok
08:26:21.0547 3408 [ 0EC4190B22A0E37010CC69371432FC0C ] C:\Windows\System32\gfxSrvc.dll
08:26:21.0547 3408 C:\Windows\System32\gfxSrvc.dll - ok
08:26:21.0553 3408 [ 0FC1F2FB9EFF8F9DB620E4BA1EB08C3E ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
08:26:21.0553 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll - ok
08:26:21.0559 3408 [ A0C69A8661CCEB20DB60A4FA35A2FBE4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c40cbbdf7af03daedb16f4d9ef1b6f5f\System.Xml.ni.dll
08:26:21.0559 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c40cbbdf7af03daedb16f4d9ef1b6f5f\System.Xml.ni.dll - ok
08:26:21.0563 3408 [ 58957A04853F47B791D68B960258043C ] C:\Windows\System32\IGFXDEVLib.dll
08:26:21.0563 3408 C:\Windows\System32\IGFXDEVLib.dll - ok
08:26:21.0569 3408 [ 8E9F9A1675118DD496EF6F5726ABE8F9 ] C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
08:26:21.0569 3408 C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll - ok
08:26:21.0575 3408 [ 318285F1590C4484E3253BA2B189D2DF ] C:\Windows\System32\d3d9.dll
08:26:21.0575 3408 C:\Windows\System32\d3d9.dll - ok
08:26:21.0581 3408 [ 0F0EE7DE3436E6F8F0E19DACAC7B5730 ] C:\Windows\SysWOW64\mf.dll
08:26:21.0581 3408 C:\Windows\SysWOW64\mf.dll - ok
08:26:21.0587 3408 [ 23D3F484262D7B0274E0308ABC146785 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
08:26:21.0587 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avutil-51.dll - ok
08:26:21.0593 3408 [ 1C6B3C27AE150ADBD07848E4AC3FDAB4 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
08:26:21.0593 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll - ok
08:26:21.0600 3408 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
08:26:21.0600 3408 C:\Windows\System32\d3d8thk.dll - ok
08:26:21.0605 3408 [ 69D88C4B7D674842DC732F4A4B272710 ] C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
08:26:21.0605 3408 C:\Users\A\AppData\Local\Google\Chrome\Application\22.0.1229.79\avformat-54.dll - ok
08:26:21.0611 3408 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
08:26:21.0611 3408 C:\Windows\SysWOW64\atl.dll - ok
08:26:21.0617 3408 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
08:26:21.0617 3408 C:\Windows\SysWOW64\mfplat.dll - ok
08:26:21.0623 3408 [ 9C253164E7016B42591F08BEB90FB494 ] C:\Windows\System32\igdumd64.dll
08:26:21.0623 3408 C:\Windows\System32\igdumd64.dll - ok
08:26:21.0629 3408 [ 3DE43BFDAF3F8979699650202AA18B12 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
08:26:21.0629 3408 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
08:26:21.0635 3408 [ 5A75FF83FE4EC87EC205ED12B79AC11D ] C:\Windows\SysWOW64\evr.dll
08:26:21.0635 3408 C:\Windows\SysWOW64\evr.dll - ok
08:26:21.0640 3408 [ 6AC23D88F560593F5138F54C751A9979 ] C:\Windows\SysWOW64\sqmapi.dll
08:26:21.0641 3408 C:\Windows\SysWOW64\sqmapi.dll - ok
08:26:21.0646 3408 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:26:21.0646 3408 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
08:26:21.0653 3408 [ 8541447303958819ADB46B557ADD3750 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\dcadcfb938ccdd3f70859fdcdd329ec5\System.Configuration.ni.dll
08:26:21.0653 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\dcadcfb938ccdd3f70859fdcdd329ec5\System.Configuration.ni.dll - ok
08:26:21.0659 3408 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
08:26:21.0659 3408 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
08:26:21.0666 3408 [ 52E3ED10C71163421E0ECB56408C1E75 ] C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll
08:26:21.0666 3408 C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgnpss.dll - ok
08:26:21.0672 3408 [ 128DD9AF8640DBCC711940903C8B554F ] C:\Windows\SysWOW64\mscoree.dll
08:26:21.0672 3408 C:\Windows\SysWOW64\mscoree.dll - ok
08:26:21.0677 3408 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll
08:26:21.0677 3408 C:\Windows\System32\WindowsCodecsExt.dll - ok
08:26:21.0684 3408 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:26:21.0684 3408 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
08:26:21.0689 3408 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
08:26:21.0690 3408 C:\Windows\System32\icm32.dll - ok
08:26:21.0696 3408 [ 9FD42184CC2CE481207D6AF62D08828C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\0599e722d086c85c54a6dc71de5781f5\WindowsFormsIntegration.ni.dll
08:26:21.0697 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\0599e722d086c85c54a6dc71de5781f5\WindowsFormsIntegration.ni.dll - ok
08:26:21.0702 3408 [ 28D2C5CE5944E1B027CF5C8004CF89A1 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
08:26:21.0702 3408 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll - ok
08:26:21.0709 3408 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
08:26:21.0709 3408 C:\Windows\System32\msvcr100_clr0400.dll - ok
08:26:21.0715 3408 [ 9E3D77B249DBB8C116BD060992C06D01 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\5a95213214431ffa96c6e4dbfa36345e\PresentationFramework.Aero.ni.dll
08:26:21.0715 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\5a95213214431ffa96c6e4dbfa36345e\PresentationFramework.Aero.ni.dll - ok
08:26:21.0722 3408 [ 2A82F13B5762B7342B68A2C4D88E2ACD ] C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll
08:26:21.0722 3408 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeploytk.dll - ok
08:26:21.0728 3408 [ B7AC1FB1376CB3B5D61F80F7B2B9EA94 ] C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
08:26:21.0728 3408 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll - ok
08:26:21.0734 3408 [ 2F7480A40151EB2E483CF6524EDBA3F7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
08:26:21.0734 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
08:26:21.0740 3408 [ 0141816A095A3F5A83FFA5B4A47B8023 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
08:26:21.0740 3408 C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
08:26:21.0746 3408 [ 65CE2E25E04D7C750BF8B30B2D34DCD7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
08:26:21.0746 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
08:26:21.0752 3408 [ 629F9B5B99B80679520623655E31B5D1 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
08:26:21.0752 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
08:26:21.0758 3408 [ 2E40E4502A92A02B31D3BBBB8F5FB773 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\993018172a83c2431adeb6a309aa27cf\System.ServiceProcess.ni.dll
08:26:21.0758 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\993018172a83c2431adeb6a309aa27cf\System.ServiceProcess.ni.dll - ok
08:26:21.0765 3408 [ CF758AC229C1F082F179B3F7D14EF78B ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
08:26:21.0765 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
08:26:21.0771 3408 [ 29F9D1A7D3D63FD2D10CE06901475888 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
08:26:21.0771 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
08:26:21.0777 3408 [ 6E9CE4DC2EAA92855480C9281D3AFFF5 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
08:26:21.0778 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
08:26:21.0785 3408 [ BFEB59D2C6A56F0C13BFA40CDF4B8668 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\17bf0932e5c6cb8ba59046456f13328d\System.Runtime.Remoting.ni.dll
08:26:21.0785 3408 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\17bf0932e5c6cb8ba59046456f13328d\System.Runtime.Remoting.ni.dll - ok
08:26:21.0790 3408 [ D8EBF6A12964A58C10914DA54E175538 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
08:26:21.0790 3408 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
08:26:21.0796 3408 [ 64FADB4C9D6B597C349578D9E60B5ACA ] C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
08:26:21.0796 3408 C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
08:26:21.0802 3408 [ 1663A135865F0BA6E853353E98E67F2A ] C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
08:26:21.0802 3408 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe - ok
08:26:21.0808 3408 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
08:26:21.0808 3408 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
08:26:21.0812 3408 [ F81E38CB8EB6DE6B1739B6676AA0FAF0 ] C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
08:26:21.0812 3408 C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
08:26:21.0818 3408 [ 215CE077258CEDD5BE4C56E9D614DB9F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
08:26:21.0818 3408 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
08:26:21.0824 3408 [ C5018BEE886376F05DF64BE5F176B3A1 ] C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll
08:26:21.0824 3408 C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll - ok
08:26:21.0831 3408 [ 7DD91826994E43192ABD0BD2AABE7954 ] C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll
08:26:21.0831 3408 C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll - ok
08:26:21.0837 3408 [ 0DFF081C371B989CFC264DDC9E551363 ] C:\Program Files (x86)\Yahoo!\Shared\npYState.dll
08:26:21.0837 3408 C:\Program Files (x86)\Yahoo!\Shared\npYState.dll - ok
08:26:21.0843 3408 [ D28AD1CB902AC6D228532812D3850C7D ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
08:26:21.0843 3408 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
08:26:21.0849 3408 [ 586FDC4E02623EE228EC35B9604AE5F2 ] C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
08:26:21.0849 3408 C:\Users\A\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll - ok
08:26:21.0855 3408 [ 711A2E6A55EC7BFD59B5F649D58B704B ] C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
08:26:21.0855 3408 C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll - ok
08:26:21.0862 3408 [ 3ACDE02AC68EF03DC233989C4A01E455 ] C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll
08:26:21.0862 3408 C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins\avgxpl.dll - ok
08:26:21.0868 3408 [ 8495229CB7E717879C8E6A22EF661D09 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
08:26:21.0868 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll - ok
08:26:21.0874 3408 [ 35ED37326421112206CAABC025FDCDAB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
08:26:21.0874 3408 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
08:26:21.0880 3408 [ 781BF72F57CC9E5F85CB109C24D00FDC ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
08:26:21.0880 3408 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
08:26:21.0886 3408 [ 0D572D08224DC6F65E686A522DC1F4DA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
08:26:21.0886 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll - ok
08:26:21.0892 3408 [ 3896F4277963C628A3FC5100B4F47ECF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
08:26:21.0892 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll - ok
08:26:21.0900 3408 [ D00B879C3676A21AAA09CA322CE113F4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
08:26:21.0900 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll - ok
08:26:21.0906 3408 [ 1AC6B36A1B773A7F7FB3FA3B732171C1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
08:26:21.0906 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\v4.0_4.0.0.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll - ok
08:26:21.0913 3408 [ 0EF54B7814EFA5C1364A7C6495BD1DBD ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
08:26:21.0913 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll - ok
08:26:21.0920 3408 [ 848449F41B6E9553FF5D5F864191B834 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll
08:26:21.0920 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.Common.dll - ok
08:26:21.0926 3408 [ 36B31861AD1B53433E8C9D09035E23D1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll
08:26:21.0926 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\v4.0_4.0.22.0__3ff6b78e2989595a\Intuit.Spc.Esd.Core.dll - ok
08:26:21.0932 3408 [ EAD7F8749BB2B19EF7DA62E20E008D6B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
08:26:21.0933 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll - ok
08:26:21.0940 3408 [ 97D73FEBEE83A8F0EB748270A55539C0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll
08:26:21.0940 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll - ok
08:26:21.0945 3408 [ B8E0CBFB7C787683EC3002FF4CF69DBB ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
08:26:21.0946 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll - ok
08:26:21.0952 3408 [ 151375A2F276FBE67A31FC43C2799981 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
08:26:21.0952 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll - ok
08:26:21.0958 3408 [ CDEC94C7C8E84FFFDF53C108BA9ADE99 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll
08:26:21.0959 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll - ok
08:26:21.0964 3408 [ 439A1A6796640284C82048B6A5379378 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
08:26:21.0965 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll - ok
08:26:21.0971 3408 [ CBDB42644849DC69D7D6169680272E1E ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll
08:26:21.0971 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.WinClient.Api.Net.dll - ok
08:26:21.0977 3408 [ DF150B1D8AC2BCD91BDE25E2E2AB4634 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll
08:26:21.0977 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.DataAccess.dll - ok
08:26:21.0983 3408 [ E8F87E9951F1BA6CB6DB9CDA1B22F9A4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll
08:26:21.0984 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\v4.0_4.0.66.0__3ff6b78e2989595a\Intuit.Spc.Esd.Client.BusinessLogic.dll - ok
08:26:21.0990 3408 [ 650464CA12ED30AC31A8D4FE0353223C ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll
08:26:21.0990 3408 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\System.Data.SqlServerCe.dll - ok
08:26:21.0996 3408 [ 1A161A7CDB211E5D078F2D39CE70EE43 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
08:26:21.0997 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll - ok
08:26:22.0003 3408 [ 7B2C36D9CFECE5EA7B09FA627F5B3EAC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll
08:26:22.0003 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\99d0f7ba920eea1117e45dcd9fec0eb5\System.Data.ni.dll - ok
08:26:22.0009 3408 [ 29B86B3C8253280151EEBE843A9648CD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
08:26:22.0009 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
08:26:22.0016 3408 [ D0DA54A7E3D3922BC96B2DCD6044F0F7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll
08:26:22.0016 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\67a386434938003bceb0752e979dabb3\System.Transactions.ni.dll - ok
08:26:22.0022 3408 [ 41962D5E18E9874390BC1F074571A6BB ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
08:26:22.0022 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
08:26:22.0028 3408 [ 484E37FF77E377C4B8D3A439F4D2D173 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll
08:26:22.0029 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.Reporter.dll - ok
08:26:22.0035 3408 [ 4BF940A921BFAC209EC6CF31E091EA05 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll
08:26:22.0035 3408 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceme40.dll - ok
08:26:22.0041 3408 [ A836803227004B6F513C825B25665E73 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll
08:26:22.0041 3408 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceer40EN.dll - ok
08:26:22.0048 3408 [ EC133C3E2A97AA6FBC276DCCCD0645BF ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll
08:26:22.0048 3408 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlcese40.dll - ok
08:26:22.0054 3408 [ AB97D171A77B5F4BAFB033BF539BED42 ] C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll
08:26:22.0054 3408 C:\Program Files (x86)\Common Files\Intuit\Database Providers\SQL Server Compact Edition 4.0\x86\sqlceqp40.dll - ok
08:26:22.0060 3408 [ 2BFB83BA5B2CED8B5720C4692D7C047A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll
08:26:22.0060 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\bb40644f323a93fa9bc09be350918ef3\System.EnterpriseServices.ni.dll - ok
08:26:22.0064 3408 [ F8C1508FAF0DD3CC9A61A02BF0CEC2B6 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
08:26:22.0064 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll - ok
08:26:22.0071 3408 [ C755E17BAC396F9A9F468320B3F6CF46 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
08:26:22.0071 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
08:26:22.0077 3408 [ 0C9AF1CCE509670F09C0A3F7B9E9F3B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
08:26:22.0077 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll - ok
08:26:22.0083 3408 [ ED6463919045F584C9696D4876F65DDE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
08:26:22.0084 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
08:26:22.0090 3408 [ B3961D83F37B9D7F36D52107AA121BA1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
08:26:22.0090 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll - ok
08:26:22.0096 3408 [ 8FA6F55A960E5A2B6C30C33103CF8628 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
08:26:22.0096 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll - ok
08:26:22.0102 3408 [ 6589179CE0739C9AAA29DC7D214AC37F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
08:26:22.0102 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll - ok
08:26:22.0109 3408 [ 1FA14DD3668EE4127260FFF495D85551 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
08:26:22.0109 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
08:26:22.0116 3408 [ CF6041854E73301B7FCE3390D34BDEC8 ] C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll
08:26:22.0116 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\Intuit.Spc.Map.WindowsFirewallUtilities\v4.0_6.0.28.0__30bbd97113d631f1\Intuit.Spc.Map.WindowsFirewallUtilities.dll - ok
08:26:22.0122 3408 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
08:26:22.0122 3408 C:\Windows\SysWOW64\FirewallAPI.dll - ok
08:26:22.0128 3408 [ 24AF833D9DD4D2DC9DA9475CA380185B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
08:26:22.0128 3408 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll - ok
08:26:22.0135 3408 [ 303366F0DE2D2CB059401C640641157B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll
08:26:22.0135 3408 C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\f11d5fea7ded12068e8cdb8b2f1bdbd9\CustomMarshalers.ni.dll - ok
08:26:22.0142 3408 [ 8A74BCA77FDB507065A8D0F2BEE9558D ] C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
08:26:22.0142 3408 C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
08:26:22.0147 3408 [ 913D843498553A1BC8F8DBAD6358E49F ] C:\Windows\System32\sppsvc.exe
08:26:22.0147 3408 C:\Windows\System32\sppsvc.exe - ok
08:26:22.0154 3408 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
08:26:22.0154 3408 C:\Windows\System32\drivers\spsys.sys - ok
08:26:22.0160 3408 [ 9BF014C20F91D97055532F2F5496E7BD ] C:\Program Files\Windows Media Player\wmpnetwk.exe
08:26:22.0160 3408 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
08:26:22.0165 3408 [ 302B93586DFA480545C320EBA5BA6572 ] C:\Windows\System32\wmdrmdev.dll
08:26:22.0165 3408 C:\Windows\System32\wmdrmdev.dll - ok
08:26:22.0172 3408 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
08:26:22.0172 3408 C:\Windows\System32\drmv2clt.dll - ok
08:26:22.0177 3408 [ 8F9F3969933C02DA96EB0F84576DB43E ] C:\Windows\System32\wscsvc.dll
08:26:22.0177 3408 C:\Windows\System32\wscsvc.dll - ok
08:26:22.0184 3408 [ A74316B5C28D94AF0825267D8715549F ] C:\Windows\System32\dbghelp.dll
08:26:22.0184 3408 C:\Windows\System32\dbghelp.dll - ok
08:26:22.0189 3408 [ F1B37715019D35694F4C87CF9EAF48C0 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
08:26:22.0189 3408 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
08:26:22.0195 3408 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
08:26:22.0195 3408 C:\Windows\System32\wuaueng.dll - ok
08:26:22.0201 3408 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
08:26:22.0201 3408 C:\Windows\System32\p2pcollab.dll - ok
08:26:22.0207 3408 [ 4987E079A4530FA737A128BE54B63B12 ] C:\Windows\System32\QAGENTRT.DLL
08:26:22.0207 3408 C:\Windows\System32\QAGENTRT.DLL - ok
08:26:22.0213 3408 [ 64E6A44177ACF348D68255A37F4723DA ] C:\Windows\System32\cabinet.dll
08:26:22.0213 3408 C:\Windows\System32\cabinet.dll - ok
08:26:22.0219 3408 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
08:26:22.0219 3408 C:\Windows\System32\mspatcha.dll - ok
08:26:22.0224 3408 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
08:26:22.0224 3408 C:\Windows\System32\fveui.dll - ok
08:26:22.0230 3408 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
08:26:22.0230 3408 C:\Windows\System32\wuapi.dll - ok
08:26:22.0236 3408 [ 3DEBA83ECDAF6ED2E72430D238803117 ] C:\Windows\System32\wmp.dll
08:26:22.0236 3408 C:\Windows\System32\wmp.dll - ok
08:26:22.0242 3408 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
08:26:22.0242 3408 C:\Windows\System32\wups.dll - ok
08:26:22.0248 3408 [ B7BDBEBC74105E68A3093073C30E3498 ] C:\Windows\System32\sppwinob.dll
08:26:22.0248 3408 C:\Windows\System32\sppwinob.dll - ok
08:26:22.0254 3408 [ 550BF4ACD6FC3F41DC5A83EF31B9F9B4 ] C:\Windows\System32\wmploc.DLL
08:26:22.0254 3408 C:\Windows\System32\wmploc.DLL - ok
08:26:22.0259 3408 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
08:26:22.0259 3408 C:\Windows\System32\wups2.dll - ok
08:26:22.0265 3408 [ 2D444C361F758D6CC4B2F51655ECF528 ] C:\Windows\System32\wmpps.dll
08:26:22.0265 3408 C:\Windows\System32\wmpps.dll - ok
08:26:22.0271 3408 [ DD37622A478EDFE1D43DF561A19C02DD ] C:\Windows\System32\wmpmde.dll
08:26:22.0271 3408 C:\Windows\System32\wmpmde.dll - ok
08:26:22.0277 3408 [ 2F530C1448D4984F2A3F995895F2D532 ] C:\Windows\System32\sppobjs.dll
08:26:22.0277 3408 C:\Windows\System32\sppobjs.dll - ok
08:26:22.0283 3408 [ EC7EB038EA11E0D04214D143E0CB6002 ] C:\Windows\System32\WinSATAPI.dll
08:26:22.0283 3408 C:\Windows\System32\WinSATAPI.dll - ok
08:26:22.0289 3408 [ B79515AFF098E5A56DFBD316152534DE ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
08:26:22.0289 3408 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
08:26:22.0294 3408 [ 2BF5A09197251572A74C426EE3E35117 ] C:\Windows\System32\MSMPEG2ENC.DLL
08:26:22.0295 3408 C:\Windows\System32\MSMPEG2ENC.DLL - ok
08:26:22.0301 3408 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
08:26:22.0301 3408 C:\Windows\System32\devenum.dll - ok
08:26:22.0307 3408 [ 0B0604BC02CA5F77A1F23C6B0D86AE8C ] C:\Windows\System32\msdmo.dll
08:26:22.0307 3408 C:\Windows\System32\msdmo.dll - ok
08:26:22.0314 3408 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
08:26:22.0314 3408 C:\Windows\System32\upnphost.dll - ok
08:26:22.0320 3408 [ CE07AF86AA72F4AE964239DE0DABE738 ] C:\Windows\System32\msxml3.dll
08:26:22.0320 3408 C:\Windows\System32\msxml3.dll - ok
08:26:22.0326 3408 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
08:26:22.0326 3408 C:\Windows\SysWOW64\wscisvif.dll - ok
08:26:22.0331 3408 [ 374B26395852A9092BDE2E4C8D4D0C8D ] C:\Windows\SysWOW64\wscapi.dll
08:26:22.0331 3408 C:\Windows\SysWOW64\wscapi.dll - ok
08:26:22.0338 3408 [ 20308CF0675AD7CE5AAA6712DB823216 ] C:\Program Files (x86)\Windows Defender\MpClient.dll
08:26:22.0338 3408 C:\Program Files (x86)\Windows Defender\MpClient.dll - ok
08:26:22.0343 3408 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
08:26:22.0343 3408 C:\Windows\System32\udhisapi.dll - ok
08:26:22.0349 3408 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
08:26:22.0349 3408 C:\Windows\System32\drprov.dll - ok
08:26:22.0355 3408 [ 7273921B6DDFEFF3A8567B9800C5673A ] C:\Windows\System32\ntlanman.dll
08:26:22.0355 3408 C:\Windows\System32\ntlanman.dll - ok
08:26:22.0362 3408 [ 73A1430ABA9119A2C25892EF9C3CB7A1 ] C:\Windows\System32\davclnt.dll
08:26:22.0362 3408 C:\Windows\System32\davclnt.dll - ok
08:26:22.0367 3408 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
08:26:22.0367 3408 C:\Windows\System32\davhlpr.dll - ok
08:26:22.0378 3408 [ 0C2AE180D8C35F723BA13A16AA9AC453 ] C:\Windows\SysWOW64\xmllite.dll
08:26:22.0378 3408 C:\Windows\SysWOW64\xmllite.dll - ok
08:26:22.0382 3408 [ C1C03EA437EDDA8A7D4D8786E5AE6751 ] C:\Windows\System32\wuauclt.exe
08:26:22.0382 3408 C:\Windows\System32\wuauclt.exe - ok
08:26:22.0387 3408 [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
08:26:22.0387 3408 C:\Windows\System32\wucltux.dll - ok
08:26:22.0391 3408 ============================================================
08:26:22.0391 3408 Scan finished
08:26:22.0391 3408 ============================================================
08:26:22.0408 4328 Detected object count: 3
08:26:22.0408 4328 Actual detected object count: 3
08:27:06.0532 4328 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:27:06.0532 4328 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:27:06.0532 4328 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
08:27:06.0532 4328 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:27:06.0535 4328 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
08:27:06.0535 4328 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:27:13.0137 3452 Deinitialize success

*************************************
  • 0

#13
maliprog
Posted 08 October 2012 - 01:39 PM

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Download Virus Removal Tool from Here to your desktop

Run the programme you have just downloaded to your desktop (it will be randomly named )

First we will run a virus scan

Click the cog in the upper right
Posted Image


Select down to and including your main drive, once done select the Automatic scan tab and press Start Scan
Posted Image

Allow Virus Removal Tool to delete all infections found
Once it has finished select report tab (last tab)
Select Detected threads report from the left and press Save button
Save it to your desktop and attach to your next post


Now the Analysis

Rerun Virus Removal Tool and select the Manual Disinfection tab and press Start Gathering System Information

Posted Image

On completion click the link to locate the zip file to upload and attach to your next post

Posted Image
  • 0

#14
newbee2001
Posted 08 October 2012 - 11:33 PM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Here are virus scan results. The scan took 7:30hrs. Not sure if that is usual or not.

*****************************************
Status: Deleted (events: 6)
10/8/2012 2:10:48 PM Deleted Trojan program HEUR:Exploit.Java.CVE-2012-4681.gen C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\2b4a5f22-317bd89d High
10/8/2012 2:09:33 PM Deleted Trojan program Exploit.Java.CVE-2012-1723.dl C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\2b4a5f22-317bd89d/faaaaa/faaaaa.class High
10/8/2012 2:09:39 PM Deleted Trojan program Exploit.Java.CVE-2012-1723.eo C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\2b4a5f22-317bd89d/faaaaa/faaaae.class High
10/8/2012 3:13:33 PM Deleted Trojan program Exploit.Win32.CVE-2010-2568.gen C:\Documents and Settings\A\Documents\P - K's Flash Drive\Copy of Copy of Copy of Shortcut to.lnk High
10/8/2012 3:13:54 PM Deleted Trojan program Exploit.Win32.CVE-2010-2568.gen C:\Documents and Settings\A\Documents\P - K's Flash Drive\Copy of Copy of Shortcut to.lnk High
10/8/2012 3:13:40 PM Deleted Trojan program Exploit.Win32.CVE-2010-2568.gen C:\Documents and Settings\A\Documents\P - K's Flash Drive\Copy of Copy of Copy of Copy of Shortcut to.lnk High
Status: Disinfected (events: 6)
10/8/2012 2:09:33 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.ac C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\1363386e-26bc440c High
10/8/2012 2:09:33 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.ac C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\1363386e-26bc440c/tools/Commander.class High
10/8/2012 2:09:33 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.bp C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\269fa973-41b2259f High
10/8/2012 2:09:33 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.bp C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\269fa973-41b2259f/buildService/BuildClass.class High
10/8/2012 2:09:40 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.et C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\31b98176-328e9e67 High
10/8/2012 2:09:40 PM Disinfected Trojan program Exploit.Java.CVE-2010-0840.et C:\Documents and Settings\A\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\31b98176-328e9e67/json/Search.class High

*****************************************
  • 0

#15
newbee2001
Posted 08 October 2012 - 11:36 PM

newbee2001

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
For some reason "Manual Disinfection --> Start Gathering System Information" stops by itself after running about 60%. It doesn't give the link to the zip file. Please advice.

Thanks.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP